dnsmasq.conf配置

#這個是很有用的東西，因為你要做自定義dns控制的話，最好單獨獨立一份
#dns伺服器位址清單，系統預設的/etc/resolv.conf是會變化的，尤其是新
#版本的linux系統會跟随網卡配置變化或者其他網絡管理套件變化，為了可
#靠性，單獨獨立一份出來管理，是以需要打開這個配置
#resolv-file=
resolv-file=/etc/resolv.dnsmasq.conf


#配置内網其他dns伺服器的域名解析，一般來說用dnsmasq的環境不是複雜環
#境，是以不需要那麼多【不常用】
#server=/localnet/192.168.0.1
server=/testdns.com/172.16.0.1


#這個是好家夥，強制解析，類似寫host的效果，這樣可以做域名綁定，避免被
#dns污染，也支援泛解析*号，現在世界都很危險，還是要保留内心的一絲純潔的
address=/www.test.com/192.168.0.12


#指定監聽某個接口，例如某張網卡
#interface=
interface=p3p1


#這個是重要選項，監聽位址，要寫上ip位址加上127.0.0.1，因為IP位址是給你
#的client機用的，127.0.0.1是給dnsmasq用的，為什麼呢，是因為你要做dns緩
#存，要通路自己即是本機，格式就是ip,127.0.0.1
#listen-address=
listen-address=127.0.0.1,172.16.0.1


#綁定了網卡之後會保證dnsmasq不去騷擾其他網卡，保證請求不亂發，一般跟
#interface一起使用
#bind-interfaces
bind-interfaces


#使用另外一個檔案代替hosts，這樣就可以不騷擾本機的host 進而保證伺服器
#固有host不被影響，也可以給dnsmasq使用特别的hosts
#addn-hosts=/etc/banner_add_hosts
addn-hosts=/etc/dnsmasq.host


#這就是标準文法，配置設定c類網段，12h租約，支援多個subnet，多行寫就行了，
#不過需要注意的是多個網段是需要dhcp中繼的，dhcp中繼請自行百度，大概就是
#獨立一個網卡，監聽dhcp的禦用67 udp和tcp端口，連接配接主dhcp伺服器
#dhcp-range=192.168.0.50,192.168.0.150,255.255.255.0,12h
dhcp-range=172.16.0.30,172.16.1.254,255.255.128.0,30m


#這個是組合版，綁定某個mac對應fred名字，然後加上一個ip配置設定，并設定租約，
#這個隻能說是靈活配置的參考，沒啥實際意義
#dhcp-host=11:22:33:44:55:66,fred,192.168.0.60,45m
dhcp-host=B8:EE:65:D2:F9:B4,fred,172.16.1.139


dhcp-option=3,172.16.0.1
dhcp-option=19,0           # option ip-forwarding off IP轉發關閉
dhcp-option=44,0.0.0.0     # set netbios-over-TCP/IP nameserver(s) aka WINS server(s)
dhcp-option=45,0.0.0.0     # netbios datagram distribution server
dhcp-option=46,8           # netbios node type


#根據配置的subnet來配置這個值，這個就是dhcp配置設定的ip池
#dhcp-lease-max=150
dhcp-lease-max=500


#檢視dhcp的log
#dhcp-leasefile=/var/lib/misc/dnsmasq.leases
dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases


#配置dns緩存池的大小，預設150，嘛設定個1000也無所謂
#cache-size=150
cache-size=1000


dhcp-option=252,"\n"
           

配置DNS服務

        dnsmasq能夠緩存外部DNS記錄，同時提供本地DNS解析或者作為外部DNS的代理，即dnsmasq會首先查找/etc/hosts等本地解析檔案，然後再查找/etc/resolv.conf等外部nameserver配置檔案中定義的外部DNS。是以說dnsmasq是一個很不錯的DNS中繼。DNS配置同樣寫入dnsmasq.conf配置檔案裡。

# 本地解析檔案
# If you don't want dnsmasq to read /etc/hosts, uncomment the following line.
#no-hosts
# or if you want it to read another file, as well as /etc/hosts, use this.
#addn-hosts=/etc/banner_add_hosts
 
# Set this (and domain: see below) if you want to have a domain
# automatically added to simple names in a hosts-file.
# 例如，/etc/hosts中的os01将擴充成os01.debugo.com
expand-hosts
# Add local-only domains here, queries in these domains are answered
# from /etc/hosts or DHCP only.
local=/debugo.com/
 
# 強制使用完整的解析名
# Never forward plain names (without a dot or domain part)
domain-needed
 
# 添加額外的上級DNS主機（nameserver）配置檔案
# Change this line if you want dns to get its upstream servers from
# somewhere other that /etc/resolv.conf
#resolv-file=
 
# 不使用上級DNS主機配置檔案(/etc/resolv.conf和resolv-file）
# If you don't want dnsmasq to read /etc/resolv.conf or any other
# file, getting its servers from this file instead (see below), then
# uncomment this.
no-resolv
# 相應的，可以為特定的域名指定解析它的nameserver。一般是其他的内部DNS name server
# Add other name servers here, with domain specs if they are for
# non-public domains.
# server=/myserver.com/192.168.0.1
 
# 設定DNS緩存大小（機關：DNS解析條數）
#Set the size of dnsmasq's cache. The default is 150 names. Setting the cache size to zero disables caching.
cache-size=500
 
# 關于log的幾個選項
# For debugging purposes, log each DNS query as it passes through
# dnsmasq.
log-queries
 
# Log lots of extra information about DHCP transactions.
#log-dhcp
 
# Log to this syslog facility or file. (defaults to DAEMON)
log-facility=/var/log/dnsmasq.log
 
# 異步log，緩解阻塞，提高性能。
# Enable asynchronous logging and optionally set the limit on the number of lines which will be queued by dnsmasq
# when writing to the syslog is slow. 
# Dnsmasq can log asynchronously: this allows it to continue functioning without being blocked by syslog, 
# and allows syslog to use dnsmasq for DNS queries without risking deadlock. If the queue of log-lines becomes 
# full, dnsmasq will log the overflow, and the number of messages lost. 
# The default queue length is 5, a sane value would be 5-25, and a maximum limit of 100 is imposed.
log-async=20
 
# 指定domain的IP位址
# Add domains which you want to force to an IP address here.
# The example below send any host in doubleclick.net to a local
# webserver.
address=/doubleclick.net/127.0.0.1
address=/.phobos.apple.com/202.175.5.114