×

如何在Ubuntu上设置自定义DNS服务器

Falcon 2022-02-19 views:
摘要

正在生成中……

在Ubuntu 16.04修改DNS是一件非常简单的事,但从Ubuntu 18.04开始改用systemd作为系统初始化程序后,改变DNS的过程变得稍微繁琐。默认情况你的DNS配置是127.0.0.53,即自动查找DNS。

在教程中我们将说明怎么找到DNS配置文件,如何修改DNS配置文件,怎么验证DNS是否配置正确。正确配置DNS服务器的地址,是系统管理员必备技能之一。教程适用于Ubuntu 18.04,Ubuntu 20.04,Ubuntu 21.04以及任何基于Ubuntu的Linux发行版。

怎么找到DNS配置文件

如果你不想看DNS配置的工作原理,你可以直接跳到“如何修改DNS配置文件”。

接下来我们将一步一步说明如何配置自定义的DNS服务器地址。如果你尝试修改/etc/resolv.conf文件,你将会看到文件顶部如下提示。

# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
 

提示不要编辑这个文件,这个文件是由man:systemd-resolved(8) 管理,/etc/resolv.conf 是一个动态生成的文件,当你尝试看man的手册页,你会找到另一个配置, 并且注意到下面的语句。

man systemd-resolved
```
The DNS servers contacted are determined from the global settings in /etc/systemd/resolved.conf
```
 

DNS服务器是从全局设置/etc/systemd/resolved.conf文件读取。现在我们已经找设置DNS服务器的配置文件,我们现在尝试修改它。

#  This file is part of systemd.
#
#  systemd is free software; you can redistribute it and/or modify it
#  under the terms of the GNU Lesser General Public License as published by
#  the Free Software Foundation; either version 2.1 of the License, or
#  (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details

[Resolve]
DNS=8.8.8.8
FallbackDNS=223.5.5.5
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no-negative
#DNSStubListener=yes
#ReadEtcHosts=yes
 

在上面的配置文件中,我们修改了DNS=8.8.8.8,FallbackDNS=223.5.5.5。这样修改并不会马上生效,因为这个配置文件是systemd-resolved服务的配置文件,涉及到服务的配置基本上都是需要重启服务才会生效,现在我们执行以下命令重启它。

sudo systemctl daemon-reload
sudo systemctl restart systemd-resolved.service
 

使用Dig命令验证我们的改变是否生效:

dig raw.githubusercontent.com
 
; <<>> DiG 9.16.1-Ubuntu <<>> raw.githubusercontent.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28043
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;raw.githubusercontent.com.		IN	A

;; ANSWER SECTION:
raw.githubusercontent.com.	599	IN	A	45.32.83.60

;; Query time: 915 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: 一 3月 29 14:31:03 CST 2021
;; MSG SIZE  rcvd: 60

从上面ANSWER SECTION中可以看出,我们依然使用127.0.0.53 ,这意味着我们的修改并没有生效。我们继续查看man systemd-resolved 文档。

/ETC/RESOLV.CONF
       Four modes of handling /etc/resolv.conf (see resolv.conf(5)) are supported:

       •   systemd-resolved maintains the /run/systemd/resolve/stub-resolv.conf file for compatibility with traditional Linux programs. This file may be symlinked from /etc/resolv.conf. This file lists the
           127.0.0.53 DNS stub (see above) as the only DNS server. It also contains a list of search domains that are in use by systemd-resolved. The list of search domains is always kept up-to-date. Note
           that /run/systemd/resolve/stub-resolv.conf should not be used directly by applications, but only through a symlink from /etc/resolv.conf. This file may be symlinked from /etc/resolv.conf in order
           to connect all local clients that bypass local DNS APIs to systemd-resolved with correct search domains settings. This mode of operation is recommended.

       •   A static file /usr/lib/systemd/resolv.conf is provided that lists the 127.0.0.53 DNS stub (see above) as only DNS server. This file may be symlinked from /etc/resolv.conf in order to connect all
           local clients that bypass local DNS APIs to systemd-resolved. This file does not contain any search domains.

       •   systemd-resolved maintains the /run/systemd/resolve/resolv.conf file for compatibility with traditional Linux programs. This file may be symlinked from /etc/resolv.conf and is always kept
           up-to-date, containing information about all known DNS servers. Note the file format's limitations: it does not know a concept of per-interface DNS servers and hence only contains system-wide DNS
           server definitions. Note that /run/systemd/resolve/resolv.conf should not be used directly by applications, but only through a symlink from /etc/resolv.conf. If this mode of operation is used
           local clients that bypass any local DNS API will also bypass systemd-resolved and will talk directly to the known DNS servers.

       •   Alternatively, /etc/resolv.conf may be managed by other packages, in which case systemd-resolved will read it for DNS configuration data. In this mode of operation systemd-resolved is consumer
           rather than provider of this configuration file.

       Note that the selected mode of operation for this file is detected fully automatically, depending on whether /etc/resolv.conf is a symlink to /run/systemd/resolve/resolv.conf or lists 127.0.0.53 as
       DNS server
 

Note that the selected mode of operation for this file is detected fully automatically, depending on whether /etc/resolv.conf is a symlink to /run/systemd/resolve/resolv.conf or lists 127.0.0.53 as DNS server.

上面文档提示我们,对systemd-resolved配置的更改生成的结果放在/run/systemd/resolve/resolv.conf 但是我们/etc/resolv.conf是一个符号链接,链接到/run/systemd/resolve/stub-resolv.conf 。

接下来我们只需要改变/etc/resolv.conf 的文件链接即可。我们可以使用ln命令更改符号链接文件/etc/resolv.conf的目标:

sudo mv /etc/resolv.conf /etc/resolv.conf.bak
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf

接下来使用Dig命令进行验证:

dig raw.githubusercontent.com
; <<>> DiG 9.16.1-Ubuntu <<>> raw.githubusercontent.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36578
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;raw.githubusercontent.com.		IN	A

;; ANSWER SECTION:
raw.githubusercontent.com.	599	IN	A	45.32.83.60

;; Query time: 895 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: 一 3月 29 14:50:46 CST 2021
;; MSG SIZE  rcvd: 60
 

如何修改DNS配置文件(总结)

如果你已经看完上面的整个分析过程,那么基本也是完成了DNS的修改。这里我们在简单的总结一下。

修改/etc/systemd/resolved.conf

[Resolve]
DNS=8.8.8.8
FallbackDNS=223.5.5.5
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no-negative
#DNSStubListener=yes
#ReadEtcHosts=yes
 

我们添加DNS=8.8.8.8,FallbackDNS=223.5.5.5作为我们的DNS服务器。

重启systemd-resolved服务

sudo systemctl daemon-reload
sudo systemctl restart systemd-resolved.service
 

将/etc/resolv.conf链接到/run/systemd/resolve/resolv.conf

sudo mv /etc/resolv.conf /etc/resolv.conf.bak
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
 

使用Dig命令验证DNS的更改

dig raw.githubusercontent.com
 

结论

我们分析了整个DNS配置查找过程,现在我们已经知道只需要更改/etc/systemd/resolved.conf 和/etc/resolv.conf 文件指向/run/systemd/resolve/resolv.conf即可改变DNS服务器的地址。

本文收录于