摘要
正在生成中……
在Ubuntu 16.04修改DNS是一件非常简单的事,但从Ubuntu 18.04开始改用systemd作为系统初始化程序后,改变DNS的过程变得稍微繁琐。默认情况你的DNS配置是127.0.0.53,即自动查找DNS。
在教程中我们将说明怎么找到DNS配置文件,如何修改DNS配置文件,怎么验证DNS是否配置正确。正确配置DNS服务器的地址,是系统管理员必备技能之一。教程适用于Ubuntu 18.04,Ubuntu 20.04,Ubuntu 21.04以及任何基于Ubuntu的Linux发行版。
怎么找到DNS配置文件
如果你不想看DNS配置的工作原理,你可以直接跳到“如何修改DNS配置文件”。
接下来我们将一步一步说明如何配置自定义的DNS服务器地址。如果你尝试修改/etc/resolv.conf
文件,你将会看到文件顶部如下提示。
# This file is managed by man:systemd-resolved(8). Do not edit.
#
# This is a dynamic resolv.conf file for connecting local clients directly to
# all known uplink DNS servers. This file lists all configured search domains.
#
# Third party programs must not access this file directly, but only through the
# symlink at /etc/resolv.conf. To manage man:resolv.conf(5) in a different way,
# replace this symlink by a static file or a different symlink.
#
# See man:systemd-resolved.service(8) for details about the supported modes of
# operation for /etc/resolv.conf.
提示不要编辑这个文件,这个文件是由man:systemd-resolved(8)
管理,/etc/resolv.conf
是一个动态生成的文件,当你尝试看man的手册页,你会找到另一个配置, 并且注意到下面的语句。
man systemd-resolved
```
The DNS servers contacted are determined from the global settings in /etc/systemd/resolved.conf
```
DNS服务器是从全局设置/etc/systemd/resolved.conf文件读取。现在我们已经找设置DNS服务器的配置文件,我们现在尝试修改它。
# This file is part of systemd.
#
# systemd is free software; you can redistribute it and/or modify it
# under the terms of the GNU Lesser General Public License as published by
# the Free Software Foundation; either version 2.1 of the License, or
# (at your option) any later version.
#
# Entries in this file show the compile time defaults.
# You can change settings by editing this file.
# Defaults can be restored by simply deleting this file.
#
# See resolved.conf(5) for details
[Resolve]
DNS=8.8.8.8
FallbackDNS=223.5.5.5
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no-negative
#DNSStubListener=yes
#ReadEtcHosts=yes
在上面的配置文件中,我们修改了DNS=8.8.8.8,FallbackDNS=223.5.5.5。这样修改并不会马上生效,因为这个配置文件是systemd-resolved服务的配置文件,涉及到服务的配置基本上都是需要重启服务才会生效,现在我们执行以下命令重启它。
sudo systemctl daemon-reload
sudo systemctl restart systemd-resolved.service
使用Dig命令验证我们的改变是否生效:
dig raw.githubusercontent.com
; <<>> DiG 9.16.1-Ubuntu <<>> raw.githubusercontent.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 28043
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;raw.githubusercontent.com. IN A
;; ANSWER SECTION:
raw.githubusercontent.com. 599 IN A 45.32.83.60
;; Query time: 915 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: 一 3月 29 14:31:03 CST 2021
;; MSG SIZE rcvd: 60
从上面ANSWER SECTION中可以看出,我们依然使用127.0.0.53
,这意味着我们的修改并没有生效。我们继续查看man systemd-resolved
文档。
/ETC/RESOLV.CONF
Four modes of handling /etc/resolv.conf (see resolv.conf(5)) are supported:
• systemd-resolved maintains the /run/systemd/resolve/stub-resolv.conf file for compatibility with traditional Linux programs. This file may be symlinked from /etc/resolv.conf. This file lists the
127.0.0.53 DNS stub (see above) as the only DNS server. It also contains a list of search domains that are in use by systemd-resolved. The list of search domains is always kept up-to-date. Note
that /run/systemd/resolve/stub-resolv.conf should not be used directly by applications, but only through a symlink from /etc/resolv.conf. This file may be symlinked from /etc/resolv.conf in order
to connect all local clients that bypass local DNS APIs to systemd-resolved with correct search domains settings. This mode of operation is recommended.
• A static file /usr/lib/systemd/resolv.conf is provided that lists the 127.0.0.53 DNS stub (see above) as only DNS server. This file may be symlinked from /etc/resolv.conf in order to connect all
local clients that bypass local DNS APIs to systemd-resolved. This file does not contain any search domains.
• systemd-resolved maintains the /run/systemd/resolve/resolv.conf file for compatibility with traditional Linux programs. This file may be symlinked from /etc/resolv.conf and is always kept
up-to-date, containing information about all known DNS servers. Note the file format's limitations: it does not know a concept of per-interface DNS servers and hence only contains system-wide DNS
server definitions. Note that /run/systemd/resolve/resolv.conf should not be used directly by applications, but only through a symlink from /etc/resolv.conf. If this mode of operation is used
local clients that bypass any local DNS API will also bypass systemd-resolved and will talk directly to the known DNS servers.
• Alternatively, /etc/resolv.conf may be managed by other packages, in which case systemd-resolved will read it for DNS configuration data. In this mode of operation systemd-resolved is consumer
rather than provider of this configuration file.
Note that the selected mode of operation for this file is detected fully automatically, depending on whether /etc/resolv.conf is a symlink to /run/systemd/resolve/resolv.conf or lists 127.0.0.53 as
DNS server
Note that the selected mode of operation for this file is detected fully automatically, depending on whether /etc/resolv.conf is a symlink to /run/systemd/resolve/resolv.conf or lists 127.0.0.53 as DNS server.
上面文档提示我们,对systemd-resolved配置的更改生成的结果放在/run/systemd/resolve/resolv.conf
但是我们/etc/resolv.conf
是一个符号链接,链接到/run/systemd/resolve/stub-resolv.conf
。
接下来我们只需要改变/etc/resolv.conf
的文件链接即可。我们可以使用ln命令更改符号链接文件/etc/resolv.conf
的目标:
sudo mv /etc/resolv.conf /etc/resolv.conf.bak
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
接下来使用Dig命令进行验证:
dig raw.githubusercontent.com
; <<>> DiG 9.16.1-Ubuntu <<>> raw.githubusercontent.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 36578
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;raw.githubusercontent.com. IN A
;; ANSWER SECTION:
raw.githubusercontent.com. 599 IN A 45.32.83.60
;; Query time: 895 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: 一 3月 29 14:50:46 CST 2021
;; MSG SIZE rcvd: 60
如何修改DNS配置文件(总结)
如果你已经看完上面的整个分析过程,那么基本也是完成了DNS的修改。这里我们在简单的总结一下。
修改/etc/systemd/resolved.conf
[Resolve]
DNS=8.8.8.8
FallbackDNS=223.5.5.5
#Domains=
#LLMNR=no
#MulticastDNS=no
#DNSSEC=no
#DNSOverTLS=no
#Cache=no-negative
#DNSStubListener=yes
#ReadEtcHosts=yes
我们添加DNS=8.8.8.8,FallbackDNS=223.5.5.5作为我们的DNS服务器。
重启systemd-resolved服务
sudo systemctl daemon-reload
sudo systemctl restart systemd-resolved.service
将/etc/resolv.conf链接到/run/systemd/resolve/resolv.conf
sudo mv /etc/resolv.conf /etc/resolv.conf.bak
sudo ln -s /run/systemd/resolve/resolv.conf /etc/resolv.conf
使用Dig命令验证DNS的更改
dig raw.githubusercontent.com
结论
我们分析了整个DNS配置查找过程,现在我们已经知道只需要更改/etc/systemd/resolved.conf
和/etc/resolv.conf
文件指向/run/systemd/resolve/resolv.conf
即可改变DNS服务器的地址。