networkmanager中使用dnsmasq做为dns cache

networkmanager中的dns配置

root@ubuntu:~# cat /etc/NetworkManager/NetworkManager.conf
[main]
autoconnect-retries-default=1
dns=dnsmasq
no-auto-default=eth0

[device]
wifi.scan-rand-mac-address=no

[logging]
level=INFO

首先保证NetworkManager中的配置，dns设置为dnsmasq，这个参数的设置会生效在dns-plugin的模块里，源码在：src/dns/nm-dns-plugin.c
为了保证调试的方便，可以将loggin的level设置为了DEBUG，然后重启networkmanager模块
正常情况下,NetworkManager的日志的输出路径为/var/log/syslog

dnsmasq模块

编译：
dnsmasq并不会同networkmanager一起编译，而是独立编译的
但是在编译dnsmasq的工具的时候，需要添加上选项 -DHAVE_DBUS
否则networkmanager 在调用dnsmasq的时候会报参数错误，如下:

Oct 22 14:09:55 Ubuntu NetworkManager[2357]:   [1634882995.4596] dns-plugin[0x55bb691540]: starting dnsmasq...
Oct 22 14:09:55 Ubuntu dnsmasq[1072]: DBus not available: set HAVE_DBUS in src/config.h
Oct 22 14:09:55 Ubuntu dnsmasq[1072]: FAILED to start up
Oct 22 14:09:55 Ubuntu NetworkManager[2357]:   [1634882995.4769] dnsmasq[0x55bb691540]: dnsmasq exited with error: Configuration problem (1)
Oct 22 14:09:55 Ubuntu NetworkManager[2357]:   [1634882995.4790] dns-mgr: plugin dnsmasq child quit unexpectedly
Oct 22 14:09:55 Ubuntu NetworkManager[2357]:   [1634882995.4790] dns-plugin[0x55bb691540]: starting dnsmasq...

查看dnsmasq是否正常启动

正常情况下，networkmanager自启动后，会默认拉起来dnsmasq，如果没有启动，需要查看networkmanager没拉起dnsmasq的原因

通过ps -aux | grep dns查看是否存dnsmasq 进程

root@Ubuntu:~# ps -aux | grep dnsmasq 
nobody    7678  0.0  0.0   2884  2220 ?        S    14:36   0:00 /usr/bin/dnsmasq --no-resolv --keep-in-foreground --no-hosts --bind-interfaces --pid-file=/var/run/NetworkManager/dnsmasq.pid --listen-address=127.0.0.1 --cache-size=400 --clear-on-reload --conf-file=/dev/null --proxy-dnssec --enable-dbus=org.freedesktop.NetworkManager.dnsmasq --conf-dir=/etc/NetworkManager/dnsmasq.d
nobody    8187  0.0  0.0   2284  1664 ?        S    10:23   0:00 /usr/bin/dnsmasq --conf-file=/dev/null --no-hosts --keep-in-foreground --bind-interfaces --except-interface=lo --clear-on-reload --strict-order --listen-address=10.42.0.1 --dhcp-range=10.42.0.10,10.42.0.254,60m --dhcp-lease-max=50 --dhcp-leasefile=/var/lib/NetworkManager/dnsmasq-wlan1.leases --pid-file=/var/run/nm-dnsmasq-wlan1.pid --conf-dir=/etc/NetworkManager/dnsmasq-shared.d
root     13865  0.0  0.0   8596  1988 pts/1    S+   15:15   0:00 grep dnsmasq

通过netstat工具查看dnsmasq的监听端口状态：

root@Ubuntu:~# netstat -anp | grep dnsmasq
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      7678/dnsmasq    
tcp        0      0 10.42.0.1:53            0.0.0.0:*               LISTEN      8187/dnsmasq    
tcp6       0      0 ::1:53                  :::*                    LISTEN      7678/dnsmasq    
udp        0      0 127.0.0.1:53            0.0.0.0:*                           7678/dnsmasq    
udp        0      0 10.42.0.1:53            0.0.0.0:*                           8187/dnsmasq    
udp        0      0 0.0.0.0:67              0.0.0.0:*                           8187/dnsmasq    
udp        0      0 0.0.0.0:36142           0.0.0.0:*                           7678/dnsmasq    
udp6       0      0 ::1:53                  :::*                                7678/dnsmasq

dnsmasq 具备两种功能： 53端口是DNS解析端口
67端口是dhcp服务器端的端口

/etc/resolv.conf文件变更
在networkmanager启动的过程中，此文件内容会发生变更，获取到动态IP后，首先/etc/resolv.conf的内容是

root@Ubuntu:~# cat /etc/resolv.conf 
# Generated by NetworkManager
nameserver 10.9.190.100
nameserver 10.9.190.101
root@Ubuntu:~#

上述nameserver的IP来源于dhcient的上游下发的nameserver ip，随后networkmanager 检测到dnsmasq插件生效的情况下，回执行update dns的操作
源码见：src/dns/nm-dns-manager.c:1436行

dnsmasq的配置文件

dnsmasq在用作dns服务器端时候，被network拉起来，调用的参数里用到了 ‘–conf-dir=/etc/NetworkManager/dnsmasq.d’
因此我们把dnsmasq.conf放到/etc/NetworkManager/dnsmasq.d这个目录下

dnsmasq.conf的内容如下：

port=53
domain-needed
bogus-priv
interface=lo
listen-address=127.0.0.1
bind-interfaces 
log-queries
conf-file=/etc/dnsmasq.more.conf

上述的配置可以保证dnsmasq监听的端口是53 并且使用lo本地监听
另外支持日志，dnsmasq的日志的输出在 /var/log/daemon.log

如何定义默认的dns server

如果需要定义自己的dnsserver，并且保证无论动态、静态都生效，无论什么网卡都生效，可以将自定的dnsserver写入到/etc/dnsmasq.more.conf中
如下：

root@Ubuntu:~# cat /etc/dnsmasq.more.conf
server=8.8.8.8
server=4.4.4.4
server=223.5.5.5

如何验证dns是否生效测试用例

dns的生效验证，需要保证以下情况下，均生效：

静态dns的name server
动态dns的name server
以及/etc/dnsmasq.more.conf里的server
测试用例使用命令nslookup测试

nslookup www.ttsstt.com

要保证输出的日志中，是从127.0.0.1去解析,表示dns的请求发给了 dnsmasq监听的53端口了

root@Ubuntu:~# nslookup www.ttsstt.com
Server:        127.0.0.1
Address:    127.0.0.1:53

Non-authoritative answer:
www.ttsstt.com    canonical name = parkingpage.namecheap.com
Name:    parkingpage.namecheap.com
Address: 198.54.117.217
Name:    parkingpage.namecheap.com
Address: 198.54.117.212
Name:    parkingpage.namecheap.com
Address: 198.54.117.218
Name:    parkingpage.namecheap.com
Address: 198.54.117.210
Name:    parkingpage.namecheap.com
Address: 198.54.117.211
Name:    parkingpage.namecheap.com
Address: 198.54.117.215
Name:    parkingpage.namecheap.com
Address: 198.54.117.216

验证dnsmasq，是否使用到了name server：

查看日志

通过查看日志cat /var/log/daemon.log | grep dnsmasq，可以查看到dnsmasq对于域名解析的历程，类似日志如下：

Oct 22 15:47:33 dnsmasq[24731]: query[A] www.ttsstt.com from 127.0.0.1
Oct 22 15:47:33 dnsmasq[24731]: forwarded www.ttsstt.com to 8.8.8.8
Oct 22 15:47:33 dnsmasq[24731]: forwarded www.ttsstt.com to 10.9.190.100
Oct 22 15:47:33 dnsmasq[24731]: forwarded www.ttsstt.com to 10.9.190.101
Oct 22 15:47:33 dnsmasq[24731]: query[AAAA] www.ttsstt.com from 127.0.0.1
Oct 22 15:47:33 dnsmasq[24731]: forwarded www.ttsstt.com to 8.8.8.8
Oct 22 15:47:33 dnsmasq[24731]: reply www.ttsstt.com is 
Oct 22 15:47:33 dnsmasq[24731]: reply parkingpage.namecheap.com is 198.54.117.217
Oct 22 15:47:33 dnsmasq[24731]: reply parkingpage.namecheap.com is 198.54.117.212
Oct 22 15:47:33 dnsmasq[24731]: reply parkingpage.namecheap.com is 198.54.117.218
Oct 22 15:47:33 dnsmasq[24731]: reply parkingpage.namecheap.com is 198.54.117.210
Oct 22 15:47:33 dnsmasq[24731]: reply parkingpage.namecheap.com is 198.54.117.211
Oct 22 15:47:33 dnsmasq[24731]: reply parkingpage.namecheap.com is 198.54.117.215
Oct 22 15:47:33 dnsmasq[24731]: reply parkingpage.namecheap.com is 198.54.117.216
Oct 22 15:47:35 dnsmasq[24731]: query[AAAA] www.ttsstt.com from 127.0.0.1
Oct 22 15:47:35 dnsmasq[24731]: cached www.ttsstt.com is 
Oct 22 15:47:35 dnsmasq[24731]: forwarded www.ttsstt.com to 10.9.190.100
Oct 22 15:47:35 dnsmasq[24731]: forwarded www.ttsstt.com to 10.9.190.101
Oct 22 15:47:35 dnsmasq[24731]: forwarded www.ttsstt.com to 8.8.8.8

10.9.190.100/10.9.190.101是将eth0的静态DNS 配置的两个参数
而8.8.8.8是/etc/dnsmasq.more.conf里配置的server参数

使用tcpdump抓包，查看

使用命令：
tcpdump -nt -s 500 -X port domain -v -i eth0

root@Ubuntu:~# tcpdump -nt -s 500   -X port domain  -v  -i eth0 
[81822.441118] c1 10096 (tcpdump) device eth0 entered promiscuous mode
tcpdump: listening on eth0, link-type EN10MB (Ethernet), capture size 500 bytes
IP (tos 0x0, ttl 64, id 54236, offset 0, flags [DF], proto UDP (17), length 60)
    10.9.66.165.32962 > 8.8.8.8.53: 51519+ A? www.ttsstt.com. (32)
    0x0000:  4500 003c d3dc 4000 4011 0a17 0a09 42a5  E..<..@.@.....B.
    0x0010:  0808 0808 80c2 0035 0028 5cf7 c93f 0100  .......5.(..?..
    0x0020:  0001 0000 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 0001 0001            stt.com.....
IP (tos 0x0, ttl 64, id 53830, offset 0, flags [DF], proto UDP (17), length 60)
    10.9.66.165.34118 > 10.9.190.100.53: 51519+ A? www.ttsstt.com. (32)
    0x0000:  4500 003c d246 4000 4011 534f 0a09 42a5  E..<.F@.@.SO..B.
    0x0010:  0a09 be64 8546 0035 0028 1555 c93f 0100  ...d.F.5.(.U.?..
    0x0020:  0001 0000 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 0001 0001            stt.com.....
IP (tos 0x0, ttl 64, id 53794, offset 0, flags [DF], proto UDP (17), length 60)
    10.9.66.165.34118 > 10.9.190.101.53: 51519+ A? www.ttsstt.com. (32)
    0x0000:  4500 003c d222 4000 4011 5372 0a09 42a5  E..<."@.@.Sr..B.
    0x0010:  0a09 be65 8546 0035 0028 1556 c93f 0100  ...e.F.5.(.V.?..
    0x0020:  0001 0000 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 0001 0001            stt.com.....
IP (tos 0x0, ttl 64, id 54237, offset 0, flags [DF], proto UDP (17), length 60)
    10.9.66.165.52760 > 8.8.8.8.53: 42952+ AAAA? www.ttsstt.com. (32)
    0x0000:  4500 003c d3dd 4000 4011 0a16 0a09 42a5  E..<..@.@.....B.
    0x0010:  0808 0808 ce18 0035 0028 5cf7 a7c8 0100  .......5.(.....
    0x0020:  0001 0000 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 001c 0001            stt.com.....
IP (tos 0x0, ttl 116, id 43741, offset 0, flags [none], proto UDP (17), length 208)
    8.8.8.8.53 > 10.9.66.165.32962: 51519 8/0/0 www.ttsstt.com. CNAME parkingpage.namecheap.com., parkingpage.namecheap.com. A 198.54.117.217, parkingpage.namecheap.com. A 198.54.117.212, parkingpage.namecheap.com. A 198.54.117.218, parkingpage.namecheap.com. A 198.54.117.210, parkingpage.namecheap.com. A 198.54.117.211, parkingpage.namecheap.com. A 198.54.117.215, parkingpage.namecheap.com. A 198.54.117.216 (180)
    0x0000:  4500 00d0 aadd 0000 7411 3e82 0808 0808  E.......t.>.....
    0x0010:  0a09 42a5 0035 80c2 00bc 0212 c93f 8180  ..B..5.......?..
    0x0020:  0001 0008 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 0001 0001 c00c 0005  stt.com.........
    0x0040:  0001 0000 0708 0018 0b70 6172 6b69 6e67  .........parking
    0x0050:  7061 6765 096e 616d 6563 6865 6170 c017  page.namecheap..
    0x0060:  c02c 0001 0001 0000 0014 0004 c636 75d9  .,...........6u.
    0x0070:  c02c 0001 0001 0000 0014 0004 c636 75d4  .,...........6u.
    0x0080:  c02c 0001 0001 0000 0014 0004 c636 75da  .,...........6u.
    0x0090:  c02c 0001 0001 0000 0014 0004 c636 75d2  .,...........6u.
    0x00a0:  c02c 0001 0001 0000 0014 0004 c636 75d3  .,...........6u.
    0x00b0:  c02c 0001 0001 0000 0014 0004 c636 75d7  .,...........6u.
    0x00c0:  c02c 0001 0001 0000 0014 0004 c636 75d8  .,...........6u.
IP (tos 0x0, ttl 64, id 54185, offset 0, flags [DF], proto UDP (17), length 60)
    10.9.66.165.34118 > 10.9.190.100.53: 42952+ AAAA? www.ttsstt.com. (32)
    0x0000:  4500 003c d3a9 4000 4011 51ec 0a09 42a5  E..<..@.@.Q...B.
    0x0010:  0a09 be64 8546 0035 0028 1555 a7c8 0100  ...d.F.5.(.U....
    0x0020:  0001 0000 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 001c 0001            stt.com.....
IP (tos 0x0, ttl 64, id 54211, offset 0, flags [DF], proto UDP (17), length 60)
    10.9.66.165.34118 > 10.9.190.101.53: 42952+ AAAA? www.ttsstt.com. (32)
    0x0000:  4500 003c d3c3 4000 4011 51d1 0a09 42a5  E..<..@.@.Q...B.
    0x0010:  0a09 be65 8546 0035 0028 1556 a7c8 0100  ...e.F.5.(.V....
    0x0020:  0001 0000 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 001c 0001            stt.com.....
IP (tos 0x0, ttl 64, id 54395, offset 0, flags [DF], proto UDP (17), length 60)
    10.9.66.165.52760 > 8.8.8.8.53: 42952+ AAAA? www.ttsstt.com. (32)
    0x0000:  4500 003c d47b 4000 4011 0978 0a09 42a5  E..<.{@.@..x..B.
    0x0010:  0808 0808 ce18 0035 0028 5cf7 a7c8 0100  .......5.(.....
    0x0020:  0001 0000 0000 0000 0377 7777 0674 7473  .........www.tts
    0x0030:  7374 7403 636f 6d00 001c 0001            stt.com.....

常见DNS地址

常见dns点评

networkmanager中使用dnsmasq做为dns cache

Linux相关栏目本月热门文章