[Addresses]
IPv4 Listen Address =
IPv4 EDNS Client Subnet Address = 218.85.157.99/32
IPv4 Main DNS Address = 8.8.8.8:53
IPv4 Alternate DNS Address = 8.8.4.4:53
IPv4 Local Main DNS Address = 119.29.29.29:53
IPv4 Local Alternate DNS Address = 223.5.5.5:53
IPv6 Listen Address =
IPv6 EDNS Client Subnet Address =
IPv6 Main DNS Address = [2001:4860:4860::8844]:53
IPv6 Alternate DNS Address = [2606:4700:4700::1001]:53|[2620:FE::9]:53|[2620:0:CCD::2]:5353
IPv6 Local Main DNS Address = [240C::6644]:53
IPv6 Local Alternate DNS Address = [240C::6666]:53
[Switches]
Domain Case Conversion = 1
Compression Pointer Mutation = 0
EDNS Label = 1
EDNS Client Subnet Relay = 1
上面是配置
比如 A 主机的 IP 是 1.1.1.1,dig 后的结果是下面这样的
root@debian:~# dig @
1.1.1.1 -p 443
www.baidu.com; <<>> DiG 9.10.3-P4-Debian <<>> @
1.1.1.1 -p 443
www.baidu.com; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 2954
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2048
; CLIENT-SUBNET: 1.1.1.1/32/24
;; QUESTION SECTION:
;
www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 1055 IN CNAME
www.a.shifen.com.
www.a.shifen.com. 155 IN CNAME
www.wshifen.com.
www.wshifen.com. 155 IN A 104.193.88.123
www.wshifen.com. 155 IN A 104.193.88.77
然后在安装了 pcap_dnsproxy 的主机上 dig 127.0.0.1 结果如下
root@outline-dns:~# dig @
127.0.0.1 -p 443
www.baidu.com; <<>> DiG 9.10.3-P4-Debian <<>> @
127.0.0.1 -p 443
www.baidu.com; (1 server found)
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 27346
;; flags: qr rd ra; QUERY: 1, ANSWER: 4, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 2048
; CLIENT-SUBNET: 1.1.1.1/32/24
;; QUESTION SECTION:
;
www.baidu.com. IN A
;; ANSWER SECTION:
www.baidu.com. 1055 IN CNAME
www.a.shifen.com.
www.a.shifen.com. 155 IN CNAME
www.wshifen.com.
www.wshifen.com. 155 IN A 104.193.88.123
www.wshifen.com. 155 IN A 104.193.88.77
;; Query time: 0 msec
;; SERVER: 127.0.0.1#443(127.0.0.1)
;; WHEN: Thu Sep 12 22:19:27 CST 2019
;; MSG SIZE rcvd: 139
这说明配置文件中的 IPv4 EDNS Client Subnet Address = 218.85.157.99/32 并未生效
如果第一次没有缓存的情况下用国内 IP 去解析得到的结果就是国内的,但是结果和直接 dig @
223.5.5.5
www.baidu.com +subnet=218.85.157.99 出来的不一样,这是不是也说明了 IPv4 EDNS Client Subnet Address 没生效?
哪位大神在 GCP 上或者其它家有部署 pcap_dnsproxy 并且 IPv4 EDNS Client Subnet Address 生效的配置借我参考一下
谢谢啊
这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。
https://www.v2ex.com/t/600531
V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。
V2EX is a community of developers, designers and creative people.