GeoDNS

    版本為 14:41, 30 Nov 2024

    到這個版本。

    返回到 版本存檔.

    查閱目前版本

    說明

    如果要做到類似 Cloudflare 分散式的 CDN 分流服務,除了需要 Reverse Proxy 服務以外,還要再搭配 GeoDNS 服務,這樣用戶在存取網站時,就能依照自己所屬的國家,使用連線最近的 Reverse Proxy,進而達到網站分流與加速網站存取速度。

    本篇運用 Docker 技術就能在幾分鐘內完成佈署 GeoDNS 所有需要的元件,這樣就可以將時間用在設定網域上。

    開始佈署

    新增服務目錄

    mkdir docker-geodns
    cd docker-geodns/ 
    

    新增 docker-compose.yml

    version: '2'
    
    services:
      geodns:
        restart: always
        image: sameersbn/bind:9.10.3-20180127
        container_name: geodns
        ports:
         - "53:53/udp"
         - "53:53/tcp"
        environment:
         - ROOT_PASSWORD=yourpassword
         - WEBMIN_ENABLED=false
        volumes:
         - /docker_vol/geodns/data:/data
    

    NOTE:

    - 記得變更 root  密碼

    - 如果需要 Webmin 管理套件,可設定為 true

    - 若想了解這個實作使用的 docker image 更多資訊,可參閱:https://hub.docker.com/r/sameersbn/bind/

    新增設定檔需要的目錄

    mkdir  /docker_vol/geodns/data
    

    新增並啟動服務 geodns

    docker-compose up -d
    

    完成

    設定 DNS

    下載檔案 GeoIP.acl http://geoip.site/download/MaxMind/GeoIP.acl.gz

    wget http://geoip.site/download/MaxMind/GeoIP.acl.gz
    gunzip GeoIP.acl.gz
    cp GeoIP.acl /docker_vol/geodns/data/bind/etc 
    

    編輯 /docker_vol/geodns/data/bind/etc/named.conf

    ...
     include "/etc/bind/named.conf.options";
    include "/etc/bind/named.conf.local";
    //include "/etc/bind/named.conf.default-zones";
    ...
    

    註解第三行,並加上以下幾行

    // GeoDNS Configuration
    // The download link to the GeoIP.acl
    // http://geoip.site/download/MaxMind/GeoIP.acl.gz
    //
    // acl file sepified the IP zones of countries.
    include "/etc/bind/GeoIP.acl";  
    
    // view settings for all countries
    view "USA" {
      // The contents of this view will be presented to users
      // from the USA.
      match-clients { US; };
      zone "example.com" {
        // This is my zonefile with the US view.
        file "/etc/bind/zones/usa/example.com.db";
        type master;
      };
    };
    
    view "Taiwan" {
      // The contents of this view will be presented to users
      // from the Taiwan.  
      match-clients { TW; };
      zone "example.com" {
        file "/etc/bind/zones/taiwan/example.com.db";
        type master;
      };
    };
    
    view "Global" {
      // The contents of this view will be presented to users
      // outside the USA and Taiwan.
      zone "example.com" {
        // This is my zonefile with the default view.
        file "/etc/bind/zones/global/example.com.db";
        type master;
      };
    }
    

    TIPs:

    view 名稱可自訂

    match-clients 必須符合 GeoIP.acl,可設定多個

    新增不同國家的網域設定檔

    /docker_vol/geodns/data/bind/etc/zones/usa/example.com.db

     ; Content for USA views
    $TTL 3600
    example.com. IN     SOA    ns1.example.com. webmaster.mail.example.com. (
                                2017050403  ; Serial
                                3H          ; refresh after 3 hours
                                1H          ; retry after 1 hour
                                1W          ; expire after 1 week
                                1D)         ; minimum TTL of 1 day
                    IN      NS      ns1.example.com.
                    IN      NS      ns2.example.com.
    ; Content for US view
                    IN      TXT     "US view"
    ; IP from USA
                    IN      A       1.1.1.3
    ; First nameserver IP in USA
    ns1             IN      A       198.51.100.24
    ; Second nameserver IP in USA
    ns2             IN      A       198.51.100.42
    ; GLUE Nameservers that do the Geo localization.
    a               IN      A       1.1.1.1
    b               IN      A       1.1.1.2
    

    /docker_vol/geodns/data/bind/etc/zones/taiwan/example.com.db

     ; Content for Taiwan views
    $TTL 3600
    example.com. IN     SOA    ns1.example.com. webmaster.mail.example.com. (
                                2017050403  ; Serial
                                3H          ; refresh after 3 hours
                                1H          ; retry after 1 hour
                                1W          ; expire after 1 week
                                1D)         ; minimum TTL of 1 day
                    IN      NS      ns1.example.com.
                    IN      NS      ns2.example.com.
                    IN      TXT     "Taiwan view"
                    IN      A       2.2.2.3
    ; First nameserver IP 
    ns1             IN      A       198.51.100.24
    ; Second nameserver IP 
    ns2             IN      A       198.51.100.42
    ; Nameservers that do the Geo localization.
    a               IN      A       2.2.2.1
    b               IN      A       2.2.2.2
    

    /docker_vol/geodns/data/bind/etc/zones/global/example.com.db

    ; Content for Global views
    $TTL 3600
    example.com. IN     SOA    ns1.example.com. webmaster.mail.example.com. (
                                2017050403  ; Serial
                                3H          ; refresh after 3 hours
                                1H          ; retry after 1 hour
                                1W          ; expire after 1 week
                                1D)         ; minimum TTL of 1 day
                    IN      NS      ns1.example.com.
                    IN      NS      ns2.example.com.
                    IN      TXT     "Global view"
                    IN      A       9.9.9.3
    ; First nameserver IP 
    ns1             IN      A       203.0.113.24
    ; Second nameserver IP 
    ns2             IN      A       203.0.113.42
    ; Nameservers that do the Geo localization.
    a               IN      A       9.9.9.1
    b               IN      A       9.9.9.2
    

    重啟服務

    docker-compose stop
    docker-compose start 
    

    測試 DNS

    透過 VPN 或使用雲端主機方式切換成不同國家的連線。測試 DNS 指令可用

    host a.example.com xxx.xxx.xxx.xxx
    

    - 將 xxx.xxx.xxx.xxx 改成 GeoDNS 主機 IP

    若在美國,網域會解析成 IP 1.1.1.1
    若在台灣,網域會解析成 IP 2.2.2.1
    其他國家,網域會解析成 IP 9.9.9.1

    Powered by MindTouch Core