GeoDNS
說明
如果要做到類似 Cloudflare 分散式的 CDN 分流服務,除了需要 Reverse Proxy 服務以外,還要再搭配 GeoDNS 服務,這樣用戶在存取網站時,就能依照自己所屬的國家,使用連線最近的 Reverse Proxy,進而達到網站分流與加速網站存取速度。
本篇運用 Docker 技術就能在幾分鐘內完成佈署 GeoDNS 所有需要的元件,這樣就可以將時間用在設定網域上。
開始佈署
新增服務目錄
mkdir docker-geodns cd docker-geodns/
新增 docker-compose.yml
version: '2'
services:
geodns:
restart: always
image: sameersbn/bind:9.10.3-20180127
container_name: geodns
ports:
- "53:53/udp"
- "53:53/tcp"
environment:
- ROOT_PASSWORD=yourpassword
- WEBMIN_ENABLED=false
volumes:
- /docker_vol/geodns/data:/data
NOTE:
- 記得變更 root 密碼
- 如果需要 Webmin 管理套件,可設定為 true
- 若想了解這個實作使用的 docker image 更多資訊,可參閱:https://hub.docker.com/r/sameersbn/bind/
新增設定檔需要的目錄
mkdir /docker_vol/geodns/data
新增並啟動服務 geodns
docker-compose up -d
完成
設定 DNS
下載檔案 GeoIP.acl http://geoip.site/download/MaxMind/GeoIP.acl.gz
wget http://geoip.site/download/MaxMind/GeoIP.acl.gz gunzip GeoIP.acl.gz cp GeoIP.acl /docker_vol/geodns/data/bind/etc
編輯 /docker_vol/geodns/data/bind/etc/named.conf
... include "/etc/bind/named.conf.options"; include "/etc/bind/named.conf.local"; //include "/etc/bind/named.conf.default-zones"; ...
註解第三行,並加上以下幾行
// GeoDNS Configuration
// The download link to the GeoIP.acl
// http://geoip.site/download/MaxMind/GeoIP.acl.gz
//
// acl file sepified the IP zones of countries.
include "/etc/bind/GeoIP.acl";
// view settings for all countries
view "USA" {
// The contents of this view will be presented to users
// from the USA.
match-clients { US; };
zone "example.com" {
// This is my zonefile with the US view.
file "/etc/bind/zones/usa/example.com.db";
type master;
};
};
view "Taiwan" {
// The contents of this view will be presented to users
// from the Taiwan.
match-clients { TW; };
zone "example.com" {
file "/etc/bind/zones/taiwan/example.com.db";
type master;
};
};
view "Global" {
// The contents of this view will be presented to users
// outside the USA and Taiwan.
zone "example.com" {
// This is my zonefile with the default view.
file "/etc/bind/zones/global/example.com.db";
type master;
};
}
TIPs:
view 名稱可自訂
match-clients 必須符合 GeoIP.acl,可設定多個國家,以空格做間隔
新增不同國家的網域設定檔
/docker_vol/geodns/data/bind/etc/zones/usa/example.com.db
; Content for USA views
$TTL 3600
example.com. IN SOA ns1.example.com. webmaster.mail.example.com. (
2017050403 ; Serial
3H ; refresh after 3 hours
1H ; retry after 1 hour
1W ; expire after 1 week
1D) ; minimum TTL of 1 day
IN NS ns1.example.com.
IN NS ns2.example.com.
; Content for US view
IN TXT "US view"
; IP from USA
IN A 1.1.1.3
; First nameserver IP in USA
ns1 IN A 198.51.100.24
; Second nameserver IP in USA
ns2 IN A 198.51.100.42
; GLUE Nameservers that do the Geo localization.
a IN A 1.1.1.1
b IN A 1.1.1.2
/docker_vol/geodns/data/bind/etc/zones/taiwan/example.com.db
; Content for Taiwan views
$TTL 3600
example.com. IN SOA ns1.example.com. webmaster.mail.example.com. (
2017050403 ; Serial
3H ; refresh after 3 hours
1H ; retry after 1 hour
1W ; expire after 1 week
1D) ; minimum TTL of 1 day
IN NS ns1.example.com.
IN NS ns2.example.com.
IN TXT "Taiwan view"
IN A 2.2.2.3
; First nameserver IP
ns1 IN A 198.51.100.24
; Second nameserver IP
ns2 IN A 198.51.100.42
; Nameservers that do the Geo localization.
a IN A 2.2.2.1
b IN A 2.2.2.2
/docker_vol/geodns/data/bind/etc/zones/global/example.com.db
; Content for Global views
$TTL 3600
example.com. IN SOA ns1.example.com. webmaster.mail.example.com. (
2017050403 ; Serial
3H ; refresh after 3 hours
1H ; retry after 1 hour
1W ; expire after 1 week
1D) ; minimum TTL of 1 day
IN NS ns1.example.com.
IN NS ns2.example.com.
IN TXT "Global view"
IN A 9.9.9.3
; First nameserver IP
ns1 IN A 203.0.113.24
; Second nameserver IP
ns2 IN A 203.0.113.42
; Nameservers that do the Geo localization.
a IN A 9.9.9.1
b IN A 9.9.9.2
重啟服務
docker-compose stop docker-compose start
測試 DNS
透過 VPN 或使用雲端主機方式切換成不同國家的連線。測試 DNS 指令可用
host a.example.com xxx.xxx.xxx.xxx
- 將 xxx.xxx.xxx.xxx 改成 GeoDNS 主機 IP
若在美國,網域會解析成 IP 1.1.1.1
若在台灣,網域會解析成 IP 2.2.2.1
其他國家,網域會解析成 IP 9.9.9.1
- 標籤 (Edit tags)
- 什麼連接到這裡
| Images 0 | ||
|---|---|---|
| No images to display in the gallery. |