Skip to content

Instantly share code, notes, and snippets.

Embed
What would you like to do?
generate Corefile which uses your ISP's DNS servers to resolve domain names in China and uses OpenDNS/Cloudflare/Google DNS servers to resolve domain names outside China for CoreDNS. You should change 192.168.1.1 to your ISP's DNS server address or use public DNS server such as 114/DNSPod etc. directly.
#!/bin/sh
echo 'use "curl -sSL git.io/corefile | bash" to update Corefile'
echo "remember to change 192.168.1.1 to your ISP's DNS server address or use public DNS server such as 114/DNSPod etc. directly"
china=`curl -sSL https://github.com/felixonmars/dnsmasq-china-list/raw/master/accelerated-domains.china.conf | while read line; do awk -F '/' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
apple=`curl -sSL https://github.com/felixonmars/dnsmasq-china-list/raw/master/apple.china.conf | while read line; do awk -F '/' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
google=`curl -sSL https://github.com/felixonmars/dnsmasq-china-list/raw/master/google.china.conf | while read line; do awk -F '/' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
bogus=`curl -sSL https://github.com/felixonmars/dnsmasq-china-list/raw/master/bogus-nxdomain.china.conf | grep "=" | while read line; do awk -F '=' '{print $2}' | grep -v '#' ; done | paste -sd " " -`
cat>Corefile<<EOF
. {
# uncomment below lines to enable ads plugin
#ads {
# default-lists
# blacklist https://raw.githubusercontent.com/privacy-protection-tools/anti-AD/master/anti-ad-domains.txt
# whitelist https://files.krnl.eu/whitelist.txt
# log
# auto-update-interval 24h
# list-store ads-cache
#}
hosts {
fallthrough
}
# choose your favourite DNS servers below
forward . 127.0.0.1:5300 127.0.0.1:5301 127.0.0.1:5302 127.0.0.1:5303 127.0.0.1:5304 {
except $china $apple $google dns.quad9.net cloudflare-dns.com dns.google dns.opendns.com
}
proxy . 192.168.1.1
bogus $bogus
log
cache
# uncomment lines below to enable redis plugin
#redisc {
# endpoint 127.0.0.1:6379
#}
health
reload
}
.:5300 {
bind 127.0.0.1
forward . tls://208.67.222.222 tls://208.67.220.220 {
tls_servername dns.opendns.com
health_check 60s
}
cache
}
.:5301 {
bind 127.0.0.1
forward . tls://9.9.9.9 tls://9.9.9.10 {
tls_servername dns.quad9.net
health_check 60s
}
cache
}
.:5302 {
bind 127.0.0.1
forward . tls://1.1.1.1 tls://1.0.0.1 {
tls_servername cloudflare-dns.com
health_check 60s
}
cache
}
.:5303 {
bind 127.0.0.1
forward . tls://8.8.8.8 tls://8.8.4.4 {
tls_servername dns.google
health_check 60s
}
cache
}
EOF
@snakwu
Copy link

snakwu commented Apr 18, 2020

按理说,只监听127.0.0.1的话,来自其他设备的访问应该是不通的吧?

是的,所以我监听在0.0.0.0

加进ads插件后,日志显不不断的在重读文件,引起dns非常慢,这个怎么破?谢谢
Apr 18 08:30:21 dns_server rc.local[1012]: [INFO] plugin/ads: Updating lists from Local files...
Apr 18 08:30:21 dns_server rc.local[1012]: [INFO] plugin/ads: [File Update] Loaded 0 entries into Blacklist and 1 entries into whitelist
Apr 18 08:31:21 dns_server rc.local[1012]: [INFO] plugin/ads: Updating lists from Local files...
Apr 18 08:31:21 dns_server rc.local[1012]: [INFO] plugin/ads: [File Update] Loaded 0 entries into Blacklist and 1 entries into whitelist

@missdeer
Copy link
Author

missdeer commented Apr 18, 2020

加进ads插件后,日志显不不断的在重读文件,引起dns非常慢,这个怎么破?谢谢
Apr 18 08:30:21 dns_server rc.local[1012]: [INFO] plugin/ads: Updating lists from Local files...
Apr 18 08:30:21 dns_server rc.local[1012]: [INFO] plugin/ads: [File Update] Loaded 0 entries into Blacklist and 1 entries into whitelist
Apr 18 08:31:21 dns_server rc.local[1012]: [INFO] plugin/ads: Updating lists from Local files...
Apr 18 08:31:21 dns_server rc.local[1012]: [INFO] plugin/ads: [File Update] Loaded 0 entries into Blacklist and 1 entries into whitelist

貌似写死了1分钟更新一次,除非改代码。不过我这里倒没引起dns慢,你那也许是其他问题引起的慢。

@snakwu
Copy link

snakwu commented Apr 18, 2020

加进ads插件后,日志显不不断的在重读文件,引起dns非常慢,这个怎么破?谢谢
Apr 18 08:30:21 dns_server rc.local[1012]: [INFO] plugin/ads: Updating lists from Local files...
Apr 18 08:30:21 dns_server rc.local[1012]: [INFO] plugin/ads: [File Update] Loaded 0 entries into Blacklist and 1 entries into whitelist
Apr 18 08:31:21 dns_server rc.local[1012]: [INFO] plugin/ads: Updating lists from Local files...
Apr 18 08:31:21 dns_server rc.local[1012]: [INFO] plugin/ads: [File Update] Loaded 0 entries into Blacklist and 1 entries into whitelist

貌似写死了1分钟更新一次,除非改代码。不过我这里倒没引起dns慢,你那也许是其他问题引起的慢。

我只要把ads去掉就正常了,所以不明白,程度配置基本上是按你的来的,加上ads不但不能去广告打开网页非常慢

@missdeer
Copy link
Author

missdeer commented Apr 18, 2020

貌似写死了1分钟更新一次,除非改代码。不过我这里倒没引起dns慢,你那也许是其他问题引起的慢。

我只要把ads去掉就正常了,所以不明白,程度配置基本上是按你的来的,加上ads不但不能去广告打开网页非常慢

你先确定下是不是DNS解析慢,Windows下nslookup www.taobao.com,其他平台dig www.taobao.com看看延迟

@snakwu
Copy link

snakwu commented Apr 18, 2020

貌似写死了1分钟更新一次,除非改代码。不过我这里倒没引起dns慢,你那也许是其他问题引起的慢。

我只要把ads去掉就正常了,所以不明白,程度配置基本上是按你的来的,加上ads不但不能去广告打开网页非常慢

你先确定下是不是DNS解析慢,Windows下nslookup www.taobao.com,其他平台dig www.taobao.com看看延迟

ns的结果正常,就是打开网页非常慢!

@snakwu
Copy link

snakwu commented Apr 18, 2020

PS C:\WINDOWS\system32> ipconfig /flushdns

Windows IP 配置

已成功刷新 DNS 解析缓存。
PS C:\WINDOWS\system32> nslookup www.taobao.com
服务器: SnakWu-OpenWrt.lan
Address: fd00💯100::1

非权威应答:
名称: www.taobao.com.danuoyi.tbcache.com
Addresses: 240e:ff:d800:500:3::3fa
240e:ff:d800:500:3::3f9
113.96.109.101
113.96.109.100
Aliases: www.taobao.com

PS C:\WINDOWS\system32>

snakwu@hassio-server:~/go-workspace/src/coredns$ dig www.taobao.com

; <<>> DiG 9.11.3-1ubuntu1.11-Ubuntu <<>> www.taobao.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 63926
;; flags: qr rd ra; QUERY: 1, ANSWER: 3, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 65494
;; QUESTION SECTION:
;www.taobao.com. IN A

;; ANSWER SECTION:
www.taobao.com. 562 IN CNAME www.taobao.com.danuoyi.tbcache.com.
www.taobao.com.danuoyi.tbcache.com. 554 IN A 113.96.109.101
www.taobao.com.danuoyi.tbcache.com. 554 IN A 113.96.109.100

;; Query time: 0 msec
;; SERVER: 127.0.0.53#53(127.0.0.53)
;; WHEN: Sat Apr 18 10:26:23 CST 2020
;; MSG SIZE rcvd: 120

@snakwu
Copy link

snakwu commented Apr 18, 2020

image
看日志很正常,就是为什么打开网页这么慢!

@missdeer
Copy link
Author

missdeer commented Apr 18, 2020

ns的结果正常,就是打开网页非常慢!

估计是屏蔽了一些css,js的链接,导致整个网页都卡了

@missdeer
Copy link
Author

missdeer commented Apr 18, 2020

话说你怎么那么多block的解析请求

@snakwu
Copy link

snakwu commented Apr 18, 2020

话说你怎么那么多block的解析请求

加的源和你的是一样的,只是我打开的网页比较多广告吧,网页卡这问题怎么破?

@missdeer
Copy link
Author

missdeer commented Apr 18, 2020

加的源和你的是一样的,只是我打开的网页比较多广告吧,网页卡这问题怎么破?

我觉得你可以问一下源的作者

@snakwu
Copy link

snakwu commented Apr 18, 2020

加的源和你的是一样的,只是我打开的网页比较多广告吧,网页卡这问题怎么破?

我觉得你可以问一下源的作者

ok.thx!

@echowings
Copy link

echowings commented Sep 10, 2020

用coredns 每次解析都很慢,需要刷好几下,才能返回正确的dns解析,这个怎么破?

@recall704
Copy link

recall704 commented Sep 21, 2020

这个 ipset 需要先创建吗? 还是说会自动创建?

@missdeer
Copy link
Author

missdeer commented Sep 21, 2020

这个 ipset 需要先创建吗? 还是说会自动创建?

要事先手动创建。

@zone009
Copy link

zone009 commented Dec 7, 2020

coredns 把proxy插件给干掉了,增加进去编译不成功了,有替代的插件吗?

@missdeer
Copy link
Author

missdeer commented Dec 8, 2020

coredns 把proxy插件给干掉了,增加进去编译不成功了,有替代的插件吗?

参考:
https://github.com/missdeer/coredns_custom_build

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment