我通过 netplannameservers配置设置了静态 IP 和 DNS。我以 IPV4 和 IPV6 表示法设置了我的 LAN DNS 和 cloudfare DNS。如下所示:
network:
version: 2
renderer: networkd
wifis:
wlp3s0:
dhcp4: no
dhcp6: no
addresses: [10.0.0.120/24]
gateway4: 10.0.0.1
nameservers:
addresses: [10.0.0.110,1.1.1.1,1.0.0.1,"2606:4700:4700::1111","2606:4700:4700::1001"]
search: [michigan]
access-points:
"*******":
password: "*******"
但systemd resolve --statusDNS 报告如下:
DNS Servers: 10.0.0.110
1.1.1.1
1.0.0.1
2606:4700:4700::1111
2606:4700:4700::1001
2001:nnnn:0:400b::12
2001:nnnn:0:400c::12
resolv.conf链接如下:
ls -l /etc/resolv.conf
/etc/resolv.conf -> /run/systemd/resolve/resolv.conf
内容resolv.conf如下:
nameserver 1.1.1.1
nameserver 1.0.0.1
# Too many DNS servers configured, the following entries may be ignored.
nameserver 2606:4700:4700::1111
nameserver 2606:4700:4700::1001
nameserver 2001:nnnn:0:400b::12
nameserver 2001:nnnn:0:400c::12
search michigan
dnsmasq?
# dpkg -l *dnsmasq*
Desired=Unknown/Install/Remove/Purge/Hold
| Status=Not/Inst/Conf-files/Unpacked/halF-conf/Half-inst/trig-aWait/Trig-pend
|/ Err?=(none)/Reinst-required (Status,Err: uppercase=bad)
||/ Name Version Architecture Description
+++-================-=============-============-============================================
un dnsmasq <none> <none> (no description available)
ii dnsmasq-base 2.80-1ubuntu1 amd64 Small caching DNS proxy and DHCP/TFTP server
un dnsmasq-base-lua <none> <none> (no description available)
我根本不想让我的 ISP 的 DNS 参与进来。这是否意味着我的 ISP DNS 无论如何都会记录我的请求?也许不是,也许我们只使用第一个 DNS 来响应,但我不知道。我想了解发生了什么。
我可以设置防火墙规则来拒绝 ISP DNS,一切似乎都很好,但是我应该考虑什么问题吗?