29 พฤษภาคม 2569

Mikrotik container : PowerDNS DNSdist

/interface veth
add address=10.0.0.20/24 gateway=10.0.0.1 name=veth-dnsdist

/interface bridge port
add bridge=br-lan interface=veth-dnsdist

/file
add name="/dnsdist-conf/dnsdist.conf" \
contents="setLocal('0.0.0.0:53')\n\
\n\
setACL(\"0.0.0.0/0\")\n\
\n\
webserver(\"0.0.0.0:8083\")\n\
setWebserverConfig({\n\
\tpassword=hashPassword(\"admin\"),\n\
\tapiKey=hashPassword(\"admin\"),\n\
\tacl=\"0.0.0.0/0\"\n\
})\n\
\n\
newServer({\n\
\tname=\"cloudflare-DoT\",\n\
\taddress=\"1.1.1.1:853\",\n\
\ttls=\"openssl\",\n\
\tsubjectName=\"1.1.1.1\",\n\
\tvalidateCertificates=true,\n\
\tpool=\"main-pool\",\n\
\n\
\thealthCheckMode = \"lazy\",\n\
\tcheckInterval = 30,\n\
\tmaxCheckFailures = 3,\n\
\trise = 2,\n\
\tcheckName = \"cloudflare-dns.com\"\n\
})\n\
\n\
newServer({\n\
\tname=\"google-DoT\",\n\
\taddress=\"8.8.8.8:853\",\n\
\ttls=\"openssl\",\n\
\tsubjectName=\"8.8.8.8\",\n\
\tvalidateCertificates=true,\n\
\tpool=\"main-pool\",\n\
\n\
\thealthCheckMode = \"lazy\",\n\
\tcheckInterval = 30,\n\
\tmaxCheckFailures = 3,\n\
\trise = 2,\n\
\tcheckName = \"dns.google\"\n\
})\n\
\n\
newServer({\n\
\tname=\"quad9-DoT\",\n\
\taddress=\"9.9.9.9:853\",\n\
\ttls=\"openssl\",\n\
\tsubjectName=\"9.9.9.9\",\n\
\tvalidateCertificates=true,\n\
\tpool=\"main-pool\",\n\
\n\
\thealthCheckMode = \"lazy\",\n\
\tcheckInterval = 30,\n\
\tmaxCheckFailures = 3,\n\
\trise = 2,\n\
\tcheckName = \"dns.quad9.com\"\n\
})\n\
\n\
newServer({\n\
\tname=\"cloudflare-DoH\",\n\
\taddress=\"1.1.1.1:443\",\n\
\ttls=\"openssl\",\n\
\tsubjectName=\"1.1.1.1\",\n\
\tdohPath=\"/dns-query\",\n\
\tvalidateCertificates=true,\n\
\tpool=\"main-pool\",\n\
\n\
\thealthCheckMode = \"lazy\",\n\
\tcheckInterval = 30,\n\
\tmaxCheckFailures = 3,\n\
\trise = 2,\n\
\tcheckName = \"cloudflare-dns.com\"\n\
})\n\
\n\
newServer({\n\
\tname=\"google-DoH\",\n\
\taddress=\"8.8.8.8:443\",\n\
\ttls=\"openssl\",\n\
\tsubjectName=\"8.8.8.8\",\n\
\tdohPath=\"/dns-query\",\n\
\tvalidateCertificates=true,\n\
\tpool=\"main-pool\",\n\
\n\
\thealthCheckMode = \"lazy\",\n\
\tcheckInterval = 30,\n\
\tmaxCheckFailures = 3,\n\
\trise = 2,\n\
\tcheckName = \"dns.google\"\n\
})\n\
\n\
newServer({\n\
\tname=\"quad9-DoH\",\n\
\taddress=\"9.9.9.9:443\",\n\
\ttls=\"openssl\",\n\
\tsubjectName=\"9.9.9.9\",\n\
\tdohPath=\"/dns-query\",\n\
\tvalidateCertificates=true,\n\
\tpool=\"main-pool\",\n\
\n\
\thealthCheckMode = \"lazy\",\n\
\tcheckInterval = 30,\n\
\tmaxCheckFailures = 3,\n\
\trise = 2,\n\
\tcheckName = \"dns.quad9.com\"\n\
})\n\
\n\
setServerPolicy(leastOutstanding)\n\
\n\
global_cache = newPacketCache(10000)\n\
getPool(\"main-pool\"):setCache(global_cache)\n\
\n\
addAction(AllRule(), PoolAction(\"main-pool\"))\n"

/container/mounts
add list=dnsdist-conf src="/dnsdist-conf/dnsdist.conf" dst="/etc/dnsdist/dnsdist.conf"

/container
add name=dnsdist \
interface=veth-dnsdist \
remote-image="registry-1.docker.io/powerdns/dnsdist-19:latest" \
mountlists=dnsdist-conf \
root-dir="/dnsdist-root" \
user=0 \
start-on-boot=yes \
logging=yes
เขียนโดย ที่

Mikrotik container : AdGuard DNS Proxy

/interface veth
add address=10.0.0.20/24 gateway=10.0.0.1 name=veth-dnsproxy

/interface bridge port
add bridge=br-lan interface=veth-dnsproxy

/container
add name=dnsproxy \
interface=veth-dnsproxy \
remote-image=registry-1.docker.io/adguard/dnsproxy:latest \
root-dir=/dnsproxy \
cmd="--upstream-mode parallel \
-u h3://1.1.1.1/dns-query \
-u h3://8.8.8.8/dns-query \
-u h3://9.9.9.9/dns-query \
-u tls://1.1.1.1 \
-u tls://8.8.8.8 \
-u tls://9.9.9.9 \
-u quic://9.9.9.9" \
start-on-boot=yes \
logging=yes
เขียนโดย ที่
สมัครสมาชิก: บทความ (Atom)