Earlier this week I talked about how Your Computer is not a Black Box and I spent some time in TCPView and at the command line exploring open ports on my computer. I was doing this in order to debug an issue with a local DNS server I was playing with, so I thought I'd take a moment and look at that server itself.
本周早些时候,我谈到了您的计算机不是黑盒子,我花了一些时间在TCPView和命令行中探索计算机上的开放端口。 我这样做是为了调试正在使用的本地DNS服务器的问题,所以我想花点时间看一下该服务器本身。
The Technitium DNS Server is a personal local DNS server (FOSS on GitHub) written in C# and it runs on Windows, macOS, Linux, Raspberry Pi, etc. I downloaded the Portable app.
Technitium DNS服务器是用C#编写的个人本地DNS服务器(在GitHub上为FOSS ),可在Windows,macOS,Linux,Raspberry Pi等操作系统上运行。我下载了Portable应用程序。
For Windows folks who aren't used to .tar.gz files, remember to "eXtract Zie Files!" with "tar -xzvf DnsServerPortable.tar.gz -C ./TechnitiumDNS/" and it's also worth reminding you all that tar.exe, curl.exe, wget.exe and more are all included in Windows 10 and have been since 2017. If that's too hard, use 7zip.
对于不习惯使用.tar.gz文件的Windows用户,请记住“压缩Zie文件!” 使用“ tar -xzvf DnsServerPortable.tar.gz -C ./TechnitiumDNS/”,还应该提醒您所有tar.exe,curl.exe,wget.exe等都包含在Windows 10中,并且自2017年以来一直存在。如果太难了,请使用7zip 。
Technitium DNS is pretty cool, you just unzip/tar it and run start.sh or start.bat and it "just works." Of course, I did have a process already on port 53 - DNS - so I did a little debugging, but that was my fault.
Technitium DNS非常酷,您只需解压缩/压缩它并运行start.sh或start.bat,它“就可以工作”。 当然,我确实在端口53-DNS上已经有一个进程-所以我做了一些调试,但这是我的错。
Here's the local web UI that you can use to administer the server locally. You can forward to whatever upstream DNS server you'd like, with the added bonus that the forwarder can be DNS over HTTPS so you can use things like CloudFlare, Google, or Cloud9. Using DNS over HTTPS means your DNS lookups can be secured with DNSSEC and are far more secure and private than regular DNS over UDP/TCP.
这是本地Web UI,可用于在本地管理服务器。 您可以转发到您想要的任何上游DNS服务器,此外,转发器可以是基于HTTPS的DNS,因此可以使用CloudFlare ,Google或Cloud9之类的东西。 使用基于HTTPS的DNS意味着您的DNS查找可以使用DNSSEC进行保护,并且比基于UDP / TCP的常规DNS更加安全和私有。
Technitium also includes support for DNS Sinkholes (similar to how I use my Pi-Hole) and Block List URLs. It'll automatically download block lists daily and block ads.
Technitium还包括对DNS接收器漏洞(类似于我使用Pi-Hole的方式)和阻止列表URL的支持。 它会每天自动下载阻止列表并屏蔽广告。
It's also educational to try running your own DNS server and it's fun to read the code! The code for Technitium's DNS Server is up at https://github.com/TechnitiumSoftware/DnsServer and is super interesting from a networking perspective, but also from an C# perspective. It's a very interesting example of some .NET Core code at a very low level and I'm thrilled that it works on every operating system.
尝试运行自己的DNS服务器也是很有教育意义的,阅读代码很有趣! Technitium的DNS服务器的代码位于https://github.com/TechnitiumSoftware/DnsServer ,从网络角度还是C#角度都非常有趣。 这是一个非常有趣的低级.NET Core代码示例,我很高兴它适用于所有操作系统。
There's even bash scripts for setting Technitium up on your RaspberryPi or Ubuntu to make it easy. If you are using Windows and don't care about .NET Core you can use the .NET that's included with Windows and Technitum has a Tray app and Installer as well.
甚至还有bash脚本,用于在RaspberryPi或Ubuntu上设置Technitium,以使其变得容易。 如果您使用的是Windows,并且不关心.NET Core,则可以使用Windows附带的.NET,并且Technitum还具有Tray应用程序和Installer 。
Some of the code isn't "idiomatic" C#/.NET Core but it's interesting to read about. The main DnsWebService.cs is pretty intense as it doesn't use any ASP.NET Core routing or primitives. It's a complete webserver written using only System.Net and its own support libraries, along with some of the lower-level Newtonsoft.Json libraries.
有些代码不是“惯用的” C#/。NET Core,但有趣的是它。 主DnsWebService.cs非常密集,因为它不使用任何ASP.NET Core路由或原语。 它是仅使用System.Net和其自己的支持库以及一些较低级别的Newtonsoft.Json库编写的完整Web服务器。
The main DnsServer is also quite low level and very performant. It lives in DnsServer.cs. It opens up n sockets (depending on how many ports you bind to) and starts accepting connections here. DNS Datagrams start getting parsed here, right off the stream. The supporting libraries and networking helper code lives over at https://github.com/TechnitiumSoftware/TechnitiumLibrary which is a wealth of interesting and useful code covering BitTorrent, Mail, and Firewall management. There's a ton of OO representations of networking concepts, and all the DNS records are parsed manually.
主DnsServer的级别也很低且性能很高。 它位于DnsServer.cs中。 它打开n个套接字(取决于您绑定的端口数)并在此处开始接受连接。 DNS数据报在这里立即开始解析。 支持的库和网络帮助程序代码位于https://github.com/TechnitiumSoftware/TechnitiumLibrary ,该代码是许多有趣且有用的代码,涉及BitTorrent,邮件和防火墙管理。 网络概念有大量的OO表示,并且所有DNS记录都是手动解析的。
Technitium has a DNS Server, client, Mac Address Changer, and open source instant messenger. The developer is extremely prolific. They even host a version of "Get HTTPS for free" that works with Windows and makes getting Let's Encrypt certificates super easy.
Technitium具有DNS服务器,客户端,Mac Address Changer和开源即时通讯程序。 开发人员的生产力很高。 他们甚至托管与Windows一起使用的“免费获取HTTPS ”版本,并使获得“加密加密”证书变得异常容易。
Anyway, I've been enjoying exploring DNS again and reminding myself not only that it still works great (since I learned about DNS from sniffing packets in networking class) and it's been updated and improved with caches, DNSSEC, DNS over HTTP and more in the years following.
无论如何,我一直在享受再次探索DNS的乐趣,并提醒自己不仅它仍然有效(因为我从嗅探网络类中的数据包中学到了DNS),并且通过缓存,DNSSEC,HTTP上的DNS等对它进行了更新和改进。接下来的几年。
Here I've set my IPv4 DNS to 127.0.0.1 and my IPv6 DNS to ::1, then I run NSLookup and try some domain lookups.
在这里,我将IPv4 DNS设置为127.0.0.1,将IPv6 DNS设置为:: 1,然后运行NSLookup并尝试一些域查找。
Again, to be clear, the local DNS server took these lookups and then forwarded them upstream to another server. However, you have the choice for your upstream lookups to be done over whatever protocols you want, you can use Google, OpenDNS, Quad9 (with DNSSEC or without), and on and on.
同样,要清楚一点,本地DNS服务器接受了这些查找,然后将它们向上游转发到另一台服务器。 但是,您可以选择通过所需的任何协议来进行上游查找,可以使用Google,OpenDNS,Quad9(带或不带DNSSEC)以及不间断的方式。
Are you running your own DNS Server?
您正在运行自己的DNS服务器吗?
Sponsor: Manage GitHub Pull Requests right from the IDE with the latest JetBrains Rider. An integrated performance profiler on Windows comes to the rescue as well.
赞助商:使用最新的JetBrains Rider从IDE直接管理GitHub Pull Requests。 Windows上的集成性能分析器也可以解决。
关于斯科特 (About Scott)
Scott Hanselman is a former professor, former Chief Architect in finance, now speaker, consultant, father, diabetic, and Microsoft employee. He is a failed stand-up comic, a cornrower, and a book author.
斯科特·汉塞尔曼(Scott Hanselman)是前教授,前金融首席架构师,现在是演讲者,顾问,父亲,糖尿病患者和Microsoft员工。 他是一位失败的单口相声漫画家,一个玉米种植者和一本书的作者。
翻译自: https://www.hanselman.com/blog/exploring-dns-with-the-net-core-based-technitium-dns-server