[分享] 解決 GFW 的 DNS 汙染

看板WorkinChina (中國工作)作者jyuny1 (凱文藍)時間12年前 (2014/07/06 18:48)推噓9(9推 0噓 0→)

留言9則, 9人參與討論串1/3 (看更多)

這篇比較偏技術，如果你跟我一樣使用 Macbook/Linux 可以自己動手免除 GFW DNS 汙染 http://www.v2ex.com/t/121025 使用 Windows 的人可以使用 ChinaDNS http://www.v2ex.com/t/118913 已經有人將 Python source code 包成 exe 可以直接使用家庭式的解法就是找臺少用的電腦當主機跑 DNSmasq 或 ChinaDNS 然後將 router 的 DNS query 指向這臺主機便解決或者你可以將這個 patched 過的 DNSmasq corss compile 到 openwrt 上執行也行理論上可以在小米路由上跑... 使用這種方式有以下優點 1. 連線中國境內的網站時 CDN 是中國區而不是其他亂七八糟不知道那個國家的 CDN 導致速度莫名其妙的慢。例如在中國連臺灣的 Apple App store 2. 連線到被牆的網站時拿得到正確的 IP 3. 加速解析到正確域名的時間 4. 免除使用 smart host，也省去手動更新的缺點 5. 應該可以免除一些奇奇怪怪的靈異現象這個是比較偏技術且 dark art，所以恕不提供指導 README.md 已經都寫的非常清楚了使用 DNSMasq 的人如果看到以下類似的訊息表示你成功了 dnsmasq: reply youtube-ui-china.l.google.com is 46.82.174.68 dnsmasq: reply p04-streams.icloud.com.akadns.net is NODATA-IPv6 dnsmasq: reply p04-streams.icloud.com.akadns.net is 17.158.28.21 dnsmasq: query[AAAA] api.twitter.com from 127.0.0.1 dnsmasq: forwarded api.twitter.com to 114.114.114.114 dnsmasq: query[AAAA] 1.courier-sandbox-push-apple.com.akadns.net from 127.0.0.1 dnsmasq: cached 1.courier-sandbox-push-apple.com.akadns.net is NODATA-IPv6 dnsmasq: query[A] e3191.dscc.akamaiedge.net from 127.0.0.1 dnsmasq: cached e3191.dscc.akamaiedge.net is 23.11.125.15 dnsmasq: query[AAAA] us-courier.push-apple.com.akadns.net from 127.0.0.1 dnsmasq: cached us-courier.push-apple.com.akadns.net is NODATA-IPv6 dnsmasq: query[AAAA] youtube-ui-china.l.google.com from 127.0.0.1 dnsmasq: forwarded youtube-ui-china.l.google.com to 114.114.114.114 dnsmasq: reply api.twitter.com is NODATA-IPv6 dnsmasq: reply youtube-ui-china.l.google.com is 2404:6800:4005:804::1009 dnsmasq: query[A] ptt.cc from 127.0.0.1 dnsmasq: forwarded ptt.cc to 114.114.114.114 dnsmasq: query[AAAA] ptt.cc from 127.0.0.1 dnsmasq: forwarded ptt.cc to 114.114.114.114 dnsmasq: reply ptt.cc is 140.112.172.2 dnsmasq: reply ptt.cc is 140.112.172.1 dnsmasq: reply ptt.cc is 140.112.172.11 dnsmasq: reply ptt.cc is 140.112.172.3 dnsmasq: reply ptt.cc is 140.112.172.4 dnsmasq: reply ptt.cc is 140.112.172.5 dnsmasq: reply ptt.cc is NODATA-IPv6 dnsmasq: query[AAAA] p04-keyvalueservice.icloud.com.akadns.net from 127.0.0.1 dnsmasq: forwarded p04-keyvalueservice.icloud.com.akadns.net to 114.114.114.114 dnsmasq: query[A] p04-keyvalueservice.icloud.com.akadns.net from 127.0.0.1 dnsmasq: forwarded p04-keyvalueservice.icloud.com.akadns.net to 114.114.114.114 dnsmasq: reply p04-keyvalueservice.icloud.com.akadns.net is NODATA-IPv6 dnsmasq: reply p04-keyvalueservice.icloud.com.akadns.net is 17.158.28.25 dnsmasq: reply p04-keyvalueservice.icloud.com.akadns.net is 17.158.28.47 reference 1. https://github.com/styx-hy/dnsmasq-chinadns 2. https://www.v2ex.com/t/118885#reply7 3. http://gfwrev.blogspot.jp/2009/11/gfwdns.html -- ※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 101.228.87.34 ※ 文章網址: http://www.ptt.cc/bbs/WorkinChina/M.1404643736.A.6B6.html

推

asdfghjklasd

07/06 19:55, , 1^F

07/06 19:55, 1^F

中間的貓膩有能力就自己體會吧。反正我自己是爽爽用就是了 :-] 況且，VPN 也不是能完全免除 GFW DNS 汙染的呵呵

推

flyingenie

07/06 20:19, , 2^F

07/06 20:19, 2^F

推

pcjustin

07/06 20:22, , 3^F

07/06 20:22, 3^F

推

greenblue

07/06 20:32, , 4^F

07/06 20:32, 4^F

推

Conpanna

07/06 21:10, , 5^F

07/06 21:10, 5^F

推

jerry74

07/06 22:24, , 6^F

07/06 22:24, 6^F

browser 用 PAC (Proxy Automatic Configuration script) 就可以了當然 system-wide 的設定也是有...這個就是看功力了最簡單就是動 routing table 不過現在是用另外一個方法了 :-] ※ 編輯: jyuny1 (101.228.87.34), 07/06/2014 23:25:26

推

scotthsiung

07/07 10:27, , 7^F

07/07 10:27, 7^F

推

kevindump

07/07 13:34, , 8^F

07/07 13:34, 8^F

推

fanntasy

07/07 23:28, , 9^F

07/07 23:28, 9^F