mirrors/dae
1
0
Fork 0
mirror of https://github.com/daeuniverse/dae.git synced 2025-07-10 07:48:48 +07:00
Code Issues Packages Projects Releases Wiki Activity

docs: guide for external dns

Browse Source
This commit is contained in:
mzz2017
2023-03-13 22:33:17 +08:00
parent 207c3430eb
commit 96967d59c8
3 changed files with 93 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

91
docs/getting-started/external-dns.md Normal file
View File

@ -0,0 +1,91 @@
# Use External DNS
> **Note**
> DNS request should be forwarded by dae for domain based traffic split. This guide will show you how to configure dae with external DNS.
If you use a external DNS like AdguardHome, you could refer to the following guide.
## External DNS on localhost
If you set up a external DNS on localhost, you may want to let the DNS queries to dns.google proxied. For example, if you have following configuration in AdguardHome:
```
Listen on: the same machine with dae, port 53.
China mainland: udp://223.5.5.5:53
Others: https://dns.google/dns-query
```
You should configure dae as follows:
1. Complete `wan_interface` in "global" section to proxy requests of AdguardHome.
2. Insert following rule as the first line of "routing" section to avoid loops.
```python
pname(AdGuardHome) && l4proto(udp) && dport(53) -> must_direct
```
And make sure domain `dns.google` will be proxied in routing rules.
3. Add upstream and request to section "dns".
```
dns {
upstream {
adguardhome: 'udp://127.0.0.1:53'
}
request {
fallback: adguardhome
}
}
```
4. If you bind to LAN, make sure your DHCP server will distribute dae as the DNS server (DNS request should be forwarded by dae for domain based traffic split).
## External DNS on another machine in LAN
If you set up a external DNS on another machine in LAN, you may want to let the DNS queries to dns.google proxied. For example, if you have following configuration in AdguardHome:
```
Listen on: 192.168.30.3:53 (mac address: 8c:16:45:36:1c:5a)
China mainland: udp://223.5.5.5:53
Others: https://dns.google/dns-query
```
You should configure dae as follows:
1. Fill in `lan_interface` in "global" section to proxy requests of AdguardHome.
2. Insert following rule as the first line of "routing" section to avoid loops.
```python
sip(192.168.30.3) && l4proto(udp) && dport(53) -> must_direct
# Or use MAC address if in the same link:
# mac(8c:16:45:36:1c:5a) && l4proto(udp) && dport(53) -> must_direct
```
And make sure domain `dns.google` will be proxied in routing rules.
3. Add upstream and request to section "dns".
```
dns {
upstream {
adguardhome: 'udp://192.168.30.3:53'
}
request {
fallback: adguardhome
}
}
```
4. If you bind to LAN, make sure your DHCP server will distribute dae as the DNS server (DNS request should be forwarded by dae for domain based traffic split).
##
```
```

2
docs/getting-started/kernel-upgrade.md
View File

@ -15,7 +15,7 @@ Upgrading the Linux kernel is not easy; you must do this only if you find securi
Before you start upgrading your Linux kernel, you must know the Kernels `current version` running inside your host machine. You may do so by `uname -r`. In case of `eBPF`, the minimum required version is `>= 5.8` Before you start upgrading your Linux kernel, you must know the Kernels `current version` running inside your host machine. You may do so by `uname -r`. In case of `eBPF`, the minimum required version is `>= 5.8`
Various Linux distributions have different methods to upgrade the Linux kernel. This guide convers ways to upgrade the kernel to a desired version for most `Armbian Linux`, `Debian-based Linux`, `RedHar, Fedora based Linux`, and `Arch-based Linux` distributions. Various Linux distributions have different methods to upgrade the Linux kernel. This guide convers ways to upgrade the kernel to a desired version for most `Armbian Linux`, `Debian-based Linux`, `RedHat, Fedora based Linux`, and `Arch-based Linux` distributions.
> **Note** > **Note**
> Since `dae` is builts with `eBPF`, your host must meet the minimum Kernel version, `>= 5.8` for dae to properly running. > Since `dae` is builts with `eBPF`, your host must meet the minimum Kernel version, `>= 5.8` for dae to properly running.

2
example.dae
View File

@ -122,7 +122,7 @@ routing {
# If you bind to WAN and set upstream (in section "dns") to a DNS service in localhost (dnsmasq, adguard, etc.), # If you bind to WAN and set upstream (in section "dns") to a DNS service in localhost (dnsmasq, adguard, etc.),
# to avoid loops, let them "must_direct", which makes DNS requests not redirect back to dae again. # to avoid loops, let them "must_direct", which makes DNS requests not redirect back to dae again.
# "pname" means process name. # "pname" means process name.
#pname(dnsmasq) && l4proto(udp) && port(53) -> must_direct #pname(dnsmasq) && l4proto(udp) && dport(53) -> must_direct
# Network managers in localhost should be direct to avoid false negative network connectivity check when binding to # Network managers in localhost should be direct to avoid false negative network connectivity check when binding to
# WAN. # WAN.