#/etc/mosdns/config.json --- # log config log: level: info # ["debug", "info", "warn", and "error"], default is set to "info" file: "/var/log/mosdns.log" # data source config data_providers: - tag: cn file: "/etc/mosdns/cn.dat" auto_reload: false - tag: geoip file: "/etc/mosdns/geoip.dat" auto_reload: false - tag: geosite file: "/etc/mosdns/geosite.dat" auto_reload: false # server config servers: # main query sequence - exec: sequence_exec timeout: 5 listeners: # --- local port binding --- # # local ipv6 - protocol: udp addr: "[::1]:53" - protocol: tcp addr: "[::1]:53" # local ipv4 - protocol: udp addr: "127.0.0.1:53" - protocol: tcp addr: "127.0.0.1:53" # --- interface binding --- # # lag group - protocol: udp addr: "10.178.0.3:53" - protocol: tcp addr: "10.178.0.3:53" # vlan 17 - protocol: udp addr: "10.189.17.3:53" - protocol: tcp addr: "10.189.17.3:53" # plugin config plugins: # --- Excutable Plugins --- # # cache - tag: "mem_cache" type: "cache" args: size: 1024 # query max number lazy_cache_ttl: 86400 # lazy cache ttl lazy_cache_reply_ttl: 30 # timeout ttl cache_everything: true # ttl - tag: "modify_ttl" type: "ttl" args: minimal_ttl: 300 maximum_ttl: 3600 # --- Domestic DNS --- # # alidns - tag: ali_dos type: forward args: upstream: - addr: "https://dns.alidns.com/dns-query" # DoH server address ip_addr: # server ip addresses - "2400:3200:baba::1" - "223.5.5.5" - "2400:3200::1" - "223.6.6.6" trusted: true - addr: "tls://dns.alidns.com" # TLS server address ip_addr: # server ip addresses - "2400:3200:baba::1" - "223.5.5.5" - "2400:3200::1" - "223.6.6.6" trusted: true bootstrap: - "tls://1.1.1.1" - "https://223.5.5.5/dns-query" timeout: 5 # default timeout # --- Local DNS --- # - tag: localdns type: forward args: upstream: - addr: "178.0.50.6:53" # --- Remote DNS --- # # google dns - tag: google_dos type: forward args: upstream: - addr: "https://dns.google/dns-query" # DoH server address ip_addr: # server ip addresses - "2001:4860:4860::8844" - "8.8.4.4" - "2001:4860:4860::8888" - "8.8.8.8" trusted: true - tag: google_dot type: fast_forward args: upstream: - addr: "tls://dns.google" dial_addr: "8.8.4.4" trusted: true enable_pipeline: true - addr: "tls://dns.google" dial_addr: "2001:4860:4860::8888" trusted: true enable_pipeline: true - addr: "tls://dns.google" dial_addr: "8.8.8.8" trusted: true enable_pipeline: true # cloudflare - tag: cloudflare_dos type: forward args: upstream: - addr: "https://cloudflare-dns.com/dns-query" # DoH server address ip_addr: # server ip addresses - "2606:4700:4700::1001" - "1.0.0.1" - "2606:4700:4700::1111" - "1.1.1.1" trusted: true - tag: cloudflare_dot type: fast_forward args: upstream: - addr: "tls://1dot1dot1dot1.cloudflare-dns.com" dial_addr: "2606:4700:4700::1001" trusted: true enable_pipeline: true - addr: "tls://1dot1dot1dot1.cloudflare-dns.com" dial_addr: "1.0.0.1" trusted: true enable_pipeline: true - addr: "tls://1dot1dot1dot1.cloudflare-dns.com" dial_addr: "2606:4700:4700::1111" trusted: true enable_pipeline: true - addr: "tls://1dot1dot1dot1.cloudflare-dns.com" dial_addr: "1.0.0.1" trusted: true enable_pipeline: true # h3 parallel - tag: google_h3 type: "fast_forward" args: # upstream servers, at lease to configure one, send request in parallel to all servers upstream: - addr: "https://dns.google/dns-query" dial_addr: "2001:4860:4860::8844" trusted: true enable_http3: true - addr: "https://dns.google/dns-query" dial_addr: "8.8.4.4" trusted: true enable_http3: true - addr: "https://dns.google/dns-query" dial_addr: "2001:4860:4860::8888" trusted: true enable_http3: true - addr: "https://dns.google/dns-query" dial_addr: "8.8.8.8" trusted: true enable_http3: true - tag: cloudflare_h3 type: "fast_forward" args: upstream: - addr: "https://cloudflare-dns.com/dns-query" dial_addr: "2606:4700:4700::1001" trusted: true enable_http3: true - addr: "https://cloudflare-dns.com/dns-query" dial_addr: "1.0.0.1" trusted: true enable_http3: true - addr: "https://cloudflare-dns.com/dns-query" dial_addr: "2606:4700:4700::1111" trusted: true enable_http3: true - addr: "https://cloudflare-dns.com/dns-query" dial_addr: "1.1.1.1" trusted: true enable_http3: true # doq backup resolver - tag: adguard type: forward args: upstream: - addr: "quic://dns-unfiltered.adguard.com" # DoQ server ip_addr: # server addresses - "2a10:50c0::1:ff" - "94.140.14.140" - "2a10:50c0::2:ff" - "94.140.14.141" trusted: true # --- query matcher --- # # query - CN domains - tag: query_cn type: query_matcher args: domain: - "provider:geosite:cn" # query - GFW domains - tag: query_gfw type: query_matcher args: domain: - "provider:geosite:gfw" # query - non-CN domains - tag: query_notcn type: query_matcher args: domain: - "provider:geosite:geolocation-!cn" # query - ad - tag: query_ad type: query_matcher args: domain: - "provider:geosite:category-ads-all" # query - CN IP - tag: response_cnip type: response_matcher args: ip: - "provider:geoip:cn" # --- Sequence --- # # local sequence - tag: local type: sequence args: exec: # - primary: - parallel: - - ali_dos # secondary: # - localdns # fast_fallback: 600 # always_standby: true # remote sequence - tag: remote type: sequence args: exec: # - primary: - parallel: - - google_dos - - cloudflare_dos - - google_dot - - cloudflare_dot - - adguard # secondary - - google_h3 - - cloudflare_h3 # secondary: # - adguard # fast_fallback: 600 # always_standby: true # main_sequence - tag: main_sequence type: sequence args: exec: # Ad - if: query_ad exec: - _new_nxdomain_response # empty response - _return # CN domains - if: "query_cn" exec: - _prefer_ipv4 # ipv4 as priority - _pad_query - local # local ip as result - if: "response_cnip" # cnip as result exec: - _return # end # non-CN domains - if: query_notcn exec: - _prefer_ipv4 # ipv4 as priority - _pad_query - remote # uncontaminated ip - if: "!response_cnip" # non-CN ip as result exec: - _return # end # other condition - primary: - _prefer_ipv4 - _pad_query - remote secondary: - _prefer_ipv4 - _pad_query - local fast_fallback: 400 always_standby: true # --- sequence execution --- # - tag: sequence_exec type: sequence args: exec: - parallel: - - mem_cache # cache - - main_sequence # run main query sequence - - modify_ttl