上传SQL

IP库查询结果显示城市
增加通过IP来搜索IP名单的API
2021-08-15 20:20:06 +08:00 · 2021-08-15 20:08:04 +08:00 · 2021-08-15 15:42:32 +08:00 · 2021-08-15 10:39:41 +08:00 · 2021-08-14 21:33:17 +08:00 · 2021-08-14 18:07:20 +08:00
117 changed files with 4841 additions and 484 deletions
--- a/build/build.sh
+++ b/build/build.sh
@@ -23,7 +23,7 @@ function build() {
 	VERSION=$(lookup-version $ROOT/../internal/const/const.go)
 	ZIP="${NAME}-${OS}-${ARCH}-${TAG}-v${VERSION}.zip"

-	# check edge-node
+	# build edge-node
 	NodeVersion=$(lookup-version $ROOT"/../../EdgeNode/internal/const/const.go")
 	echo "building edge-node v${NodeVersion} ..."
 	EDGE_NODE_BUILD_SCRIPT=$ROOT"/../../EdgeNode/build/build.sh"
@@ -35,7 +35,11 @@ function build() {
 	echo "=============================="
 	architects=("amd64" "386" "arm64" "mips64" "mips64le")
 	for arch in "${architects[@]}"; do
-		./build.sh linux $arch $TAG
+		if [ ! -f $ROOT"/../../EdgeNode/dist/edge-node-linux-${arch}-${TAG}-v${NodeVersion}.zip" ]; then
+			./build.sh linux $arch $TAG
+		else
+			echo "use built node linux/$arch/v${NodeVersion}"
+		fi
 	done
 	echo "=============================="
 	cd -
@@ -45,6 +49,32 @@ function build() {
 		cp $ROOT"/../../EdgeNode/dist/edge-node-linux-${arch}-${TAG}-v${NodeVersion}.zip" $ROOT/deploy/edge-node-linux-${arch}-v${NodeVersion}.zip
 	done

+	# build edge-dns
+	if [ "$TAG" = "plus" ]; then
+		DNS_ROOT=$ROOT"/../../EdgeDNS"
+		if [ -d $DNS_ROOT  ]; then
+			DNSNodeVersion=$(lookup-version $ROOT"/../../EdgeDNS/internal/const/const.go")
+			echo "building edge-dns ${DNSNodeVersion} ..."
+			EDGE_DNS_NODE_BUILD_SCRIPT=$ROOT"/../../EdgeDNS/build/build.sh"
+			if [ ! -f $EDGE_DNS_NODE_BUILD_SCRIPT ]; then
+				echo "unable to find edge-dns build script 'EdgeDNS/build/build.sh'"
+				exit
+			fi
+			cd $ROOT"/../../EdgeDNS/build"
+			echo "=============================="
+			architects=("amd64")
+			for arch in "${architects[@]}"; do
+				./build.sh linux $arch $TAG
+			done
+			echo "=============================="
+			cd -
+
+			for arch in "${architects[@]}"; do
+				cp $ROOT"/../../EdgeDNS/dist/edge-dns-linux-${arch}-v${DNSNodeVersion}.zip" $ROOT/deploy/edge-dns-linux-${arch}-v${DNSNodeVersion}.zip
+			done
+		fi
+	fi
+
 	# build sql
 	echo "building sql ..."
 	${ROOT}/sql.sh
@@ -66,14 +96,22 @@ function build() {
 	rm -f $DIST/resources/ipdata/ip2region/global_region.csv
 	rm -f $DIST/resources/ipdata/ip2region/ip.merge.txt

-	# building installer
-	echo "building installer ..."
+	# building edge installer
+	echo "building node installer ..."
 	architects=("amd64" "386" "arm64")
 	for arch in "${architects[@]}"; do
 		# TODO support arm, mips ...
 		env GOOS=linux GOARCH=${arch} go build -tags $TAG --ldflags="-s -w" -o $ROOT/installers/edge-installer-helper-linux-${arch} $ROOT/../cmd/installer-helper/main.go
 	done

+	# building edge dns installer
+	echo "building dns node installer ..."
+	architects=("amd64" "386" "arm64")
+	for arch in "${architects[@]}"; do
+		# TODO support arm, mips ...
+		env GOOS=linux GOARCH=${arch} go build -tags $TAG --ldflags="-s -w" -o $ROOT/installers/edge-installer-dns-helper-linux-${arch} $ROOT/../cmd/installer-dns-helper/main.go
+	done
+
 	# building api node
 	env GOOS=$OS GOARCH=$ARCH go build -tags $TAG --ldflags="-s -w" -o $DIST/bin/edge-api $ROOT/../cmd/edge-api/main.go

--- a/cmd/edge-api/main.go
+++ b/cmd/edge-api/main.go
@@ -50,7 +50,7 @@ func main() {
 			fmt.Println("ERROR: " + err.Error())
 			return
 		}
-		err = executor.Run()
+		err = executor.Run(true)
 		if err != nil {
 			fmt.Println("ERROR: " + err.Error())
 			return
--- a/cmd/installer-dns-helper/main.go
+++ b/cmd/installer-dns-helper/main.go
@@ -0,0 +1,73 @@
+package main
+
+import (
+	"flag"
+	"github.com/TeaOSLab/EdgeAPI/internal/utils"
+	"github.com/iwind/gosock/pkg/gosock"
+	"os"
+	"os/exec"
+)
+
+func main() {
+	cmd := ""
+	flag.StringVar(&cmd, "cmd", "", "command name: [unzip]")
+
+	// unzip
+	zipPath := ""
+	targetPath := ""
+	flag.StringVar(&zipPath, "zip", "", "zip path")
+	flag.StringVar(&targetPath, "target", "", "target dir")
+
+	// parse
+	flag.Parse()
+
+	if len(cmd) == 0 {
+		stderr("need '-cmd=COMMAND' argument")
+	} else if cmd == "test" {
+		// 检查是否正在运行
+		var sock = gosock.NewTmpSock("edge-dns")
+		if sock.IsListening() {
+			// 从systemd中停止
+			systemctl, _ := exec.LookPath("systemctl")
+			if len(systemctl) > 0 {
+				systemctlCmd := exec.Command(systemctl, "stop", "edge-dns")
+				_ = systemctlCmd.Run()
+			}
+
+			// 从进程中停止
+			if sock.IsListening() {
+				_, _ = sock.Send(&gosock.Command{
+					Code: "stop",
+				})
+			}
+		}
+	} else if cmd == "unzip" { // 解压
+		if len(zipPath) == 0 {
+			stderr("ERROR: need '-zip=PATH' argument")
+			return
+		}
+		if len(targetPath) == 0 {
+			stderr("ERROR: need '-target=TARGET' argument")
+			return
+		}
+
+		unzip := utils.NewUnzip(zipPath, targetPath)
+		err := unzip.Run()
+		if err != nil {
+			stderr("ERROR: " + err.Error())
+			return
+		}
+
+		stdout("ok")
+	} else {
+		stderr("ERROR: not recognized command '" + cmd + "'")
+	}
+}
+
+func stdout(s string) {
+	_, _ = os.Stdout.WriteString(s + "\n")
+}
+
+func stderr(s string) {
+	_, _ = os.Stderr.WriteString(s + "\n")
+}
--- a/cmd/installer-helper/main.go
+++ b/cmd/installer-helper/main.go
@@ -3,8 +3,9 @@ package main
 import (
 	"flag"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils"
-	"net"
+	"github.com/iwind/gosock/pkg/gosock"
 	"os"
+	"os/exec"
 )

 func main() {
@@ -24,11 +25,21 @@ func main() {
 		stderr("need '-cmd=COMMAND' argument")
 	} else if cmd == "test" {
 		// 检查是否正在运行
-		path := os.TempDir() + "/edge-node.sock"
-		conn, err := net.Dial("unix", path)
-		if err == nil {
-			_ = conn.Close()
-			stderr("test node status: edge node is running now, can not install again")
+		var sock = gosock.NewTmpSock("edge-node")
+		if sock.IsListening() {
+			// 从systemd中停止
+			systemctl, _ := exec.LookPath("systemctl")
+			if len(systemctl) > 0 {
+				systemctlCmd := exec.Command(systemctl, "stop", "edge-node")
+				_ = systemctlCmd.Run()
+			}
+
+			// 从进程中停止
+			if sock.IsListening() {
+				_, _ = sock.Send(&gosock.Command{
+					Code: "stop",
+				})
+			}
 		}
 	} else if cmd == "unzip" { // 解压
 		if len(zipPath) == 0 {
--- a/go.mod
+++ b/go.mod
@@ -4,8 +4,6 @@ go 1.15

 replace github.com/TeaOSLab/EdgeCommon => ../EdgeCommon

-
-
 require (
 	github.com/StackExchange/wmi v0.0.0-20190523213315-cbe66965904d // indirect
 	github.com/TeaOSLab/EdgeCommon v0.0.0-00010101000000-000000000000
@@ -16,8 +14,9 @@ require (
 	github.com/go-sql-driver/mysql v1.5.0
 	github.com/go-yaml/yaml v2.1.0+incompatible
 	github.com/golang/protobuf v1.5.2
-	github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060
+	github.com/iwind/TeaGo v0.0.0-20210809112119-a57ed0e84e34
 	github.com/iwind/gosock v0.0.0-20210722083328-12b2d66abec3
+	github.com/json-iterator/go v1.1.11 // indirect
 	github.com/lionsoul2014/ip2region v2.2.0-release+incompatible
 	github.com/mozillazg/go-pinyin v0.18.0
 	github.com/pkg/sftp v1.12.0
--- a/go.sum
+++ b/go.sum
@@ -181,8 +181,11 @@ github.com/hpcloud/tail v1.0.0/go.mod h1:ab1qPbhIpdTxEkNHXyeSf5vhxWSCs/tWer42PpO
 github.com/ianlancetaylor/demangle v0.0.0-20181102032728-5e5cf60278f6/go.mod h1:aSSvb/t6k1mPoxDqO4vJh6VOCGPwU4O0C2/Eqndh1Sc=
 github.com/iij/doapi v0.0.0-20190504054126-0bbf12d6d7df/go.mod h1:QMZY7/J/KSQEhKWFeDesPjMj+wCHReeknARU3wqlyN4=
 github.com/iwind/TeaGo v0.0.0-20210411134150-ddf57e240c2f/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
-github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060 h1:qdLtK4PDXxk2vMKkTWl5Fl9xqYuRCukzWAgJbLHdfOo=
 github.com/iwind/TeaGo v0.0.0-20210628135026-38575a4ab060/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
+github.com/iwind/TeaGo v0.0.0-20210806054428-5534da0db9d1 h1:AZKkwTNEZYrpyv62zIkxpLJsWhfOS7OEFovAcwd0aco=
+github.com/iwind/TeaGo v0.0.0-20210806054428-5534da0db9d1/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
+github.com/iwind/TeaGo v0.0.0-20210809112119-a57ed0e84e34 h1:ZCNQXLiGF5Z1cV3Pi03zCWzwwjPfsI5XhcrNhTvCFIU=
+github.com/iwind/TeaGo v0.0.0-20210809112119-a57ed0e84e34/go.mod h1:KU4mS7QNiZ7QWEuDBk1zw0/Q2LrAPZv3tycEFBsuUwc=
 github.com/iwind/gosock v0.0.0-20210722083328-12b2d66abec3 h1:aBSonas7vFcgTj9u96/bWGILGv1ZbUSTLiOzcI1ZT6c=
 github.com/iwind/gosock v0.0.0-20210722083328-12b2d66abec3/go.mod h1:H5Q7SXwbx3a97ecJkaS2sD77gspzE7HFUafBO0peEyA=
 github.com/jmespath/go-jmespath v0.0.0-20180206201540-c2b33e8439af/go.mod h1:Nht3zPeWKUH0NzdCt2Blrr5ys8VGpn0CEB0cQHVjt7k=
@@ -191,8 +194,9 @@ github.com/jmespath/go-jmespath v0.3.0/go.mod h1:9QtRXoHjLGCJ5IBSaohpXITPlowMeeY
 github.com/json-iterator/go v1.1.5/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.6/go.mod h1:+SdeFBvtyEkXs7REEP0seUULqWtbJapLOCVDaaPEHmU=
 github.com/json-iterator/go v1.1.7/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
-github.com/json-iterator/go v1.1.10 h1:Kz6Cvnvv2wGdaG/V8yMvfkmNiXq9Ya2KUv4rouJJr68=
 github.com/json-iterator/go v1.1.10/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
+github.com/json-iterator/go v1.1.11 h1:uVUAXhF2To8cbw/3xN3pxj6kk7TYKs98NIrTqPlMWAQ=
+github.com/json-iterator/go v1.1.11/go.mod h1:KdQUCv79m/52Kvf8AW2vK1V8akMuk1QjK/uOdHXbAo4=
 github.com/jstemmer/go-junit-report v0.0.0-20190106144839-af01ea7f8024/go.mod h1:6v2b51hI/fHJwM22ozAgKL4VKDeJcHhJFhtBdhmNjmU=
 github.com/jstemmer/go-junit-report v0.9.1/go.mod h1:Brl9GWCQeLvo8nXZwPNNblvFj/XSXhF0NWZEnDohbsk=
 github.com/jtolds/gls v4.20.0+incompatible h1:xdiiI2gbIgH/gLH7ADydsJ1uDOEzR8yvV7C0MuV77Wo=
@@ -399,6 +403,7 @@ golang.org/x/net v0.0.0-20200226121028-0de0cce0169b/go.mod h1:z5CRVTTTmAJ677TzLL
 golang.org/x/net v0.0.0-20200301022130-244492dfa37a/go.mod h1:z5CRVTTTmAJ677TzLLGU+0bjPO0LkuOLi4/5GtJWs/s=
 golang.org/x/net v0.0.0-20200520004742-59133d7f0dd7/go.mod h1:qpuaurCH72eLCgpAm/N6yyVIVM9cpaDIP3A8BGJEC5A=
 golang.org/x/net v0.0.0-20200822124328-c89045814202/go.mod h1:/O7V0waA8r7cgGh81Ro3o1hOxt32SMVPicZroKQ2sZA=
+golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg=
 golang.org/x/net v0.0.0-20210405180319-a5a99cb37ef4/go.mod h1:p54w0d4576C0XHj96bSt6lcn1PtDYWL6XObtHCRCNQM=
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e h1:XpT3nA5TvE525Ne3hInMh6+GETgn27Zfm9dxsThnX2Q=
 golang.org/x/net v0.0.0-20210614182718-04defd469f4e/go.mod h1:9nx3DQGgdP8bBQD5qxJ1jj9UTztislL4KSBs9R2vV5Y=
@@ -451,6 +456,7 @@ golang.org/x/sys v0.0.0-20200302150141-5c8b2ff67527/go.mod h1:h1NjWce9XRLGQEsW7w
 golang.org/x/sys v0.0.0-20200323222414-85ca7c5b95cd/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20200519105757-fe76b779f299/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
+golang.org/x/sys v0.0.0-20210303074136-134d130e1a04/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210316164454-77fc1eacc6aa/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210330210617-4fbd30eecc44/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
 golang.org/x/sys v0.0.0-20210423082822-04245dca01da/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs=
--- a/internal/const/const.go
+++ b/internal/const/const.go
@@ -1,7 +1,7 @@
 package teaconst

 const (
-	Version = "0.2.7"
+	Version = "0.2.9"

 	ProductName   = "Edge API"
 	ProcessName   = "edge-api"
@@ -18,9 +18,9 @@ const (

 	// 其他节点版本号，用来检测是否有需要升级的节点

-	NodeVersion          = "0.2.7"
+	NodeVersion          = "0.2.8"
 	UserNodeVersion      = "0.0.10"
 	AuthorityNodeVersion = "0.0.2"
 	MonitorNodeVersion   = "0.0.2"
-	DNSNodeVersion       = "0.0.3"
+	DNSNodeVersion       = "0.1.0"
 )
--- a/internal/db/db_test.go
+++ b/internal/db/db_test.go
@@ -33,7 +33,7 @@ func TestDB_Instance(t *testing.T) {
 					if err == driver.ErrBadConn {
 						return
 					}
-					t.Fatal(i, "exec:", err)
+					t.Error(i, "exec:", err)
 				}
 				time.Sleep(1 * time.Second)
 			}
--- a/internal/db/models/db_node_initializer.go
+++ b/internal/db/models/db_node_initializer.go
@@ -22,6 +22,7 @@ var accessLogLocker = &sync.RWMutex{}
 type httpAccessLogDefinition struct {
 	Name          string
 	HasRemoteAddr bool
+	HasDomain     bool
 	Exists        bool
 }

@@ -82,7 +83,7 @@ func randomNSAccessLogDAO() (dao *NSAccessLogDAOWrapper) {
 }

 // 检查表格是否存在
-func findHTTPAccessLogTableName(db *dbs.DB, day string) (tableName string, hasRemoteAddr bool, ok bool, err error) {
+func findHTTPAccessLogTableName(db *dbs.DB, day string) (tableName string, hasRemoteAddr bool, hasDomain bool, ok bool, err error) {
 	if !regexp.MustCompile(`^\d{8}$`).MatchString(day) {
 		err = errors.New("invalid day '" + day + "', should be YYYYMMDD")
 		return
@@ -90,7 +91,7 @@ func findHTTPAccessLogTableName(db *dbs.DB, day string) (tableName string, hasRe

 	config, err := db.Config()
 	if err != nil {
-		return "", false, false, err
+		return "", false, false, false, err
 	}

 	tableName = "edgeHTTPAccessLogs_" + day
@@ -100,15 +101,15 @@ func findHTTPAccessLogTableName(db *dbs.DB, day string) (tableName string, hasRe
 	def, ok := httpAccessLogTableMapping[cacheKey]
 	accessLogLocker.RUnlock()
 	if ok {
-		return tableName, def.HasRemoteAddr, true, nil
+		return tableName, def.HasRemoteAddr, def.HasDomain, true, nil
 	}

 	def, err = findHTTPAccessLogTable(db, day, false)
 	if err != nil {
-		return tableName, false, false, err
+		return tableName, false, false, false, err
 	}

-	return tableName, def.HasRemoteAddr, def.Exists, nil
+	return tableName, def.HasRemoteAddr, def.HasDomain, def.Exists, nil
 }

 func findNSAccessLogTableName(db *dbs.DB, day string) (tableName string, ok bool, err error) {
@@ -174,6 +175,7 @@ func findHTTPAccessLogTable(db *dbs.DB, day string, force bool) (*httpAccessLogD
 		var definition = &httpAccessLogDefinition{
 			Name:          tableName,
 			HasRemoteAddr: table.FindFieldWithName("remoteAddr") != nil,
+			HasDomain:     table.FindFieldWithName("domain") != nil,
 			Exists:        true,
 		}
 		httpAccessLogTableMapping[cacheKey] = definition
@@ -182,11 +184,16 @@ func findHTTPAccessLogTable(db *dbs.DB, day string, force bool) (*httpAccessLogD
 	}

 	if !force {
-		return &httpAccessLogDefinition{Name: tableName, HasRemoteAddr: true, Exists: false}, nil
+		return &httpAccessLogDefinition{
+			Name:          tableName,
+			HasRemoteAddr: true,
+			HasDomain:     true,
+			Exists:        false,
+		}, nil
 	}

 	// 创建表格
-	_, err = db.Exec("CREATE TABLE `" + tableName + "` (`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',`serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',`nodeId` int(11) unsigned DEFAULT '0' COMMENT '节点ID',`status` int(3) unsigned DEFAULT '0' COMMENT '状态码',`createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',`content` json DEFAULT NULL COMMENT '日志内容',`requestId` varchar(128) DEFAULT NULL COMMENT '请求ID',`firewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT 'WAF策略ID',`firewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT 'WAF分组ID',`firewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT 'WAF集ID',`firewallRuleId` int(11) unsigned DEFAULT '0' COMMENT 'WAF规则ID',`remoteAddr` varchar(64) DEFAULT NULL COMMENT 'IP地址',PRIMARY KEY (`id`),KEY `serverId` (`serverId`),KEY `nodeId` (`nodeId`),KEY `serverId_status` (`serverId`,`status`),KEY `requestId` (`requestId`),KEY `firewallPolicyId` (`firewallPolicyId`),KEY `firewallRuleGroupId` (`firewallRuleGroupId`),KEY `firewallRuleSetId` (`firewallRuleSetId`),	KEY `firewallRuleId` (`firewallRuleId`),	KEY `remoteAddr` (`remoteAddr`)) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='访问日志';")
+	_, err = db.Exec("CREATE TABLE `" + tableName + "` (`id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',`serverId` int(11) unsigned DEFAULT '0' COMMENT '服务ID',`nodeId` int(11) unsigned DEFAULT '0' COMMENT '节点ID',`status` int(3) unsigned DEFAULT '0' COMMENT '状态码',`createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间', `content` json DEFAULT NULL COMMENT '日志内容', `requestId` varchar(128) DEFAULT NULL COMMENT '请求ID', `firewallPolicyId` int(11) unsigned DEFAULT '0' COMMENT 'WAF策略ID', `firewallRuleGroupId` int(11) unsigned DEFAULT '0' COMMENT 'WAF分组ID', `firewallRuleSetId` int(11) unsigned DEFAULT '0' COMMENT 'WAF集ID', `firewallRuleId` int(11) unsigned DEFAULT '0' COMMENT 'WAF规则ID', `remoteAddr` varchar(64) DEFAULT NULL COMMENT 'IP地址', `domain` varchar(128) DEFAULT NULL COMMENT '域名', PRIMARY KEY (`id`), KEY `serverId` (`serverId`), KEY `nodeId` (`nodeId`), KEY `serverId_status` (`serverId`,`status`), KEY `requestId` (`requestId`), KEY `firewallPolicyId` (`firewallPolicyId`), KEY `firewallRuleGroupId` (`firewallRuleGroupId`), KEY `firewallRuleSetId` (`firewallRuleSetId`), KEY `firewallRuleId` (`firewallRuleId`), KEY `remoteAddr` (`remoteAddr`), KEY `domain` (`domain`)) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='访问日志';")
 	if err != nil {
 		return nil, err
 	}
@@ -234,7 +241,7 @@ func findNSAccessLogTable(db *dbs.DB, day string, force bool) (string, error) {
 	}

 	// 创建表格
-	_, err = db.Exec("CREATE TABLE `" + tableName + "` (\n  `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n  `nodeId` int(11) unsigned DEFAULT '0' COMMENT '节点ID',\n  `domainId` int(11) unsigned DEFAULT '0' COMMENT '域名ID',\n  `recordId` int(11) unsigned DEFAULT '0' COMMENT '记录ID',\n  `content` json DEFAULT NULL COMMENT '访问数据',\n  `requestId` varchar(128) DEFAULT NULL COMMENT '请求ID',\n  `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n  PRIMARY KEY (`id`),\n  KEY `nodeId` (`nodeId`),\n  KEY `domainId` (`domainId`),\n  KEY `recordId` (`recordId`),\n  KEY `requestId` (`requestId`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='域名服务访问日志';")
+	_, err = db.Exec("CREATE TABLE `" + tableName + "` (\n  `id` bigint(20) unsigned NOT NULL AUTO_INCREMENT COMMENT 'ID',\n  `nodeId` int(11) unsigned DEFAULT '0' COMMENT '节点ID',\n  `domainId` int(11) unsigned DEFAULT '0' COMMENT '域名ID',\n  `recordId` int(11) unsigned DEFAULT '0' COMMENT '记录ID',\n  `content` json DEFAULT NULL COMMENT '访问数据',\n  `requestId` varchar(128) DEFAULT NULL COMMENT '请求ID',\n  `createdAt` bigint(11) unsigned DEFAULT '0' COMMENT '创建时间',\n  `remoteAddr` varchar(128) DEFAULT NULL COMMENT 'IP',\n  PRIMARY KEY (`id`),\n  KEY `nodeId` (`nodeId`),\n  KEY `domainId` (`domainId`),\n  KEY `recordId` (`recordId`),\n  KEY `requestId` (`requestId`),\n  KEY `remoteAddr` (`remoteAddr`)\n) ENGINE=InnoDB DEFAULT CHARSET=utf8mb4 COMMENT='域名服务访问日志';")
 	if err != nil {
 		return tableName, err
 	}
--- a/internal/db/models/dns/dns_domain_dao.go
+++ b/internal/db/models/dns/dns_domain_dao.go
@@ -218,6 +218,8 @@ func (this *DNSDomainDAO) ExistAvailableDomains(tx *dbs.Tx) (bool, error) {

 // ExistDomainRecord 检查域名解析记录是否存在
 func (this *DNSDomainDAO) ExistDomainRecord(tx *dbs.Tx, domainId int64, recordName string, recordType string, recordRoute string, recordValue string) (bool, error) {
+	recordType = strings.ToUpper(recordType)
+
 	query := maps.Map{
 		"name": recordName,
 		"type": recordType,
@@ -239,7 +241,6 @@ func (this *DNSDomainDAO) ExistDomainRecord(tx *dbs.Tx, domainId int64, recordNa
 			}
 		}
 	}
-	recordType = strings.ToUpper(recordType)
 	return this.Query(tx).
 		Pk(domainId).
 		Where("JSON_CONTAINS(records, :query)").
--- a/internal/db/models/http_access_log_dao.go
+++ b/internal/db/models/http_access_log_dao.go
@@ -4,7 +4,9 @@ import (
 	"encoding/json"
 	"github.com/TeaOSLab/EdgeAPI/internal/configs"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/shared"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -88,7 +90,10 @@ func (this *HTTPAccessLogDAO) CreateHTTPAccessLogsWithDAO(tx *dbs.Tx, daoWrapper

 		// TODO 根据集群、服务设置获取IP
 		if tableDef.HasRemoteAddr {
-			fields["remoteAddr"] = accessLog.RawRemoteAddr
+			fields["remoteAddr"] = accessLog.RemoteAddr
+		}
+		if tableDef.HasDomain {
+			fields["domain"] = accessLog.Host
 		}

 		content, err := json.Marshal(accessLog)
@@ -125,7 +130,20 @@ func (this *HTTPAccessLogDAO) CreateHTTPAccessLogsWithDAO(tx *dbs.Tx, daoWrapper
 }

 // ListAccessLogs 读取往前的 单页访问日志
-func (this *HTTPAccessLogDAO) ListAccessLogs(tx *dbs.Tx, lastRequestId string, size int64, day string, serverId int64, reverse bool, hasError bool, firewallPolicyId int64, firewallRuleGroupId int64, firewallRuleSetId int64, hasFirewallPolicy bool, userId int64, keyword string) (result []*HTTPAccessLog, nextLastRequestId string, hasMore bool, err error) {
+func (this *HTTPAccessLogDAO) ListAccessLogs(tx *dbs.Tx, lastRequestId string,
+	size int64,
+	day string,
+	serverId int64,
+	reverse bool,
+	hasError bool,
+	firewallPolicyId int64,
+	firewallRuleGroupId int64,
+	firewallRuleSetId int64,
+	hasFirewallPolicy bool,
+	userId int64,
+	keyword string,
+	ip string,
+	domain string) (result []*HTTPAccessLog, nextLastRequestId string, hasMore bool, err error) {
 	if len(day) != 8 {
 		return
 	}
@@ -135,18 +153,18 @@ func (this *HTTPAccessLogDAO) ListAccessLogs(tx *dbs.Tx, lastRequestId string, s
 		size = 1000
 	}

-	result, nextLastRequestId, err = this.listAccessLogs(tx, lastRequestId, size, day, serverId, reverse, hasError, firewallPolicyId, firewallRuleGroupId, firewallRuleSetId, hasFirewallPolicy, userId, keyword)
+	result, nextLastRequestId, err = this.listAccessLogs(tx, lastRequestId, size, day, serverId, reverse, hasError, firewallPolicyId, firewallRuleGroupId, firewallRuleSetId, hasFirewallPolicy, userId, keyword, ip, domain)
 	if err != nil || int64(len(result)) < size {
 		return
 	}

-	moreResult, _, _ := this.listAccessLogs(tx, nextLastRequestId, 1, day, serverId, reverse, hasError, firewallPolicyId, firewallRuleGroupId, firewallRuleSetId, hasFirewallPolicy, userId, keyword)
+	moreResult, _, _ := this.listAccessLogs(tx, nextLastRequestId, 1, day, serverId, reverse, hasError, firewallPolicyId, firewallRuleGroupId, firewallRuleSetId, hasFirewallPolicy, userId, keyword, ip, domain)
 	hasMore = len(moreResult) > 0
 	return
 }

 // 读取往前的单页访问日志
-func (this *HTTPAccessLogDAO) listAccessLogs(tx *dbs.Tx, lastRequestId string, size int64, day string, serverId int64, reverse bool, hasError bool, firewallPolicyId int64, firewallRuleGroupId int64, firewallRuleSetId int64, hasFirewallPolicy bool, userId int64, keyword string) (result []*HTTPAccessLog, nextLastRequestId string, err error) {
+func (this *HTTPAccessLogDAO) listAccessLogs(tx *dbs.Tx, lastRequestId string, size int64, day string, serverId int64, reverse bool, hasError bool, firewallPolicyId int64, firewallRuleGroupId int64, firewallRuleSetId int64, hasFirewallPolicy bool, userId int64, keyword string, ip string, domain string) (result []*HTTPAccessLog, nextLastRequestId string, err error) {
 	if size <= 0 {
 		return nil, lastRequestId, nil
 	}
@@ -187,7 +205,7 @@ func (this *HTTPAccessLogDAO) listAccessLogs(tx *dbs.Tx, lastRequestId string, s

 			dao := daoWrapper.DAO

-			tableName, hasRemoteAddr, exists, err := findHTTPAccessLogTableName(dao.Instance, day)
+			tableName, hasRemoteAddrField, hasDomainField, exists, err := findHTTPAccessLogTableName(dao.Instance, day)
 			if !exists {
 				// 表格不存在则跳过
 				return
@@ -223,17 +241,51 @@ func (this *HTTPAccessLogDAO) listAccessLogs(tx *dbs.Tx, lastRequestId string, s
 			}

 			// keyword
+			if len(ip) > 0 {
+				// TODO 支持IP范围
+				if hasRemoteAddrField {
+					// IP格式
+					if strings.Contains(ip, ",") || strings.Contains(ip, "-") {
+						rangeConfig, err := shared.ParseIPRange(ip)
+						if err == nil {
+							if len(rangeConfig.IPFrom) > 0 && len(rangeConfig.IPTo) > 0 {
+								query.Between("INET_ATON(remoteAddr)", utils.IP2Long(rangeConfig.IPFrom), utils.IP2Long(rangeConfig.IPTo))
+							}
+						}
+					} else {
+						query.Attr("remoteAddr", ip)
+					}
+				} else {
+					query.Where("JSON_EXTRACT(content, '$.remoteAddr')=:ip1").
+						Param("ip1", ip)
+				}
+			}
+			if len(domain) > 0 {
+				if hasDomainField {
+					if strings.Contains(domain, "*") {
+						domain = strings.ReplaceAll(domain, "*", "%")
+						domain = regexp.MustCompile(`[^a-zA-Z0-9-.%]`).ReplaceAllString(domain, "")
+						query.Where("domain LIKE :host2").
+							Param("host2", domain)
+					} else {
+						query.Attr("domain", domain)
+					}
+				} else {
+					query.Where("JSON_EXTRACT(content, '$.host')=:host1").
+						Param("host1", domain)
+				}
+			}
 			if len(keyword) > 0 {
 				// remoteAddr
-				if hasRemoteAddr && net.ParseIP(keyword) != nil {
+				if hasRemoteAddrField && net.ParseIP(keyword) != nil {
 					query.Attr("remoteAddr", keyword)
-				} else if hasRemoteAddr && regexp.MustCompile(`^ip:.+`).MatchString(keyword) {
+				} else if hasRemoteAddrField && regexp.MustCompile(`^ip:.+`).MatchString(keyword) {
 					keyword = keyword[3:]
 					pieces := strings.SplitN(keyword, ",", 2)
 					if len(pieces) == 1 || len(pieces[1]) == 0 {
 						query.Attr("remoteAddr", pieces[0])
 					} else {
-						query.Between("remoteAddr", pieces[0], pieces[1])
+						query.Between("INET_ATON(remoteAddr)", utils.IP2Long(pieces[0]), utils.IP2Long(pieces[1]))
 					}
 				} else {
 					if regexp.MustCompile(`^ip:.+`).MatchString(keyword) {
@@ -242,7 +294,7 @@ func (this *HTTPAccessLogDAO) listAccessLogs(tx *dbs.Tx, lastRequestId string, s

 					useOriginKeyword := false

-					where := "JSON_EXTRACT(content, '$.remoteAddr') LIKE :keyword OR JSON_EXTRACT(content, '$.requestURI') LIKE :keyword OR JSON_EXTRACT(content, '$.host') LIKE :keyword"
+					where := "JSON_EXTRACT(content, '$.remoteAddr') LIKE :keyword OR JSON_EXTRACT(content, '$.requestURI') LIKE :keyword OR JSON_EXTRACT(content, '$.host') LIKE :keyword OR JSON_EXTRACT(content, '$.userAgent') LIKE :keyword"

 					jsonKeyword, err := json.Marshal(keyword)
 					if err == nil {
@@ -381,7 +433,7 @@ func (this *HTTPAccessLogDAO) FindAccessLogWithRequestId(tx *dbs.Tx, requestId s

 			dao := daoWrapper.DAO

-			tableName, _, exists, err := findHTTPAccessLogTableName(dao.Instance, day)
+			tableName, _, _, exists, err := findHTTPAccessLogTableName(dao.Instance, day)
 			if err != nil {
 				logs.Println("[DB_NODE]" + err.Error())
 				return
--- a/internal/db/models/http_access_log_dao_test.go
+++ b/internal/db/models/http_access_log_dao_test.go
@@ -41,7 +41,7 @@ func TestHTTPAccessLogDAO_ListAccessLogs(t *testing.T) {
 		t.Fatal(err)
 	}

-	accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, "", 10, timeutil.Format("Ymd"), 0, false, false, 0, 0, 0, false, 0, "")
+	accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, "", 10, timeutil.Format("Ymd"), 0, false, false, 0, 0, 0, false, 0, "", "", "")
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -68,7 +68,7 @@ func TestHTTPAccessLogDAO_ListAccessLogs_Page(t *testing.T) {
 	times := 0 // 防止循环次数太多
 	for {
 		before := time.Now()
-		accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, lastRequestId, 2, timeutil.Format("Ymd"), 0, false, false, 0, 0, 0, false, 0, "")
+		accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, lastRequestId, 2, timeutil.Format("Ymd"), 0, false, false, 0, 0, 0, false, 0, "", "", "")
 		cost := time.Since(before).Seconds()
 		if err != nil {
 			t.Fatal(err)
@@ -99,7 +99,7 @@ func TestHTTPAccessLogDAO_ListAccessLogs_Reverse(t *testing.T) {
 	}

 	before := time.Now()
-	accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, "16023261176446590001000000000000003500000004", 2, timeutil.Format("Ymd"), 0, true, false, 0, 0, 0, false, 0, "")
+	accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, "16023261176446590001000000000000003500000004", 2, timeutil.Format("Ymd"), 0, true, false, 0, 0, 0, false, 0, "", "", "")
 	cost := time.Since(before).Seconds()
 	if err != nil {
 		t.Fatal(err)
@@ -124,7 +124,7 @@ func TestHTTPAccessLogDAO_ListAccessLogs_Page_NotExists(t *testing.T) {
 	times := 0 // 防止循环次数太多
 	for {
 		before := time.Now()
-		accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, lastRequestId, 2, timeutil.Format("Ymd", time.Now().AddDate(0, 0, 1)), 0, false, false, 0, 0, 0, false, 0, "")
+		accessLogs, requestId, hasMore, err := SharedHTTPAccessLogDAO.ListAccessLogs(tx, lastRequestId, 2, timeutil.Format("Ymd", time.Now().AddDate(0, 0, 1)), 0, false, false, 0, 0, 0, false, 0, "", "", "")
 		cost := time.Since(before).Seconds()
 		if err != nil {
 			t.Fatal(err)
--- a/internal/db/models/http_access_log_model.go
+++ b/internal/db/models/http_access_log_model.go
@@ -14,6 +14,7 @@ type HTTPAccessLog struct {
 	FirewallRuleSetId   uint32 `field:"firewallRuleSetId"`   // WAF集ID
 	FirewallRuleId      uint32 `field:"firewallRuleId"`      // WAF规则ID
 	RemoteAddr          string `field:"remoteAddr"`          // IP地址
+	Domain              string `field:"domain"`              // 域名
 }

 type HTTPAccessLogOperator struct {
@@ -29,6 +30,7 @@ type HTTPAccessLogOperator struct {
 	FirewallRuleSetId   interface{} // WAF集ID
 	FirewallRuleId      interface{} // WAF规则ID
 	RemoteAddr          interface{} // IP地址
+	Domain              interface{} // 域名
 }

 func NewHTTPAccessLogOperator() *HTTPAccessLogOperator {
--- a/internal/db/models/ip_item_dao.go
+++ b/internal/db/models/ip_item_dao.go
@@ -3,6 +3,7 @@ package models
 import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -239,6 +240,20 @@ func (this *IPItemDAO) FindEnabledItemContainsIP(tx *dbs.Tx, listId int64, ip ui
 	return one.(*IPItem), nil
 }

+// FindEnabledItemsWithIP 根据IP查找Item
+func (this *IPItemDAO) FindEnabledItemsWithIP(tx *dbs.Tx, ip string) (result []*IPItem, err error) {
+	_, err = this.Query(tx).
+		Attr("ipFrom", ip).
+		Attr("ipTo", "").
+		Where("(expiredAt=0 OR expiredAt>:nowTime)").
+		Param("nowTime", time.Now().Unix()).
+		Where("listId IN (SELECT id FROM " + SharedIPListDAO.Table + " WHERE state=1)").
+		AscPk().
+		Slice(&result).
+		FindAll()
+	return
+}
+
 // ExistsEnabledItem 检查IP是否存在
 func (this *IPItemDAO) ExistsEnabledItem(tx *dbs.Tx, itemId int64) (bool, error) {
 	return this.Query(tx).
@@ -302,7 +317,7 @@ func (this *IPItemDAO) NotifyUpdate(tx *dbs.Tx, itemId int64) error {

 	if len(resultClusterIds) > 0 {
 		for _, clusterId := range resultClusterIds {
-			err = SharedNodeTaskDAO.CreateClusterTask(tx, clusterId, NodeTaskTypeIPItemChanged)
+			err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, clusterId, NodeTaskTypeIPItemChanged)
 			if err != nil {
 				return err
 			}
--- a/internal/db/models/ip_list_dao.go
+++ b/internal/db/models/ip_list_dao.go
@@ -2,6 +2,7 @@ package models

 import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs/ipconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
@@ -253,7 +254,7 @@ func (this *IPListDAO) NotifyUpdate(tx *dbs.Tx, listId int64, taskType NodeTaskT

 	if len(resultClusterIds) > 0 {
 		for _, clusterId := range resultClusterIds {
-			err = SharedNodeTaskDAO.CreateClusterTask(tx, clusterId, taskType)
+			err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, clusterId, taskType)
 			if err != nil {
 				return err
 			}
--- a/internal/db/models/message_dao.go
+++ b/internal/db/models/message_dao.go
@@ -4,6 +4,7 @@ import (
 	"crypto/md5"
 	"fmt"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -28,8 +29,8 @@ const (
 	MessageTypeHealthCheckFailed          MessageType = "HealthCheckFailed"          // 节点健康检查失败
 	MessageTypeHealthCheckNodeUp          MessageType = "HealthCheckNodeUp"          // 因健康检查节点上线
 	MessageTypeHealthCheckNodeDown        MessageType = "HealthCheckNodeDown"        // 因健康检查节点下线
-	MessageTypeNodeInactive               MessageType = "NodeInactive"               // 节点不活跃
-	MessageTypeNodeActive                 MessageType = "NodeActive"                 // 节点活跃
+	MessageTypeNodeInactive               MessageType = "NodeInactive"               // 边缘节点不活跃
+	MessageTypeNodeActive                 MessageType = "NodeActive"                 // 边缘节点活跃
 	MessageTypeClusterDNSSyncFailed       MessageType = "ClusterDNSSyncFailed"       // DNS同步失败
 	MessageTypeSSLCertExpiring            MessageType = "SSLCertExpiring"            // SSL证书即将过期
 	MessageTypeSSLCertACMETaskFailed      MessageType = "SSLCertACMETaskFailed"      // SSL证书任务执行失败
@@ -39,6 +40,9 @@ const (
 	MessageTypeServerNamesAuditingFailed  MessageType = "ServerNamesAuditingFailed"  // 服务域名审核失败
 	MessageTypeThresholdSatisfied         MessageType = "ThresholdSatisfied"         // 满足阈值
 	MessageTypeFirewallEvent              MessageType = "FirewallEvent"              // 防火墙事件
+
+	MessageTypeNSNodeInactive MessageType = "NSNodeInactive" // 边缘节点不活跃
+	MessageTypeNSNodeActive   MessageType = "NSNodeActive"   // 边缘节点活跃
 )

 type MessageDAO dbs.DAO
@@ -93,8 +97,8 @@ func (this *MessageDAO) FindEnabledMessage(tx *dbs.Tx, id int64) (*Message, erro
 }

 // CreateClusterMessage 创建集群消息
-func (this *MessageDAO) CreateClusterMessage(tx *dbs.Tx, clusterId int64, messageType MessageType, level string, subject string, body string, paramsJSON []byte) error {
-	_, err := this.createMessage(tx, clusterId, 0, messageType, level, subject, body, paramsJSON)
+func (this *MessageDAO) CreateClusterMessage(tx *dbs.Tx, role string, clusterId int64, messageType MessageType, level string, subject string, body string, paramsJSON []byte) error {
+	_, err := this.createMessage(tx, role, clusterId, 0, messageType, level, subject, body, paramsJSON)
 	if err != nil {
 		return err
 	}
@@ -113,9 +117,9 @@ func (this *MessageDAO) CreateClusterMessage(tx *dbs.Tx, clusterId int64, messag
 }

 // CreateNodeMessage 创建节点消息
-func (this *MessageDAO) CreateNodeMessage(tx *dbs.Tx, clusterId int64, nodeId int64, messageType MessageType, level string, subject string, body string, paramsJSON []byte) error {
+func (this *MessageDAO) CreateNodeMessage(tx *dbs.Tx, role string, clusterId int64, nodeId int64, messageType MessageType, level string, subject string, body string, paramsJSON []byte) error {
 	// 检查N分钟内是否已经发送过
-	hash := this.calHash(subject, body, paramsJSON)
+	hash := this.calHash(role, clusterId, nodeId, subject, body, paramsJSON)
 	exists, err := this.Query(tx).
 		Attr("hash", hash).
 		Gt("createdAt", time.Now().Unix()-10*60). // 10分钟
@@ -127,31 +131,34 @@ func (this *MessageDAO) CreateNodeMessage(tx *dbs.Tx, clusterId int64, nodeId in
 		return nil
 	}

-	_, err = this.createMessage(tx, clusterId, nodeId, messageType, level, subject, body, paramsJSON)
+	_, err = this.createMessage(tx, role, clusterId, nodeId, messageType, level, subject, body, paramsJSON)
 	if err != nil {
 		return err
 	}

-	// 发送给媒介接收人 - 集群
-	err = SharedMessageTaskDAO.CreateMessageTasks(tx, MessageTaskTarget{
-		ClusterId: clusterId,
-		NodeId:    0,
-		ServerId:  0,
-	}, messageType, subject, body)
-	if err != nil {
-		return err
-	}
-
-	// 发送给媒介接收人 - 节点
-	if nodeId > 0 {
+	// TODO 目前只支持边缘节点发送消息，将来要支持NS节点
+	if role == nodeconfigs.NodeRoleNode {
+		// 发送给媒介接收人 - 集群
 		err = SharedMessageTaskDAO.CreateMessageTasks(tx, MessageTaskTarget{
 			ClusterId: clusterId,
-			NodeId:    nodeId,
+			NodeId:    0,
 			ServerId:  0,
 		}, messageType, subject, body)
 		if err != nil {
 			return err
 		}
+
+		// 发送给媒介接收人 - 节点
+		if nodeId > 0 {
+			err = SharedMessageTaskDAO.CreateMessageTasks(tx, MessageTaskTarget{
+				ClusterId: clusterId,
+				NodeId:    nodeId,
+				ServerId:  0,
+			}, messageType, subject, body)
+			if err != nil {
+				return err
+			}
+		}
 	}

 	return nil
@@ -179,7 +186,7 @@ func (this *MessageDAO) CreateMessage(tx *dbs.Tx, adminId int64, userId int64, m
 	op.State = MessageStateEnabled
 	op.IsRead = false
 	op.Day = timeutil.Format("Ymd")
-	op.Hash = this.calHash(subject, body, paramsJSON)
+	op.Hash = this.calHash(nodeconfigs.NodeRoleAdmin, 0, 0, subject, body, paramsJSON)
 	err := this.Save(tx, op)
 	if err != nil {
 		return err
@@ -287,13 +294,14 @@ func (this *MessageDAO) CheckMessageUser(tx *dbs.Tx, messageId int64, adminId in
 }

 // 创建消息
-func (this *MessageDAO) createMessage(tx *dbs.Tx, clusterId int64, nodeId int64, messageType MessageType, level string, subject string, body string, paramsJSON []byte) (int64, error) {
+func (this *MessageDAO) createMessage(tx *dbs.Tx, role string, clusterId int64, nodeId int64, messageType MessageType, level string, subject string, body string, paramsJSON []byte) (int64, error) {
 	// TODO 检查同样的消息最近是否发送过

 	// 创建新消息
 	op := NewMessageOperator()
 	op.AdminId = 0 // TODO
 	op.UserId = 0  // TODO
+	op.Role = role
 	op.ClusterId = clusterId
 	op.NodeId = nodeId
 	op.Type = messageType
@@ -314,7 +322,7 @@ func (this *MessageDAO) createMessage(tx *dbs.Tx, clusterId int64, nodeId int64,
 	op.State = MessageStateEnabled
 	op.CreatedAt = time.Now().Unix()
 	op.Day = timeutil.Format("Ymd")
-	op.Hash = this.calHash(subject, body, paramsJSON)
+	op.Hash = this.calHash(role, clusterId, nodeId, subject, body, paramsJSON)

 	err := this.Save(tx, op)
 	if err != nil {
@@ -324,10 +332,11 @@ func (this *MessageDAO) createMessage(tx *dbs.Tx, clusterId int64, nodeId int64,
 }

 // 计算Hash
-func (this *MessageDAO) calHash(subject string, body string, paramsJSON []byte) string {
+func (this *MessageDAO) calHash(role string, clusterId int64, nodeId int64, subject string, body string, paramsJSON []byte) string {
 	h := md5.New()
-	h.Write([]byte(subject))
-	h.Write([]byte(body))
+	h.Write([]byte(role + "@" + types.String(clusterId) + "@" + types.String(nodeId)))
+	h.Write([]byte(subject + "@"))
+	h.Write([]byte(body + "@"))
 	h.Write(paramsJSON)
 	return fmt.Sprintf("%x", h.Sum(nil))
 }
--- a/internal/db/models/message_dao_test.go
+++ b/internal/db/models/message_dao_test.go
@@ -1,6 +1,7 @@
 package models

 import (
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/dbs"
 	"testing"
@@ -11,7 +12,7 @@ func TestMessageDAO_CreateClusterMessage(t *testing.T) {
 	var tx *dbs.Tx

 	dao := NewMessageDAO()
-	err := dao.CreateClusterMessage(tx, 1, "test", "error", "123", "123", []byte("456"))
+	err := dao.CreateClusterMessage(tx, nodeconfigs.NodeRoleNode, 1, "test", "error", "123", "123", []byte("456"))
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/internal/db/models/message_model.go
+++ b/internal/db/models/message_model.go
@@ -5,6 +5,7 @@ type Message struct {
 	Id        uint64 `field:"id"`        // ID
 	AdminId   uint32 `field:"adminId"`   // 管理员ID
 	UserId    uint32 `field:"userId"`    // 用户ID
+	Role      string `field:"role"`      // 角色
 	ClusterId uint32 `field:"clusterId"` // 集群ID
 	NodeId    uint32 `field:"nodeId"`    // 节点ID
 	Level     string `field:"level"`     // 级别
@@ -23,6 +24,7 @@ type MessageOperator struct {
 	Id        interface{} // ID
 	AdminId   interface{} // 管理员ID
 	UserId    interface{} // 用户ID
+	Role      interface{} // 角色
 	ClusterId interface{} // 集群ID
 	NodeId    interface{} // 节点ID
 	Level     interface{} // 级别
--- a/internal/db/models/metric_item_dao.go
+++ b/internal/db/models/metric_item_dao.go
@@ -3,6 +3,7 @@ package models
 import (
 	"encoding/json"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
@@ -308,7 +309,7 @@ func (this *MetricItemDAO) NotifyUpdate(tx *dbs.Tx, itemId int64, isPublic bool)
 			return err
 		}
 		for _, clusterId := range clusterIds {
-			err = SharedNodeTaskDAO.CreateClusterTask(tx, clusterId, NodeTaskTypeConfigChanged)
+			err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, clusterId, NodeTaskTypeConfigChanged)
 			if err != nil {
 				return err
 			}
@@ -320,7 +321,7 @@ func (this *MetricItemDAO) NotifyUpdate(tx *dbs.Tx, itemId int64, isPublic bool)
 		return err
 	}
 	for _, clusterId := range clusterIds {
-		err = SharedNodeTaskDAO.CreateClusterTask(tx, clusterId, NodeTaskTypeConfigChanged)
+		err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, clusterId, NodeTaskTypeConfigChanged)
 		if err != nil {
 			return err
 		}
--- a/internal/db/models/nameservers/ns_domain_dao.go
+++ b/internal/db/models/nameservers/ns_domain_dao.go
@@ -3,6 +3,7 @@ package nameservers
 import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -35,12 +36,15 @@ func init() {
 }

 // EnableNSDomain 启用条目
-func (this *NSDomainDAO) EnableNSDomain(tx *dbs.Tx, id int64) error {
+func (this *NSDomainDAO) EnableNSDomain(tx *dbs.Tx, domainId int64) error {
 	_, err := this.Query(tx).
-		Pk(id).
+		Pk(domainId).
 		Set("state", NSDomainStateEnabled).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx, domainId)
 }

 // DisableNSDomain 禁用条目
@@ -55,7 +59,10 @@ func (this *NSDomainDAO) DisableNSDomain(tx *dbs.Tx, domainId int64) error {
 		Set("state", NSDomainStateDisabled).
 		Set("version", version).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx, domainId)
 }

 // FindEnabledNSDomain 查找启用中的条目
@@ -92,7 +99,16 @@ func (this *NSDomainDAO) CreateDomain(tx *dbs.Tx, clusterId int64, userId int64,
 	op.Version = version
 	op.IsOn = true
 	op.State = NSDomainStateEnabled
-	return this.SaveInt64(tx, op)
+	domainId, err := this.SaveInt64(tx, op)
+	if err != nil {
+		return 0, err
+	}
+
+	err = this.NotifyUpdate(tx, domainId)
+	if err != nil {
+		return domainId, err
+	}
+	return domainId, nil
 }

 // UpdateDomain 修改域名
@@ -101,6 +117,14 @@ func (this *NSDomainDAO) UpdateDomain(tx *dbs.Tx, domainId int64, clusterId int6
 		return errors.New("invalid domainId")
 	}

+	oldClusterId, err := this.Query(tx).
+		Pk(domainId).
+		Result("clusterId").
+		FindInt64Col(0)
+	if err != nil {
+		return err
+	}
+
 	version, err := this.IncreaseVersion(tx)
 	if err != nil {
 		return err
@@ -112,7 +136,20 @@ func (this *NSDomainDAO) UpdateDomain(tx *dbs.Tx, domainId int64, clusterId int6
 	op.UserId = userId
 	op.IsOn = isOn
 	op.Version = version
-	return this.Save(tx, op)
+	err = this.Save(tx, op)
+	if err != nil {
+		return err
+	}
+
+	// 通知更新
+	if oldClusterId > 0 && oldClusterId != clusterId {
+		err = models.SharedNSClusterDAO.NotifyUpdate(tx, oldClusterId)
+		if err != nil {
+			return err
+		}
+	}
+
+	return this.NotifyUpdate(tx, domainId)
 }

 // CountAllEnabledDomains 计算域名数量
@@ -121,7 +158,7 @@ func (this *NSDomainDAO) CountAllEnabledDomains(tx *dbs.Tx, clusterId int64, use
 	if clusterId > 0 {
 		query.Attr("clusterId", clusterId)
 	} else {
-		query.Where("clusterId IN (SELECT id FROM " + SharedNSClusterDAO.Table + " WHERE state=1)")
+		query.Where("clusterId IN (SELECT id FROM " + models.SharedNSClusterDAO.Table + " WHERE state=1)")
 	}
 	if userId > 0 {
 		query.Attr("userId", userId)
@@ -144,7 +181,7 @@ func (this *NSDomainDAO) ListEnabledDomains(tx *dbs.Tx, clusterId int64, userId
 	if clusterId > 0 {
 		query.Attr("clusterId", clusterId)
 	} else {
-		query.Where("clusterId IN (SELECT id FROM " + SharedNSClusterDAO.Table + " WHERE state=1)")
+		query.Where("clusterId IN (SELECT id FROM " + models.SharedNSClusterDAO.Table + " WHERE state=1)")
 	}
 	if userId > 0 {
 		query.Attr("userId", userId)
@@ -214,22 +251,39 @@ func (this *NSDomainDAO) UpdateDomainTSIG(tx *dbs.Tx, domainId int64, tsigJSON [
 		return err
 	}

-	return this.Query(tx).
+	err = this.Query(tx).
 		Pk(domainId).
 		Set("tsig", tsigJSON).
 		Set("version", version).
 		UpdateQuickly()
-}
-
-// NotifyUpdate 通知更改
-func (this *NSDomainDAO) NotifyUpdate(tx *dbs.Tx, domainId int64) error {
-	version, err := this.IncreaseVersion(tx)
 	if err != nil {
 		return err
 	}

+	return this.NotifyUpdate(tx, domainId)
+}
+
+// FindEnabledDomainClusterId 获取域名的集群ID
+func (this *NSDomainDAO) FindEnabledDomainClusterId(tx *dbs.Tx, domainId int64) (int64, error) {
 	return this.Query(tx).
 		Pk(domainId).
-		Set("version", version).
-		UpdateQuickly()
+		State(NSDomainStateEnabled).
+		Result("clusterId").
+		FindInt64Col(0)
+}
+
+// NotifyUpdate 通知更改
+func (this *NSDomainDAO) NotifyUpdate(tx *dbs.Tx, domainId int64) error {
+	clusterId, err := this.Query(tx).
+		Result("clusterId").
+		Pk(domainId).
+		FindInt64Col(0)
+	if err != nil {
+		return err
+	}
+	if clusterId > 0 {
+		return models.SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleDNS, clusterId, models.NSNodeTaskTypeDomainChanged)
+	}
+
+	return nil
 }
--- a/internal/db/models/nameservers/ns_key_dao.go
+++ b/internal/db/models/nameservers/ns_key_dao.go
@@ -4,6 +4,7 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeCommon/pkg/dnsconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -176,8 +177,33 @@ func (this *NSKeyDAO) NotifyUpdate(tx *dbs.Tx, keyId int64) error {
 	if err != nil {
 		return err
 	}
-	return this.Query(tx).
+	err = this.Query(tx).
 		Pk(keyId).
 		Set("version", version).
 		UpdateQuickly()
+	if err != nil {
+		return err
+	}
+
+	// 通知集群
+	domainId, err := this.Query(tx).
+		Pk(keyId).
+		Result("domainId").
+		FindInt64Col(0)
+	if err != nil {
+		return err
+	}
+	if domainId > 0 {
+		clusterId, err := SharedNSDomainDAO.FindEnabledDomainClusterId(tx, domainId)
+		if err != nil {
+			return err
+		}
+		if clusterId > 0 {
+			err = models.SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleDNS, clusterId, models.NSNodeTaskTypeKeyChanged)
+			if err != nil {
+				return err
+			}
+		}
+	}
+	return nil
 }
--- a/internal/db/models/nameservers/ns_node_model.go
+++ b/internal/db/models/nameservers/ns_node_model.go
@@ -1,38 +0,0 @@
-package nameservers
-
-// NSNode 域名服务器节点
-type NSNode struct {
-	Id            uint32 `field:"id"`            // ID
-	AdminId       uint32 `field:"adminId"`       // 管理员ID
-	ClusterId     uint32 `field:"clusterId"`     // 集群ID
-	Name          string `field:"name"`          // 节点名称
-	IsOn          uint8  `field:"isOn"`          // 是否启用
-	Status        string `field:"status"`        // 运行状态
-	UniqueId      string `field:"uniqueId"`      // 节点ID
-	Secret        string `field:"secret"`        // 密钥
-	IsUp          uint8  `field:"isUp"`          // 是否运行
-	IsInstalled   uint8  `field:"isInstalled"`   // 是否已安装
-	InstallStatus string `field:"installStatus"` // 安装状态
-	InstallDir    string `field:"installDir"`    // 安装目录
-	State         uint8  `field:"state"`         // 状态
-}
-
-type NSNodeOperator struct {
-	Id            interface{} // ID
-	AdminId       interface{} // 管理员ID
-	ClusterId     interface{} // 集群ID
-	Name          interface{} // 节点名称
-	IsOn          interface{} // 是否启用
-	Status        interface{} // 运行状态
-	UniqueId      interface{} // 节点ID
-	Secret        interface{} // 密钥
-	IsUp          interface{} // 是否运行
-	IsInstalled   interface{} // 是否已安装
-	InstallStatus interface{} // 安装状态
-	InstallDir    interface{} // 安装目录
-	State         interface{} // 状态
-}
-
-func NewNSNodeOperator() *NSNodeOperator {
-	return &NSNodeOperator{}
-}
--- a/internal/db/models/nameservers/ns_question_option_dao.go
+++ b/internal/db/models/nameservers/ns_question_option_dao.go
@@ -0,0 +1,67 @@
+package nameservers
+
+import (
+	_ "github.com/go-sql-driver/mysql"
+	"github.com/iwind/TeaGo/Tea"
+	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/maps"
+)
+
+type NSQuestionOptionDAO dbs.DAO
+
+func NewNSQuestionOptionDAO() *NSQuestionOptionDAO {
+	return dbs.NewDAO(&NSQuestionOptionDAO{
+		DAOObject: dbs.DAOObject{
+			DB:     Tea.Env,
+			Table:  "edgeNSQuestionOptions",
+			Model:  new(NSQuestionOption),
+			PkName: "id",
+		},
+	}).(*NSQuestionOptionDAO)
+}
+
+var SharedNSQuestionOptionDAO *NSQuestionOptionDAO
+
+func init() {
+	dbs.OnReady(func() {
+		SharedNSQuestionOptionDAO = NewNSQuestionOptionDAO()
+	})
+}
+
+// FindNSQuestionOptionName 根据主键查找名称
+func (this *NSQuestionOptionDAO) FindNSQuestionOptionName(tx *dbs.Tx, id uint64) (string, error) {
+	return this.Query(tx).
+		Pk(id).
+		Result("name").
+		FindStringCol("")
+}
+
+// CreateOption 创建选项
+func (this *NSQuestionOptionDAO) CreateOption(tx *dbs.Tx, name string, values maps.Map) (int64, error) {
+	if values == nil {
+		values = maps.Map{}
+	}
+	var op = NewNSQuestionOptionOperator()
+	op.Name = name
+	op.Values = values.AsJSON()
+	return this.SaveInt64(tx, op)
+}
+
+// FindOption 读取选项
+func (this *NSQuestionOptionDAO) FindOption(tx *dbs.Tx, optionId int64) (*NSQuestionOption, error) {
+	one, err := this.Query(tx).
+		Pk(optionId).
+		Find()
+	if one == nil {
+		return nil, err
+	}
+	return one.(*NSQuestionOption), nil
+}
+
+// DeleteOption 删除选项
+func (this *NSQuestionOptionDAO) DeleteOption(tx *dbs.Tx, optionId int64) error {
+	_, err := this.Query(tx).
+		Pk(optionId).
+		Delete()
+	return err
+}
--- a/internal/db/models/nameservers/ns_question_option_dao_test.go
+++ b/internal/db/models/nameservers/ns_question_option_dao_test.go
--- a/internal/db/models/nameservers/ns_question_option_model.go
+++ b/internal/db/models/nameservers/ns_question_option_model.go
@@ -0,0 +1,20 @@
+package nameservers
+
+// NSQuestionOption DNS请求选项
+type NSQuestionOption struct {
+	Id        uint64 `field:"id"`        // ID
+	Name      string `field:"name"`      // 选项名
+	Values    string `field:"values"`    // 选项值
+	CreatedAt uint64 `field:"createdAt"` // 创建时间
+}
+
+type NSQuestionOptionOperator struct {
+	Id        interface{} // ID
+	Name      interface{} // 选项名
+	Values    interface{} // 选项值
+	CreatedAt interface{} // 创建时间
+}
+
+func NewNSQuestionOptionOperator() *NSQuestionOptionOperator {
+	return &NSQuestionOptionOperator{}
+}
--- a/internal/db/models/nameservers/ns_question_option_model_ext.go
+++ b/internal/db/models/nameservers/ns_question_option_model_ext.go
--- a/internal/db/models/nameservers/ns_record_dao.go
+++ b/internal/db/models/nameservers/ns_record_dao.go
@@ -5,10 +5,10 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeCommon/pkg/dnsconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
-	"strconv"
 )

 const (
@@ -38,27 +38,33 @@ func init() {
 }

 // EnableNSRecord 启用条目
-func (this *NSRecordDAO) EnableNSRecord(tx *dbs.Tx, id uint64) error {
+func (this *NSRecordDAO) EnableNSRecord(tx *dbs.Tx, recordId int64) error {
 	_, err := this.Query(tx).
-		Pk(id).
+		Pk(recordId).
 		Set("state", NSRecordStateEnabled).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx, recordId)
 }

 // DisableNSRecord 禁用条目
-func (this *NSRecordDAO) DisableNSRecord(tx *dbs.Tx, id int64) error {
+func (this *NSRecordDAO) DisableNSRecord(tx *dbs.Tx, recordId int64) error {
 	version, err := this.IncreaseVersion(tx)
 	if err != nil {
 		return err
 	}

 	_, err = this.Query(tx).
-		Pk(id).
+		Pk(recordId).
 		Set("state", NSRecordStateDisabled).
 		Set("version", version).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx, recordId)
 }

 // FindEnabledNSRecord 查找启用中的条目
@@ -82,7 +88,7 @@ func (this *NSRecordDAO) FindNSRecordName(tx *dbs.Tx, id int64) (string, error)
 }

 // CreateRecord 创建记录
-func (this *NSRecordDAO) CreateRecord(tx *dbs.Tx, domainId int64, description string, name string, dnsType dnsconfigs.RecordType, value string, ttl int32, routeIds []int64) (int64, error) {
+func (this *NSRecordDAO) CreateRecord(tx *dbs.Tx, domainId int64, description string, name string, dnsType dnsconfigs.RecordType, value string, ttl int32, routeIds []string) (int64, error) {
 	version, err := this.IncreaseVersion(tx)
 	if err != nil {
 		return 0, err
@@ -97,7 +103,7 @@ func (this *NSRecordDAO) CreateRecord(tx *dbs.Tx, domainId int64, description st
 	op.Ttl = ttl

 	if len(routeIds) == 0 {
-		op.RouteIds = "[]"
+		op.RouteIds = `["default"]`
 	} else {
 		routeIds, err := json.Marshal(routeIds)
 		if err != nil {
@@ -109,11 +115,20 @@ func (this *NSRecordDAO) CreateRecord(tx *dbs.Tx, domainId int64, description st
 	op.IsOn = true
 	op.State = NSRecordStateEnabled
 	op.Version = version
-	return this.SaveInt64(tx, op)
+	recordId, err := this.SaveInt64(tx, op)
+	if err != nil {
+		return 0, err
+	}
+
+	err = this.NotifyUpdate(tx, recordId)
+	if err != nil {
+		return 0, err
+	}
+	return recordId, nil
 }

 // UpdateRecord 修改记录
-func (this *NSRecordDAO) UpdateRecord(tx *dbs.Tx, recordId int64, description string, name string, dnsType dnsconfigs.RecordType, value string, ttl int32, routeIds []int64, isOn bool) error {
+func (this *NSRecordDAO) UpdateRecord(tx *dbs.Tx, recordId int64, description string, name string, dnsType dnsconfigs.RecordType, value string, ttl int32, routeIds []string, isOn bool) error {
 	if recordId <= 0 {
 		return errors.New("invalid recordId")
 	}
@@ -133,7 +148,7 @@ func (this *NSRecordDAO) UpdateRecord(tx *dbs.Tx, recordId int64, description st
 	op.IsOn = isOn

 	if len(routeIds) == 0 {
-		op.RouteIds = "[]"
+		op.RouteIds = `["default"]`
 	} else {
 		routeIds, err := json.Marshal(routeIds)
 		if err != nil {
@@ -144,11 +159,16 @@ func (this *NSRecordDAO) UpdateRecord(tx *dbs.Tx, recordId int64, description st

 	op.Version = version

-	return this.Save(tx, op)
+	err = this.Save(tx, op)
+	if err != nil {
+		return err
+	}
+
+	return this.NotifyUpdate(tx, recordId)
 }

 // CountAllEnabledDomainRecords 计算域名中记录数量
-func (this *NSRecordDAO) CountAllEnabledDomainRecords(tx *dbs.Tx, domainId int64, dnsType dnsconfigs.RecordType, keyword string, routeId int64) (int64, error) {
+func (this *NSRecordDAO) CountAllEnabledDomainRecords(tx *dbs.Tx, domainId int64, dnsType dnsconfigs.RecordType, keyword string, routeCode string) (int64, error) {
 	query := this.Query(tx).
 		Attr("domainId", domainId).
 		State(NSRecordStateEnabled)
@@ -159,8 +179,12 @@ func (this *NSRecordDAO) CountAllEnabledDomainRecords(tx *dbs.Tx, domainId int64
 		query.Where("(name LIKE :keyword OR value LIKE :keyword OR description LIKE :keyword)").
 			Param("keyword", "%"+keyword+"%")
 	}
-	if routeId > 0 {
-		query.JSONContains("routeIds", strconv.FormatInt(routeId, 10))
+	if len(routeCode) > 0 {
+		routeCodeJSON, err := json.Marshal(routeCode)
+		if err != nil {
+			return 0, err
+		}
+		query.JSONContains("routeIds", string(routeCodeJSON))
 	}
 	return query.Count()
 }
@@ -174,7 +198,7 @@ func (this *NSRecordDAO) CountAllEnabledRecords(tx *dbs.Tx) (int64, error) {
 }

 // ListEnabledRecords 列出单页记录
-func (this *NSRecordDAO) ListEnabledRecords(tx *dbs.Tx, domainId int64, dnsType dnsconfigs.RecordType, keyword string, routeId int64, offset int64, size int64) (result []*NSRecord, err error) {
+func (this *NSRecordDAO) ListEnabledRecords(tx *dbs.Tx, domainId int64, dnsType dnsconfigs.RecordType, keyword string, routeCode string, offset int64, size int64) (result []*NSRecord, err error) {
 	query := this.Query(tx).
 		Attr("domainId", domainId).
 		State(NSRecordStateEnabled)
@@ -185,8 +209,12 @@ func (this *NSRecordDAO) ListEnabledRecords(tx *dbs.Tx, domainId int64, dnsType
 		query.Where("(name LIKE :keyword OR value LIKE :keyword OR description LIKE :keyword)").
 			Param("keyword", "%"+keyword+"%")
 	}
-	if routeId > 0 {
-		query.JSONContains("routeIds", strconv.FormatInt(routeId, 10))
+	if len(routeCode) > 0 {
+		routeCodeJSON, err := json.Marshal(routeCode)
+		if err != nil {
+			return nil, err
+		}
+		query.JSONContains("routeIds", string(routeCodeJSON))
 	}
 	_, err = query.
 		DescPk().
@@ -230,3 +258,31 @@ func (this *NSRecordDAO) FindEnabledRecordWithName(tx *dbs.Tx, domainId int64, r
 	}
 	return record.(*NSRecord), nil
 }
+
+// NotifyUpdate 通知更新
+func (this *NSRecordDAO) NotifyUpdate(tx *dbs.Tx, recordId int64) error {
+	domainId, err := this.Query(tx).
+		Pk(recordId).
+		Result("domainId").
+		FindInt64Col(0)
+	if err != nil {
+		return err
+	}
+
+	if domainId == 0 {
+		return nil
+	}
+
+	clusterId, err := SharedNSDomainDAO.FindEnabledDomainClusterId(tx, domainId)
+	if err != nil {
+		return err
+	}
+
+	if clusterId > 0 {
+		err = models.SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleDNS, clusterId, models.NSNodeTaskTypeRecordChanged)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
--- a/internal/db/models/nameservers/ns_record_dao_test.go
+++ b/internal/db/models/nameservers/ns_record_dao_test.go
@@ -3,4 +3,27 @@ package nameservers
 import (
 	_ "github.com/go-sql-driver/mysql"
 	_ "github.com/iwind/TeaGo/bootstrap"
+	"testing"
 )
+
+func TestNSRecord_DecodeRouteIds(t *testing.T) {
+	{
+		record := &NSRecord{}
+		t.Log(record.DecodeRouteIds())
+	}
+
+	{
+		record := &NSRecord{RouteIds: "[]"}
+		t.Log(record.DecodeRouteIds())
+	}
+
+	{
+		record := &NSRecord{RouteIds: "[1, 2, 3]"}
+		t.Log(record.DecodeRouteIds())
+	}
+
+	{
+		record := &NSRecord{RouteIds: `["id:1", "id:2", "isp:liantong"]`}
+		t.Log(record.DecodeRouteIds())
+	}
+}
--- a/internal/db/models/nameservers/ns_record_model_ext.go
+++ b/internal/db/models/nameservers/ns_record_model_ext.go
@@ -1,11 +1,26 @@
 package nameservers

-import "encoding/json"
+import (
+	"encoding/json"
+	"github.com/iwind/TeaGo/types"
+)

-func (this *NSRecord) DecodeRouteIds() []int64 {
-	routeIds := []int64{}
+func (this *NSRecord) DecodeRouteIds() []string {
+	var routeIds = []string{}
 	if len(this.RouteIds) > 0 {
-		_ = json.Unmarshal([]byte(this.RouteIds), &routeIds)
+		err := json.Unmarshal([]byte(this.RouteIds), &routeIds)
+		if err != nil {
+			// 检查是否有旧的数据
+			var oldRouteIds = []int64{}
+			err = json.Unmarshal([]byte(this.RouteIds), &oldRouteIds)
+			if err != nil {
+				return []string{}
+			}
+			routeIds = []string{}
+			for _, routeId := range oldRouteIds {
+				routeIds = append(routeIds, "id:"+types.String(routeId))
+			}
+		}
 	}
 	return routeIds
 }
--- a/internal/db/models/nameservers/ns_route_dao.go
+++ b/internal/db/models/nameservers/ns_route_dao.go
@@ -3,9 +3,14 @@ package nameservers
 import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/dnsconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/types"
+	"regexp"
+	"strings"
 )

 const (
@@ -35,12 +40,21 @@ func init() {
 }

 // EnableNSRoute 启用条目
-func (this *NSRouteDAO) EnableNSRoute(tx *dbs.Tx, id int64) error {
-	_, err := this.Query(tx).
-		Pk(id).
+func (this *NSRouteDAO) EnableNSRoute(tx *dbs.Tx, routeId int64) error {
+	version, err := this.IncreaseVersion(tx)
+	if err != nil {
+		return err
+	}
+
+	_, err = this.Query(tx).
+		Pk(routeId).
 		Set("state", NSRouteStateEnabled).
+		Set("version", version).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx)
 }

 // DisableNSRoute 禁用条目
@@ -55,7 +69,10 @@ func (this *NSRouteDAO) DisableNSRoute(tx *dbs.Tx, routeId int64) error {
 		Set("state", NSRouteStateDisabled).
 		Set("version", version).
 		Update()
-	return err
+	if err != nil {
+		return err
+	}
+	return this.NotifyUpdate(tx)
 }

 // FindEnabledNSRoute 查找启用中的条目
@@ -70,6 +87,33 @@ func (this *NSRouteDAO) FindEnabledNSRoute(tx *dbs.Tx, id int64) (*NSRoute, erro
 	return result.(*NSRoute), err
 }

+// FindEnabledRouteWithCode 根据代号获取线路信息
+func (this *NSRouteDAO) FindEnabledRouteWithCode(tx *dbs.Tx, code string) (*NSRoute, error) {
+	if regexp.MustCompile(`^id:\d+$`).MatchString(code) {
+		var routeId = types.Int64(code[strings.Index(code, ":")+1:])
+		route, err := this.FindEnabledNSRoute(tx, routeId)
+		if route == nil || err != nil {
+			return nil, err
+		}
+
+		route.Code = "id:" + types.String(routeId)
+		return route, nil
+	}
+
+	route := dnsconfigs.FindDefaultRoute(code)
+	if route == nil {
+		return nil, nil
+	}
+
+	return &NSRoute{
+		Id:    0,
+		IsOn:  1,
+		Name:  route.Name,
+		Code:  route.Code,
+		State: NSRouteStateEnabled,
+	}, nil
+}
+
 // FindNSRouteName 根据主键查找名称
 func (this *NSRouteDAO) FindNSRouteName(tx *dbs.Tx, id int64) (string, error) {
 	return this.Query(tx).
@@ -98,7 +142,17 @@ func (this *NSRouteDAO) CreateRoute(tx *dbs.Tx, clusterId int64, domainId int64,
 	op.IsOn = true
 	op.State = NSRouteStateEnabled
 	op.Version = version
-	return this.SaveInt64(tx, op)
+	routeId, err := this.SaveInt64(tx, op)
+	if err != nil {
+		return 0, err
+	}
+
+	err = this.NotifyUpdate(tx)
+	if err != nil {
+		return 0, err
+	}
+
+	return routeId, nil
 }

 // UpdateRoute 修改线路
@@ -123,7 +177,12 @@ func (this *NSRouteDAO) UpdateRoute(tx *dbs.Tx, routeId int64, name string, rang

 	op.Version = version

-	return this.Save(tx, op)
+	err = this.Save(tx, op)
+	if err != nil {
+		return err
+	}
+
+	return this.NotifyUpdate(tx)
 }

 // UpdateRouteOrders 修改线路排序
@@ -145,7 +204,8 @@ func (this *NSRouteDAO) UpdateRouteOrders(tx *dbs.Tx, routeIds []int64) error {
 		}
 		order--
 	}
-	return nil
+
+	return this.NotifyUpdate(tx)
 }

 // FindAllEnabledRoutes 列出所有线路
@@ -190,3 +250,19 @@ func (this *NSRouteDAO) ListRoutesAfterVersion(tx *dbs.Tx, version int64, size i
 		FindAll()
 	return
 }
+
+// NotifyUpdate 通知更新
+func (this *NSRouteDAO) NotifyUpdate(tx *dbs.Tx) error {
+	// 线路变更时所有集群都要更新
+	clusterIds, err := models.SharedNSClusterDAO.FindAllEnabledClusterIds(tx)
+	if err != nil {
+		return err
+	}
+	for _, clusterId := range clusterIds {
+		err = models.SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleDNS, clusterId, models.NSNodeTaskTypeRouteChanged)
+		if err != nil {
+			return err
+		}
+	}
+	return nil
+}
--- a/internal/db/models/nameservers/ns_route_model.go
+++ b/internal/db/models/nameservers/ns_route_model.go
@@ -11,6 +11,7 @@ type NSRoute struct {
 	Ranges    string `field:"ranges"`    // 范围
 	Order     uint32 `field:"order"`     // 排序
 	Version   uint64 `field:"version"`   // 版本号
+	Code      string `field:"code"`      // 代号
 	State     uint8  `field:"state"`     // 状态
 }

@@ -24,6 +25,7 @@ type NSRouteOperator struct {
 	Ranges    interface{} // 范围
 	Order     interface{} // 排序
 	Version   interface{} // 版本号
+	Code      interface{} // 代号
 	State     interface{} // 状态
 }

--- a/internal/db/models/node_cluster_dao.go
+++ b/internal/db/models/node_cluster_dao.go
@@ -869,7 +869,7 @@ func (this *NodeClusterDAO) FindEnabledNodeClustersWithIds(tx *dbs.Tx, clusterId

 // NotifyUpdate 通知更新
 func (this *NodeClusterDAO) NotifyUpdate(tx *dbs.Tx, clusterId int64) error {
-	return SharedNodeTaskDAO.CreateClusterTask(tx, clusterId, NodeTaskTypeConfigChanged)
+	return SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, clusterId, NodeTaskTypeConfigChanged)
 }

 // NotifyDNSUpdate 通知DNS更新
--- a/internal/db/models/node_cluster_metric_item_dao.go
+++ b/internal/db/models/node_cluster_metric_item_dao.go
@@ -2,6 +2,7 @@ package models

 import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -158,5 +159,5 @@ func (this *NodeClusterMetricItemDAO) ExistsClusterItem(tx *dbs.Tx, clusterId in

 // NotifyUpdate 通知更新
 func (this *NodeClusterMetricItemDAO) NotifyUpdate(tx *dbs.Tx, clusterId int64) error {
-	return SharedNodeTaskDAO.CreateClusterTask(tx, clusterId, NodeTaskTypeConfigChanged)
+	return SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, clusterId, NodeTaskTypeConfigChanged)
 }
--- a/internal/db/models/node_dao.go
+++ b/internal/db/models/node_dao.go
@@ -432,9 +432,9 @@ func (this *NodeDAO) FindAllInactiveNodesWithClusterId(tx *dbs.Tx, clusterId int
 	_, err = this.Query(tx).
 		State(NodeStateEnabled).
 		Attr("clusterId", clusterId).
-		Attr("isOn", true). // 只监控启用的节点
+		Attr("isOn", true).        // 只监控启用的节点
 		Attr("isInstalled", true). // 只监控已经安装的节点
-		Attr("isActive", true). // 当前已经在线的
+		Attr("isActive", true).    // 当前已经在线的
 		Where("(status IS NULL OR (JSON_EXTRACT(status, '$.isActive')=false AND UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')>10) OR  UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')>120)").
 		Result("id", "name").
 		Slice(&result).
@@ -941,6 +941,7 @@ func (this *NodeDAO) CountAllEnabledNodesWithGroupId(tx *dbs.Tx, groupId int64)
 	return this.Query(tx).
 		State(NodeStateEnabled).
 		Attr("groupId", groupId).
+		Where("clusterId IN (SELECT id FROM " + SharedNodeClusterDAO.Table + " WHERE state=1)").
 		Count()
 }

@@ -1237,6 +1238,11 @@ func (this *NodeDAO) DeleteNodeFromCluster(tx *dbs.Tx, nodeId int64, clusterId i
 	op.Id = nodeId
 	op.ClusterId = newClusterId
 	op.SecondaryClusterIds = secondaryClusterIdsJSON
+
+	if newClusterId == 0 {
+		op.State = NodeStateDisabled
+	}
+
 	return this.Save(tx, op)
 }

@@ -1284,7 +1290,7 @@ func (this *NodeDAO) NotifyUpdate(tx *dbs.Tx, nodeId int64) error {
 		return err
 	}
 	if clusterId > 0 {
-		return SharedNodeTaskDAO.CreateNodeTask(tx, clusterId, nodeId, NodeTaskTypeConfigChanged)
+		return SharedNodeTaskDAO.CreateNodeTask(tx, nodeconfigs.NodeRoleNode, clusterId, nodeId, NodeTaskTypeConfigChanged)
 	}
 	return nil
 }
--- a/internal/db/models/node_grant_model.go
+++ b/internal/db/models/node_grant_model.go
@@ -1,6 +1,6 @@
 package models

-// 节点授权
+// NodeGrant 节点授权
 type NodeGrant struct {
 	Id          uint32 `field:"id"`          // ID
 	AdminId     uint32 `field:"adminId"`     // 管理员ID
@@ -12,6 +12,7 @@ type NodeGrant struct {
 	PrivateKey  string `field:"privateKey"`  // 密钥
 	Description string `field:"description"` // 备注
 	NodeId      uint32 `field:"nodeId"`      // 专有节点
+	Role        string `field:"role"`        // 角色
 	State       uint8  `field:"state"`       // 状态
 	CreatedAt   uint64 `field:"createdAt"`   // 创建时间
 }
@@ -27,6 +28,7 @@ type NodeGrantOperator struct {
 	PrivateKey  interface{} // 密钥
 	Description interface{} // 备注
 	NodeId      interface{} // 专有节点
+	Role        interface{} // 角色
 	State       interface{} // 状态
 	CreatedAt   interface{} // 创建时间
 }
--- a/internal/db/models/node_log_dao.go
+++ b/internal/db/models/node_log_dao.go
@@ -98,9 +98,9 @@ func (this *NodeLogDAO) CountNodeLogs(tx *dbs.Tx, role string, nodeId int64, ser
 	} else {
 		switch role {
 		case nodeconfigs.NodeRoleNode:
-			query.Where("nodeId IN (SELECT id FROM " + SharedNodeDAO.Table + " WHERE state=1)")
+			query.Where("nodeId IN (SELECT id FROM " + SharedNodeDAO.Table + " WHERE state=1 AND clusterId>0)")
 		case nodeconfigs.NodeRoleDNS:
-			query.Where("nodeId IN (SELECT id FROM edgeNSNodes WHERE state=1)") // 没有用 SharedNSNodeDAO() 因为有包循环引用的问题
+			query.Where("nodeId IN (SELECT id FROM edgeNSNodes WHERE state=1 AND clusterId > 0)") // 没有用 SharedNSNodeDAO() 因为有包循环引用的问题
 		}
 	}
 	if serverId > 0 {
@@ -149,9 +149,9 @@ func (this *NodeLogDAO) ListNodeLogs(tx *dbs.Tx,
 	} else {
 		switch role {
 		case nodeconfigs.NodeRoleNode:
-			query.Where("nodeId IN (SELECT id FROM " + SharedNodeDAO.Table + " WHERE state=1)")
+			query.Where("nodeId IN (SELECT id FROM " + SharedNodeDAO.Table + " WHERE state=1 AND clusterId>0)")
 		case nodeconfigs.NodeRoleDNS:
-			query.Where("nodeId IN (SELECT id FROM edgeNSNodes WHERE state=1)") // 没有用 SharedNSNodeDAO() 因为有包循环引用的问题
+			query.Where("nodeId IN (SELECT id FROM edgeNSNodes WHERE state=1 AND clusterId>0)") // 没有用 SharedNSNodeDAO() 因为有包循环引用的问题
 		}
 	}
 	if serverId > 0 {
--- a/internal/db/models/node_login_dao.go
+++ b/internal/db/models/node_login_dao.go
@@ -2,6 +2,7 @@ package models

 import (
 	"errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -36,7 +37,7 @@ func init() {
 	})
 }

-// 启用条目
+// EnableNodeLogin 启用条目
 func (this *NodeLoginDAO) EnableNodeLogin(tx *dbs.Tx, id uint32) (rowsAffected int64, err error) {
 	return this.Query(tx).
 		Pk(id).
@@ -44,16 +45,16 @@ func (this *NodeLoginDAO) EnableNodeLogin(tx *dbs.Tx, id uint32) (rowsAffected i
 		Update()
 }

-// 禁用条目
-func (this *NodeLoginDAO) DisableNodeLogin(tx *dbs.Tx, id uint32) (rowsAffected int64, err error) {
+// DisableNodeLogin 禁用条目
+func (this *NodeLoginDAO) DisableNodeLogin(tx *dbs.Tx, loginId int64) (rowsAffected int64, err error) {
 	return this.Query(tx).
-		Pk(id).
+		Pk(loginId).
 		Set("state", NodeLoginStateDisabled).
 		Update()
 }

-// 查找启用中的条目
-func (this *NodeLoginDAO) FindEnabledNodeLogin(tx *dbs.Tx, id uint32) (*NodeLogin, error) {
+// FindEnabledNodeLogin 查找启用中的条目
+func (this *NodeLoginDAO) FindEnabledNodeLogin(tx *dbs.Tx, id int64) (*NodeLogin, error) {
 	result, err := this.Query(tx).
 		Pk(id).
 		Attr("state", NodeLoginStateEnabled).
@@ -64,7 +65,7 @@ func (this *NodeLoginDAO) FindEnabledNodeLogin(tx *dbs.Tx, id uint32) (*NodeLogi
 	return result.(*NodeLogin), err
 }

-// 根据主键查找名称
+// FindNodeLoginName 根据主键查找名称
 func (this *NodeLoginDAO) FindNodeLoginName(tx *dbs.Tx, id uint32) (string, error) {
 	name, err := this.Query(tx).
 		Pk(id).
@@ -73,9 +74,14 @@ func (this *NodeLoginDAO) FindNodeLoginName(tx *dbs.Tx, id uint32) (string, erro
 	return name.(string), err
 }

-// 创建认证
-func (this *NodeLoginDAO) CreateNodeLogin(tx *dbs.Tx, nodeId int64, name string, loginType string, paramsJSON []byte) (loginId int64, err error) {
+// CreateNodeLogin 创建认证
+func (this *NodeLoginDAO) CreateNodeLogin(tx *dbs.Tx, role nodeconfigs.NodeRole, nodeId int64, name string, loginType string, paramsJSON []byte) (loginId int64, err error) {
+	if len(role) == 0 {
+		role = nodeconfigs.NodeRoleNode
+	}
+
 	login := NewNodeLoginOperator()
+	login.Role = role
 	login.NodeId = nodeId
 	login.Name = name
 	login.Type = loginType
@@ -85,7 +91,7 @@ func (this *NodeLoginDAO) CreateNodeLogin(tx *dbs.Tx, nodeId int64, name string,
 	return types.Int64(login.Id), err
 }

-// 修改认证
+// UpdateNodeLogin 修改认证
 func (this *NodeLoginDAO) UpdateNodeLogin(tx *dbs.Tx, loginId int64, name string, loginType string, paramsJSON []byte) error {
 	if loginId <= 0 {
 		return errors.New("invalid loginId")
@@ -99,9 +105,13 @@ func (this *NodeLoginDAO) UpdateNodeLogin(tx *dbs.Tx, loginId int64, name string
 	return err
 }

-// 查找认证
-func (this *NodeLoginDAO) FindEnabledNodeLoginWithNodeId(tx *dbs.Tx, nodeId int64) (*NodeLogin, error) {
+// FindEnabledNodeLoginWithNodeId 查找认证
+func (this *NodeLoginDAO) FindEnabledNodeLoginWithNodeId(tx *dbs.Tx, role nodeconfigs.NodeRole, nodeId int64) (*NodeLogin, error) {
+	if len(role) == 0 {
+		role = nodeconfigs.NodeRoleNode
+	}
 	one, err := this.Query(tx).
+		Attr("role", role).
 		Attr("nodeId", nodeId).
 		State(NodeLoginStateEnabled).
 		Find()
@@ -114,11 +124,63 @@ func (this *NodeLoginDAO) FindEnabledNodeLoginWithNodeId(tx *dbs.Tx, nodeId int6
 	return one.(*NodeLogin), nil
 }

-// 禁用某个节点的认证
-func (this *NodeLoginDAO) DisableNodeLogins(tx *dbs.Tx, nodeId int64) error {
+// DisableNodeLogins 禁用某个节点的认证
+func (this *NodeLoginDAO) DisableNodeLogins(tx *dbs.Tx, role nodeconfigs.NodeRole, nodeId int64) error {
+	if len(role) == 0 {
+		role = nodeconfigs.NodeRoleNode
+	}
 	_, err := this.Query(tx).
+		Attr("role", role).
 		Attr("nodeId", nodeId).
 		Set("state", NodeLoginStateDisabled).
 		Update()
 	return err
 }
+
+func (this *NodeLoginDAO) FindFrequentPorts(tx *dbs.Tx) ([]int32, error) {
+	ones, _, err := this.Query(tx).
+		Attr("state", NodeLoginStateEnabled).
+		Result("JSON_EXTRACT(params, '$.port') as `port`", "COUNT(*) AS c").
+		Having("port>0").
+		Desc("c").
+		Limit(10).
+		Group("port").
+		FindOnes()
+	if err != nil {
+		return nil, err
+	}
+	var ports = []int32{}
+	for _, one := range ones {
+		ports = append(ports, one.GetInt32("port"))
+	}
+	return ports, nil
+}
+
+func (this *NodeLoginDAO) FindFrequentGrantIds(tx *dbs.Tx, nodeClusterId int64, nsClusterId int64) ([]int64, error) {
+	var query = this.Query(tx).
+		Attr("state", NodeLoginStateEnabled).
+		Result("JSON_EXTRACT(params, '$.grantId') as `grantId`", "COUNT(*) AS c").
+		Having("grantId>0").
+		Desc("c").
+		Limit(3).
+		Group("grantId")
+	if nodeClusterId > 0 {
+		query.Attr("role", nodeconfigs.NodeRoleNode)
+		query.Where("(nodeId IN (SELECT id FROM "+SharedNodeDAO.Table+" WHERE state=1 AND clusterId=:clusterId))").
+			Param("clusterId", nodeClusterId)
+	} else if nsClusterId > 0 {
+		query.Attr("role", nodeconfigs.NodeRoleDNS)
+		query.Where("(nodeId IN (SELECT id FROM "+SharedNSNodeDAO.Table+" WHERE state=1 AND clusterId=:clusterId))").
+			Param("clusterId", nsClusterId)
+	}
+	ones, _, err := query.
+		FindOnes()
+	if err != nil {
+		return nil, err
+	}
+	var grantIds = []int64{}
+	for _, one := range ones {
+		grantIds = append(grantIds, one.GetInt64("grantId"))
+	}
+	return grantIds, nil
+}
--- a/internal/db/models/node_login_dao_test.go
+++ b/internal/db/models/node_login_dao_test.go
@@ -2,4 +2,16 @@ package models

 import (
 	_ "github.com/go-sql-driver/mysql"
+	"github.com/iwind/TeaGo/dbs"
+	"testing"
 )
+
+func TestNodeLoginDAO_FindFrequentPorts(t *testing.T) {
+	dbs.NotifyReady()
+
+	ports, err := SharedNodeLoginDAO.FindFrequentPorts(nil)
+	if err != nil {
+		t.Fatal(err)
+	}
+	t.Log(ports)
+}
--- a/internal/db/models/node_login_model.go
+++ b/internal/db/models/node_login_model.go
@@ -1,9 +1,10 @@
 package models

-//
+// NodeLogin 节点登录信息
 type NodeLogin struct {
 	Id     uint32 `field:"id"`     // ID
 	NodeId uint32 `field:"nodeId"` // 节点ID
+	Role   string `field:"role"`   // 角色
 	Name   string `field:"name"`   // 名称
 	Type   string `field:"type"`   // 类型：ssh,agent
 	Params string `field:"params"` // 配置参数
@@ -13,6 +14,7 @@ type NodeLogin struct {
 type NodeLoginOperator struct {
 	Id     interface{} // ID
 	NodeId interface{} // 节点ID
+	Role   interface{} // 角色
 	Name   interface{} // 名称
 	Type   interface{} // 类型：ssh,agent
 	Params interface{} // 配置参数
--- a/internal/db/models/node_task_dao.go
+++ b/internal/db/models/node_task_dao.go
@@ -1,8 +1,8 @@
 package models

 import (
-	"github.com/TeaOSLab/EdgeAPI/internal/utils/numberutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -17,6 +17,14 @@ const (
 	NodeTaskTypeConfigChanged      NodeTaskType = "configChanged"
 	NodeTaskTypeIPItemChanged      NodeTaskType = "ipItemChanged"
 	NodeTaskTypeNodeVersionChanged NodeTaskType = "nodeVersionChanged"
+
+	// NS相关
+
+	NSNodeTaskTypeConfigChanged NodeTaskType = "nsConfigChanged"
+	NSNodeTaskTypeDomainChanged NodeTaskType = "nsDomainChanged"
+	NSNodeTaskTypeRecordChanged NodeTaskType = "nsRecordChanged"
+	NSNodeTaskTypeRouteChanged  NodeTaskType = "nsRouteChanged"
+	NSNodeTaskTypeKeyChanged    NodeTaskType = "nsKeyChanged"
 )

 type NodeTaskDAO dbs.DAO
@@ -41,14 +49,15 @@ func init() {
 }

 // CreateNodeTask 创建单个节点任务
-func (this *NodeTaskDAO) CreateNodeTask(tx *dbs.Tx, clusterId int64, nodeId int64, taskType NodeTaskType) error {
+func (this *NodeTaskDAO) CreateNodeTask(tx *dbs.Tx, role string, clusterId int64, nodeId int64, taskType NodeTaskType) error {
 	if clusterId <= 0 || nodeId <= 0 {
 		return nil
 	}
-	uniqueId := numberutils.FormatInt64(nodeId) + "@node@" + taskType
+	uniqueId := role + "@" + types.String(nodeId) + "@node@" + taskType
 	updatedAt := time.Now().Unix()
 	_, _, err := this.Query(tx).
 		InsertOrUpdate(maps.Map{
+			"role":      role,
 			"clusterId": clusterId,
 			"nodeId":    nodeId,
 			"type":      taskType,
@@ -58,25 +67,27 @@ func (this *NodeTaskDAO) CreateNodeTask(tx *dbs.Tx, clusterId int64, nodeId int6
 			"isOk":      0,
 			"error":     "",
 		}, maps.Map{
-			"clusterId": clusterId,
-			"updatedAt": updatedAt,
-			"isDone":    0,
-			"isOk":      0,
-			"error":     "",
+			"clusterId":  clusterId,
+			"updatedAt":  updatedAt,
+			"isDone":     0,
+			"isOk":       0,
+			"error":      "",
+			"isNotified": 0,
 		})
 	return err
 }

 // CreateClusterTask 创建集群任务
-func (this *NodeTaskDAO) CreateClusterTask(tx *dbs.Tx, clusterId int64, taskType NodeTaskType) error {
+func (this *NodeTaskDAO) CreateClusterTask(tx *dbs.Tx, role string, clusterId int64, taskType NodeTaskType) error {
 	if clusterId <= 0 {
 		return nil
 	}

-	uniqueId := numberutils.FormatInt64(clusterId) + "@cluster@" + taskType
+	uniqueId := role + "@" + types.String(clusterId) + "@cluster@" + taskType
 	updatedAt := time.Now().Unix()
 	_, _, err := this.Query(tx).
 		InsertOrUpdate(maps.Map{
+			"role":       role,
 			"clusterId":  clusterId,
 			"nodeId":     0,
 			"type":       taskType,
@@ -96,14 +107,15 @@ func (this *NodeTaskDAO) CreateClusterTask(tx *dbs.Tx, clusterId int64, taskType
 	return err
 }

-// ExtractClusterTask 分解集群任务
-func (this *NodeTaskDAO) ExtractClusterTask(tx *dbs.Tx, clusterId int64, taskType NodeTaskType) error {
+// ExtractNodeClusterTask 分解边缘节点集群任务
+func (this *NodeTaskDAO) ExtractNodeClusterTask(tx *dbs.Tx, clusterId int64, taskType NodeTaskType) error {
 	nodeIds, err := SharedNodeDAO.FindAllNodeIdsMatch(tx, clusterId, true, configutils.BoolStateYes)
 	if err != nil {
 		return err
 	}

 	_, err = this.Query(tx).
+		Attr("role", nodeconfigs.NodeRoleNode).
 		Attr("clusterId", clusterId).
 		Param("clusterIdString", types.String(clusterId)).
 		Where("nodeId> 0").
@@ -114,13 +126,52 @@ func (this *NodeTaskDAO) ExtractClusterTask(tx *dbs.Tx, clusterId int64, taskTyp
 	}

 	for _, nodeId := range nodeIds {
-		err = this.CreateNodeTask(tx, clusterId, nodeId, taskType)
+		err = this.CreateNodeTask(tx, nodeconfigs.NodeRoleNode, clusterId, nodeId, taskType)
 		if err != nil {
 			return err
 		}
 	}

 	_, err = this.Query(tx).
+		Attr("role", nodeconfigs.NodeRoleNode).
+		Attr("clusterId", clusterId).
+		Attr("nodeId", 0).
+		Attr("type", taskType).
+		Delete()
+	if err != nil {
+		return err
+	}
+
+	return nil
+}
+
+// ExtractNSClusterTask 分解NS节点集群任务
+func (this *NodeTaskDAO) ExtractNSClusterTask(tx *dbs.Tx, clusterId int64, taskType NodeTaskType) error {
+	nodeIds, err := SharedNSNodeDAO.FindAllNodeIdsMatch(tx, clusterId, true, configutils.BoolStateYes)
+	if err != nil {
+		return err
+	}
+
+	_, err = this.Query(tx).
+		Attr("role", nodeconfigs.NodeRoleDNS).
+		Attr("clusterId", clusterId).
+		Param("clusterIdString", types.String(clusterId)).
+		Where("nodeId> 0").
+		Attr("type", taskType).
+		Delete()
+	if err != nil {
+		return err
+	}
+
+	for _, nodeId := range nodeIds {
+		err = this.CreateNodeTask(tx, nodeconfigs.NodeRoleDNS, clusterId, nodeId, taskType)
+		if err != nil {
+			return err
+		}
+	}
+
+	_, err = this.Query(tx).
+		Attr("role", nodeconfigs.NodeRoleDNS).
 		Attr("clusterId", clusterId).
 		Attr("nodeId", 0).
 		Attr("type", taskType).
@@ -133,8 +184,9 @@ func (this *NodeTaskDAO) ExtractClusterTask(tx *dbs.Tx, clusterId int64, taskTyp
 }

 // ExtractAllClusterTasks 分解所有集群任务
-func (this *NodeTaskDAO) ExtractAllClusterTasks(tx *dbs.Tx) error {
+func (this *NodeTaskDAO) ExtractAllClusterTasks(tx *dbs.Tx, role string) error {
 	ones, err := this.Query(tx).
+		Attr("role", role).
 		Attr("nodeId", 0).
 		FindAll()
 	if err != nil {
@@ -142,36 +194,47 @@ func (this *NodeTaskDAO) ExtractAllClusterTasks(tx *dbs.Tx) error {
 	}
 	for _, one := range ones {
 		clusterId := int64(one.(*NodeTask).ClusterId)
-		err = this.ExtractClusterTask(tx, clusterId, one.(*NodeTask).Type)
-		if err != nil {
-			return err
+		switch role {
+		case nodeconfigs.NodeRoleNode:
+			err = this.ExtractNodeClusterTask(tx, clusterId, one.(*NodeTask).Type)
+			if err != nil {
+				return err
+			}
+		case nodeconfigs.NodeRoleDNS:
+			err = this.ExtractNSClusterTask(tx, clusterId, one.(*NodeTask).Type)
+			if err != nil {
+				return err
+			}
 		}
 	}
 	return nil
 }

 // DeleteAllClusterTasks 删除集群所有相关任务
-func (this *NodeTaskDAO) DeleteAllClusterTasks(tx *dbs.Tx, clusterId int64) error {
+func (this *NodeTaskDAO) DeleteAllClusterTasks(tx *dbs.Tx, role string, clusterId int64) error {
 	_, err := this.Query(tx).
+		Attr("role", role).
 		Attr("clusterId", clusterId).
 		Delete()
 	return err
 }

 // DeleteNodeTasks 删除节点相关任务
-func (this *NodeTaskDAO) DeleteNodeTasks(tx *dbs.Tx, nodeId int64) error {
+func (this *NodeTaskDAO) DeleteNodeTasks(tx *dbs.Tx, role string, nodeId int64) error {
 	_, err := this.Query(tx).
+		Attr("role", role).
 		Attr("nodeId", nodeId).
 		Delete()
 	return err
 }

 // FindDoingNodeTasks 查询一个节点的所有任务
-func (this *NodeTaskDAO) FindDoingNodeTasks(tx *dbs.Tx, nodeId int64) (result []*NodeTask, err error) {
+func (this *NodeTaskDAO) FindDoingNodeTasks(tx *dbs.Tx, role string, nodeId int64) (result []*NodeTask, err error) {
 	if nodeId <= 0 {
 		return
 	}
 	_, err = this.Query(tx).
+		Attr("role", role).
 		Attr("nodeId", nodeId).
 		Where("(isDone=0 OR (isDone=1 AND isOk=0))").
 		Slice(&result).
@@ -191,9 +254,10 @@ func (this *NodeTaskDAO) UpdateNodeTaskDone(tx *dbs.Tx, taskId int64, isOk bool,
 }

 // FindAllDoingTaskClusterIds 查找正在更新的集群IDs
-func (this *NodeTaskDAO) FindAllDoingTaskClusterIds(tx *dbs.Tx) ([]int64, error) {
+func (this *NodeTaskDAO) FindAllDoingTaskClusterIds(tx *dbs.Tx, role string) ([]int64, error) {
 	ones, _, err := this.Query(tx).
 		Result("DISTINCT(clusterId) AS clusterId").
+		Attr("role", role).
 		Where("(nodeId=0 OR (isDone=0 OR (isDone=1 AND isOk=0)))").
 		FindOnes()
 	if err != nil {
@@ -207,8 +271,9 @@ func (this *NodeTaskDAO) FindAllDoingTaskClusterIds(tx *dbs.Tx) ([]int64, error)
 }

 // FindAllDoingNodeTasksWithClusterId 查询某个集群下所有的任务
-func (this *NodeTaskDAO) FindAllDoingNodeTasksWithClusterId(tx *dbs.Tx, clusterId int64) (result []*NodeTask, err error) {
+func (this *NodeTaskDAO) FindAllDoingNodeTasksWithClusterId(tx *dbs.Tx, role string, clusterId int64) (result []*NodeTask, err error) {
 	_, err = this.Query(tx).
+		Attr("role", role).
 		Attr("clusterId", clusterId).
 		Gt("nodeId", 0).
 		Where("(isDone=0 OR (isDone=1 AND isOk=0))").
@@ -220,17 +285,38 @@ func (this *NodeTaskDAO) FindAllDoingNodeTasksWithClusterId(tx *dbs.Tx, clusterI
 	return
 }

+// FindAllDoingNodeIds 查询有任务的节点IDs
+func (this *NodeTaskDAO) FindAllDoingNodeIds(tx *dbs.Tx, role string) ([]int64, error) {
+	ones, err := this.Query(tx).
+		Result("DISTINCT(nodeId) AS nodeId").
+		Attr("role", role).
+		Gt("nodeId", 0).
+		Attr("isDone", false).
+		Attr("isNotified", 0).
+		FindAll()
+	if err != nil {
+		return nil, err
+	}
+	var result []int64
+	for _, one := range ones {
+		result = append(result, int64(one.(*NodeTask).NodeId))
+	}
+	return result, nil
+}
+
 // ExistsDoingNodeTasks 检查是否有正在执行的任务
-func (this *NodeTaskDAO) ExistsDoingNodeTasks(tx *dbs.Tx) (bool, error) {
+func (this *NodeTaskDAO) ExistsDoingNodeTasks(tx *dbs.Tx, role string) (bool, error) {
 	return this.Query(tx).
+		Attr("role", role).
 		Where("(isDone=0 OR (isDone=1 AND isOk=0))").
 		Gt("nodeId", 0).
 		Exist()
 }

 // ExistsErrorNodeTasks 是否有错误的任务
-func (this *NodeTaskDAO) ExistsErrorNodeTasks(tx *dbs.Tx) (bool, error) {
+func (this *NodeTaskDAO) ExistsErrorNodeTasks(tx *dbs.Tx, role string) (bool, error) {
 	return this.Query(tx).
+		Attr("role", role).
 		Where("(isDone=1 AND isOk=0)").
 		Exist()
 }
@@ -244,16 +330,18 @@ func (this *NodeTaskDAO) DeleteNodeTask(tx *dbs.Tx, taskId int64) error {
 }

 // CountDoingNodeTasks 计算正在执行的任务
-func (this *NodeTaskDAO) CountDoingNodeTasks(tx *dbs.Tx) (int64, error) {
+func (this *NodeTaskDAO) CountDoingNodeTasks(tx *dbs.Tx, role string) (int64, error) {
 	return this.Query(tx).
 		Attr("isDone", 0).
+		Attr("role", role).
 		Gt("nodeId", 0).
 		Count()
 }

 // FindNotifyingNodeTasks 查找需要通知的任务
-func (this *NodeTaskDAO) FindNotifyingNodeTasks(tx *dbs.Tx, size int64) (result []*NodeTask, err error) {
+func (this *NodeTaskDAO) FindNotifyingNodeTasks(tx *dbs.Tx, role string, size int64) (result []*NodeTask, err error) {
 	_, err = this.Query(tx).
+		Attr("role", role).
 		Gt("nodeId", 0).
 		Attr("isNotified", 0).
 		Attr("isDone", 0).
--- a/internal/db/models/node_task_dao_test.go
+++ b/internal/db/models/node_task_dao_test.go
@@ -1,6 +1,7 @@
 package models

 import (
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/dbs"
 	"testing"
@@ -10,7 +11,7 @@ func TestNodeTaskDAO_CreateNodeTask(t *testing.T) {
 	dbs.NotifyReady()

 	var tx *dbs.Tx
-	err := SharedNodeTaskDAO.CreateNodeTask(tx, 1, 2, NodeTaskTypeConfigChanged)
+	err := SharedNodeTaskDAO.CreateNodeTask(tx, nodeconfigs.NodeRoleNode, 1, 2, NodeTaskTypeConfigChanged)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -21,7 +22,7 @@ func TestNodeTaskDAO_CreateClusterTask(t *testing.T) {
 	dbs.NotifyReady()

 	var tx *dbs.Tx
-	err := SharedNodeTaskDAO.CreateClusterTask(tx, 1, NodeTaskTypeConfigChanged)
+	err := SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, 1, NodeTaskTypeConfigChanged)
 	if err != nil {
 		t.Fatal(err)
 	}
@@ -32,7 +33,7 @@ func TestNodeTaskDAO_ExtractClusterTask(t *testing.T) {
 	dbs.NotifyReady()

 	var tx *dbs.Tx
-	err := SharedNodeTaskDAO.ExtractClusterTask(tx, 1, NodeTaskTypeConfigChanged)
+	err := SharedNodeTaskDAO.ExtractNodeClusterTask(tx, 1, NodeTaskTypeConfigChanged)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/internal/db/models/node_task_model.go
+++ b/internal/db/models/node_task_model.go
@@ -1,8 +1,9 @@
 package models

-// 节点同步任务
+// NodeTask 节点同步任务
 type NodeTask struct {
 	Id         uint64 `field:"id"`         // ID
+	Role       string `field:"role"`       // 节点角色
 	NodeId     uint32 `field:"nodeId"`     // 节点ID
 	ClusterId  uint32 `field:"clusterId"`  // 集群ID
 	Type       string `field:"type"`       // 任务类型
@@ -16,6 +17,7 @@ type NodeTask struct {

 type NodeTaskOperator struct {
 	Id         interface{} // ID
+	Role       interface{} // 节点角色
 	NodeId     interface{} // 节点ID
 	ClusterId  interface{} // 集群ID
 	Type       interface{} // 任务类型
--- a/internal/db/models/node_threshold_dao.go
+++ b/internal/db/models/node_threshold_dao.go
@@ -252,7 +252,7 @@ func (this *NodeThresholdDAO) FireNodeThreshold(tx *dbs.Tx, role string, nodeId
 					body = strings.Replace(body, "${item.name}", itemName, -1)
 					body = strings.Replace(body, "${value}", fmt.Sprintf("%.2f", paramValue), -1)
 				}
-				err = SharedMessageDAO.CreateNodeMessage(tx, clusterId, nodeId, MessageTypeThresholdSatisfied, MessageLevelWarning, subject, body, maps.Map{}.AsJSON())
+				err = SharedMessageDAO.CreateNodeMessage(tx, role, clusterId, nodeId, MessageTypeThresholdSatisfied, MessageLevelWarning, subject, body, maps.Map{}.AsJSON())
 				if err != nil {
 					return err
 				}
--- a/internal/db/models/ns_access_log_model.go
+++ b/internal/db/models/ns_access_log_model.go
@@ -2,23 +2,25 @@ package models

 // NSAccessLog 域名服务访问日志
 type NSAccessLog struct {
-	Id        uint64 `field:"id"`        // ID
-	NodeId    uint32 `field:"nodeId"`    // 节点ID
-	DomainId  uint32 `field:"domainId"`  // 域名ID
-	RecordId  uint32 `field:"recordId"`  // 记录ID
-	Content   string `field:"content"`   // 访问数据
-	RequestId string `field:"requestId"` // 请求ID
-	CreatedAt uint64 `field:"createdAt"` // 创建时间
+	Id         uint64 `field:"id"`         // ID
+	NodeId     uint32 `field:"nodeId"`     // 节点ID
+	DomainId   uint32 `field:"domainId"`   // 域名ID
+	RecordId   uint32 `field:"recordId"`   // 记录ID
+	Content    string `field:"content"`    // 访问数据
+	RequestId  string `field:"requestId"`  // 请求ID
+	CreatedAt  uint64 `field:"createdAt"`  // 创建时间
+	RemoteAddr string `field:"remoteAddr"` // IP
 }

 type NSAccessLogOperator struct {
-	Id        interface{} // ID
-	NodeId    interface{} // 节点ID
-	DomainId  interface{} // 域名ID
-	RecordId  interface{} // 记录ID
-	Content   interface{} // 访问数据
-	RequestId interface{} // 请求ID
-	CreatedAt interface{} // 创建时间
+	Id         interface{} // ID
+	NodeId     interface{} // 节点ID
+	DomainId   interface{} // 域名ID
+	RecordId   interface{} // 记录ID
+	Content    interface{} // 访问数据
+	RequestId  interface{} // 请求ID
+	CreatedAt  interface{} // 创建时间
+	RemoteAddr interface{} // IP
 }

 func NewNSAccessLogOperator() *NSAccessLogOperator {
--- a/internal/db/models/nameservers/ns_cluster_dao.go
+++ b/internal/db/models/nameservers/ns_cluster_dao.go
@@ -1,7 +1,8 @@
-package nameservers
+package models

 import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -127,6 +128,22 @@ func (this *NSClusterDAO) FindAllEnabledClusters(tx *dbs.Tx) (result []*NSCluste
 	return
 }

+// FindAllEnabledClusterIds 获取所有集群IDs
+func (this *NSClusterDAO) FindAllEnabledClusterIds(tx *dbs.Tx) ([]int64, error) {
+	ones, err := this.Query(tx).
+		State(NSClusterStateEnabled).
+		ResultPk().
+		FindAll()
+	if err != nil {
+		return nil, err
+	}
+	var result = []int64{}
+	for _, one := range ones {
+		result = append(result, int64(one.(*NSCluster).Id))
+	}
+	return result, nil
+}
+
 // UpdateClusterAccessLog 设置访问日志
 func (this *NSClusterDAO) UpdateClusterAccessLog(tx *dbs.Tx, clusterId int64, accessLogJSON []byte) error {
 	return this.Query(tx).
@@ -143,3 +160,16 @@ func (this *NSClusterDAO) FindClusterAccessLog(tx *dbs.Tx, clusterId int64) ([]b
 		FindStringCol("")
 	return []byte(accessLog), err
 }
+
+// FindClusterGrantId 查找集群的认证ID
+func (this *NSClusterDAO) FindClusterGrantId(tx *dbs.Tx, clusterId int64) (int64, error) {
+	return this.Query(tx).
+		Pk(clusterId).
+		Result("grantId").
+		FindInt64Col(0)
+}
+
+// NotifyUpdate 通知更改
+func (this *NSClusterDAO) NotifyUpdate(tx *dbs.Tx, clusterId int64) error {
+	return SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleDNS, clusterId, NSNodeTaskTypeConfigChanged)
+}
--- a/internal/db/models/ns_cluster_dao_test.go
+++ b/internal/db/models/ns_cluster_dao_test.go
@@ -0,0 +1,6 @@
+package models
+
+import (
+	_ "github.com/go-sql-driver/mysql"
+	_ "github.com/iwind/TeaGo/bootstrap"
+)
--- a/internal/db/models/nameservers/ns_cluster_model.go
+++ b/internal/db/models/nameservers/ns_cluster_model.go
@@ -1,4 +1,4 @@
-package nameservers
+package models

 // NSCluster 域名服务器集群
 type NSCluster struct {
@@ -8,6 +8,7 @@ type NSCluster struct {
 	InstallDir string `field:"installDir"` // 安装目录
 	State      uint8  `field:"state"`      // 状态
 	AccessLog  string `field:"accessLog"`  // 访问日志配置
+	GrantId    uint32 `field:"grantId"`    // 授权ID
 }

 type NSClusterOperator struct {
@@ -17,6 +18,7 @@ type NSClusterOperator struct {
 	InstallDir interface{} // 安装目录
 	State      interface{} // 状态
 	AccessLog  interface{} // 访问日志配置
+	GrantId    interface{} // 授权ID
 }

 func NewNSClusterOperator() *NSClusterOperator {
--- a/internal/db/models/ns_cluster_model_ext.go
+++ b/internal/db/models/ns_cluster_model_ext.go
@@ -0,0 +1 @@
+package models
--- a/internal/db/models/nameservers/ns_node_dao.go
+++ b/internal/db/models/nameservers/ns_node_dao.go
@@ -1,13 +1,13 @@
-package nameservers
+package models

 import (
 	"encoding/json"
-	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/dnsconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/systemconfigs"
 	_ "github.com/go-sql-driver/mysql"
 	"github.com/iwind/TeaGo/Tea"
 	"github.com/iwind/TeaGo/dbs"
@@ -133,9 +133,9 @@ func (this *NSNodeDAO) CountAllEnabledNodesMatch(tx *dbs.Tx, clusterId int64, in
 	case configutils.BoolStateAll:
 		// 所有
 	case configutils.BoolStateYes:
-		query.Where("JSON_EXTRACT(status, '$.isActive') AND UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')<=60")
+		query.Where("(isActive=1 AND JSON_EXTRACT(status, '$.isActive') AND UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')<=60)")
 	case configutils.BoolStateNo:
-		query.Where("(status IS NULL OR NOT JSON_EXTRACT(status, '$.isActive') OR UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')>60)")
+		query.Where("(isActive=0 OR status IS NULL OR NOT JSON_EXTRACT(status, '$.isActive') OR UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')>60)")
 	}
 	if len(keyword) > 0 {
 		query.Where("(name LIKE :keyword)").
@@ -166,9 +166,9 @@ func (this *NSNodeDAO) ListAllEnabledNodesMatch(tx *dbs.Tx, clusterId int64, ins
 	case configutils.BoolStateAll:
 		// 所有
 	case configutils.BoolStateYes:
-		query.Where("JSON_EXTRACT(status, '$.isActive') AND UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')<=60")
+		query.Where("(isActive=1 AND JSON_EXTRACT(status, '$.isActive') AND UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')<=60)")
 	case configutils.BoolStateNo:
-		query.Where("(status IS NULL OR NOT JSON_EXTRACT(status, '$.isActive') OR UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')>60)")
+		query.Where("(isActive=0 OR status IS NULL OR NOT JSON_EXTRACT(status, '$.isActive') OR UNIX_TIMESTAMP()-JSON_EXTRACT(status, '$.updatedAt')>60)")
 	}

 	if clusterId > 0 {
@@ -213,7 +213,7 @@ func (this *NSNodeDAO) CreateNode(tx *dbs.Tx, adminId int64, name string, cluste
 	secret := rands.String(32)

 	// 保存API Token
-	err = models.SharedApiTokenDAO.CreateAPIToken(tx, uniqueId, secret, nodeconfigs.NodeRoleDNS)
+	err = SharedApiTokenDAO.CreateAPIToken(tx, uniqueId, secret, nodeconfigs.NodeRoleDNS)
 	if err != nil {
 		return
 	}
@@ -280,7 +280,7 @@ func (this *NSNodeDAO) FindEnabledNodeIdWithUniqueId(tx *dbs.Tx, uniqueId string
 }

 // FindNodeInstallStatus 查询节点的安装状态
-func (this *NSNodeDAO) FindNodeInstallStatus(tx *dbs.Tx, nodeId int64) (*models.NodeInstallStatus, error) {
+func (this *NSNodeDAO) FindNodeInstallStatus(tx *dbs.Tx, nodeId int64) (*NodeInstallStatus, error) {
 	node, err := this.Query(tx).
 		Pk(nodeId).
 		Result("installStatus", "isInstalled").
@@ -295,10 +295,10 @@ func (this *NSNodeDAO) FindNodeInstallStatus(tx *dbs.Tx, nodeId int64) (*models.
 	installStatus := node.(*NSNode).InstallStatus
 	isInstalled := node.(*NSNode).IsInstalled == 1
 	if len(installStatus) == 0 {
-		return models.NewNodeInstallStatus(), nil
+		return NewNodeInstallStatus(), nil
 	}

-	status := &models.NodeInstallStatus{}
+	status := &NodeInstallStatus{}
 	err = json.Unmarshal([]byte(installStatus), status)
 	if err != nil {
 		return nil, err
@@ -384,16 +384,37 @@ func (this *NSNodeDAO) ComposeNodeConfig(tx *dbs.Tx, nodeId int64) (*dnsconfigs.
 	config := &dnsconfigs.NSNodeConfig{
 		Id:        int64(node.Id),
 		NodeId:    node.UniqueId,
+		Secret:    node.Secret,
 		ClusterId: int64(node.ClusterId),
 	}

-	if len(cluster.AccessLog) > 0 {
-		ref := &dnsconfigs.AccessLogRef{}
-		err = json.Unmarshal([]byte(cluster.AccessLog), ref)
+	// 访问日志
+	// 全局配置
+	{
+		globalValue, err := SharedSysSettingDAO.ReadSetting(tx, systemconfigs.SettingCodeNSAccessLogSetting)
 		if err != nil {
 			return nil, err
 		}
-		config.AccessLogRef = ref
+		if len(globalValue) > 0 {
+			var ref = &dnsconfigs.NSAccessLogRef{}
+			err = json.Unmarshal(globalValue, ref)
+			if err != nil {
+				return nil, err
+			}
+			config.AccessLogRef = ref
+		}
+
+		// 集群配置
+		if len(cluster.AccessLog) > 0 {
+			ref := &dnsconfigs.NSAccessLogRef{}
+			err = json.Unmarshal([]byte(cluster.AccessLog), ref)
+			if err != nil {
+				return nil, err
+			}
+			if ref.IsPrior {
+				config.AccessLogRef = ref
+			}
+		}
 	}

 	return config, nil
@@ -407,6 +428,120 @@ func (this *NSNodeDAO) FindNodeClusterId(tx *dbs.Tx, nodeId int64) (int64, error
 		FindInt64Col(0)
 }

+// FindNodeActive 检查节点活跃状态
+func (this *NSNodeDAO) FindNodeActive(tx *dbs.Tx, nodeId int64) (bool, error) {
+	isActive, err := this.Query(tx).
+		Pk(nodeId).
+		Result("isActive").
+		FindIntCol(0)
+	if err != nil {
+		return false, err
+	}
+	return isActive == 1, nil
+}
+
+// UpdateNodeActive 修改节点活跃状态
+func (this *NSNodeDAO) UpdateNodeActive(tx *dbs.Tx, nodeId int64, isActive bool) error {
+	if nodeId <= 0 {
+		return errors.New("invalid nodeId")
+	}
+	_, err := this.Query(tx).
+		Pk(nodeId).
+		Set("isActive", isActive).
+		Set("statusIsNotified", false).
+		Update()
+	return err
+}
+
+// UpdateNodeConnectedAPINodes 修改当前连接的API节点
+func (this *NSNodeDAO) UpdateNodeConnectedAPINodes(tx *dbs.Tx, nodeId int64, apiNodeIds []int64) error {
+	if nodeId <= 0 {
+		return errors.New("invalid nodeId")
+	}
+
+	op := NewNSNodeOperator()
+	op.Id = nodeId
+
+	if len(apiNodeIds) > 0 {
+		apiNodeIdsJSON, err := json.Marshal(apiNodeIds)
+		if err != nil {
+			return errors.Wrap(err)
+		}
+		op.ConnectedAPINodes = apiNodeIdsJSON
+	} else {
+		op.ConnectedAPINodes = "[]"
+	}
+	err := this.Save(tx, op)
+	return err
+}
+
+// FindAllNotifyingInactiveNodesWithClusterId 取得某个集群所有等待通知离线离线的节点
+func (this *NSNodeDAO) FindAllNotifyingInactiveNodesWithClusterId(tx *dbs.Tx, clusterId int64) (result []*NSNode, err error) {
+	_, err = this.Query(tx).
+		State(NSNodeStateEnabled).
+		Attr("clusterId", clusterId).
+		Attr("isOn", true).        // 只监控启用的节点
+		Attr("isInstalled", true). // 只监控已经安装的节点
+		Attr("isActive", false).   // 当前已经离线的
+		Attr("statusIsNotified", false).
+		Result("id", "name").
+		Slice(&result).
+		FindAll()
+	return
+}
+
+// UpdateNodeStatusIsNotified 设置状态已经通知
+func (this *NSNodeDAO) UpdateNodeStatusIsNotified(tx *dbs.Tx, nodeId int64) error {
+	return this.Query(tx).
+		Pk(nodeId).
+		Set("statusIsNotified", true).
+		UpdateQuickly()
+}
+
+// FindAllNodeIdsMatch 匹配节点并返回节点ID
+func (this *NSNodeDAO) FindAllNodeIdsMatch(tx *dbs.Tx, clusterId int64, includeSecondaryNodes bool, isOn configutils.BoolState) (result []int64, err error) {
+	query := this.Query(tx)
+	query.State(NSNodeStateEnabled)
+	if clusterId > 0 {
+		query.Attr("clusterId", clusterId)
+	}
+	if isOn == configutils.BoolStateYes {
+		query.Attr("isOn", true)
+	} else if isOn == configutils.BoolStateNo {
+		query.Attr("isOn", false)
+	}
+	query.Result("id")
+	ones, _, err := query.FindOnes()
+	if err != nil {
+		return nil, err
+	}
+	for _, one := range ones {
+		result = append(result, one.GetInt64("id"))
+	}
+	return
+}
+
+// UpdateNodeInstallStatus 修改节点的安装状态
+func (this *NSNodeDAO) UpdateNodeInstallStatus(tx *dbs.Tx, nodeId int64, status *NodeInstallStatus) error {
+	if status == nil {
+		_, err := this.Query(tx).
+			Pk(nodeId).
+			Set("installStatus", "null").
+			Update()
+		return err
+	}
+
+	data, err := json.Marshal(status)
+	if err != nil {
+		return err
+	}
+	_, err = this.Query(tx).
+		Pk(nodeId).
+		Set("installStatus", string(data)).
+		Update()
+	return err
+}
+
 // NotifyUpdate 通知更新
 func (this *NSNodeDAO) NotifyUpdate(tx *dbs.Tx, nodeId int64) error {
 	// TODO 先什么都不做
--- a/internal/db/models/nameservers/ns_node_dao_test.go
+++ b/internal/db/models/nameservers/ns_node_dao_test.go
@@ -1,4 +1,4 @@
-package nameservers
+package models

 import (
 	_ "github.com/go-sql-driver/mysql"
--- a/internal/db/models/ns_node_model.go
+++ b/internal/db/models/ns_node_model.go
@@ -0,0 +1,44 @@
+package models
+
+// NSNode 域名服务器节点
+type NSNode struct {
+	Id                uint32 `field:"id"`                // ID
+	AdminId           uint32 `field:"adminId"`           // 管理员ID
+	ClusterId         uint32 `field:"clusterId"`         // 集群ID
+	Name              string `field:"name"`              // 节点名称
+	IsOn              uint8  `field:"isOn"`              // 是否启用
+	Status            string `field:"status"`            // 运行状态
+	UniqueId          string `field:"uniqueId"`          // 节点ID
+	Secret            string `field:"secret"`            // 密钥
+	IsUp              uint8  `field:"isUp"`              // 是否运行
+	IsInstalled       uint8  `field:"isInstalled"`       // 是否已安装
+	InstallStatus     string `field:"installStatus"`     // 安装状态
+	InstallDir        string `field:"installDir"`        // 安装目录
+	State             uint8  `field:"state"`             // 状态
+	IsActive          uint8  `field:"isActive"`          // 是否活跃
+	StatusIsNotified  uint8  `field:"statusIsNotified"`  // 活跃状态已经通知
+	ConnectedAPINodes string `field:"connectedAPINodes"` // 当前连接的API节点
+}
+
+type NSNodeOperator struct {
+	Id                interface{} // ID
+	AdminId           interface{} // 管理员ID
+	ClusterId         interface{} // 集群ID
+	Name              interface{} // 节点名称
+	IsOn              interface{} // 是否启用
+	Status            interface{} // 运行状态
+	UniqueId          interface{} // 节点ID
+	Secret            interface{} // 密钥
+	IsUp              interface{} // 是否运行
+	IsInstalled       interface{} // 是否已安装
+	InstallStatus     interface{} // 安装状态
+	InstallDir        interface{} // 安装目录
+	State             interface{} // 状态
+	IsActive          interface{} // 是否活跃
+	StatusIsNotified  interface{} // 活跃状态已经通知
+	ConnectedAPINodes interface{} // 当前连接的API节点
+}
+
+func NewNSNodeOperator() *NSNodeOperator {
+	return &NSNodeOperator{}
+}
--- a/internal/db/models/nameservers/ns_node_model_ext.go
+++ b/internal/db/models/nameservers/ns_node_model_ext.go
@@ -1,21 +1,20 @@
-package nameservers
+package models

 import (
 	"encoding/json"
-	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"time"
 )

 // DecodeInstallStatus 安装状态
-func (this *NSNode) DecodeInstallStatus() (*models.NodeInstallStatus, error) {
+func (this *NSNode) DecodeInstallStatus() (*NodeInstallStatus, error) {
 	if len(this.InstallStatus) == 0 || this.InstallStatus == "null" {
-		return models.NewNodeInstallStatus(), nil
+		return NewNodeInstallStatus(), nil
 	}
-	status := &models.NodeInstallStatus{}
+	status := &NodeInstallStatus{}
 	err := json.Unmarshal([]byte(this.InstallStatus), status)
 	if err != nil {
-		return models.NewNodeInstallStatus(), err
+		return NewNodeInstallStatus(), err
 	}

 	// 如果N秒钟没有更新状态，则认为不在运行
--- a/internal/db/models/server_dao.go
+++ b/internal/db/models/server_dao.go
@@ -8,6 +8,7 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models/dns"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils/numberutils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/TeaOSLab/EdgeCommon/pkg/serverconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/systemconfigs"
@@ -1270,11 +1271,11 @@ func (this *ServerDAO) UpdateUserServersClusterId(tx *dbs.Tx, userId int64, oldC
 	}

 	if oldClusterId > 0 {
-		err = SharedNodeTaskDAO.CreateClusterTask(tx, oldClusterId, NodeTaskTypeConfigChanged)
+		err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, oldClusterId, NodeTaskTypeConfigChanged)
 		if err != nil {
 			return err
 		}
-		err = SharedNodeTaskDAO.CreateClusterTask(tx, oldClusterId, NodeTaskTypeIPItemChanged)
+		err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, oldClusterId, NodeTaskTypeIPItemChanged)
 		if err != nil {
 			return err
 		}
@@ -1285,11 +1286,11 @@ func (this *ServerDAO) UpdateUserServersClusterId(tx *dbs.Tx, userId int64, oldC
 	}

 	if newClusterId > 0 {
-		err = SharedNodeTaskDAO.CreateClusterTask(tx, newClusterId, NodeTaskTypeConfigChanged)
+		err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, newClusterId, NodeTaskTypeConfigChanged)
 		if err != nil {
 			return err
 		}
-		err = SharedNodeTaskDAO.CreateClusterTask(tx, newClusterId, NodeTaskTypeIPItemChanged)
+		err = SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, newClusterId, NodeTaskTypeIPItemChanged)
 		if err != nil {
 			return err
 		}
@@ -1437,7 +1438,7 @@ func (this *ServerDAO) NotifyUpdate(tx *dbs.Tx, serverId int64) error {
 	if clusterId == 0 {
 		return nil
 	}
-	return SharedNodeTaskDAO.CreateClusterTask(tx, clusterId, NodeTaskTypeConfigChanged)
+	return SharedNodeTaskDAO.CreateClusterTask(tx, nodeconfigs.NodeRoleNode, clusterId, NodeTaskTypeConfigChanged)
 }

 // NotifyDNSUpdate 通知DNS更新
--- a/internal/db/models/stats/server_client_browser_monthly_stat_dao_test.go
+++ b/internal/db/models/stats/server_client_browser_monthly_stat_dao_test.go
@@ -11,7 +11,7 @@ func TestServerClientBrowserMonthlyStatDAO_IncreaseMonthlyCount(t *testing.T) {
 	dbs.NotifyReady()

 	var tx *dbs.Tx
-	err := SharedServerClientBrowserMonthlyStatDAO.IncreaseMonthlyCount(tx, 1, 1, "202101", 1)
+	err := SharedServerClientBrowserMonthlyStatDAO.IncreaseMonthlyCount(tx, 1, 1, "1.0", "202101", 1)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/internal/db/models/stats/traffic_daily_stat_dao_test.go
+++ b/internal/db/models/stats/traffic_daily_stat_dao_test.go
@@ -12,7 +12,7 @@ func TestTrafficDailyStatDAO_IncreaseDayBytes(t *testing.T) {
 	dbs.NotifyReady()

 	now := time.Now()
-	err := SharedTrafficDailyStatDAO.IncreaseDailyBytes(nil, timeutil.Format("Ymd"), 1)
+	err := SharedTrafficDailyStatDAO.IncreaseDailyStat(nil, timeutil.Format("Ymd"), 1, 1, 1, 1, 1, 1)
 	if err != nil {
 		t.Fatal(err)
 	}
--- a/internal/dnsclients/huaweidns/response_base.go
+++ b/internal/dnsclients/huaweidns/response_base.go
@@ -0,0 +1,6 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type BaseResponse struct {
+}
--- a/internal/dnsclients/huaweidns/response_custom_lines.go
+++ b/internal/dnsclients/huaweidns/response_custom_lines.go
@@ -0,0 +1,10 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type CustomLinesResponse struct {
+	Lines []struct {
+		LineId string `json:"line_id"`
+		Name   string `json:"name"`
+	} `json:"lines"`
+}
--- a/internal/dnsclients/huaweidns/response_record_sets.go
+++ b/internal/dnsclients/huaweidns/response_record_sets.go
@@ -0,0 +1,14 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type RecordSetsResponse struct {
+	RecordSets []struct {
+		Id   string `json:"id"`
+		Name string `json:"name"`
+		Type string `json:"type"`
+		Ttl  int    `json:"ttl"`
+		Line string `json:"line"`
+		Records []string `json:"records"`
+	} `json:"recordsets"`
+}
--- a/internal/dnsclients/huaweidns/response_zone_record_sets.go
+++ b/internal/dnsclients/huaweidns/response_zone_record_sets.go
@@ -0,0 +1,17 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type ZoneRecordSetsResponse struct {
+	RecordSets []struct {
+		Id      string   `json:"id"`
+		Name    string   `json:"name"`
+		Type    string   `json:"type"`
+		Ttl     int      `json:"ttl"`
+		Records []string `json:"records"`
+		Line    string   `json:"line"`
+	} `json:"recordsets"`
+	Metadata struct {
+		TotalCount int `json:"total_count"`
+	} `json:"metadata"`
+}
--- a/internal/dnsclients/huaweidns/response_zones.go
+++ b/internal/dnsclients/huaweidns/response_zones.go
@@ -0,0 +1,17 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type ZonesResponse struct {
+	Links struct{} `json:"links"`
+	Zones []struct {
+		Id        string `json:"id"`
+		Name      string `json:"name"`
+		ZoneType  string `json:"zone_type"`
+		Status    string `json:"status"`
+		RecordNum int    `json:"record_num"`
+	} `json:"zones"`
+	Metadata struct {
+		TotalCount int `json:"total_count"`
+	} `json:"metadata"`
+}
--- a/internal/dnsclients/huaweidns/response_zones_create_record_set.go
+++ b/internal/dnsclients/huaweidns/response_zones_create_record_set.go
@@ -0,0 +1,9 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type ZonesCreateRecordSetResponse struct {
+	Id      string   `json:"id"`
+	Line    string   `json:"line"`
+	Records []string `json:"records"`
+}
--- a/internal/dnsclients/huaweidns/response_zones_delete_record_set.go
+++ b/internal/dnsclients/huaweidns/response_zones_delete_record_set.go
@@ -0,0 +1,7 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type ZonesDeleteRecordSetResponse struct {
+	Id string `json:"id"`
+}
--- a/internal/dnsclients/huaweidns/response_zones_update_record_set.go
+++ b/internal/dnsclients/huaweidns/response_zones_update_record_set.go
@@ -0,0 +1,9 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package huaweidns
+
+type ZonesUpdateRecordSetResponse struct {
+	Id      string   `json:"id"`
+	Line    string   `json:"line"`
+	Records []string `json:"records"`
+}
--- a/internal/dnsclients/provider_huawei_dns.go
+++ b/internal/dnsclients/provider_huawei_dns.go
--- a/internal/dnsclients/provider_huawei_dns_test.go
+++ b/internal/dnsclients/provider_huawei_dns_test.go
@@ -0,0 +1,132 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package dnsclients
+
+import (
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAPI/internal/dnsclients/dnstypes"
+	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/logs"
+	"github.com/iwind/TeaGo/maps"
+	"testing"
+)
+
+func TestHuaweiDNSProvider_GetRecords(t *testing.T) {
+	provider, err := testHuaweiDNSProvider()
+	if err != nil {
+		t.Fatal(err)
+	}
+	records, err := provider.GetRecords("yun4s.cn")
+	if err != nil {
+		t.Fatal(err)
+	}
+	logs.PrintAsJSON(records, t)
+}
+
+func TestHuaweiDNSProvider_GetRoutes(t *testing.T) {
+	provider, err := testHuaweiDNSProvider()
+	if err != nil {
+		t.Fatal(err)
+	}
+	routes, err := provider.GetRoutes("yun4s.cn")
+	if err != nil {
+		t.Fatal(err)
+	}
+	t.Log(len(routes))
+	logs.PrintAsJSON(routes, t)
+}
+
+func TestHuaweiDNSProvider_QueryRecord(t *testing.T) {
+	provider, err := testHuaweiDNSProvider()
+	if err != nil {
+		t.Fatal(err)
+	}
+	record, err := provider.QueryRecord("yun4s.cn", "abc", dnstypes.RecordTypeA)
+	if err != nil {
+		t.Fatal(err)
+	}
+	logs.PrintAsJSON(record)
+}
+
+func TestHuaweiDNSProvider_AddRecord(t *testing.T) {
+	provider, err := testHuaweiDNSProvider()
+	if err != nil {
+		t.Fatal(err)
+	}
+	record := &dnstypes.Record{
+		Id:    "",
+		Name:  "add-record-1",
+		Type:  "A",
+		Value: "192.168.2.40",
+		Route: "Beijing",
+	}
+	err = provider.AddRecord("yun4s.cn", record)
+	if err != nil {
+		t.Fatal(err)
+	}
+	logs.PrintAsJSON(record, t)
+}
+
+func TestHuaweiDNSProvider_UpdateRecord(t *testing.T) {
+	provider, err := testHuaweiDNSProvider()
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	record := &dnstypes.Record{
+		Id:    "",
+		Name:  "add-record-1",
+		Type:  "A",
+		Value: "192.168.2.42",
+		Route: "default_view",
+	}
+	err = provider.UpdateRecord("yun4s.cn", &dnstypes.Record{
+		Id: "8aace3b97ac6e108017b116f3e2e2923@192.168.2.40",
+	}, record)
+	if err != nil {
+		t.Fatal(err)
+	}
+	t.Log("ok")
+}
+
+func TestHuaweiDNSProvider_DeleteRecord(t *testing.T) {
+	provider, err := testHuaweiDNSProvider()
+	if err != nil {
+		t.Fatal(err)
+	}
+	record, err := provider.QueryRecord("yun4s.cn", "add-record-1", dnstypes.RecordTypeA)
+	if err != nil {
+		t.Fatal(err)
+	}
+	if record == nil {
+		t.Log("not found record")
+		return
+	}
+	err = provider.DeleteRecord("yun4s.cn", record)
+	if err != nil {
+		t.Fatal(err)
+	}
+	t.Log("ok")
+}
+
+func testHuaweiDNSProvider() (ProviderInterface, error) {
+	db, err := dbs.Default()
+	if err != nil {
+		return nil, err
+	}
+	one, err := db.FindOne("SELECT * FROM edgeDNSProviders WHERE type='huaweiDNS' ORDER BY id DESC")
+	if err != nil {
+		return nil, err
+	}
+	apiParams := maps.Map{}
+	err = json.Unmarshal([]byte(one.GetString("apiParams")), &apiParams)
+	if err != nil {
+		return nil, err
+	}
+	provider := &HuaweiDNSProvider{}
+	err = provider.Auth(apiParams)
+	if err != nil {
+		return nil, err
+	}
+	return provider, nil
+}
--- a/internal/dnsclients/provider_local_edge_dns.go
+++ b/internal/dnsclients/provider_local_edge_dns.go
@@ -7,10 +7,10 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
 	"github.com/TeaOSLab/EdgeAPI/internal/dnsclients/dnstypes"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeCommon/pkg/dnsconfigs"
 	"github.com/iwind/TeaGo/dbs"
 	"github.com/iwind/TeaGo/maps"
 	"github.com/iwind/TeaGo/types"
-	"regexp"
 	"strings"
 )

@@ -48,7 +48,7 @@ func (this *LocalEdgeDNSProvider) GetRecords(domain string) (records []*dnstypes
 	offset := int64(0)
 	size := int64(1000)
 	for {
-		result, err := nameservers.SharedNSRecordDAO.ListEnabledRecords(tx, domainId, "", "", 0, offset, size)
+		result, err := nameservers.SharedNSRecordDAO.ListEnabledRecords(tx, domainId, "", "", "", offset, size)
 		if err != nil {
 			return nil, err
 		}
@@ -61,17 +61,15 @@ func (this *LocalEdgeDNSProvider) GetRecords(domain string) (records []*dnstypes
 			}

 			routeIds := record.DecodeRouteIds()
-			var routeIdString = ""
-			if len(routeIds) > 0 {
-				routeIdString = fmt.Sprintf("%d", routeIds[0])
+			if len(routeIds) == 0 {
+				routeIds = []string{dnsconfigs.DefaultRouteCode}
 			}
-
 			records = append(records, &dnstypes.Record{
 				Id:    fmt.Sprintf("%d", record.Id),
 				Name:  record.Name,
 				Type:  record.Type,
 				Value: record.Value,
-				Route: routeIdString,
+				Route: routeIds[0],
 			})
 		}

@@ -92,7 +90,15 @@ func (this *LocalEdgeDNSProvider) GetRoutes(domain string) (routes []*dnstypes.R
 		return nil, errors.New("can not find domain '" + domain + "'")
 	}

-	// TODO 将来支持集群、域名、用户自定义线路
+	// 默认线路
+	for _, route := range dnsconfigs.AllDefaultRoutes {
+		routes = append(routes, &dnstypes.Route{
+			Name: route.Name,
+			Code: route.Code,
+		})
+	}
+
+	// 自定义线路
 	result, err := nameservers.SharedNSRouteDAO.FindAllEnabledRoutes(tx, 0, 0, 0)
 	if err != nil {
 		return nil, err
@@ -100,7 +106,31 @@ func (this *LocalEdgeDNSProvider) GetRoutes(domain string) (routes []*dnstypes.R
 	for _, route := range result {
 		routes = append(routes, &dnstypes.Route{
 			Name: route.Name,
-			Code: fmt.Sprintf("%d", route.Id),
+			Code: "id:" + types.String(route.Id),
+		})
+	}
+
+	// 默认ISP
+	for _, route := range dnsconfigs.AllDefaultISPRoutes {
+		routes = append(routes, &dnstypes.Route{
+			Name: route.Name,
+			Code: route.Code,
+		})
+	}
+
+	// 默认中国省份
+	for _, route := range dnsconfigs.AllDefaultChinaProvinceRoutes {
+		routes = append(routes, &dnstypes.Route{
+			Name: route.Name,
+			Code: route.Code,
+		})
+	}
+
+	// 默认全球国家/地区
+	for _, route := range dnsconfigs.AllDefaultWorldRegionRoutes {
+		routes = append(routes, &dnstypes.Route{
+			Name: route.Name,
+			Code: route.Code,
 		})
 	}

@@ -129,7 +159,9 @@ func (this *LocalEdgeDNSProvider) QueryRecord(domain string, name string, record
 	routeIds := record.DecodeRouteIds()
 	var routeIdString = ""
 	if len(routeIds) > 0 {
-		routeIdString = fmt.Sprintf("%d", routeIds[0])
+		routeIdString = routeIds[0]
+	} else {
+		routeIdString = dnsconfigs.DefaultRouteCode
 	}

 	return &dnstypes.Record{
@@ -152,12 +184,9 @@ func (this *LocalEdgeDNSProvider) AddRecord(domain string, newRecord *dnstypes.R
 		return errors.New("can not find domain '" + domain + "'")
 	}

-	var routeIds []int64
-	if len(newRecord.Route) > 0 && regexp.MustCompile(`^\d+$`).MatchString(newRecord.Route) {
-		routeId := types.Int64(newRecord.Route)
-		if routeId > 0 {
-			routeIds = append(routeIds, routeId)
-		}
+	var routeIds = []string{}
+	if len(newRecord.Route) > 0 {
+		routeIds = append(routeIds, newRecord.Route)
 	}

 	_, err = nameservers.SharedNSRecordDAO.CreateRecord(tx, domainId, "", newRecord.Name, newRecord.Type, newRecord.Value, this.ttl, routeIds)
@@ -179,12 +208,9 @@ func (this *LocalEdgeDNSProvider) UpdateRecord(domain string, record *dnstypes.R
 		return errors.New("can not find domain '" + domain + "'")
 	}

-	var routeIds []int64
-	if len(newRecord.Route) > 0 && regexp.MustCompile(`^\d+$`).MatchString(newRecord.Route) {
-		routeId := types.Int64(newRecord.Route)
-		if routeId > 0 {
-			routeIds = append(routeIds, routeId)
-		}
+	var routeIds []string
+	if len(newRecord.Route) > 0 {
+		routeIds = append(routeIds, newRecord.Route)
 	}

 	if len(record.Id) > 0 {
@@ -242,5 +268,5 @@ func (this *LocalEdgeDNSProvider) DeleteRecord(domain string, record *dnstypes.R

 // DefaultRoute 默认线路
 func (this *LocalEdgeDNSProvider) DefaultRoute() string {
-	return ""
+	return "default"
 }
--- a/internal/dnsclients/provider_local_edge_dns_test.go
+++ b/internal/dnsclients/provider_local_edge_dns_test.go
@@ -1,8 +1,9 @@
 // Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.

-package dnsclients
+package dnsclients_test

 import (
+	"github.com/TeaOSLab/EdgeAPI/internal/dnsclients"
 	"github.com/TeaOSLab/EdgeAPI/internal/dnsclients/dnstypes"
 	"github.com/iwind/TeaGo/dbs"
 	"github.com/iwind/TeaGo/logs"
@@ -10,12 +11,14 @@ import (
 	"testing"
 )

+const testClusterId = 7
+
 func TestLocalEdgeDNSProvider_GetRecords(t *testing.T) {
 	dbs.NotifyReady()

-	provider := &LocalEdgeDNSProvider{}
+	provider := &dnsclients.LocalEdgeDNSProvider{}
 	err := provider.Auth(maps.Map{
-		"clusterId": 1,
+		"clusterId": testClusterId,
 	})
 	if err != nil {
 		t.Fatal(err)
@@ -31,9 +34,9 @@ func TestLocalEdgeDNSProvider_GetRecords(t *testing.T) {
 func TestLocalEdgeDNSProvider_GetRoutes(t *testing.T) {
 	dbs.NotifyReady()

-	provider := &LocalEdgeDNSProvider{}
+	provider := &dnsclients.LocalEdgeDNSProvider{}
 	err := provider.Auth(maps.Map{
-		"clusterId": 1,
+		"clusterId": testClusterId,
 	})
 	if err != nil {
 		t.Fatal(err)
@@ -49,9 +52,9 @@ func TestLocalEdgeDNSProvider_GetRoutes(t *testing.T) {
 func TestLocalEdgeDNSProvider_QueryRecord(t *testing.T) {
 	dbs.NotifyReady()

-	provider := &LocalEdgeDNSProvider{}
+	provider := &dnsclients.LocalEdgeDNSProvider{}
 	err := provider.Auth(maps.Map{
-		"clusterId": 1,
+		"clusterId": testClusterId,
 	})
 	if err != nil {
 		t.Fatal(err)
@@ -66,9 +69,9 @@ func TestLocalEdgeDNSProvider_QueryRecord(t *testing.T) {
 func TestLocalEdgeDNSProvider_AddRecord(t *testing.T) {
 	dbs.NotifyReady()

-	provider := &LocalEdgeDNSProvider{}
+	provider := &dnsclients.LocalEdgeDNSProvider{}
 	err := provider.Auth(maps.Map{
-		"clusterId": 1,
+		"clusterId": testClusterId,
 	})
 	if err != nil {
 		t.Fatal(err)
@@ -79,7 +82,7 @@ func TestLocalEdgeDNSProvider_AddRecord(t *testing.T) {
 		Name:  "example",
 		Type:  dnstypes.RecordTypeA,
 		Value: "10.0.0.1",
-		Route: "7",
+		Route: "id:7",
 	})
 	if err != nil {
 		t.Fatal(err)
@@ -90,9 +93,9 @@ func TestLocalEdgeDNSProvider_AddRecord(t *testing.T) {
 func TestLocalEdgeDNSProvider_UpdateRecord(t *testing.T) {
 	dbs.NotifyReady()

-	provider := &LocalEdgeDNSProvider{}
+	provider := &dnsclients.LocalEdgeDNSProvider{}
 	err := provider.Auth(maps.Map{
-		"clusterId": 1,
+		"clusterId": testClusterId,
 	})
 	if err != nil {
 		t.Fatal(err)
@@ -124,9 +127,9 @@ func TestLocalEdgeDNSProvider_UpdateRecord(t *testing.T) {
 func TestLocalEdgeDNSProvider_DeleteRecord(t *testing.T) {
 	dbs.NotifyReady()

-	provider := &LocalEdgeDNSProvider{}
+	provider := &dnsclients.LocalEdgeDNSProvider{}
 	err := provider.Auth(maps.Map{
-		"clusterId": 1,
+		"clusterId": testClusterId,
 	})
 	if err != nil {
 		t.Fatal(err)
@@ -148,9 +151,9 @@ func TestLocalEdgeDNSProvider_DeleteRecord(t *testing.T) {
 func TestLocalEdgeDNSProvider_DefaultRoute(t *testing.T) {
 	dbs.NotifyReady()

-	provider := &LocalEdgeDNSProvider{}
+	provider := &dnsclients.LocalEdgeDNSProvider{}
 	err := provider.Auth(maps.Map{
-		"clusterId": 1,
+		"clusterId": testClusterId,
 	})
 	if err != nil {
 		t.Fatal(err)
--- a/internal/dnsclients/types.go
+++ b/internal/dnsclients/types.go
@@ -11,6 +11,7 @@ type ProviderType = string
 const (
 	ProviderTypeDNSPod       ProviderType = "dnspod"       // DNSPod
 	ProviderTypeAliDNS       ProviderType = "alidns"       // 阿里云DNS
+	ProviderTypeHuaweiDNS    ProviderType = "huaweiDNS"    // 华为DNS
 	ProviderTypeDNSCom       ProviderType = "dnscom"       // dns.com
 	ProviderTypeCloudFlare   ProviderType = "cloudFlare"   // CloudFlare DNS
 	ProviderTypeLocalEdgeDNS ProviderType = "localEdgeDNS" // 和当前系统集成的EdgeDNS
@@ -31,6 +32,11 @@ func FindAllProviderTypes() []maps.Map {
 			"code":        ProviderTypeDNSPod,
 			"description": "DNSPod提供的DNS服务。",
 		},
+		{
+			"name":        "华为云DNS",
+			"code":        ProviderTypeHuaweiDNS,
+			"description": "华为云解析DNS。",
+		},
 		/**{
 			"name": "帝恩思DNS.COM",
 			"code": ProviderTypeDNSCom,
@@ -74,6 +80,8 @@ func FindProvider(providerType ProviderType) ProviderInterface {
 		return &DNSPodProvider{}
 	case ProviderTypeAliDNS:
 		return &AliDNSProvider{}
+	case ProviderTypeHuaweiDNS:
+		return &HuaweiDNSProvider{}
 	case ProviderTypeCloudFlare:
 		return &CloudFlareProvider{}
 	case ProviderTypeLocalEdgeDNS:
--- a/internal/installers/installer_base.go
+++ b/internal/installers/installer_base.go
@@ -3,6 +3,7 @@ package installers
 import (
 	"errors"
 	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/iwind/TeaGo/Tea"
 	stringutil "github.com/iwind/TeaGo/utils/string"
 	"golang.org/x/crypto/ssh"
@@ -133,7 +134,7 @@ func (this *BaseInstaller) LookupLatestInstaller(filePrefix string) (string, err
 }

 // InstallHelper 上传安装助手
-func (this *BaseInstaller) InstallHelper(targetDir string) (env *Env, err error) {
+func (this *BaseInstaller) InstallHelper(targetDir string, role nodeconfigs.NodeRole) (env *Env, err error) {
 	uname, _, err := this.client.Exec("uname -a")
 	if err != nil {
 		return env, err
@@ -165,6 +166,10 @@ func (this *BaseInstaller) InstallHelper(targetDir string) (env *Env, err error)
 	}

 	exeName := "edge-installer-helper-" + osName + "-" + archName
+	switch role {
+	case nodeconfigs.NodeRoleDNS:
+		exeName = "edge-installer-dns-helper-" + osName + "-" + archName
+	}
 	exePath := Tea.Root + "/installers/" + exeName

 	err = this.client.Copy(exePath, targetDir+"/"+exeName, 0777)
--- a/internal/installers/installer_node.go
+++ b/internal/installers/installer_node.go
@@ -4,6 +4,7 @@ import (
 	"bytes"
 	"errors"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"path/filepath"
 	"regexp"
 )
@@ -36,7 +37,7 @@ func (this *NodeInstaller) Install(dir string, params interface{}, installStatus
 	}

 	// 安装助手
-	env, err := this.InstallHelper(dir)
+	env, err := this.InstallHelper(dir, nodeconfigs.NodeRoleNode)
 	if err != nil {
 		installStatus.ErrorCode = "INSTALL_HELPER_FAILED"
 		return err
@@ -95,12 +96,11 @@ func (this *NodeInstaller) Install(dir string, params interface{}, installStatus

 	// 修改配置文件
 	{
-		templateFile := dir + "/edge-node/configs/api.template.yaml"
 		configFile := dir + "/edge-node/configs/api.yaml"
-		data, err := this.client.ReadFile(templateFile)
-		if err != nil {
-			return err
-		}
+		var data = []byte(`rpc:
+  endpoints: [ ${endpoints} ]
+nodeId: "${nodeId}"
+secret: "${nodeSecret}"`)

 		data = bytes.ReplaceAll(data, []byte("${endpoints}"), []byte(nodeParams.QuoteEndpoints()))
 		data = bytes.ReplaceAll(data, []byte("${nodeId}"), []byte(nodeParams.NodeId))
--- a/internal/installers/installer_node_test.go
+++ b/internal/installers/installer_node_test.go
@@ -28,7 +28,7 @@ func TestNodeInstaller_Install(t *testing.T) {

 	// 安装
 	err = installer.Install("/opt/edge", &NodeParams{
-		Endpoints: []string{"192.168.2.40:8003"},
+		Endpoints: []string{"http://192.168.2.40:8003"},
 		NodeId:    "313fdb1b90d0a63c736f307b4d1ca358",
 		Secret:    "Pl3u5kYqBDZddp7raw6QfHiuGPRCWF54",
 	}, &models.NodeInstallStatus{})
--- a/internal/installers/installer_ns_node.go
+++ b/internal/installers/installer_ns_node.go
@@ -0,0 +1,140 @@
+package installers
+
+import (
+	"bytes"
+	"errors"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
+	"path/filepath"
+	"regexp"
+)
+
+type NSNodeInstaller struct {
+	BaseInstaller
+}
+
+func (this *NSNodeInstaller) Install(dir string, params interface{}, installStatus *models.NodeInstallStatus) error {
+	if params == nil {
+		return errors.New("'params' required for node installation")
+	}
+	nodeParams, ok := params.(*NodeParams)
+	if !ok {
+		return errors.New("'params' should be *NodeParams")
+	}
+	err := nodeParams.Validate()
+	if err != nil {
+		return errors.New("params validation: " + err.Error())
+	}
+
+	// 检查目标目录是否存在
+	_, err = this.client.Stat(dir)
+	if err != nil {
+		err = this.client.MkdirAll(dir)
+		if err != nil {
+			installStatus.ErrorCode = "CREATE_ROOT_DIRECTORY_FAILED"
+			return errors.New("create directory  '" + dir + "' failed: " + err.Error())
+		}
+	}
+
+	// 安装助手
+	env, err := this.InstallHelper(dir, nodeconfigs.NodeRoleDNS)
+	if err != nil {
+		installStatus.ErrorCode = "INSTALL_HELPER_FAILED"
+		return err
+	}
+
+	// 上传安装文件
+	filePrefix := "edge-dns-" + env.OS + "-" + env.Arch
+	zipFile, err := this.LookupLatestInstaller(filePrefix)
+	if err != nil {
+		return err
+	}
+	if len(zipFile) == 0 {
+		return errors.New("can not find installer file for " + env.OS + "/" + env.Arch)
+	}
+	targetZip := dir + "/" + filepath.Base(zipFile)
+	err = this.client.Copy(zipFile, targetZip, 0777)
+	if err != nil {
+		return err
+	}
+
+	// 测试运行环境
+	// 升级的节点暂时不列入测试
+	if !nodeParams.IsUpgrading {
+		_, stderr, err := this.client.Exec(dir + "/" + env.HelperName + " -cmd=test")
+		if err != nil {
+			return errors.New("test failed: " + err.Error())
+		}
+		if len(stderr) > 0 {
+			return errors.New("test failed: " + stderr)
+		}
+	}
+
+	// 如果是升级则优雅停止先前的进程
+	exePath := dir + "/edge-dns/bin/edge-dns"
+	if nodeParams.IsUpgrading {
+		_, err = this.client.Stat(exePath)
+		if err == nil {
+			_, _, _ = this.client.Exec(exePath + " stop")
+		}
+
+		// 删除可执行文件防止冲突
+		err = this.client.Remove(exePath)
+		if err != nil {
+			return errors.New("remove old file failed: " + err.Error())
+		}
+	}
+
+	// 解压
+	_, stderr, err := this.client.Exec(dir + "/" + env.HelperName + " -cmd=unzip -zip=\"" + targetZip + "\" -target=\"" + dir + "\"")
+	if err != nil {
+		return err
+	}
+	if len(stderr) > 0 {
+		return errors.New("unzip installer failed: " + stderr)
+	}
+
+	// 修改配置文件
+	{
+		configFile := dir + "/edge-dns/configs/api.yaml"
+		var data = []byte(`rpc:
+  endpoints: [ ${endpoints} ]
+nodeId: "${nodeId}"
+secret: "${nodeSecret}"`)
+
+		data = bytes.ReplaceAll(data, []byte("${endpoints}"), []byte(nodeParams.QuoteEndpoints()))
+		data = bytes.ReplaceAll(data, []byte("${nodeId}"), []byte(nodeParams.NodeId))
+		data = bytes.ReplaceAll(data, []byte("${nodeSecret}"), []byte(nodeParams.Secret))
+
+		_, err = this.client.WriteFile(configFile, data)
+		if err != nil {
+			return errors.New("write 'configs/api.yaml': " + err.Error())
+		}
+	}
+
+	// 测试
+	_, stderr, err = this.client.Exec(dir + "/edge-dns/bin/edge-dns test")
+	if err != nil {
+		installStatus.ErrorCode = "TEST_FAILED"
+		return errors.New("test edge node failed: " + err.Error())
+	}
+	if len(stderr) > 0 {
+		if regexp.MustCompile(`(?i)rpc`).MatchString(stderr) {
+			installStatus.ErrorCode = "RPC_TEST_FAILED"
+		}
+
+		return errors.New("test edge dns node failed: " + stderr)
+	}
+
+	// 启动
+	_, stderr, err = this.client.Exec(dir + "/edge-dns/bin/edge-dns start")
+	if err != nil {
+		return errors.New("start edge dns failed: " + err.Error())
+	}
+
+	if len(stderr) > 0 {
+		return errors.New("start edge dns failed: " + stderr)
+	}
+
+	return nil
+}
--- a/internal/installers/installer_ns_node_test.go
+++ b/internal/installers/installer_ns_node_test.go
@@ -0,0 +1,39 @@
+package installers
+
+import (
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"testing"
+)
+
+func TestDNSNodeInstaller_Install(t *testing.T) {
+	var installer InstallerInterface = &DNSNodeInstaller{}
+	err := installer.Login(&Credentials{
+		Host:       "192.168.2.30",
+		Port:       22,
+		Username:   "root",
+		Password:   "123456",
+		PrivateKey: "",
+		Method:     "user",
+	})
+	if err != nil {
+		t.Fatal(err)
+	}
+
+	// 关闭连接
+	defer func() {
+		err := installer.Close()
+		if err != nil {
+			t.Fatal(err)
+		}
+	}()
+
+	// 安装
+	err = installer.Install("/opt/edge", &NodeParams{
+		Endpoints: []string{"http://192.168.2.40:8003"},
+		NodeId:    "b3f0690c793db5daaa666e89bd7b2301",
+		Secret:    "H6nbSzjN3tLYi0ecdtUeDpQdZZPjKL7S",
+	}, &models.NodeInstallStatus{})
+	if err != nil {
+		t.Fatal(err)
+	}
+}
--- a/internal/installers/queue_node.go
+++ b/internal/installers/queue_node.go
@@ -6,25 +6,26 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils"
 	"github.com/TeaOSLab/EdgeAPI/internal/utils/numberutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/iwind/TeaGo/logs"
 	"time"
 )

-var sharedQueue = NewQueue()
+var sharedNodeQueue = NewNodeQueue()

-type Queue struct {
+type NodeQueue struct {
 }

-func NewQueue() *Queue {
-	return &Queue{}
+func NewNodeQueue() *NodeQueue {
+	return &NodeQueue{}
 }

-func SharedQueue() *Queue {
-	return sharedQueue
+func SharedNodeQueue() *NodeQueue {
+	return sharedNodeQueue
 }

-// 安装边缘节点流程控制
-func (this *Queue) InstallNodeProcess(nodeId int64, isUpgrading bool) error {
+// InstallNodeProcess 安装边缘节点流程控制
+func (this *NodeQueue) InstallNodeProcess(nodeId int64, isUpgrading bool) error {
 	installStatus := models.NewNodeInstallStatus()
 	installStatus.IsRunning = true
 	installStatus.UpdatedAt = time.Now().Unix()
@@ -77,8 +78,8 @@ func (this *Queue) InstallNodeProcess(nodeId int64, isUpgrading bool) error {
 	return nil
 }

-// 安装边缘节点
-func (this *Queue) InstallNode(nodeId int64, installStatus *models.NodeInstallStatus, isUpgrading bool) error {
+// InstallNode 安装边缘节点
+func (this *NodeQueue) InstallNode(nodeId int64, installStatus *models.NodeInstallStatus, isUpgrading bool) error {
 	node, err := models.SharedNodeDAO.FindEnabledNode(nil, nodeId)
 	if err != nil {
 		return err
@@ -88,7 +89,7 @@ func (this *Queue) InstallNode(nodeId int64, installStatus *models.NodeInstallSt
 	}

 	// 登录信息
-	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeId)
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeconfigs.NodeRoleNode, nodeId)
 	if err != nil {
 		return err
 	}
@@ -198,8 +199,8 @@ func (this *Queue) InstallNode(nodeId int64, installStatus *models.NodeInstallSt
 	return err
 }

-// 启动边缘节点
-func (this *Queue) StartNode(nodeId int64) error {
+// StartNode 启动边缘节点
+func (this *NodeQueue) StartNode(nodeId int64) error {
 	node, err := models.SharedNodeDAO.FindEnabledNode(nil, nodeId)
 	if err != nil {
 		return err
@@ -209,7 +210,7 @@ func (this *Queue) StartNode(nodeId int64) error {
 	}

 	// 登录信息
-	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeId)
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeconfigs.NodeRoleNode, nodeId)
 	if err != nil {
 		return err
 	}
@@ -303,8 +304,8 @@ func (this *Queue) StartNode(nodeId int64) error {
 	return nil
 }

-// 停止节点
-func (this *Queue) StopNode(nodeId int64) error {
+// StopNode 停止节点
+func (this *NodeQueue) StopNode(nodeId int64) error {
 	node, err := models.SharedNodeDAO.FindEnabledNode(nil, nodeId)
 	if err != nil {
 		return err
@@ -314,7 +315,7 @@ func (this *Queue) StopNode(nodeId int64) error {
 	}

 	// 登录信息
-	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeId)
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeconfigs.NodeRoleNode, nodeId)
 	if err != nil {
 		return err
 	}
--- a/internal/installers/queue_node_test.go
+++ b/internal/installers/queue_node_test.go
--- a/internal/installers/queue_ns_node.go
+++ b/internal/installers/queue_ns_node.go
@@ -0,0 +1,410 @@
+package installers
+
+import (
+	"errors"
+	"fmt"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"github.com/TeaOSLab/EdgeAPI/internal/utils"
+	"github.com/TeaOSLab/EdgeAPI/internal/utils/numberutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
+	"github.com/iwind/TeaGo/logs"
+	"time"
+)
+
+var sharedNSNodeQueue = NewNSNodeQueue()
+
+type NSNodeQueue struct {
+}
+
+func NewNSNodeQueue() *NSNodeQueue {
+	return &NSNodeQueue{}
+}
+
+func SharedNSNodeQueue() *NSNodeQueue {
+	return sharedNSNodeQueue
+}
+
+// InstallNodeProcess 安装边缘节点流程控制
+func (this *NSNodeQueue) InstallNodeProcess(nodeId int64, isUpgrading bool) error {
+	installStatus := models.NewNodeInstallStatus()
+	installStatus.IsRunning = true
+	installStatus.UpdatedAt = time.Now().Unix()
+
+	err := models.SharedNSNodeDAO.UpdateNodeInstallStatus(nil, nodeId, installStatus)
+	if err != nil {
+		return err
+	}
+
+	// 更新时间
+	ticker := utils.NewTicker(3 * time.Second)
+	go func() {
+		for ticker.Wait() {
+			installStatus.UpdatedAt = time.Now().Unix()
+			err := models.SharedNSNodeDAO.UpdateNodeInstallStatus(nil, nodeId, installStatus)
+			if err != nil {
+				logs.Println("[INSTALL]" + err.Error())
+				continue
+			}
+		}
+	}()
+	defer func() {
+		ticker.Stop()
+	}()
+
+	// 开始安装
+	err = this.InstallNode(nodeId, installStatus, isUpgrading)
+
+	// 安装结束
+	installStatus.IsRunning = false
+	installStatus.IsFinished = true
+	if err != nil {
+		installStatus.Error = err.Error()
+	} else {
+		installStatus.IsOk = true
+	}
+	err = models.SharedNSNodeDAO.UpdateNodeInstallStatus(nil, nodeId, installStatus)
+	if err != nil {
+		return err
+	}
+
+	// 修改为已安装
+	if installStatus.IsOk {
+		err = models.SharedNSNodeDAO.UpdateNodeIsInstalled(nil, nodeId, true)
+		if err != nil {
+			return err
+		}
+	}
+
+	return nil
+}
+
+// InstallNode 安装边缘节点
+func (this *NSNodeQueue) InstallNode(nodeId int64, installStatus *models.NodeInstallStatus, isUpgrading bool) error {
+	node, err := models.SharedNSNodeDAO.FindEnabledNSNode(nil, nodeId)
+	if err != nil {
+		return err
+	}
+	if node == nil {
+		return errors.New("can not find node, ID：'" + numberutils.FormatInt64(nodeId) + "'")
+	}
+
+	// 登录信息
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeconfigs.NodeRoleDNS, nodeId)
+	if err != nil {
+		return err
+	}
+	if login == nil {
+		installStatus.ErrorCode = "EMPTY_LOGIN"
+		return errors.New("can not find node login information")
+	}
+	loginParams, err := login.DecodeSSHParams()
+	if err != nil {
+		return err
+	}
+
+	if len(loginParams.Host) == 0 {
+		installStatus.ErrorCode = "EMPTY_SSH_HOST"
+		return errors.New("ssh host should not be empty")
+	}
+
+	if loginParams.Port <= 0 {
+		installStatus.ErrorCode = "EMPTY_SSH_PORT"
+		return errors.New("ssh port is invalid")
+	}
+
+	if loginParams.GrantId == 0 {
+		// 从集群中读取
+		grantId, err := models.SharedNSClusterDAO.FindClusterGrantId(nil, int64(node.ClusterId))
+		if err != nil {
+			return err
+		}
+		if grantId == 0 {
+			installStatus.ErrorCode = "EMPTY_GRANT"
+			return errors.New("can not find node grant")
+		}
+		loginParams.GrantId = grantId
+	}
+	grant, err := models.SharedNodeGrantDAO.FindEnabledNodeGrant(nil, loginParams.GrantId)
+	if err != nil {
+		return err
+	}
+	if grant == nil {
+		installStatus.ErrorCode = "EMPTY_GRANT"
+		return errors.New("can not find user grant with id '" + numberutils.FormatInt64(loginParams.GrantId) + "'")
+	}
+
+	// 安装目录
+	installDir := node.InstallDir
+	if len(installDir) == 0 {
+		clusterId := node.ClusterId
+		cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(nil, int64(clusterId))
+		if err != nil {
+			return err
+		}
+		if cluster == nil {
+			return errors.New("can not find cluster, ID：'" + fmt.Sprintf("%d", clusterId) + "'")
+		}
+		installDir = cluster.InstallDir
+		if len(installDir) == 0 {
+			// 默认是 $登录用户/edge-dns
+			installDir = "/" + grant.Username + "/edge-dns"
+		}
+	}
+
+	// API终端
+	apiNodes, err := models.SharedAPINodeDAO.FindAllEnabledAndOnAPINodes(nil)
+	if err != nil {
+		return err
+	}
+	if len(apiNodes) == 0 {
+		return errors.New("no available api nodes")
+	}
+
+	apiEndpoints := []string{}
+	for _, apiNode := range apiNodes {
+		addrConfigs, err := apiNode.DecodeAccessAddrs()
+		if err != nil {
+			return errors.New("decode api node access addresses failed: " + err.Error())
+		}
+		for _, addrConfig := range addrConfigs {
+			apiEndpoints = append(apiEndpoints, addrConfig.FullAddresses()...)
+		}
+	}
+
+	params := &NodeParams{
+		Endpoints:   apiEndpoints,
+		NodeId:      node.UniqueId,
+		Secret:      node.Secret,
+		IsUpgrading: isUpgrading,
+	}
+
+	installer := &NSNodeInstaller{}
+	err = installer.Login(&Credentials{
+		Host:       loginParams.Host,
+		Port:       loginParams.Port,
+		Username:   grant.Username,
+		Password:   grant.Password,
+		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
+	})
+	if err != nil {
+		installStatus.ErrorCode = "SSH_LOGIN_FAILED"
+		return err
+	}
+	defer func() {
+		_ = installer.Close()
+	}()
+
+	err = installer.Install(installDir, params, installStatus)
+	return err
+}
+
+// StartNode 启动边缘节点
+func (this *NSNodeQueue) StartNode(nodeId int64) error {
+	node, err := models.SharedNSNodeDAO.FindEnabledNSNode(nil, nodeId)
+	if err != nil {
+		return err
+	}
+	if node == nil {
+		return errors.New("can not find node, ID：'" + numberutils.FormatInt64(nodeId) + "'")
+	}
+
+	// 登录信息
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeconfigs.NodeRoleDNS, nodeId)
+	if err != nil {
+		return err
+	}
+	if login == nil {
+		return errors.New("can not find node login information")
+	}
+	loginParams, err := login.DecodeSSHParams()
+	if err != nil {
+		return err
+	}
+
+	if len(loginParams.Host) == 0 {
+		return errors.New("ssh host should not be empty")
+	}
+
+	if loginParams.Port <= 0 {
+		return errors.New("ssh port is invalid")
+	}
+
+	if loginParams.GrantId == 0 {
+		// 从集群中读取
+		grantId, err := models.SharedNSClusterDAO.FindClusterGrantId(nil, int64(node.ClusterId))
+		if err != nil {
+			return err
+		}
+		if grantId == 0 {
+			return errors.New("can not find node grant")
+		}
+		loginParams.GrantId = grantId
+	}
+	grant, err := models.SharedNodeGrantDAO.FindEnabledNodeGrant(nil, loginParams.GrantId)
+	if err != nil {
+		return err
+	}
+	if grant == nil {
+		return errors.New("can not find user grant with id '" + numberutils.FormatInt64(loginParams.GrantId) + "'")
+	}
+
+	// 安装目录
+	installDir := node.InstallDir
+	if len(installDir) == 0 {
+		clusterId := node.ClusterId
+		cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(nil, int64(clusterId))
+		if err != nil {
+			return err
+		}
+		if cluster == nil {
+			return errors.New("can not find cluster, ID：'" + fmt.Sprintf("%d", clusterId) + "'")
+		}
+		installDir = cluster.InstallDir
+		if len(installDir) == 0 {
+			// 默认是 $登录用户/edge-dns
+			installDir = "/" + grant.Username + "/edge-dns"
+		}
+	}
+
+	installer := &NSNodeInstaller{}
+	err = installer.Login(&Credentials{
+		Host:       loginParams.Host,
+		Port:       loginParams.Port,
+		Username:   grant.Username,
+		Password:   grant.Password,
+		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
+	})
+	if err != nil {
+		return err
+	}
+	defer func() {
+		_ = installer.Close()
+	}()
+
+	// 检查命令是否存在
+	exeFile := installDir + "/edge-dns/bin/edge-dns"
+	_, err = installer.client.Stat(exeFile)
+	if err != nil {
+		return errors.New("edge node is not installed correctly, can not find executable file: " + exeFile)
+	}
+
+	// 我们先尝试Systemd启动
+	_, _, _ = installer.client.Exec("systemctl start edge-dns")
+
+	_, stderr, err := installer.client.Exec(exeFile + " start")
+	if err != nil {
+		return errors.New("start failed: " + err.Error())
+	}
+	if len(stderr) > 0 {
+		return errors.New("start failed: " + stderr)
+	}
+
+	return nil
+}
+
+// StopNode 停止节点
+func (this *NSNodeQueue) StopNode(nodeId int64) error {
+	node, err := models.SharedNSNodeDAO.FindEnabledNSNode(nil, nodeId)
+	if err != nil {
+		return err
+	}
+	if node == nil {
+		return errors.New("can not find node, ID：'" + numberutils.FormatInt64(nodeId) + "'")
+	}
+
+	// 登录信息
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(nil, nodeconfigs.NodeRoleDNS, nodeId)
+	if err != nil {
+		return err
+	}
+	if login == nil {
+		return errors.New("can not find node login information")
+	}
+	loginParams, err := login.DecodeSSHParams()
+	if err != nil {
+		return err
+	}
+
+	if len(loginParams.Host) == 0 {
+		return errors.New("ssh host should not be empty")
+	}
+
+	if loginParams.Port <= 0 {
+		return errors.New("ssh port is invalid")
+	}
+
+	if loginParams.GrantId == 0 {
+		// 从集群中读取
+		grantId, err := models.SharedNSClusterDAO.FindClusterGrantId(nil, int64(node.ClusterId))
+		if err != nil {
+			return err
+		}
+		if grantId == 0 {
+			return errors.New("can not find node grant")
+		}
+		loginParams.GrantId = grantId
+	}
+	grant, err := models.SharedNodeGrantDAO.FindEnabledNodeGrant(nil, loginParams.GrantId)
+	if err != nil {
+		return err
+	}
+	if grant == nil {
+		return errors.New("can not find user grant with id '" + numberutils.FormatInt64(loginParams.GrantId) + "'")
+	}
+
+	// 安装目录
+	installDir := node.InstallDir
+	if len(installDir) == 0 {
+		clusterId := node.ClusterId
+		cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(nil, int64(clusterId))
+		if err != nil {
+			return err
+		}
+		if cluster == nil {
+			return errors.New("can not find cluster, ID：'" + fmt.Sprintf("%d", clusterId) + "'")
+		}
+		installDir = cluster.InstallDir
+		if len(installDir) == 0 {
+			// 默认是 $登录用户/edge-dns
+			installDir = "/" + grant.Username + "/edge-dns"
+		}
+	}
+
+	installer := &NSNodeInstaller{}
+	err = installer.Login(&Credentials{
+		Host:       loginParams.Host,
+		Port:       loginParams.Port,
+		Username:   grant.Username,
+		Password:   grant.Password,
+		PrivateKey: grant.PrivateKey,
+		Method:     grant.Method,
+	})
+	if err != nil {
+		return err
+	}
+	defer func() {
+		_ = installer.Close()
+	}()
+
+	// 检查命令是否存在
+	exeFile := installDir + "/edge-dns/bin/edge-dns"
+	_, err = installer.client.Stat(exeFile)
+	if err != nil {
+		return errors.New("edge node is not installed correctly, can not find executable file: " + exeFile)
+	}
+
+	// 我们先尝试Systemd停止
+	_, _, _ = installer.client.Exec("systemctl stop edge-dns")
+
+	_, stderr, err := installer.client.Exec(exeFile + " stop")
+	if err != nil {
+		return errors.New("stop failed: " + err.Error())
+	}
+	if len(stderr) > 0 {
+		return errors.New("stop failed: " + stderr)
+	}
+
+	return nil
+}
--- a/internal/iplibrary/result.go
+++ b/internal/iplibrary/result.go
@@ -22,7 +22,7 @@ func (this *Result) Summary() string {
 	if len(this.Province) > 0 && !lists.ContainsString(pieces, this.Province) {
 		pieces = append(pieces, this.Province)
 	}
-	if len(this.City) > 0 && !lists.ContainsString(pieces, this.City) && !lists.ContainsString(pieces, strings.TrimSuffix(this.Province, "市")) {
+	if len(this.City) > 0 && !lists.ContainsString(pieces, this.City) && !lists.ContainsString(pieces, strings.TrimSuffix(this.City, "市")) {
 		pieces = append(pieces, this.City)
 	}
 	return strings.Join(pieces, " ")
--- a/internal/nodes/api_node.go
+++ b/internal/nodes/api_node.go
@@ -274,7 +274,7 @@ func (this *APINode) autoUpgrade() error {

 	// 不使用remotelog()，因为此时还没有启动完成
 	logs.Println("[API_NODE]upgrade database starting ...")
-	err = setup.NewSQLExecutor(dbConfig).Run()
+	err = setup.NewSQLExecutor(dbConfig).Run(false)
 	if err != nil {
 		return errors.New("execute sql failed: " + err.Error())
 	}
--- a/internal/nodes/api_node_services.go
+++ b/internal/nodes/api_node_services.go
@@ -158,6 +158,11 @@ func (this *APINode) registerServices(server *grpc.Server) {
 		pb.RegisterNodeLogServiceServer(server, instance)
 		this.rest(instance)
 	}
+	{
+		instance := this.serviceInstance(&services.NodeLoginService{}).(*services.NodeLoginService)
+		pb.RegisterNodeLoginServiceServer(server, instance)
+		this.rest(instance)
+	}
 	{
 		instance := this.serviceInstance(&services.HTTPAccessLogService{}).(*services.HTTPAccessLogService)
 		pb.RegisterHTTPAccessLogServiceServer(server, instance)
@@ -453,6 +458,11 @@ func (this *APINode) registerServices(server *grpc.Server) {
 		pb.RegisterNSRecordHourlyStatServiceServer(server, instance)
 		this.rest(instance)
 	}
+	{
+		instance := this.serviceInstance(&nameservers.NSQuestionOptionService{}).(*nameservers.NSQuestionOptionService)
+		pb.RegisterNSQuestionOptionServiceServer(server, instance)
+		this.rest(instance)
+	}
 	{
 		instance := this.serviceInstance(&nameservers.NSService{}).(*nameservers.NSService)
 		pb.RegisterNSServiceServer(server, instance)
--- a/internal/rpc/services/nameservers/service_ns.go
+++ b/internal/rpc/services/nameservers/service_ns.go
@@ -45,21 +45,21 @@ func (this *NSService) ComposeNSBoard(ctx context.Context, req *pb.ComposeNSBoar
 	result.CountNSRecords = countRecords

 	// 集群数
-	countClusters, err := nameservers.SharedNSClusterDAO.CountAllEnabledClusters(tx)
+	countClusters, err := models.SharedNSClusterDAO.CountAllEnabledClusters(tx)
 	if err != nil {
 		return nil, err
 	}
 	result.CountNSClusters = countClusters

 	// 节点数
-	countNodes, err := nameservers.SharedNSNodeDAO.CountAllEnabledNodes(tx)
+	countNodes, err := models.SharedNSNodeDAO.CountAllEnabledNodes(tx)
 	if err != nil {
 		return nil, err
 	}
 	result.CountNSNodes = countNodes

 	// 离线节点数
-	countOfflineNodes, err := nameservers.SharedNSNodeDAO.CountAllOfflineNodes(tx)
+	countOfflineNodes, err := models.SharedNSNodeDAO.CountAllOfflineNodes(tx)
 	if err != nil {
 		return nil, err
 	}
@@ -122,7 +122,7 @@ func (this *NSService) ComposeNSBoard(ctx context.Context, req *pb.ComposeNSBoar
 		return nil, err
 	}
 	for _, stat := range topNodeStats {
-		nodeName, err := nameservers.SharedNSNodeDAO.FindEnabledNSNodeName(tx, int64(stat.NodeId))
+		nodeName, err := models.SharedNSNodeDAO.FindEnabledNSNodeName(tx, int64(stat.NodeId))
 		if err != nil {
 			return nil, err
 		}
--- a/internal/rpc/services/nameservers/service_ns_cluster.go
+++ b/internal/rpc/services/nameservers/service_ns_cluster.go
@@ -4,8 +4,9 @@ package nameservers

 import (
 	"context"
-	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/rpc/services"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )

@@ -21,7 +22,7 @@ func (this *NSClusterService) CreateNSCluster(ctx context.Context, req *pb.Creat
 		return nil, err
 	}
 	var tx = this.NullTx()
-	clusterId, err := nameservers.SharedNSClusterDAO.CreateCluster(tx, req.Name, req.AccessLogJSON)
+	clusterId, err := models.SharedNSClusterDAO.CreateCluster(tx, req.Name, req.AccessLogJSON)
 	if err != nil {
 		return nil, err
 	}
@@ -35,7 +36,7 @@ func (this *NSClusterService) UpdateNSCluster(ctx context.Context, req *pb.Updat
 		return nil, err
 	}
 	var tx = this.NullTx()
-	err = nameservers.SharedNSClusterDAO.UpdateCluster(tx, req.NsClusterId, req.Name, req.IsOn)
+	err = models.SharedNSClusterDAO.UpdateCluster(tx, req.NsClusterId, req.Name, req.IsOn)
 	if err != nil {
 		return nil, err
 	}
@@ -50,7 +51,7 @@ func (this *NSClusterService) FindNSClusterAccessLog(ctx context.Context, req *p
 	}

 	var tx = this.NullTx()
-	accessLogJSON, err := nameservers.SharedNSClusterDAO.FindClusterAccessLog(tx, req.NsClusterId)
+	accessLogJSON, err := models.SharedNSClusterDAO.FindClusterAccessLog(tx, req.NsClusterId)
 	if err != nil {
 		return nil, err
 	}
@@ -65,7 +66,7 @@ func (this *NSClusterService) UpdateNSClusterAccessLog(ctx context.Context, req
 	}

 	var tx = this.NullTx()
-	err = nameservers.SharedNSClusterDAO.UpdateClusterAccessLog(tx, req.NsClusterId, req.AccessLogJSON)
+	err = models.SharedNSClusterDAO.UpdateClusterAccessLog(tx, req.NsClusterId, req.AccessLogJSON)
 	if err != nil {
 		return nil, err
 	}
@@ -79,10 +80,17 @@ func (this *NSClusterService) DeleteNSCluster(ctx context.Context, req *pb.Delet
 		return nil, err
 	}
 	var tx = this.NullTx()
-	err = nameservers.SharedNSClusterDAO.DisableNSCluster(tx, req.NsClusterId)
+	err = models.SharedNSClusterDAO.DisableNSCluster(tx, req.NsClusterId)
 	if err != nil {
 		return nil, err
 	}
+
+	// 删除任务
+	err = models.SharedNodeTaskDAO.DeleteAllClusterTasks(tx, nodeconfigs.NodeRoleDNS, req.NsClusterId)
+	if err != nil {
+		return nil, err
+	}
+
 	return this.Success()
 }

@@ -93,7 +101,7 @@ func (this *NSClusterService) FindEnabledNSCluster(ctx context.Context, req *pb.
 		return nil, err
 	}
 	var tx = this.NullTx()
-	cluster, err := nameservers.SharedNSClusterDAO.FindEnabledNSCluster(tx, req.NsClusterId)
+	cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(tx, req.NsClusterId)
 	if err != nil {
 		return nil, err
 	}
@@ -115,7 +123,7 @@ func (this *NSClusterService) CountAllEnabledNSClusters(ctx context.Context, req
 		return nil, err
 	}
 	var tx = this.NullTx()
-	count, err := nameservers.SharedNSClusterDAO.CountAllEnabledClusters(tx)
+	count, err := models.SharedNSClusterDAO.CountAllEnabledClusters(tx)
 	if err != nil {
 		return nil, err
 	}
@@ -129,7 +137,7 @@ func (this *NSClusterService) ListEnabledNSClusters(ctx context.Context, req *pb
 		return nil, err
 	}
 	var tx = this.NullTx()
-	clusters, err := nameservers.SharedNSClusterDAO.ListEnabledClusters(tx, req.Offset, req.Size)
+	clusters, err := models.SharedNSClusterDAO.ListEnabledClusters(tx, req.Offset, req.Size)
 	if err != nil {
 		return nil, err
 	}
@@ -152,7 +160,7 @@ func (this *NSClusterService) FindAllEnabledNSClusters(ctx context.Context, req
 		return nil, err
 	}
 	var tx = this.NullTx()
-	clusters, err := nameservers.SharedNSClusterDAO.FindAllEnabledClusters(tx)
+	clusters, err := models.SharedNSClusterDAO.FindAllEnabledClusters(tx)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/rpc/services/nameservers/service_ns_domain.go
+++ b/internal/rpc/services/nameservers/service_ns_domain.go
@@ -78,7 +78,7 @@ func (this *NSDomainService) FindEnabledNSDomain(ctx context.Context, req *pb.Fi
 	}

 	// 集群
-	cluster, err := nameservers.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(domain.ClusterId))
+	cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(domain.ClusterId))
 	if err != nil {
 		return nil, err
 	}
@@ -150,7 +150,7 @@ func (this *NSDomainService) ListEnabledNSDomains(ctx context.Context, req *pb.L
 	pbDomains := []*pb.NSDomain{}
 	for _, domain := range domains {
 		// 集群
-		cluster, err := nameservers.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(domain.ClusterId))
+		cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(domain.ClusterId))
 		if err != nil {
 			return nil, err
 		}
--- a/internal/rpc/services/nameservers/service_ns_node.go
+++ b/internal/rpc/services/nameservers/service_ns_node.go
@@ -5,13 +5,15 @@ package nameservers
 import (
 	"context"
 	"encoding/json"
-	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeAPI/internal/installers"
 	"github.com/TeaOSLab/EdgeAPI/internal/rpc/services"
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/logs"
 	stringutil "github.com/iwind/TeaGo/utils/string"
 	"path/filepath"
 )
@@ -30,7 +32,7 @@ func (this *NSNodeService) FindAllEnabledNSNodesWithNSClusterId(ctx context.Cont

 	var tx = this.NullTx()

-	nodes, err := nameservers.SharedNSNodeDAO.FindAllEnabledNodesWithClusterId(tx, req.NsClusterId)
+	nodes, err := models.SharedNSNodeDAO.FindAllEnabledNodesWithClusterId(tx, req.NsClusterId)
 	if err != nil {
 		return nil, err
 	}
@@ -60,7 +62,7 @@ func (this *NSNodeService) CountAllEnabledNSNodes(ctx context.Context, req *pb.C
 	}

 	var tx = this.NullTx()
-	count, err := nameservers.SharedNSNodeDAO.CountAllEnabledNodes(tx)
+	count, err := models.SharedNSNodeDAO.CountAllEnabledNodes(tx)
 	if err != nil {
 		return nil, err
 	}
@@ -75,7 +77,7 @@ func (this *NSNodeService) CountAllEnabledNSNodesMatch(ctx context.Context, req
 	}

 	var tx = this.NullTx()
-	count, err := nameservers.SharedNSNodeDAO.CountAllEnabledNodesMatch(tx, req.NsClusterId, configutils.ToBoolState(req.InstallState), configutils.ToBoolState(req.ActiveState), req.Keyword)
+	count, err := models.SharedNSNodeDAO.CountAllEnabledNodesMatch(tx, req.NsClusterId, configutils.ToBoolState(req.InstallState), configutils.ToBoolState(req.ActiveState), req.Keyword)
 	if err != nil {
 		return nil, err
 	}
@@ -90,7 +92,10 @@ func (this *NSNodeService) ListEnabledNSNodesMatch(ctx context.Context, req *pb.
 	}

 	var tx = this.NullTx()
-	nodes, err := nameservers.SharedNSNodeDAO.ListAllEnabledNodesMatch(tx, req.NsClusterId, configutils.ToBoolState(req.InstallState), configutils.ToBoolState(req.ActiveState), req.Keyword, req.Offset, req.Size)
+	nodes, err := models.SharedNSNodeDAO.ListAllEnabledNodesMatch(tx, req.NsClusterId, configutils.ToBoolState(req.InstallState), configutils.ToBoolState(req.ActiveState), req.Keyword, req.Offset, req.Size)
+	if err != nil {
+		return nil, err
+	}
 	pbNodes := []*pb.NSNode{}
 	for _, node := range nodes {
 		// 安装信息
@@ -116,6 +121,7 @@ func (this *NSNodeService) ListEnabledNSNodesMatch(ctx context.Context, req *pb.
 			IsOn:          node.IsOn == 1,
 			UniqueId:      node.UniqueId,
 			Secret:        node.Secret,
+			IsActive:      node.IsActive == 1,
 			IsInstalled:   node.IsInstalled == 1,
 			InstallDir:    node.InstallDir,
 			IsUp:          node.IsUp == 1,
@@ -140,7 +146,7 @@ func (this *NSNodeService) CountAllUpgradeNSNodesWithNSClusterId(ctx context.Con
 	deployFiles := installers.SharedDeployManager.LoadNSNodeFiles()
 	total := int64(0)
 	for _, deployFile := range deployFiles {
-		count, err := nameservers.SharedNSNodeDAO.CountAllLowerVersionNodesWithClusterId(tx, req.NsClusterId, deployFile.OS, deployFile.Arch, deployFile.Version)
+		count, err := models.SharedNSNodeDAO.CountAllLowerVersionNodesWithClusterId(tx, req.NsClusterId, deployFile.OS, deployFile.Arch, deployFile.Version)
 		if err != nil {
 			return nil, err
 		}
@@ -159,11 +165,19 @@ func (this *NSNodeService) CreateNSNode(ctx context.Context, req *pb.CreateNSNod

 	tx := this.NullTx()

-	nodeId, err := nameservers.SharedNSNodeDAO.CreateNode(tx, adminId, req.Name, req.NodeClusterId)
+	nodeId, err := models.SharedNSNodeDAO.CreateNode(tx, adminId, req.Name, req.NodeClusterId)
 	if err != nil {
 		return nil, err
 	}

+	// 增加认证相关
+	if req.NodeLogin != nil {
+		_, err = models.SharedNodeLoginDAO.CreateNodeLogin(tx, nodeconfigs.NodeRoleDNS, nodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+		if err != nil {
+			return nil, err
+		}
+	}
+
 	return &pb.CreateNSNodeResponse{
 		NsNodeId: nodeId,
 	}, nil
@@ -178,7 +192,13 @@ func (this *NSNodeService) DeleteNSNode(ctx context.Context, req *pb.DeleteNSNod

 	tx := this.NullTx()

-	err = nameservers.SharedNSNodeDAO.DisableNSNode(tx, req.NsNodeId)
+	err = models.SharedNSNodeDAO.DisableNSNode(tx, req.NsNodeId)
+	if err != nil {
+		return nil, err
+	}
+
+	// 删除任务
+	err = models.SharedNodeTaskDAO.DeleteNodeTasks(tx, nodeconfigs.NodeRoleDNS, req.NsNodeId)
 	if err != nil {
 		return nil, err
 	}
@@ -195,7 +215,7 @@ func (this *NSNodeService) FindEnabledNSNode(ctx context.Context, req *pb.FindEn

 	tx := this.NullTx()

-	node, err := nameservers.SharedNSNodeDAO.FindEnabledNSNode(tx, req.NsNodeId)
+	node, err := models.SharedNSNodeDAO.FindEnabledNSNode(tx, req.NsNodeId)
 	if err != nil {
 		return nil, err
 	}
@@ -204,11 +224,26 @@ func (this *NSNodeService) FindEnabledNSNode(ctx context.Context, req *pb.FindEn
 	}

 	// 集群信息
-	clusterName, err := nameservers.SharedNSClusterDAO.FindEnabledNSClusterName(tx, int64(node.ClusterId))
+	clusterName, err := models.SharedNSClusterDAO.FindEnabledNSClusterName(tx, int64(node.ClusterId))
 	if err != nil {
 		return nil, err
 	}

+	// 认证信息
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(tx, nodeconfigs.NodeRoleDNS, req.NsNodeId)
+	if err != nil {
+		return nil, err
+	}
+	var respLogin *pb.NodeLogin = nil
+	if login != nil {
+		respLogin = &pb.NodeLogin{
+			Id:     int64(login.Id),
+			Name:   login.Name,
+			Type:   login.Type,
+			Params: []byte(login.Params),
+		}
+	}
+
 	// 安装信息
 	installStatus, err := node.DecodeInstallStatus()
 	if err != nil {
@@ -240,6 +275,8 @@ func (this *NSNodeService) FindEnabledNSNode(ctx context.Context, req *pb.FindEn
 		},
 		InstallStatus: installStatusResult,
 		IsOn:          node.IsOn == 1,
+		IsActive:      node.IsActive == 1,
+		NodeLogin:     respLogin,
 	}}, nil
 }

@@ -252,11 +289,31 @@ func (this *NSNodeService) UpdateNSNode(ctx context.Context, req *pb.UpdateNSNod

 	tx := this.NullTx()

-	err = nameservers.SharedNSNodeDAO.UpdateNode(tx, req.NsNodeId, req.Name, req.NsClusterId, req.IsOn)
+	err = models.SharedNSNodeDAO.UpdateNode(tx, req.NsNodeId, req.Name, req.NsClusterId, req.IsOn)
 	if err != nil {
 		return nil, err
 	}

+	// 登录信息
+	if req.NodeLogin == nil {
+		err = models.SharedNodeLoginDAO.DisableNodeLogins(tx, nodeconfigs.NodeRoleDNS, req.NsNodeId)
+		if err != nil {
+			return nil, err
+		}
+	} else {
+		if req.NodeLogin.Id > 0 {
+			err = models.SharedNodeLoginDAO.UpdateNodeLogin(tx, req.NodeLogin.Id, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+			if err != nil {
+				return nil, err
+			}
+		} else {
+			_, err = models.SharedNodeLoginDAO.CreateNodeLogin(tx, nodeconfigs.NodeRoleDNS, req.NsNodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+			if err != nil {
+				return nil, err
+			}
+		}
+	}
+
 	return this.Success()
 }

@@ -267,8 +324,12 @@ func (this *NSNodeService) InstallNSNode(ctx context.Context, req *pb.InstallNSN
 		return nil, err
 	}

-	// TODO 需要实现
-	return nil, errors.New("尚未实现此功能")
+	go func() {
+		err = installers.SharedNSNodeQueue().InstallNodeProcess(req.NsNodeId, false)
+		if err != nil {
+			logs.Println("[RPC]install dns node:" + err.Error())
+		}
+	}()

 	return &pb.InstallNSNodeResponse{}, nil
 }
@@ -283,7 +344,7 @@ func (this *NSNodeService) FindNSNodeInstallStatus(ctx context.Context, req *pb.

 	tx := this.NullTx()

-	installStatus, err := nameservers.SharedNSNodeDAO.FindNodeInstallStatus(tx, req.NsNodeId)
+	installStatus, err := models.SharedNSNodeDAO.FindNodeInstallStatus(tx, req.NsNodeId)
 	if err != nil {
 		return nil, err
 	}
@@ -311,7 +372,7 @@ func (this *NSNodeService) UpdateNSNodeIsInstalled(ctx context.Context, req *pb.

 	tx := this.NullTx()

-	err = nameservers.SharedNSNodeDAO.UpdateNodeIsInstalled(tx, req.NsNodeId, req.IsInstalled)
+	err = models.SharedNSNodeDAO.UpdateNodeIsInstalled(tx, req.NsNodeId, req.IsInstalled)
 	if err != nil {
 		return nil, err
 	}
@@ -337,7 +398,7 @@ func (this *NSNodeService) UpdateNSNodeStatus(ctx context.Context, req *pb.Updat

 	tx := this.NullTx()

-	err = nameservers.SharedNSNodeDAO.UpdateNodeStatus(tx, nodeId, req.StatusJSON)
+	err = models.SharedNSNodeDAO.UpdateNodeStatus(tx, nodeId, req.StatusJSON)
 	if err != nil {
 		return nil, err
 	}
@@ -353,7 +414,7 @@ func (this *NSNodeService) FindCurrentNSNodeConfig(ctx context.Context, req *pb.
 	}

 	var tx = this.NullTx()
-	config, err := nameservers.SharedNSNodeDAO.ComposeNodeConfig(tx, nodeId)
+	config, err := models.SharedNSNodeDAO.ComposeNodeConfig(tx, nodeId)
 	if err != nil {
 		return nil, err
 	}
@@ -405,6 +466,9 @@ func (this *NSNodeService) DownloadNSNodeInstallationFile(ctx context.Context, r
 	}

 	data, offset, err := file.Read(req.ChunkOffset)
+	if err != nil {
+		return nil, err
+	}

 	return &pb.DownloadNSNodeInstallationFileResponse{
 		Sum:       sum,
@@ -414,3 +478,95 @@ func (this *NSNodeService) DownloadNSNodeInstallationFile(ctx context.Context, r
 		Filename:  filepath.Base(file.Path),
 	}, nil
 }
+
+// UpdateNSNodeConnectedAPINodes 更改节点连接的API节点信息
+func (this *NSNodeService) UpdateNSNodeConnectedAPINodes(ctx context.Context, req *pb.UpdateNSNodeConnectedAPINodesRequest) (*pb.RPCSuccess, error) {
+	// 校验节点
+	_, _, nodeId, err := rpcutils.ValidateRequest(ctx, rpcutils.UserTypeDNS)
+	if err != nil {
+		return nil, err
+	}
+
+	tx := this.NullTx()
+
+	err = models.SharedNSNodeDAO.UpdateNodeConnectedAPINodes(tx, nodeId, req.ApiNodeIds)
+	if err != nil {
+		return nil, errors.Wrap(err)
+	}
+
+	return this.Success()
+}
+
+// UpdateNSNodeLogin 修改节点登录信息
+func (this *NSNodeService) UpdateNSNodeLogin(ctx context.Context, req *pb.UpdateNSNodeLoginRequest) (*pb.RPCSuccess, error) {
+	// 校验请求
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	tx := this.NullTx()
+
+	if req.NodeLogin.Id <= 0 {
+		_, err := models.SharedNodeLoginDAO.CreateNodeLogin(tx, nodeconfigs.NodeRoleDNS, req.NsNodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+		if err != nil {
+			return nil, err
+		}
+	}
+
+	err = models.SharedNodeLoginDAO.UpdateNodeLogin(tx, req.NodeLogin.Id, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+
+	return this.Success()
+}
+
+// StartNSNode 启动节点
+func (this *NSNodeService) StartNSNode(ctx context.Context, req *pb.StartNSNodeRequest) (*pb.StartNSNodeResponse, error) {
+	// 校验节点
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	err = installers.SharedNSNodeQueue().StartNode(req.NsNodeId)
+	if err != nil {
+		return &pb.StartNSNodeResponse{
+			IsOk:  false,
+			Error: err.Error(),
+		}, nil
+	}
+
+	// 修改状态
+	var tx = this.NullTx()
+	err = models.SharedNSNodeDAO.UpdateNodeActive(tx, req.NsNodeId, true)
+	if err != nil {
+		return nil, err
+	}
+
+	return &pb.StartNSNodeResponse{IsOk: true}, nil
+}
+
+// StopNSNode 停止节点
+func (this *NSNodeService) StopNSNode(ctx context.Context, req *pb.StopNSNodeRequest) (*pb.StopNSNodeResponse, error) {
+	// 校验节点
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	err = installers.SharedNSNodeQueue().StopNode(req.NsNodeId)
+	if err != nil {
+		return &pb.StopNSNodeResponse{
+			IsOk:  false,
+			Error: err.Error(),
+		}, nil
+	}
+
+	// 修改状态
+	var tx = this.NullTx()
+	err = models.SharedNSNodeDAO.UpdateNodeActive(tx, req.NsNodeId, false)
+	if err != nil {
+		return nil, err
+	}
+
+	return &pb.StopNSNodeResponse{IsOk: true}, nil
+}
--- a/internal/rpc/services/nameservers/service_ns_node_stream.go
+++ b/internal/rpc/services/nameservers/service_ns_node_stream.go
@@ -0,0 +1,331 @@
+package nameservers
+
+import (
+	"context"
+	"encoding/json"
+	"fmt"
+	"github.com/TeaOSLab/EdgeAPI/internal/configs"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"github.com/TeaOSLab/EdgeAPI/internal/errors"
+	"github.com/TeaOSLab/EdgeAPI/internal/remotelogs"
+	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/messageconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/dbs"
+	"github.com/iwind/TeaGo/logs"
+	"strconv"
+	"sync"
+	"sync/atomic"
+	"time"
+)
+
+// CommandRequest 命令请求相关
+type CommandRequest struct {
+	Id          int64
+	Code        string
+	CommandJSON []byte
+}
+
+type CommandRequestWaiting struct {
+	Timestamp int64
+	Chan      chan *pb.NSNodeStreamMessage
+}
+
+func (this *CommandRequestWaiting) Close() {
+	defer func() {
+		recover()
+	}()
+
+	close(this.Chan)
+}
+
+var responseChanMap = map[int64]*CommandRequestWaiting{} // request id => response
+var commandRequestId = int64(0)
+
+var nodeLocker = &sync.Mutex{}
+var requestChanMap = map[int64]chan *CommandRequest{} // node id => chan
+
+func NextCommandRequestId() int64 {
+	return atomic.AddInt64(&commandRequestId, 1)
+}
+func init() {
+	dbs.OnReadyDone(func() {
+		// 清理WaitingChannelMap
+		go func() {
+			ticker := time.NewTicker(30 * time.Second)
+			for range ticker.C {
+				nodeLocker.Lock()
+				for requestId, request := range responseChanMap {
+					if time.Now().Unix()-request.Timestamp > 3600 {
+						responseChanMap[requestId].Close()
+						delete(responseChanMap, requestId)
+					}
+				}
+				nodeLocker.Unlock()
+			}
+		}()
+
+		// 自动同步连接到本API节点的NS节点任务
+		go func() {
+			defer func() {
+				_ = recover()
+			}()
+
+			// TODO 未来支持同步边缘节点
+			var ticker = time.NewTicker(3 * time.Second)
+			for range ticker.C {
+				nodeIds, err := models.SharedNodeTaskDAO.FindAllDoingNodeIds(nil, nodeconfigs.NodeRoleDNS)
+				if err != nil {
+					remotelogs.Error("NSNodeService_SYNC", err.Error())
+					continue
+				}
+				nodeLocker.Lock()
+				for _, nodeId := range nodeIds {
+					c, ok := requestChanMap[nodeId]
+					if ok {
+						select {
+						case c <- &CommandRequest{
+							Id:          NextCommandRequestId(),
+							Code:        messageconfigs.NSMessageCodeNewNodeTask,
+							CommandJSON: nil,
+						}:
+						default:
+
+						}
+					}
+				}
+				nodeLocker.Unlock()
+			}
+		}()
+	})
+}
+
+// NsNodeStream 节点stream
+func (this *NSNodeService) NsNodeStream(server pb.NSNodeService_NsNodeStreamServer) error {
+	// TODO 使用此stream快速通知NS节点更新
+	// 校验节点
+	_, _, nodeId, err := rpcutils.ValidateRequest(server.Context(), rpcutils.UserTypeDNS)
+	if err != nil {
+		return err
+	}
+
+	// 返回连接成功
+	{
+		apiConfig, err := configs.SharedAPIConfig()
+		if err != nil {
+			return err
+		}
+		connectedMessage := &messageconfigs.NSConnectedAPINodeMessage{APINodeId: apiConfig.NumberId()}
+		connectedMessageJSON, err := json.Marshal(connectedMessage)
+		if err != nil {
+			return errors.Wrap(err)
+		}
+		err = server.Send(&pb.NSNodeStreamMessage{
+			Code:     messageconfigs.NSMessageCodeConnectedAPINode,
+			DataJSON: connectedMessageJSON,
+		})
+		if err != nil {
+			return err
+		}
+	}
+
+	//logs.Println("[RPC]accepted ns node '" + types.String(nodeId) + "' connection")
+
+	tx := this.NullTx()
+
+	// 标记为活跃状态
+	oldIsActive, err := models.SharedNSNodeDAO.FindNodeActive(tx, nodeId)
+	if err != nil {
+		return err
+	}
+	if !oldIsActive {
+		err = models.SharedNSNodeDAO.UpdateNodeActive(tx, nodeId, true)
+		if err != nil {
+			return err
+		}
+
+		// 发送恢复消息
+		clusterId, err := models.SharedNSNodeDAO.FindNodeClusterId(tx, nodeId)
+		if err != nil {
+			return err
+		}
+		nodeName, err := models.SharedNSNodeDAO.FindEnabledNSNodeName(tx, nodeId)
+		if err != nil {
+			return err
+		}
+		subject := "DNS节点\"" + nodeName + "\"已经恢复在线"
+		msg := "DNS节点\"" + nodeName + "\"已经恢复在线"
+		err = models.SharedMessageDAO.CreateNodeMessage(tx, nodeconfigs.NodeRoleDNS, clusterId, nodeId, models.MessageTypeNSNodeActive, models.MessageLevelSuccess, subject, msg, nil)
+		if err != nil {
+			return err
+		}
+	}
+
+	nodeLocker.Lock()
+	requestChan, ok := requestChanMap[nodeId]
+	if !ok {
+		requestChan = make(chan *CommandRequest, 1024)
+		requestChanMap[nodeId] = requestChan
+	}
+	nodeLocker.Unlock()
+
+	defer func() {
+		nodeLocker.Lock()
+		delete(requestChanMap, nodeId)
+		nodeLocker.Unlock()
+	}()
+
+	// 发送请求
+	go func() {
+		for {
+			select {
+			case <-server.Context().Done():
+				return
+			case commandRequest := <-requestChan:
+				// logs.Println("[RPC]sending command '" + commandRequest.Code + "' to node '" + strconv.FormatInt(nodeId, 10) + "'")
+				retries := 3 // 错误重试次数
+				for i := 0; i < retries; i++ {
+					err := server.Send(&pb.NSNodeStreamMessage{
+						RequestId: commandRequest.Id,
+						Code:      commandRequest.Code,
+						DataJSON:  commandRequest.CommandJSON,
+					})
+					if err != nil {
+						if i == retries-1 {
+							logs.Println("[RPC]send command '" + commandRequest.Code + "' failed: " + err.Error())
+						} else {
+							time.Sleep(1 * time.Second)
+						}
+					} else {
+						break
+					}
+				}
+			}
+		}
+	}()
+
+	// 接受请求
+	for {
+		req, err := server.Recv()
+		if err != nil {
+			// 修改节点状态
+			err1 := models.SharedNSNodeDAO.UpdateNodeActive(tx, nodeId, false)
+			if err1 != nil {
+				logs.Println(err1.Error())
+			}
+
+			return err
+		}
+
+		func(req *pb.NSNodeStreamMessage) {
+			// 因为 responseChan.Chan 有被关闭的风险，所以我们使用recover防止panic
+			defer func() {
+				recover()
+			}()
+
+			nodeLocker.Lock()
+			responseChan, ok := responseChanMap[req.RequestId]
+			if ok {
+				select {
+				case responseChan.Chan <- req:
+				default:
+
+				}
+			}
+			nodeLocker.Unlock()
+		}(req)
+	}
+}
+
+// SendCommandToNSNode 向节点发送命令
+func (this *NSNodeService) SendCommandToNSNode(ctx context.Context, req *pb.NSNodeStreamMessage) (*pb.NSNodeStreamMessage, error) {
+	// 校验请求
+	_, _, err := this.ValidateAdminAndUser(ctx, 0, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	nodeId := req.NsNodeId
+	if nodeId <= 0 {
+		return nil, errors.New("node id should not be less than 0")
+	}
+
+	nodeLocker.Lock()
+	requestChan, ok := requestChanMap[nodeId]
+	nodeLocker.Unlock()
+
+	if !ok {
+		return &pb.NSNodeStreamMessage{
+			RequestId: req.RequestId,
+			IsOk:      false,
+			Message:   "node '" + strconv.FormatInt(nodeId, 10) + "' not connected yet",
+		}, nil
+	}
+
+	req.RequestId = NextCommandRequestId()
+
+	select {
+	case requestChan <- &CommandRequest{
+		Id:          req.RequestId,
+		Code:        req.Code,
+		CommandJSON: req.DataJSON,
+	}:
+		// 加入到等待队列中
+		respChan := make(chan *pb.NSNodeStreamMessage, 1)
+		waiting := &CommandRequestWaiting{
+			Timestamp: time.Now().Unix(),
+			Chan:      respChan,
+		}
+
+		nodeLocker.Lock()
+		responseChanMap[req.RequestId] = waiting
+		nodeLocker.Unlock()
+
+		// 等待响应
+		timeoutSeconds := req.TimeoutSeconds
+		if timeoutSeconds <= 0 {
+			timeoutSeconds = 10
+		}
+		timeout := time.NewTimer(time.Duration(timeoutSeconds) * time.Second)
+		select {
+		case resp := <-respChan:
+			// 从队列中删除
+			nodeLocker.Lock()
+			delete(responseChanMap, req.RequestId)
+			waiting.Close()
+			nodeLocker.Unlock()
+
+			if resp == nil {
+				return &pb.NSNodeStreamMessage{
+					RequestId: req.RequestId,
+					Code:      req.Code,
+					Message:   "response timeout",
+					IsOk:      false,
+				}, nil
+			}
+
+			return resp, nil
+		case <-timeout.C:
+			// 从队列中删除
+			nodeLocker.Lock()
+			delete(responseChanMap, req.RequestId)
+			waiting.Close()
+			nodeLocker.Unlock()
+
+			return &pb.NSNodeStreamMessage{
+				RequestId: req.RequestId,
+				Code:      req.Code,
+				Message:   "response timeout over " + fmt.Sprintf("%d", timeoutSeconds) + " seconds",
+				IsOk:      false,
+			}, nil
+		}
+	default:
+		return &pb.NSNodeStreamMessage{
+			RequestId: req.RequestId,
+			Code:      req.Code,
+			Message:   "command queue is full over " + strconv.Itoa(len(requestChan)),
+			IsOk:      false,
+		}, nil
+	}
+}
--- a/internal/rpc/services/nameservers/service_ns_question_option.go
+++ b/internal/rpc/services/nameservers/service_ns_question_option.go
@@ -0,0 +1,77 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package nameservers
+
+import (
+	"context"
+	"encoding/json"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
+	"github.com/TeaOSLab/EdgeAPI/internal/rpc/services"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/maps"
+)
+
+// NSQuestionOptionService DNS查询选项
+type NSQuestionOptionService struct {
+	services.BaseService
+}
+
+// CreateNSQuestionOption 创建选项
+func (this *NSQuestionOptionService) CreateNSQuestionOption(ctx context.Context, req *pb.CreateNSQuestionOptionRequest) (*pb.CreateNSQuestionOptionResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	var values = maps.Map{}
+	if len(req.ValuesJSON) > 0 {
+		err = json.Unmarshal(req.ValuesJSON, &values)
+		if err != nil {
+			return nil, err
+		}
+	}
+	optionId, err := nameservers.SharedNSQuestionOptionDAO.CreateOption(tx, req.Name, values)
+	if err != nil {
+		return nil, err
+	}
+	return &pb.CreateNSQuestionOptionResponse{NsQuestionOptionId: optionId}, nil
+}
+
+// FindNSQuestionOption 读取选项
+func (this *NSQuestionOptionService) FindNSQuestionOption(ctx context.Context, req *pb.FindNSQuestionOptionRequest) (*pb.FindNSQuestionOptionResponse, error) {
+	_, err := this.ValidateNSNode(ctx)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	option, err := nameservers.SharedNSQuestionOptionDAO.FindOption(tx, req.NsQuestionOptionId)
+	if err != nil {
+		return nil, err
+	}
+	if option == nil {
+		return &pb.FindNSQuestionOptionResponse{NsQuestionOption: nil}, nil
+	}
+
+	return &pb.FindNSQuestionOptionResponse{NsQuestionOption: &pb.NSQuestionOption{
+		Id:         int64(option.Id),
+		Name:       option.Name,
+		ValuesJSON: []byte(option.Values),
+	}}, nil
+}
+
+// DeleteNSQuestionOption 删除选项
+func (this *NSQuestionOptionService) DeleteNSQuestionOption(ctx context.Context, req *pb.DeleteNSQuestionOptionRequest) (*pb.RPCSuccess, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	err = nameservers.SharedNSQuestionOptionDAO.DeleteOption(tx, req.NsQuestionOptionId)
+	if err != nil {
+		return nil, err
+	}
+	return this.Success()
+}
--- a/internal/rpc/services/nameservers/service_ns_record.go
+++ b/internal/rpc/services/nameservers/service_ns_record.go
@@ -9,6 +9,8 @@ import (
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/types"
+	"regexp"
+	"strings"
 )

 // NSRecordService 域名记录相关服务
@@ -24,7 +26,7 @@ func (this *NSRecordService) CreateNSRecord(ctx context.Context, req *pb.CreateN
 	}

 	var tx = this.NullTx()
-	recordId, err := nameservers.SharedNSRecordDAO.CreateRecord(tx, req.NsDomainId, req.Description, req.Name, req.Type, req.Value, req.Ttl, req.NsRouteIds)
+	recordId, err := nameservers.SharedNSRecordDAO.CreateRecord(tx, req.NsDomainId, req.Description, req.Name, req.Type, req.Value, req.Ttl, req.NsRouteCodes)
 	if err != nil {
 		return nil, err
 	}
@@ -39,7 +41,7 @@ func (this *NSRecordService) UpdateNSRecord(ctx context.Context, req *pb.UpdateN
 	}

 	var tx = this.NullTx()
-	err = nameservers.SharedNSRecordDAO.UpdateRecord(tx, req.NsRecordId, req.Description, req.Name, req.Type, req.Value, req.Ttl, req.NsRouteIds, req.IsOn)
+	err = nameservers.SharedNSRecordDAO.UpdateRecord(tx, req.NsRecordId, req.Description, req.Name, req.Type, req.Value, req.Ttl, req.NsRouteCodes, req.IsOn)
 	if err != nil {
 		return nil, err
 	}
@@ -69,7 +71,7 @@ func (this *NSRecordService) CountAllEnabledNSRecords(ctx context.Context, req *
 	}

 	var tx = this.NullTx()
-	count, err := nameservers.SharedNSRecordDAO.CountAllEnabledDomainRecords(tx, req.NsDomainId, req.Type, req.Keyword, req.NsRouteId)
+	count, err := nameservers.SharedNSRecordDAO.CountAllEnabledDomainRecords(tx, req.NsDomainId, req.Type, req.Keyword, req.NsRouteCode)
 	if err != nil {
 		return nil, err
 	}
@@ -84,7 +86,7 @@ func (this *NSRecordService) ListEnabledNSRecords(ctx context.Context, req *pb.L
 	}

 	var tx = this.NullTx()
-	records, err := nameservers.SharedNSRecordDAO.ListEnabledRecords(tx, req.NsDomainId, req.Type, req.Keyword, req.NsRouteId, req.Offset, req.Size)
+	records, err := nameservers.SharedNSRecordDAO.ListEnabledRecords(tx, req.NsDomainId, req.Type, req.Keyword, req.NsRouteCode, req.Offset, req.Size)
 	if err != nil {
 		return nil, err
 	}
@@ -92,8 +94,8 @@ func (this *NSRecordService) ListEnabledNSRecords(ctx context.Context, req *pb.L
 	for _, record := range records {
 		// 线路
 		var pbRoutes = []*pb.NSRoute{}
-		for _, recordId := range record.DecodeRouteIds() {
-			route, err := nameservers.SharedNSRouteDAO.FindEnabledNSRoute(tx, recordId)
+		for _, routeCode := range record.DecodeRouteIds() {
+			route, err := nameservers.SharedNSRouteDAO.FindEnabledRouteWithCode(tx, routeCode)
 			if err != nil {
 				return nil, err
 			}
@@ -103,7 +105,10 @@ func (this *NSRecordService) ListEnabledNSRecords(ctx context.Context, req *pb.L
 			pbRoutes = append(pbRoutes, &pb.NSRoute{
 				Id:   int64(route.Id),
 				Name: route.Name,
+				Code: route.Code,
 			})
+
+			// TODO 读取其他线路
 		}

 		pbRecords = append(pbRecords, &pb.NSRecord{
@@ -155,8 +160,8 @@ func (this *NSRecordService) FindEnabledNSRecord(ctx context.Context, req *pb.Fi

 	// 线路
 	var pbRoutes = []*pb.NSRoute{}
-	for _, recordId := range record.DecodeRouteIds() {
-		route, err := nameservers.SharedNSRouteDAO.FindEnabledNSRoute(tx, recordId)
+	for _, routeCode := range record.DecodeRouteIds() {
+		route, err := nameservers.SharedNSRouteDAO.FindEnabledRouteWithCode(tx, routeCode)
 		if err != nil {
 			return nil, err
 		}
@@ -166,9 +171,12 @@ func (this *NSRecordService) FindEnabledNSRecord(ctx context.Context, req *pb.Fi
 		pbRoutes = append(pbRoutes, &pb.NSRoute{
 			Id:   int64(route.Id),
 			Name: route.Name,
+			Code: route.Code,
 		})
 	}

+	// TODO 读取其他线路
+
 	return &pb.FindEnabledNSRecordResponse{NsRecord: &pb.NSRecord{
 		Id:          int64(record.Id),
 		Description: record.Description,
@@ -207,9 +215,19 @@ func (this *NSRecordService) ListNSRecordsAfterVersion(ctx context.Context, req
 		pbRoutes := []*pb.NSRoute{}
 		routeIds := record.DecodeRouteIds()
 		for _, routeId := range routeIds {
-			pbRoutes = append(pbRoutes, &pb.NSRoute{Id: routeId})
+			var routeIdInt int64 = 0
+			if regexp.MustCompile(`^id:\d+$`).MatchString(routeId) {
+				routeIdInt = types.Int64(routeId[strings.Index(routeId, ":")+1:])
+			}
+
+			pbRoutes = append(pbRoutes, &pb.NSRoute{
+				Id:   routeIdInt,
+				Code: routeId,
+			})
 		}

+		// TODO 读取其他线路
+
 		pbRecords = append(pbRecords, &pb.NSRecord{
 			Id:          int64(record.Id),
 			Description: "",
--- a/internal/rpc/services/nameservers/service_ns_record_hourly_stat.go
+++ b/internal/rpc/services/nameservers/service_ns_record_hourly_stat.go
@@ -4,6 +4,7 @@ package nameservers

 import (
 	"context"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	"github.com/TeaOSLab/EdgeAPI/internal/rpc/services"
@@ -31,7 +32,7 @@ func (this *NSRecordHourlyStatService) UploadNSRecordHourlyStats(ctx context.Con
 	}

 	var tx = this.NullTx()
-	clusterId, err := nameservers.SharedNSNodeDAO.FindNodeClusterId(tx, nodeId)
+	clusterId, err := models.SharedNSNodeDAO.FindNodeClusterId(tx, nodeId)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/rpc/services/nameservers/service_ns_route.go
+++ b/internal/rpc/services/nameservers/service_ns_route.go
@@ -4,6 +4,7 @@ package nameservers

 import (
 	"context"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
 	"github.com/TeaOSLab/EdgeAPI/internal/rpc/services"
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
@@ -75,7 +76,7 @@ func (this *NSRouteService) FindEnabledNSRoute(ctx context.Context, req *pb.Find
 	// 集群
 	var pbCluster *pb.NSCluster
 	if route.ClusterId > 0 {
-		cluster, err := nameservers.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(route.ClusterId))
+		cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(route.ClusterId))
 		if err != nil {
 			return nil, err
 		}
@@ -130,7 +131,7 @@ func (this *NSRouteService) FindAllEnabledNSRoutes(ctx context.Context, req *pb.
 		// 集群
 		var pbCluster *pb.NSCluster
 		if route.ClusterId > 0 {
-			cluster, err := nameservers.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(route.ClusterId))
+			cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(route.ClusterId))
 			if err != nil {
 				return nil, err
 			}
--- a/internal/rpc/services/service_admin.go
+++ b/internal/rpc/services/service_admin.go
@@ -6,7 +6,6 @@ import (
 	teaconst "github.com/TeaOSLab/EdgeAPI/internal/const"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models/authority"
-	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models/stats"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
@@ -637,7 +636,7 @@ func (this *AdminService) ComposeAdminDashboard(ctx context.Context, req *pb.Com
 		upgradeInfo := &pb.ComposeAdminDashboardResponse_UpgradeInfo{
 			NewVersion: teaconst.DNSNodeVersion,
 		}
-		countNodes, err := nameservers.SharedNSNodeDAO.CountAllLowerVersionNodes(tx, upgradeInfo.NewVersion)
+		countNodes, err := models.SharedNSNodeDAO.CountAllLowerVersionNodes(tx, upgradeInfo.NewVersion)
 		if err != nil {
 			return nil, err
 		}
--- a/internal/rpc/services/service_base.go
+++ b/internal/rpc/services/service_base.go
@@ -7,7 +7,6 @@ import (
 	teaconst "github.com/TeaOSLab/EdgeAPI/internal/const"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models/authority"
-	"github.com/TeaOSLab/EdgeAPI/internal/db/models/nameservers"
 	"github.com/TeaOSLab/EdgeAPI/internal/encrypt"
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
@@ -194,7 +193,7 @@ func (this *BaseService) ValidateNodeId(ctx context.Context, roles ...rpcutils.U
 	case rpcutils.UserTypeMonitor:
 		nodeIntId, err = models.SharedMonitorNodeDAO.FindEnabledMonitorNodeIdWithUniqueId(nil, nodeId)
 	case rpcutils.UserTypeDNS:
-		nodeIntId, err = nameservers.SharedNSNodeDAO.FindEnabledNodeIdWithUniqueId(nil, nodeId)
+		nodeIntId, err = models.SharedNSNodeDAO.FindEnabledNodeIdWithUniqueId(nil, nodeId)
 	case rpcutils.UserTypeAuthority:
 		nodeIntId, err = authority.SharedAuthorityNodeDAO.FindEnabledAuthorityNodeIdWithUniqueId(nil, nodeId)
 	default:
--- a/internal/rpc/services/service_db_node.go
+++ b/internal/rpc/services/service_db_node.go
@@ -204,7 +204,7 @@ func (this *DBNodeService) FindAllDBNodeTables(ctx context.Context, req *pb.Find
 		lowerTableName := strings.ToLower(one.GetString("TABLE_NAME"))
 		canDelete := false
 		canClean := false
-		if strings.HasPrefix(lowerTableName, "edgehttpaccesslogs_") {
+		if strings.HasPrefix(lowerTableName, "edgehttpaccesslogs_") || strings.HasPrefix(lowerTableName, "edgensaccesslogs_") {
 			canDelete = true
 			canClean = true
 		} else if lists.ContainsString([]string{"edgemessages", "edgelogs", "edgenodelogs"}, lowerTableName) {
@@ -254,8 +254,8 @@ func (this *DBNodeService) DeleteDBNodeTable(ctx context.Context, req *pb.Delete
 	}()

 	// 检查是否能够删除
-	if !strings.HasPrefix(strings.ToLower(req.DbNodeTable), "edgehttpaccesslogs_") {
-		return nil, errors.New("forbidden to delete the table")
+	if !strings.HasPrefix(strings.ToLower(req.DbNodeTable), "edgehttpaccesslogs_") && !strings.HasPrefix(strings.ToLower(req.DbNodeTable), "edgensaccesslogs_") {
+		return nil, errors.New("unable to delete the table")
 	}

 	_, err = db.Exec("DROP TABLE `" + req.DbNodeTable + "`")
--- a/internal/rpc/services/service_http_access_log.go
+++ b/internal/rpc/services/service_http_access_log.go
@@ -72,17 +72,56 @@ func (this *HTTPAccessLogService) ListHTTPAccessLogs(ctx context.Context, req *p
 		}
 	}

-	accessLogs, requestId, hasMore, err := models.SharedHTTPAccessLogDAO.ListAccessLogs(tx, req.RequestId, req.Size, req.Day, req.ServerId, req.Reverse, req.HasError, req.FirewallPolicyId, req.FirewallRuleGroupId, req.FirewallRuleSetId, req.HasFirewallPolicy, req.UserId, req.Keyword)
+	accessLogs, requestId, hasMore, err := models.SharedHTTPAccessLogDAO.ListAccessLogs(tx, req.RequestId, req.Size, req.Day, req.ServerId, req.Reverse, req.HasError, req.FirewallPolicyId, req.FirewallRuleGroupId, req.FirewallRuleSetId, req.HasFirewallPolicy, req.UserId, req.Keyword, req.Ip, req.Domain)
 	if err != nil {
 		return nil, err
 	}

 	result := []*pb.HTTPAccessLog{}
+	var pbNodeMap = map[int64]*pb.Node{}
+	var pbClusterMap = map[int64]*pb.NodeCluster{}
 	for _, accessLog := range accessLogs {
 		a, err := accessLog.ToPB()
 		if err != nil {
 			return nil, err
 		}
+
+		// 节点 & 集群
+		pbNode, ok := pbNodeMap[a.NodeId]
+		if ok {
+			a.Node = pbNode
+		} else {
+			node, err := models.SharedNodeDAO.FindEnabledNode(tx, a.NodeId)
+			if err != nil {
+				return nil, err
+			}
+			if node != nil {
+				pbNode = &pb.Node{Id: int64(node.Id), Name: node.Name}
+
+				var clusterId = int64(node.ClusterId)
+				pbCluster, ok := pbClusterMap[clusterId]
+				if ok {
+					pbNode.NodeCluster = pbCluster
+				} else {
+					cluster, err := models.SharedNodeClusterDAO.FindEnabledNodeCluster(tx, clusterId)
+					if err != nil {
+						return nil, err
+					}
+					if cluster != nil {
+						pbCluster = &pb.NodeCluster{
+							Id:   int64(cluster.Id),
+							Name: cluster.Name,
+						}
+						pbNode.NodeCluster = pbCluster
+						pbClusterMap[clusterId] = pbCluster
+					}
+				}
+
+				pbNodeMap[a.NodeId] = pbNode
+				a.Node = pbNode
+			}
+		}
+
 		result = append(result, a)
 	}

--- a/internal/rpc/services/service_http_firewall_policy.go
+++ b/internal/rpc/services/service_http_firewall_policy.go
@@ -720,10 +720,9 @@ func (this *HTTPFirewallPolicyService) CheckHTTPFirewallPolicyIPStatus(ctx conte
 	// 检查黑名单
 	if firewallPolicy.Inbound != nil &&
 		firewallPolicy.Inbound.IsOn &&
-		firewallPolicy.Inbound.AllowListRef != nil &&
-		firewallPolicy.Inbound.AllowListRef.IsOn &&
-		firewallPolicy.Inbound.AllowListRef.ListId > 0 {
-
+		firewallPolicy.Inbound.DenyListRef != nil &&
+		firewallPolicy.Inbound.DenyListRef.IsOn &&
+		firewallPolicy.Inbound.DenyListRef.ListId > 0 {
 		var listIds = []int64{}
 		if firewallPolicy.Inbound.DenyListRef.ListId > 0 {
 			listIds = append(listIds, firewallPolicy.Inbound.DenyListRef.ListId)
--- a/internal/rpc/services/service_ip_list.go
+++ b/internal/rpc/services/service_ip_list.go
@@ -4,6 +4,7 @@ import (
 	"context"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/lists"
 )

 // IPListService IP名单相关服务
@@ -145,3 +146,48 @@ func (this *IPListService) ExistsEnabledIPList(ctx context.Context, req *pb.Exis
 	}
 	return &pb.ExistsEnabledIPListResponse{Exists: b}, nil
 }
+
+// FindEnabledIPListContainsIP 根据IP来搜索IP名单
+func (this *IPListService) FindEnabledIPListContainsIP(ctx context.Context, req *pb.FindEnabledIPListContainsIPRequest) (*pb.FindEnabledIPListContainsIPResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	items, err := models.SharedIPItemDAO.FindEnabledItemsWithIP(tx, req.Ip)
+	if err != nil {
+		return nil, err
+	}
+
+	var pbLists = []*pb.IPList{}
+	var listIds = []int64{}
+	for _, item := range items {
+		if lists.ContainsInt64(listIds, int64(item.ListId)) {
+			continue
+		}
+
+		list, err := models.SharedIPListDAO.FindEnabledIPList(tx, int64(item.ListId))
+		if err != nil {
+			return nil, err
+		}
+		if list == nil {
+			continue
+		}
+		if list.IsPublic != 1 {
+			continue
+		}
+		pbLists = append(pbLists, &pb.IPList{
+			Id:          int64(list.Id),
+			IsOn:        list.IsOn == 1,
+			Type:        list.Type,
+			Name:        list.Name,
+			Code:        list.Code,
+			IsPublic:    list.IsPublic == 1,
+			Description: "",
+		})
+
+		listIds = append(listIds, int64(item.ListId))
+	}
+	return &pb.FindEnabledIPListContainsIPResponse{IpLists: pbLists}, nil
+}
--- a/internal/rpc/services/service_message.go
+++ b/internal/rpc/services/service_message.go
@@ -3,15 +3,16 @@ package services
 import (
 	"context"
 	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 )

-// 消息相关服务
+// MessageService 消息相关服务
 type MessageService struct {
 	BaseService
 }

-// 计算未读消息数
+// CountUnreadMessages 计算未读消息数
 func (this *MessageService) CountUnreadMessages(ctx context.Context, req *pb.CountUnreadMessagesRequest) (*pb.RPCCountResponse, error) {
 	// 校验请求
 	adminId, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -28,7 +29,7 @@ func (this *MessageService) CountUnreadMessages(ctx context.Context, req *pb.Cou
 	return this.SuccessCount(count)
 }

-// 列出单页未读消息
+// ListUnreadMessages 列出单页未读消息
 func (this *MessageService) ListUnreadMessages(ctx context.Context, req *pb.ListUnreadMessagesRequest) (*pb.ListUnreadMessagesResponse, error) {
 	// 校验请求
 	adminId, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -48,33 +49,62 @@ func (this *MessageService) ListUnreadMessages(ctx context.Context, req *pb.List
 		var pbNode *pb.Node = nil

 		if message.ClusterId > 0 {
-			cluster, err := models.SharedNodeClusterDAO.FindEnabledNodeCluster(tx, int64(message.ClusterId))
-			if err != nil {
-				return nil, err
-			}
-			if cluster != nil {
-				pbCluster = &pb.NodeCluster{
-					Id:   int64(cluster.Id),
-					Name: cluster.Name,
+			switch message.Role {
+			case nodeconfigs.NodeRoleNode:
+				cluster, err := models.SharedNodeClusterDAO.FindEnabledNodeCluster(tx, int64(message.ClusterId))
+				if err != nil {
+					return nil, err
+				}
+				if cluster != nil {
+					pbCluster = &pb.NodeCluster{
+						Id:   int64(cluster.Id),
+						Name: cluster.Name,
+					}
+				}
+			case nodeconfigs.NodeRoleDNS:
+				cluster, err := models.SharedNSClusterDAO.FindEnabledNSCluster(tx, int64(message.ClusterId))
+				if err != nil {
+					return nil, err
+				}
+				if cluster != nil {
+					pbCluster = &pb.NodeCluster{
+						Id:   int64(cluster.Id),
+						Name: cluster.Name,
+					}
 				}
 			}
 		}

 		if message.NodeId > 0 {
-			node, err := models.SharedNodeDAO.FindEnabledNode(tx, int64(message.NodeId))
-			if err != nil {
-				return nil, err
-			}
-			if node != nil {
-				pbNode = &pb.Node{
-					Id:   int64(node.Id),
-					Name: node.Name,
+			switch message.Role {
+			case nodeconfigs.NodeRoleNode:
+				node, err := models.SharedNodeDAO.FindEnabledNode(tx, int64(message.NodeId))
+				if err != nil {
+					return nil, err
+				}
+				if node != nil {
+					pbNode = &pb.Node{
+						Id:   int64(node.Id),
+						Name: node.Name,
+					}
+				}
+			case nodeconfigs.NodeRoleDNS:
+				node, err := models.SharedNSNodeDAO.FindEnabledNSNode(tx, int64(message.NodeId))
+				if err != nil {
+					return nil, err
+				}
+				if node != nil {
+					pbNode = &pb.Node{
+						Id:   int64(node.Id),
+						Name: node.Name,
+					}
 				}
 			}
 		}

 		result = append(result, &pb.Message{
 			Id:          int64(message.Id),
+			Role:        message.Role,
 			Type:        message.Type,
 			Body:        message.Body,
 			Level:       message.Level,
@@ -89,7 +119,7 @@ func (this *MessageService) ListUnreadMessages(ctx context.Context, req *pb.List
 	return &pb.ListUnreadMessagesResponse{Messages: result}, nil
 }

-// 设置消息已读状态
+// UpdateMessageRead 设置消息已读状态
 func (this *MessageService) UpdateMessageRead(ctx context.Context, req *pb.UpdateMessageReadRequest) (*pb.RPCSuccess, error) {
 	// 校验请求
 	adminId, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -115,7 +145,7 @@ func (this *MessageService) UpdateMessageRead(ctx context.Context, req *pb.Updat
 	return this.Success()
 }

-// 设置一组消息已读状态
+// UpdateMessagesRead 设置一组消息已读状态
 func (this *MessageService) UpdateMessagesRead(ctx context.Context, req *pb.UpdateMessagesReadRequest) (*pb.RPCSuccess, error) {
 	// 校验请求
 	adminId, userId, err := this.ValidateAdminAndUser(ctx, 0, 0)
@@ -143,7 +173,7 @@ func (this *MessageService) UpdateMessagesRead(ctx context.Context, req *pb.Upda
 	return this.Success()
 }

-// 设置所有消息为已读
+// UpdateAllMessagesRead 设置所有消息为已读
 func (this *MessageService) UpdateAllMessagesRead(ctx context.Context, req *pb.UpdateAllMessagesReadRequest) (*pb.RPCSuccess, error) {
 	// 校验请求
 	// 校验请求
--- a/internal/rpc/services/service_node.go
+++ b/internal/rpc/services/service_node.go
@@ -43,7 +43,7 @@ func (this *NodeService) CreateNode(ctx context.Context, req *pb.CreateNodeReque

 	// 增加认证相关
 	if req.NodeLogin != nil {
-		_, err = models.SharedNodeLoginDAO.CreateNodeLogin(tx, nodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+		_, err = models.SharedNodeLoginDAO.CreateNodeLogin(tx, nodeconfigs.NodeRoleNode, nodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
 		if err != nil {
 			return nil, err
 		}
@@ -375,7 +375,7 @@ func (this *NodeService) DeleteNode(ctx context.Context, req *pb.DeleteNodeReque
 	}

 	// 删除节点相关任务
-	err = models.SharedNodeTaskDAO.DeleteNodeTasks(tx, req.NodeId)
+	err = models.SharedNodeTaskDAO.DeleteNodeTasks(tx, nodeconfigs.NodeRoleNode, req.NodeId)
 	if err != nil {
 		return nil, err
 	}
@@ -435,8 +435,9 @@ func (this *NodeService) UpdateNode(ctx context.Context, req *pb.UpdateNodeReque
 		return nil, err
 	}

+	// 登录信息
 	if req.NodeLogin == nil {
-		err = models.SharedNodeLoginDAO.DisableNodeLogins(tx, req.NodeId)
+		err = models.SharedNodeLoginDAO.DisableNodeLogins(tx, nodeconfigs.NodeRoleNode, req.NodeId)
 		if err != nil {
 			return nil, err
 		}
@@ -447,7 +448,7 @@ func (this *NodeService) UpdateNode(ctx context.Context, req *pb.UpdateNodeReque
 				return nil, err
 			}
 		} else {
-			_, err = models.SharedNodeLoginDAO.CreateNodeLogin(tx, req.NodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+			_, err = models.SharedNodeLoginDAO.CreateNodeLogin(tx, nodeconfigs.NodeRoleNode, req.NodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
 			if err != nil {
 				return nil, err
 			}
@@ -524,7 +525,7 @@ func (this *NodeService) FindEnabledNode(ctx context.Context, req *pb.FindEnable
 	}

 	// 认证信息
-	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(tx, req.NodeId)
+	login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(tx, nodeconfigs.NodeRoleNode, req.NodeId)
 	if err != nil {
 		return nil, err
 	}
@@ -621,7 +622,7 @@ func (this *NodeService) FindEnabledNode(ctx context.Context, req *pb.FindEnable
 			Name: clusterName,
 		},
 		SecondaryNodeClusters:  secondaryPBClusters,
-		Login:                  respLogin,
+		NodeLogin:              respLogin,
 		InstallStatus:          installStatusResult,
 		MaxCPU:                 types.Int32(node.MaxCPU),
 		IsOn:                   node.IsOn == 1,
@@ -717,7 +718,7 @@ func (this *NodeService) InstallNode(ctx context.Context, req *pb.InstallNodeReq
 	}

 	go func() {
-		err = installers.SharedQueue().InstallNodeProcess(req.NodeId, false)
+		err = installers.SharedNodeQueue().InstallNodeProcess(req.NodeId, false)
 		if err != nil {
 			logs.Println("[RPC]install node:" + err.Error())
 		}
@@ -757,7 +758,7 @@ func (this *NodeService) UpgradeNode(ctx context.Context, req *pb.UpgradeNodeReq
 	}

 	go func() {
-		err = installers.SharedQueue().InstallNodeProcess(req.NodeId, true)
+		err = installers.SharedNodeQueue().InstallNodeProcess(req.NodeId, true)
 		if err != nil {
 			logs.Println("[RPC]install node:" + err.Error())
 		}
@@ -774,7 +775,7 @@ func (this *NodeService) StartNode(ctx context.Context, req *pb.StartNodeRequest
 		return nil, err
 	}

-	err = installers.SharedQueue().StartNode(req.NodeId)
+	err = installers.SharedNodeQueue().StartNode(req.NodeId)
 	if err != nil {
 		return &pb.StartNodeResponse{
 			IsOk:  false,
@@ -793,7 +794,7 @@ func (this *NodeService) StopNode(ctx context.Context, req *pb.StopNodeRequest)
 		return nil, err
 	}

-	err = installers.SharedQueue().StopNode(req.NodeId)
+	err = installers.SharedNodeQueue().StopNode(req.NodeId)
 	if err != nil {
 		return &pb.StopNodeResponse{
 			IsOk:  false,
@@ -909,7 +910,7 @@ func (this *NodeService) FindAllNotInstalledNodesWithNodeClusterId(ctx context.C
 	result := []*pb.Node{}
 	for _, node := range nodes {
 		// 认证信息
-		login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(tx, int64(node.Id))
+		login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(tx, nodeconfigs.NodeRoleNode, int64(node.Id))
 		if err != nil {
 			return nil, err
 		}
@@ -967,7 +968,7 @@ func (this *NodeService) FindAllNotInstalledNodesWithNodeClusterId(ctx context.C
 			IsInstalled:   node.IsInstalled == 1,
 			StatusJSON:    []byte(node.Status),
 			IsOn:          node.IsOn == 1,
-			Login:         pbLogin,
+			NodeLogin:     pbLogin,
 			IpAddresses:   pbAddresses,
 			InstallStatus: pbInstallStatus,
 		})
@@ -1018,7 +1019,7 @@ func (this *NodeService) FindAllUpgradeNodesWithNodeClusterId(ctx context.Contex
 		}
 		for _, node := range nodes {
 			// 认证信息
-			login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(tx, int64(node.Id))
+			login, err := models.SharedNodeLoginDAO.FindEnabledNodeLoginWithNodeId(tx, nodeconfigs.NodeRoleNode, int64(node.Id))
 			if err != nil {
 				return nil, err
 			}
@@ -1086,7 +1087,7 @@ func (this *NodeService) FindAllUpgradeNodesWithNodeClusterId(ctx context.Contex
 				StatusJSON:    []byte(node.Status),
 				IsOn:          node.IsOn == 1,
 				IpAddresses:   pbAddresses,
-				Login:         pbLogin,
+				NodeLogin:     pbLogin,
 				InstallStatus: pbInstallStatus,
 			}

@@ -1144,7 +1145,7 @@ func (this *NodeService) UpdateNodeLogin(ctx context.Context, req *pb.UpdateNode
 	tx := this.NullTx()

 	if req.NodeLogin.Id <= 0 {
-		_, err := models.SharedNodeLoginDAO.CreateNodeLogin(tx, req.NodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
+		_, err := models.SharedNodeLoginDAO.CreateNodeLogin(tx, nodeconfigs.NodeRoleNode, req.NodeId, req.NodeLogin.Name, req.NodeLogin.Type, req.NodeLogin.Params)
 		if err != nil {
 			return nil, err
 		}
@@ -1359,7 +1360,6 @@ func (this *NodeService) UpdateNodeDNS(ctx context.Context, req *pb.UpdateNodeDN
 		delete(routeCodeMap, req.DnsDomainId)
 	}

-
 	err = models.SharedNodeDAO.UpdateNodeDNS(tx, req.NodeId, routeCodeMap)
 	if err != nil {
 		return nil, err
--- a/internal/rpc/services/service_node_cluster.go
+++ b/internal/rpc/services/service_node_cluster.go
@@ -97,7 +97,7 @@ func (this *NodeClusterService) DeleteNodeCluster(ctx context.Context, req *pb.D
 	}

 	// 删除相关任务
-	err = models.SharedNodeTaskDAO.DeleteAllClusterTasks(tx, req.NodeClusterId)
+	err = models.SharedNodeTaskDAO.DeleteAllClusterTasks(tx, nodeconfigs.NodeRoleNode, req.NodeClusterId)
 	if err != nil {
 		return nil, err
 	}
--- a/internal/rpc/services/service_node_grant.go
+++ b/internal/rpc/services/service_node_grant.go
@@ -265,3 +265,35 @@ func (this *NodeGrantService) TestNodeGrant(ctx context.Context, req *pb.TestNod
 	resp.IsOk = true
 	return resp, nil
 }
+
+// FindSuggestNodeGrants 查找集群推荐的认证
+func (this *NodeGrantService) FindSuggestNodeGrants(ctx context.Context, req *pb.FindSuggestNodeGrantsRequest) (*pb.FindSuggestNodeGrantsResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var pbGrants = []*pb.NodeGrant{}
+	var tx = this.NullTx()
+	grantIds, err := models.SharedNodeLoginDAO.FindFrequentGrantIds(tx, req.NodeClusterId, req.NsClusterId)
+	if err != nil {
+		return nil, err
+	}
+	for _, grantId := range grantIds {
+		grant, err := models.SharedNodeGrantDAO.FindEnabledNodeGrant(tx, grantId)
+		if err != nil {
+			return nil, err
+		}
+		if grant != nil {
+			pbGrants = append(pbGrants, &pb.NodeGrant{
+				Id:          int64(grant.Id),
+				Name:        grant.Name,
+				Method:      grant.Method,
+				Username:    grant.Username,
+				Su:          grant.Su == 1,
+				Description: grant.Description,
+			})
+		}
+	}
+	return &pb.FindSuggestNodeGrantsResponse{NodeGrants: pbGrants}, nil
+}
--- a/internal/rpc/services/service_node_login.go
+++ b/internal/rpc/services/service_node_login.go
@@ -0,0 +1,68 @@
+// Copyright 2021 Liuxiangchao iwind.liu@gmail.com. All rights reserved.
+
+package services
+
+import (
+	"context"
+	"github.com/TeaOSLab/EdgeAPI/internal/db/models"
+	"github.com/TeaOSLab/EdgeCommon/pkg/configutils"
+	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
+	"github.com/iwind/TeaGo/types"
+	"net"
+	"sync"
+	"time"
+)
+
+// NodeLoginService 节点登录相关
+type NodeLoginService struct {
+	BaseService
+}
+
+// FindNodeLoginSuggestPorts 读取建议的端口
+func (this *NodeLoginService) FindNodeLoginSuggestPorts(ctx context.Context, req *pb.FindNodeLoginSuggestPortsRequest) (*pb.FindNodeLoginSuggestPortsResponse, error) {
+	_, err := this.ValidateAdmin(ctx, 0)
+	if err != nil {
+		return nil, err
+	}
+
+	var tx = this.NullTx()
+	ports, err := models.SharedNodeLoginDAO.FindFrequentPorts(tx)
+	if err != nil {
+		return nil, err
+	}
+
+	var availablePorts = []int32{}
+
+	// 测试端口连通性
+	if len(ports) > 0 && len(req.Host) > 0 {
+		var host = configutils.QuoteIP(req.Host)
+
+		wg := sync.WaitGroup{}
+		wg.Add(len(ports))
+
+		var locker sync.Mutex
+
+		for _, port := range ports {
+			go func(port int32) {
+				defer wg.Done()
+
+				conn, err := net.DialTimeout("tcp", host+":"+types.String(port), 2*time.Second)
+				if err != nil {
+					return
+				}
+				_ = conn.Close()
+
+				locker.Lock()
+				availablePorts = append(availablePorts, port)
+				locker.Unlock()
+			}(port)
+		}
+		wg.Wait()
+
+	}
+
+	return &pb.FindNodeLoginSuggestPortsResponse{
+		Ports:          ports,
+		AvailablePorts: availablePorts,
+	}, nil
+}
--- a/internal/rpc/services/service_node_stream.go
+++ b/internal/rpc/services/service_node_stream.go
@@ -9,6 +9,7 @@ import (
 	"github.com/TeaOSLab/EdgeAPI/internal/errors"
 	rpcutils "github.com/TeaOSLab/EdgeAPI/internal/rpc/utils"
 	"github.com/TeaOSLab/EdgeCommon/pkg/messageconfigs"
+	"github.com/TeaOSLab/EdgeCommon/pkg/nodeconfigs"
 	"github.com/TeaOSLab/EdgeCommon/pkg/rpc/pb"
 	"github.com/iwind/TeaGo/logs"
 	"strconv"
@@ -119,7 +120,7 @@ func (this *NodeService) NodeStream(server pb.NodeService_NodeStreamServer) erro
 		}
 		subject := "节点\"" + nodeName + "\"已经恢复在线"
 		msg := "节点\"" + nodeName + "\"已经恢复在线"
-		err = models.SharedMessageDAO.CreateNodeMessage(tx, clusterId, nodeId, models.MessageTypeNodeActive, models.MessageLevelSuccess, subject, msg, nil)
+		err = models.SharedMessageDAO.CreateNodeMessage(tx, nodeconfigs.NodeRoleNode, clusterId, nodeId, models.MessageTypeNodeActive, models.MessageLevelSuccess, subject, msg, nil)
 		if err != nil {
 			return err
 		}
@@ -133,6 +134,12 @@ func (this *NodeService) NodeStream(server pb.NodeService_NodeStreamServer) erro
 	}
 	nodeLocker.Unlock()

+	defer func() {
+		nodeLocker.Lock()
+		delete(requestChanMap, nodeId)
+		nodeLocker.Unlock()
+	}()
+
 	// 发送请求
 	go func() {
 		for {
--- a/Show More
+++ b/Show More
Author	SHA1	Message	Date
刘祥超	93a17ced7c	上传SQL	2021-08-15 20:20:06 +08:00
刘祥超	580d09ef99	IP库查询结果显示城市	2021-08-15 20:08:04 +08:00
刘祥超	fed725d45c	增加通过IP来搜索IP名单的API	2021-08-15 15:42:32 +08:00
刘祥超	350b514fc7	改进细节	2021-08-15 10:39:41 +08:00
刘祥超	71d2671c04	增加SSH认证建议接口	2021-08-14 21:33:17 +08:00
刘祥超	5a22146309	增加SSH登录建议端口接口	2021-08-14 18:07:20 +08:00
刘祥超	ac2fb4c84b	可以远程停止和启动DNS节点	2021-08-12 11:47:39 +08:00
刘祥超	c25e3f18e0	修复边缘节点和DNS节点安装文件冲突的问题	2021-08-11 21:14:01 +08:00
刘祥超	d3e4f28c69	实现DNS节点远程安装	2021-08-11 21:00:29 +08:00
刘祥超	363892efb2	改进脚本	2021-08-11 17:16:54 +08:00
刘祥超	cf36559eea	访问日志显示节点信息	2021-08-10 11:15:15 +08:00
刘祥超	fa3e0ca6ab	自建DNS增加解析测试	2021-08-09 18:41:30 +08:00
刘祥超	7229b0db34	NS日志增加remoteAddr字段	2021-08-09 15:19:38 +08:00
刘祥超	23871804b1	EdgeDNS支持内置线路	2021-08-09 13:57:58 +08:00
刘祥超	5e00bfa4c1	优化节点到API节点连接管理	2021-08-08 16:17:25 +08:00
刘祥超	473a2db335	数据有更改时发送通知	2021-08-08 15:47:48 +08:00
刘祥超	c893de8af7	DNS节点增加在线状态通知	2021-08-08 10:29:48 +08:00
刘祥超	a8cf04d178	访问日志搜索增加域名和IP搜索	2021-08-07 22:04:22 +08:00
刘祥超	e94a7f9a77	运行日志只显示已经设置集群的节点	2021-08-07 16:52:28 +08:00
刘祥超	ccf435ee8e	优化代码	2021-08-07 16:11:35 +08:00
刘祥超	7dc5c5f349	修复utils.DumpResponse()可能会忽略err的问题	2021-08-07 11:04:03 +08:00
刘祥超	566c04f080	边缘节点没有集群的时候视为删除	2021-08-07 10:12:17 +08:00
刘祥超	5a13c7663c	修复HTTPFirewallPolicyService.CheckHTTPFirewallPolicyIPStatus()可能panic的Bug	2021-08-06 14:48:05 +08:00
刘祥超	1df6d579d7	修改一处测试	2021-08-06 14:47:42 +08:00
刘祥超	20110495ab	修复unique key无法升级的问题	2021-08-06 14:22:17 +08:00
刘祥超	ce8d656d65	调整版本为0.2.9	2021-08-06 14:21:54 +08:00
刘祥超	186fe3c365	修复无法升级国家/地区数据的Bug	2021-08-05 20:36:16 +08:00
刘祥超	a9ce2f45df	修复导致无法安装的严重Bug	2021-08-05 19:53:54 +08:00
刘祥超	5105af9918	自建DNS增加全局配置	2021-08-05 16:08:01 +08:00
刘祥超	378c485219	统计节点分组中节点数量时判断节点集群是否存在	2021-08-05 11:28:58 +08:00
刘祥超	2465993e2c	域名解析支持华为云解析DNS	2021-08-04 22:14:54 +08:00
刘祥超	818c1c25a7	调整版本	2021-08-04 15:36:06 +08:00