Dnsmasq

From ArchWiki

Jump to: navigation, search

Dnsmasq is a DHCP server and Domain Name Server (DNS) cache program. It can be used to create a route to and from a LAN PC(s) or/and as a DNS cache that will store domain addresses that can help improve connection times to internet servers (e.g. queries to web servers). Dnsmasq is lightweight and designed for personal computer use or as a DHCP server on a network with less that 50 computers.

Contents

Installing

Dnsmasq is in the repository and can be added by:

pacman -S dnsmasq

DHCP Server Setup

The Dnsmasq configuration file needs to be configured. Edit /etc/dnsmasq.conf:

# Only listen to router LAN NIC, also opens up tcp/udp port 53 to localhost
# and udp port 67 to world:
interface=<LAN-NIC>

# dnsmasq will open tcp/udp port 53 and udp port 67 to world to help with
# dynamic interfaces (assigning dynamic ips). Dnsmasq will discard world
# requests to them, but the paranoid might like to close them and let the 
# kernel handle them:
bind-interfaces

# Dynamic range of IPs to make available to LAN pc
dhcp-range=192.168.111.50,192.168.111.100,12h

# If you’d like to have a static ip, bind the LAN computer's NIC MAC address:
dhcp-host=aa:bb:cc:dd:ee:ff,192.168.111.50

If you choose not to bind interfaces the domain port will need to be allowed in /etc/hosts.allow:

domain ALL : ALLOW

DNS Cache Setup

If you set up Dnsmasq as a DHCP server, it is already setup to listen to DNS queries on localhost. To set up dnsmasq as a DNS cache daemon edit /etc/dnsmasq and add:

listen-address=127.0.0.1

The dhcp client must be directed to 127.0.0.1 (localhost) for DNS queries. After you have configured Dnsmasq, you will need to tell your DHCP client to prepend the localhost address to /etc/resolv.conf so queries/returns get sent to Dnsmasq. When the DHCP client is configured, you will need to restart the network for changes to take effect.

dhcpcd

Dhcpcd has the ability to prepend or append nameservers to /etc/resolv.conf by creating /etc/resolv.conf.head and /etc/resolv.conf.tail respectively:

echo "nameserver 127.0.0.1" > /etc/resolv.conf.head

dhclient

If you use dhclient, add to /etc/dhcp/dhclient.conf:

prepend domain-name-servers 127.0.0.1;

Start the Daemon

Dnsmasq needs to run as a daemon. To start it:

/etc/rc.d/dnsmasq start

To have dnsmasq to load upon startup, add dnsmasq to your daemons array in /etc/rc.conf:

DAEMONS=(network dnsmasq ...)

To see if dnsmasq started properly look at the log, Dnsmasq sends it's log to /var/log/messages.log.

Test DHCP Server

From the LAN client make sure you have the network set up to detect a route with DHCP and attempt to connect to the network.

Test DNS Caching

Do a DNS lookup and measure the time response (dig is part of the dnsutils package):

dig archlinux.org | grep "Query time"

Try it again and compare the result.

Tips

Additional tips for Dnsmasq.

Prevent OpenDNS Redirecting Google Queries

To prevent OpenDNS from redirecting all Google queries to their own search server, add to /etc/dnsmasq.conf:

server=/www.google.com/X.X.X.X

Replace X.X.X.X with your ISP's DNS server/Router IP.

Personal tools