Setting up dnsmasq with Ubuntu 10.04 for home networking

What is DNSMASQ?

A caching DNS forwarder. Dnsmasq is lightweight, easy to configure DNS forwarder designed to provide DNS (domain name) services to a small network where using BIND would be overkill. It can be have its upstream DNS servers automatically configured by PPP or DHCP and it can serve the names of local machines which are not in the global DNS. It can integrate with the ISC DHCP daemon to serve the names of local machines which are configured using DHCP. Dnsmasq is ideal for networks behind NAT routers and connected via modem, ISDN, ADSL, or cable-modem.

Assumptions made

  1. You have an internet connection.
  2. Your running Linux (Ubuntu 10.04 or a Debian derivative).
  3. You know how to turn off the built in DHCP server on your own router at the end of the instructions.

Install DNSMASQ.

Copy and rename the config file, just in case you make a mistake along the way.

Edit the config file.

This is the edited (the parts that I used from the config file. It’s works fine for my network which is quite generic. Like most home users, I’m behind a wireless router that does NAT so my network is a class C private network.

Next you need to add a few Recursive DNS Server for DNSMASQ to use. I’m going to be using the free servers provided by Google. Thankfully DNSMASQ now supports IPv6 RDNS servers, which is very good if you happen to be running dual stack IPv4 and IPv6 which I am at home.

Edit the resolv.conf file.

Add the following to the resolv.conf file.

DNSMASQ will read the host file on startup of your server and create DNS entries for these, so you only need to keep one hosts file up to date (which is a nice timesaver).

My hosts file looks like this, your of course will look different.

Now restart DNSMASQ and everything should work.

This step is only a reminder to myself and not needed, by default, I turn on ufw and block everything, only opening ports when needed. So I need to open the ports for DHCP and DNS resolution to allow this to work on my network.

References:
Dnsmasq – Community Ubuntu Documentation
HowTo/dnsmasq – Debian Wiki
dnsmasq – A DNS forwarder for NAT firewalls
Man Page of dnsmasq
Linux Home Server HOWTO – Domain Name System (Bind)
Naming conventions in Active Directory, sites, and OUs
Quick HOWTO: Ch18 : Configureing DNS – Linux Home Networking
redhat.com – How to set up a home DNS server
Creating Internal DNS Somain Names: Domain Name System(DNS)
What is DNSMASQ

16 thoughts on “Setting up dnsmasq with Ubuntu 10.04 for home networking

  1. Hey, is it easy enough to set DNSMasq to only forward DNS queries to public DNS as opposed to trying to resolve the internal ones?

    I already have internal DNS that will handle all internal name resolution but my firewall will not pass-though DNS queries to ISP DNS hence the need for another server.

  2. Are you proposing to forward queries from your already working internal DNS, to another server that is handling external DNS queries, then the answer is yes. But my question is, why bother? Surely you can extend your internal DNS server to resolve external DNS requests?

  3. Just a minor error in your guide.. if the config file you posted is the one you’re using, then you’re actually using a Class C private network not a Class B as the guide states (which is in the 172.16.x.x to 172.31.x.x range)

    Other than that awesome guide. I currently have isc-dhcpd running but am thinking of just using dnsmasq since it’s much lighter weight and I don’t have enough machines to really require dhcpd

  4. Pingback: Use Getflix or Unblock-Us servers selectively with Dnsmasq | i reckon

  5. Is there a file/location where DNSCache has his cache storage.
    Where can you check the cache?

  6. Good day.
    Used your guide, worked swell. This morning, it all went to snot on me. I’m getting CONNECTION REFUSED for anything external.

    By the way, Ubuntu 14.04 server .. instead of editing /etc/resolv.conf, I updated /etc/resolvconf/resolv.conf.d/base.

    My Google-fu isn’t very strong, but I haven’t seen found anything like this. You running into this at all?

  7. Hi VK,

    I’ve not run into it myself.

    Is it your server sunning DNSmasq that your getting the error message from, or, the clients that are getting their IP that are getting the error message?

    Cheers,

    Billy

  8. Hi Billy, sorry for the delay.

    dnsmasq server is giving the connection refused. Had to revert to the wireless router as a DHCP server with it built in DNS forwarder, all internet access died when dnsmasq stopped working. I did notice a resolvconf upgrade which I applied without giving much thought to, now I’m regretting it. Haven’t spent anymore time troubleshooting, the only thing I’ve found so far is the following in /var/log/syslog:

    Jun 26 07:15:27 phonebook dnsmasq[1186]: reading /etc/resolv.conf
    Jun 26 07:15:27 phonebook dnsmasq[1186]: ignoring nameserver 127.0.0.1 – local interface
    Jun 26 07:15:27 phonebook dnsmasq[1186]: using local addresses only for domain XXXXXXXXX

  9. Oh, sorry, last thing I noticed. Changed dns-namservers from 127.0.0.1 to the router IP in /etc/network/interfaces.

    With the dnsmasq server running:
    root@phonebook:~# nslookup google.ca
    Server: 127.0.0.1
    Address: 127.0.0.1#53

    ** server can’t find google.ca: REFUSED

    After issuing service dnsmasq stop:

    root@phonebook:~# nslookup google.ca
    Server:
    Address: #53

    Non-authoritative answer:
    Name: google.ca
    Address: 24.244.4.123
    Name: google.ca
    Address: 24.244.4.93
    Name: google.ca
    Address: 24.244.4.109
    Name: google.ca
    Address: 24.244.4.113
    Name: google.ca
    Address: 24.244.4.99
    Name: google.ca
    Address: 24.244.4.118
    Name: google.ca
    Address: 24.244.4.108
    Name: google.ca
    Address: 24.244.4.94
    Name: google.ca
    Address: 24.244.4.114
    Name: google.ca
    Address: 24.244.4.84
    Name: google.ca
    Address: 24.244.4.103
    Name: google.ca
    Address: 24.244.4.104
    Name: google.ca
    Address: 24.244.4.98
    Name: google.ca
    Address: 24.244.4.88
    Name: google.ca
    Address: 24.244.4.119
    Name: google.ca
    Address: 24.244.4.89

    dnsmasq is definitely not happy with me

  10. Oh boy. PEBKAC.

    At some point, I must have been horsing around, added a line to /etc/dnsmasq.conf [won’t add it here, in case someone comes across this looking for the same info] .. commented it out, hey look at that all works as it’s supposed to … derp

    So, for anyone who comes across Billy’s excellent post looking for info about Ubuntu 14.04:

    Follow everything above as Billy’s layed out except for:
    1) do not edit /etc/resolv.conf by hand, instead, make /etc/resolvconf/resolv.conf.d/base look like the following:

    name_servers 8.8.8.8
    name_servers 8.8.4.4
    name_servers 2001:4860:4860::8888
    name_servers 2001:4860:4860::8844

    2) issue resolvconf -u to update /etc/resolv.conf

    3) do not try playing around with things, and then forget the stuff you changed, otherwise you’ll just be wasting yours and Billy’s time 😉

  11. Me again, last time, I promise.

    For Ubuntu 14.04 users, simplify your life further: don’t bother with any resolvconf files

    When you’re setting up a static IP, just add dns-nameservers to your /etc/network/interfaces file. When the NIC comes up, resolver picks it all up. Then, when dnsmasq service starts, it will autopopulate /var/run/dnsmasq/resolv.conf which is what dnsmasq is actually using [not /etc/resolv.conf anymore]

  12. Hi VK,

    Glad you managed to sort it out, and thanks for the input which is appreciated. Hopefully someone using Ubuntu 14.04 will find it useful, might even try it myself when I upgrade :-)

    Cheers,

    Billy

Leave a Reply