Wednesday | 04 DEC 2024
[ previous ]
[ next ]

Using dnsmasq

Title:
Date: 2023-07-11
Tags:  sysadmin

I want to run my own dns server at home so that I can reference my server my name. The first step in doing this is to start doing DNS things and I didn't realize how easy dnsmasq made it.

The package was already installed on my machine and so I could simply start the service and away we go. It's actually quite cool how it uses the stuff I was already using like the hosts file and the resolv.conf file.

dnsmasq works by acting as intermediary for the real {name servers}[I use name servers because DNS servers sounds weird but also calling it just DNS is weird. I could say domain name servers but that's long]. It will first try to answer the request but if it can't it will pass it on the specified nameservers. These are defined in /etc/resolv.conf. The names that it will resolve are in /etc/hosts. This means that you can set up resolv.conf with the nameservers you want to use and then add the domains you want dnsmasq to resolve in the hosts file.

Installation

Use this command to install dnsmasq if you don't have it.

yum install dnsmasq

Now before we start you should know that the following command is helpful to debug any DNS issues:

dnsmasq -qk --log-queries --log-facility=-

This will output the requests and answers to the screen.

Now let's get on with the show.

/etc/dnsmasq.conf

Add the following to /etc/dnsmasq.conf:

domain-needed
bogus-priv
cache-size=1000
clear-on-reload

The first line makes it so that only those with domains will get passed onto the the real name servers.

The second line with stop IP addresses from getting out of the system.

The third line is how many requests should be cached by dnsmasq.

The fourth line will clear the cache when dnsmasq is restarted.

/etc/resolv.conf

Now we can update the resolv.conf file:

nameserver 8.8.8.8
nameserver 4.4.4.4

I'm using Cloudflare and Google name servers for my DNS.

/etc/hosts

Then in /etc/hosts:

andromeda   192.168.13.31
test.example.com 192.168.13.32

This will map andromeda to 192.168.13.31. This will also map our subdomain to a local IP.

Starting dnsmasq

Enable and start dnsmasq:

systemctl enable dnsmasq
service dnsmasq start

Now dnsmasq will start on boot and will also be running now.

Testing

At this point we have dnsmasq set up and ready to go. You can use dig to verify that your dns server is being:

dig andromeda @localhost
dig test.example.com @localhost

The @localhost option means that use localhost as the name server, not those found in /etc/resolv.conf.

This should print out the IP address that we set in the hosts file. We can change the localhost and test from another machine using @IP.ADDR.ESS. On windows you can use nslookup.

nslookup andromeda
nslookup test.example.com

This should also show the IP addresses we set set in our /etc/hosts file on the dns server.

Updating the Router

Now that we have dnsmasq working, I updated my router to also use my server as the main name server. This was unifi specifc.

Settings -> Networks -> Edit -> Advanced -> DHCP Name Server -> Manual

Once I did this I could then use andromeda from any device on my network and get to my server.

I was expecting this to be much more {involved}[This was actually pretty involved and required turning off the beta view] but it was surprisingly easy.