Home » , » Dnsmasq Usage and Examples

Dnsmasq Usage and Examples


Dnsmasq


Contents

 [hide]

[edit]1. Introduction

This first paragraph is taken from the dnsmasq home page.
Dnsmasq is a lightweight, easy to configure DNS forwarder and DHCP server. It is designed to provide DNS and, optionally, DHCP, to a small network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. Dnsmasq supports static and dynamic DHCP leases and BOOTP/TFTP for network booting of diskless machines.

[edit]2. Installation.

[edit]2.1. Install Using The 'apt-get' Software

Use the command line below . You will need the universe repository in your software sources list.
Install command 
sudo apt-get install dnsmasq dnsmasq-base 

[edit]3. Initialization and Configuration.

[edit]3.1. The example system used in this HOWTO

The server where dnsmasq is running its DNS and DHCP services is called linux60 (192.168.0.7), The Router is IP 192.168.0.1. There are a mixture of real and virtual machines all using these services. All machines are in the local domain example.com. The client machines will have names like linux12 or kvmubuntu.

[edit]3.2. Setting up the server

[edit]3.2.1. Make backup copies of 'conf' files.

Start by making a copy of the files we will be changing so you can always go back to a know starting point.
Copy original configuration files: cd /etc cp dnsmasq.conf hosts resolve.conf ~/mybackups

[edit]3.2.2. Setting up /etc/dnsmasq.conf

Looking at the file /etc/dnsmasq.conf first. Below is a good starting point to get things up and running. The lines are listed in the same order as they appear in the default file. Just uncomment and amend them as necessary. (Remove the '#' from the beginning of the line)
Example /etc/dnsmasq.conf: 
domain-needed 
bogus-priv 
expand-hosts 
domain=example.com 
dhcp-range=192.168.0.20,192.168.0.50,24h 
What these lines will do for you.
domain-needed This tells dnsmasq to never pass short names to the upstream DNS servers. If the name is not in the local /etc/hosts file then "not found" will be returned. bogus-priv All reverse IP (192.168.x.x) lookups that are not found in /etc/hosts will be returned as "no such domain" and not forwarded to the upstream servers. expand_hostsSo we can see our local hosts via our home domain without having to repeatedly specify the domain in our /etc/hosts file. domain This is your local domain name. It will tell the DHCP server which host to give out IP addresses for. dhcp-range This is the range of IPs that DHCP will serve: 192.168.0.20 to 192.168.0.50, with a lease time of 24 hours. The lease time is how long that IP will be linked to a host. Dnsmasq will, set or find out automatically, lots of common networking and connection values. These do not need to be set unless you are paranoid or like to specifically set these things. Which is rather nice of dnsmasq, don't you agree?
broadcast address network mask router parameters interface (eth0) and IP address to listen on

[edit]3.2.3. Setting the server /etc/hosts file

The /etc/hosts file on the example server will look like this. Leave the IPv6 stuff as it was.
Example /etc/hosts: 
127.0.0.1 localhost 
192.168.0.7 linux60 
3.2.4. Setting the server /etc/resolve.conf file
One last thing to do it set the localhost or loop device on the server as a nameserver so it can use the DNS service that it is running. Add the nameserver line below to the top of the list in /etc/resolv.conf.
Example /etc/resolve.conf:
nameserver 127.0.0.1

[edit]3.3. Setting up the clients

[edit]3.3.1. Make backup copies of 'conf' files.

Start by making a copy of the files we will be changing so you can always go back to a know starting point.
Copy original configuration files: 
cd /etc 
cp dhcp3/dhclient.conf hosts resolve.conf  ~/mybackups 
The /etc/hosts file on the client machines should look similar to this. Leave the IPv6 stuff alone.

Example /etc/hosts: 
127.0.0.1 localhost 
127.0.1.1 linux12 
Note: There should be no need to change the hosts file from the default one created by Ubuntu.
3.3.2. Clients for DNS.
In the example setup our server is linux60 or 192.168.0.7 it is the only machine with a static IP address. This is necessary as we need to tell the other machine were to look for the DNS service. So we need to tell the other machines were to get their DNS service from to take advantage of our shiny new server. We do this by adding a line to /etc/resolv.conf. I put it as the first nameserver in the file.
Example /etc/resolve.conf: nameserver 192.168.0.7

[edit]3.3.3. Clients for DHCP.

The only change here that we need to do is to make sure that when the host requests an IP address it passes its own hostname to the DHCP server. So the other machines can use its name to look up the IP address it was just given. So for example if we are setting up our workstation called linux12 that is in our fictitious domain example.com we would add the following line to /etc/dhcp3/dhclient.conf
Example /etc/dhcp3/dhclient.conf: send host-name "linux12.example.com"; You can now reboot linux12. During which time it will talk to our new DHCP server request a new IP address. The server will remember which IP address it gave out to linux12 and it and other machines on the network will be able to ping linux12. No more needing to know which machine has which IP address.

[edit]4. Testing & Troubleshooting

[edit]4.1. Testing the DNS server

[edit]4.1.1. Locally on the server and on remote hosts

The simplest way to test that your DNS is up and running it to use the dig utility. When you look at the output from dig the part we are interested in is the third and forth line from the end. Just use dig to see the output.

[edit]4.2. Testing DHCP.

Assuming your dnsmasq server is already setup and working. Start up one of the other hosts. After it has booted look at the output from ifconfig looking at the second line for the network interface and the inet addr should be within the DHCP range you set on the server.
Code: inet addr:192.168.0.7 Bcast:192.168.0.255 Mask:255.255.255.0 From the dnsmasq server you should be able to ping the machine you just booted by name and vice-versa.
Make sure you have turned off all other DHCP servers on your system.
You can test that you are using the dnsmasq DHCP server by making a range one just one IP address in /etc/dnsmasq.conf, restarting the dnsmasq server and rebooting the client machine. It should now be using that one IP address.

[edit]5. Stopping And Starting The dnsmasq Daemon.

This is really simple just run the dnsmasq startup script in /etc/init.d with stop, start or restart. That was simple
Code: 
sudo /etc/init.d/dnsmasq stop 
sudo /etc/init.d/dnsmasq start 
sudo /etc/init.d/dnsmasq restart 

  • note:if this service does not start automatically, we can use "bum" to do this.

[edit]6. reverse DNS resolution

配置反向dns解析 (reverse DNS)
执行vim /etc/dnsmasq.conf,打开dnsmasq的配置文件,找到addn_hosts这一行,去掉前面的#
修改此行 为 :
addn-hosts=/etc/dns_add_hosts
然后我们 建立 /etc/dns_add_hosts文件, vim /etc/dns_add_hosts
加入下面内容
10.8.0.1 dns.netroby.com
每一行对应着 IP 域名
保存后重启dnsmasq服务 /etc/init.d/dnsmasq restart 反向解析就已经生效了。

[edit]6. Further Information. Advanced stuff.

I would strongly suggest that you get the basic stuff working and sorted out before doing anything in this section. .
Verisign, back in September 2003, decided to push unwanted advertising your way when there was no domain registered rather than returning the "no such domain" message. To stop this type of unnecessary annoyance you can use the following option in /etc/dnsmasq. If you find more IPs then you simply add one more line.
Code: bogus-nxdomain=64.94.110.11 To find out if your ISP or the whoever it providing your upstream DNS is doing this to you , just try looking up, with dig totally, random domain names if they return a valid IP address and the SAME IP address. Add it to the list of bogus-nxdomain IP addresses. Then restart the dnsmasq service.
You can even stop some of those pesky advertisements getting to your browsers by redirecting domains to a local IP address, localhost is good.
Code: 
address=/doubleclick.net/127.0.0.1 

[edit]6.1. Links I Found Useful

dnsmasq Home page


-->

Popular Posts