10 C
Texas
type here...
By sabi
0
3298
sabi

How To Install & configure Dnsmasq on Ubuntu 18.04 LTS

Today we are going to Install & configure Dnsmasq DNS Server on Ubuntu 18.04 LTS. Dnsmasq is a simple, lightweight, easy to use & manage DNS server along with support for Lua scripting, IPv6, DNSSEC etc. It has a small footprint hence, suitable for resource-constrained routers & firewalls.

Dnsmasq has been designed to provide DNS, and optionally DHCP/TFTP services for a small to mid-size networks. Fist of all we will look at Dnsmasq subsystems & then move toward the Installation.

Dnsmasq has three main subsystems.

  • DNS subsystem: Used for caching of A. AAAA,CNAME & PTR.
  • DHCP subsystem: It supports DHCPv4, DHCPv6,BOTP & PXE.
  • Router Advertisement: Provides basic autoconfiguration for IPv6 host.

Step 1: Installing Dnsmasq on Ubuntu 18.04

Disable systemd-resolve as it binds to port 53 due to which Dnsmasq will be effected.

- Advertisement -

Type the given command to disable the resolved service.

sudo systemctl disable systemd-resolved
sudo systemctl stop systemd-resolved

Also, remove the sysmlinked resolv.conf file by

$ ls -lh /etc/resolv.conf 
 lrwxrwxrwx 1 root root 39 Aug  8 15:52 /etc/resolv.conf -> ../run/systemd/resolve/stub-resolv.conf
 $ sudo rm /etc/resolv.conf

Then create new resolv.conf file

echo "nameserver 8.8.8.8" > /etc/resolv.conf

As Dnsmasq is available on the apt repository, install it by typing

sudo apt-get install dnsmasq

You can find the main config file for Dnsmasq under /etc/dnsmasq.conf

sudo nano /etc/dnsmasq.conf

See the minimal configuration

Listen on this specific port instead of the standard DNS port
 (53). Setting this to zero completely disables DNS function,
 leaving only DHCP and/or TFTP.
 port=53
 Never forward plain names (without a dot or domain part)
 domain-needed
 Never forward addresses in the non-routed address spaces.
 bogus-priv
 By  default,  dnsmasq  will  send queries to any of the upstream
 servers it knows about and tries to favour servers to are  known
 to  be  up.  Uncommenting this forces dnsmasq to try each query
 with  each  server  strictly  in  the  order  they   appear   in
 /etc/resolv.conf
 strict-order
 Set this (and domain: see below) if you want to have a domain
 automatically added to simple names in a hosts-file.
 expand-hosts
 Set the domain for dnsmasq. this is optional, but if it is set, it
 does the following things.
 1) Allows DHCP hosts to have fully qualified domain names, as long
 as the domain part matches this setting.
 2) Sets the "domain" DHCP option thereby potentially setting the
 domain of all systems configured by DHCP
 3) Provides the domain part for "expand-hosts"
 domain=thekelleys.org.uk
 domain=mypridomain.com
 Set Liste address
 listen-address=127.0.0.1 # Set to Server IP for network responses

To enable DNSSEC validation & caching, uncomment 

#dnssec

Do the config according to your own environment & restart dnsmasq services.

sudo systemctl restart dnsmasq

Step 2: Add DNS records to Dnsmasq

Add DNS records in the file /etc/hosts/. Dnsmasq will reply to queries from clients using these records.

$ sudo vim /etc/hosts
 10.1.3.4 server1.mypridomain.com
 10.1.4.4 erp.mypridomain.com 
 192.168.10.2 checkout.mypridomain.com 
 192.168.4.3 hello.world

Then restart dnsmasq services.

sudo systemctl restart dnsmasq

Step 3: Test Dnsmasq functionality

Edit the file /etc/network/interfaces for persistent configuration, or the file /etc/netplan/ on Ubuntu 18.04 servers. As it is a test, I’ll modify runtime file /etc/resolv.conf

$ sudo nano /etc/resolv.conf
 nameserver 127.0.0.1
 nameserver 8.8.8.8

Then test using dig:

$ dig A erp.mypridomain.com
 ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> A erp.mypridomain.com
 ;; global options: +cmd
 ;; Got answer:
 ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 43392
 ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
 ;; OPT PSEUDOSECTION:
 ; EDNS: version: 0, flags:; udp: 4096
 ;; QUESTION SECTION:
 ;erp.mypridomain.com.        IN  A
 ;; ANSWER SECTION:
 erp.mypridomain.com.    0   IN  A   10.1.4.4
 ;; Query time: 0 msec
 ;; SERVER: 127.0.0.1#53(127.0.0.1)
 ;; WHEN: Tue Aug 21 10:35:41 UTC 2018
 ;; MSG SIZE  rcvd: 64

See the other example 

$ dig checkout.mypridomain.com A +noall +answer
 ; <<>> DiG 9.11.3-1ubuntu1.1-Ubuntu <<>> checkout.mypridomain.com A +noall +answer
 ;; global options: +cmd
 checkout.mypridomain.com. 0 IN A 192.168.10.2

Confirm that we are getting responses as configured.

Step 3:Configure Dnsmasq as DHCP Server (Optional)

Configure /etc/dnsmasq.conf & provide DHCP options. You need to provide.

  • Gateway IP address
  • DNS Server IP address
  • Network Subnet mask
  • DHCP Addresses range
  • NTP Server

Look at the example

dhcp-range=192.168.3.25,192.168.3.50,24h
 dhcp-option=option:router,192.168.3.1
 dhcp-option=option:ntp-server,192.168.3.5
 dhcp-option=option:dns-server,192.168.3.5
 dhcp-option=option:netmask,255.255.255.0

Then restart dnsmasq services & configure clients to obtain an IP address from this server.

sudo systemctl restart dnsmasq
- Advertisement -
Everything Linux, A.I, IT News, DataOps, Open Source and more delivered right to you.
Subscribe
"The best Linux newsletter on the web"
Previous articleInstall Tilix GTK3 tiling terminal emulator on Ubuntu / Debian
Next articleHow to install Apache CouchDB on CentOS 8?

LEAVE A REPLY

Please enter your comment!
Please enter your name here



Latest article

Osradar
Osradar is a non-profit organization . our goal is to spread knowledge about Opensource and lead people in the word of Free Software
Contact us: [email protected]

POPULAR POSTS

POPULAR CATEGORY