DEV Community

Joe Neville
Joe Neville

Posted on

Dnsmasq - Lightweight Name Resolution For Your Home Lab

If you need name resolution (DNS) for a small network or home lab, Dnsmasq is worth investigating.

💻 Runs on Linux, macOS.
📦 Simple package install with apt-get (on ubuntu linux).
📛 Provides DNS and DHCP services - I'm just running DNS here.

The only downside I've encountered so far is that, while the man page is detailed, some user produced 'how to' guides use various different ways to configure the setup for Dnsmasq.

I've documented the steps that worked for me.

Requirements

  • I'm building a private Public Key Infrastructure in my home lab.
  • For the lab I need name resolution.
  • I'm learning and documenting as I go, all servers and their configurations should to be disposable.
  • I'd like an approach that allows quick and easy updates to DNS records.

I've found that Dnsmasq is a good fit for my requirements.

Here's my install notes for a simple two server install using Dnsmasq for DNS only. I cover IPv4 & A records only but Dnsmasq supports IPv6:

Dnsmasq Install Step-by-Step

  1. Build two linux server VMs, I'm using Ubuntu 20.04.1.
  2. Update and upgrade

    sudo apt-get update && sudo apt-get -y install
    
  3. Use Netplan (or whichever approach you prefer) to statically configure IP addresses, default gateway, name servers and search domain. See here if you need more information on Netplan.
    Note: On all server that are not running Dnsmasq, point their name server configuration to the Dnsmasq server IP address.
    Here's an example Netplan YAML file:

    network:
      ethernets:
        eth0:
          dhcp4: False
          addresses:
            - 192.168.1.21/16
            - "2001:db8:2::21/64"
          gateway4: 192.168.1.254
          gateway6: "2001:db8:2::99"
          nameservers:
            search: [zola.home]
            addresses: [192.168.1.20]
      version: 2
    
  4. On the name server, install Dnsmasq

    sudo apt-get -y install dnsmasq
    
  5. The package will attempt to start Dnsmasq, this will fail because the port is in use already. This is fine and we will fix later.

    Dec 16 10:59:59 name-1 dnsmasq[1165]: dnsmasq: failed to create listening socket for port 53: Address already in use
    Dec 16 10:59:59 name-1 dnsmasq[1165]: failed to create listening socket for port 53: Address already in use
    Dec 16 10:59:59 name-1 dnsmasq[1165]: FAILED to start up
    
  6. Now turn off the systemd-resolved and delete the resolved config file.

    sudo systemctl stop systemd-resolved
    sudo systemctl disable systemd-resolved
    sudo rm -v /etc/resolv.conf
    
  7. Configure Dnsmasq config file /etc/dnsmasq.conf.
    Here's a sample config file:

    # Never forward plain names (without a domain)
    domain-needed
    # Turn off DHCP on eth0
    no-dhcp-interface=eth0
    # Never forward addresses in the non-routable address space (RFC1918)
    bogus-priv
    # Add domain to host names
    expand-hosts
    # Domain to be added if expand-hosts is set
    domain=zola.home
    # Local domain to be served from /etc/hosts file
    local=/zola.home/
    # Don't read /etc/resolv.conf (I deleted it). Get the external name server from this file, see 'server' below
    no-resolv
    # External server, works with no-resolv
    server=8.8.8.8
    
  8. Update the Dnsmasq server /etc/hosts file with the name and IP address of the hosts you wish to resolve.

    127.0.0.1 localhost
    192.168.1.20 name-1
    192.168.1.21 server-2
    
  9. Start and Enable the Dnsmasq service.

    sudo systemctl start dnsmasq
    sudo systemctl enable dnsmasq
    
  10. To test: ping from the Dnsmasq server to an external site, itself and a neighbouring server. Do the same on Server-2.

    joe@server-2:~$ ping name-1
    PING name-1.zola.home (192.168.1.20) 56(84) bytes of data.
    64 bytes from name-1.zola.home (192.168.1.20): icmp_seq=1 ttl=64 time=0.152 ms
    64 bytes from name-1.zola.home (192.168.1.20): icmp_seq=2 ttl=64 time=0.221 ms
    ^C
    --- name-1.zola.home ping statistics ---
    2 packets transmitted, 2 received, 0% packet loss, time 1023ms
    rtt min/avg/max/mdev = 0.152/0.186/0.221/0.034 ms
    

Top comments (1)

Collapse
 
metropt profile image
José Xavier

What happen if you left domain field empty?