Install dnsmasq on Ubuntu

Written by

Yujin Boby

in

dnsmasq is a very powerful tool that can provide basic dns services/caching, act as dhcp server and also as tftp server.

To install dnsmasq, run

apt install dnsmasq

When you start dnsmasq, if it complain about port 53 alreay in use

dnsmasq: failed to create listening socket for port 53: Address already in use

This is because some other service is running on port 53. To find what service is listening on port 53, run

root@first-vm:~# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      4934/sshd: /usr/sbi 
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      93/systemd-resolved 
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      26081/mysqld        
tcp6       0      0 :::2222                 :::*                    LISTEN      4934/sshd: /usr/sbi 
tcp6       0      0 :::80                   :::*                    LISTEN      10467/apache2       
tcp6       0      0 :::3128                 :::*                    LISTEN      17606/(squid-1)     
root@first-vm:~#

In this case, it is systemd-resolved. To stop it, run

systemctl disable systemd-resolved
systemctl stop systemd-resolved

Now you can start dnsmasq with

systemctl start dnsmasq

After starting dnsmasq, if you try resolve a domain, it will fail

root@first-vm:~# nslookup yahoo.com localhost
;; connection timed out; no servers could be reached


root@first-vm:~#

This is because default configuration don’t have anything enabled. To enable DNS caching/resolver, you need to edit file

vi /etc/dnsmasq.conf

Add line

server=8.8.8.8
server=1.1.1.1

Restart dnsmasq

systemctl restart dnsmasq

Now you will be able to resolve domain name using localhost as the dns server.

root@first-vm:~# nslookup serverok.in localhost
Server:		localhost
Address:	::1#53

Non-authoritative answer:
Name:	serverok.in
Address: 172.67.133.148
Name:	serverok.in
Address: 104.21.14.2
Name:	serverok.in
Address: 2606:4700:3030::ac43:8594
Name:	serverok.in
Address: 2606:4700:3035::6815:e02

root@first-vm:~#

If you need dnsmasq listen to only local ip, add following in /etc/dnsmasq.conf and restart dnsmasq.

listen-address=127.0.0.1

If you need to override MX record for a domain, you can add following to dnsmasq.conf

mx-host=example.com,mail.example.com,5

To set txt record for a domain

txt-record=example.com,"v=spf1 a -all"

See dnsmasq

Comments

Leave a Reply

Your email address will not be published. Required fields are marked *

More posts