Tag: dnsmasq

dnsmasq is a very powerful tool that can provide basic dns services/caching, act as dhcp server and also as tftp server.

To install dnsmasq, run

apt install dnsmasq

When you start dnsmasq, if it complain about port 53 alreay in use

dnsmasq: failed to create listening socket for port 53: Address already in use

This is because some other service is running on port 53. To find what service is listening on port 53, run

root@first-vm:~# netstat -lntp
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 0.0.0.0:2222            0.0.0.0:*               LISTEN      4934/sshd: /usr/sbi 
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      93/systemd-resolved 
tcp        0      0 127.0.0.1:3306          0.0.0.0:*               LISTEN      26081/mysqld        
tcp6       0      0 :::2222                 :::*                    LISTEN      4934/sshd: /usr/sbi 
tcp6       0      0 :::80                   :::*                    LISTEN      10467/apache2       
tcp6       0      0 :::3128                 :::*                    LISTEN      17606/(squid-1)     
root@first-vm:~#

In this case, it is systemd-resolved. To stop it, run

systemctl disable systemd-resolved
systemctl stop systemd-resolved

Now you can start dnsmasq with

systemctl start dnsmasq

After starting dnsmasq, if you try resolve a domain, it will fail

root@first-vm:~# nslookup yahoo.com localhost
;; connection timed out; no servers could be reached


root@first-vm:~#

This is because default configuration don’t have anything enabled. To enable DNS caching/resolver, you need to edit file

vi /etc/dnsmasq.conf

Add line

server=8.8.8.8
server=1.1.1.1

Restart dnsmasq

systemctl restart dnsmasq

Now you will be able to resolve domain name using localhost as the dns server.

root@first-vm:~# nslookup serverok.in localhost
Server:		localhost
Address:	::1#53

Non-authoritative answer:
Name:	serverok.in
Address: 172.67.133.148
Name:	serverok.in
Address: 104.21.14.2
Name:	serverok.in
Address: 2606:4700:3030::ac43:8594
Name:	serverok.in
Address: 2606:4700:3035::6815:e02

root@first-vm:~# 

If you need dnsmasq listen to only local ip, add following in /etc/dnsmasq.conf and restart dnsmasq.

listen-address=127.0.0.1

If you need to override MX record for a domain, you can add following to dnsmasq.conf

mx-host=example.com,mail.example.com,5

To set txt record for a domain

txt-record=example.com,"v=spf1 a -all"

See dnsmasq

Until recently .dev was popular TLD used by developers for local web development. Recently google acquired the rights to use .DEV domain name extension and forced SSL for this LTD in google chrome.

Web developers are looking for alternate home for their local development web sites. Some suggested .localhost as development LTD, but it is too large. Another option is .test, this is a reserved LTD, so you won’t be forced to leave and is short. So many opted for .test as local development domain extension.

DNSMasq allow you to point *.test domains to 127.0.01, so you don’t have to edit /etc/hosts and add each domain you need for local development.

To do this, create file

vi /etc/NetworkManager/dnsmasq.d/test

Add following

address=/.test/127.0.0.1

Restart network-manager.

service network-manager restart

We restarted network-manager as dnsmasq is started by Network Manager.

root@hon-pc-01:~# pstree -sp $(pidof dnsmasq)
systemd(1)───NetworkManager(11557)───dnsmasq(11594)
root@hon-pc-01:~#

dnsmasq