Install (01) Get Ubuntu 18.04. Enable integrated DHCP feature in Dnsmasq and Configure DHCP Server. 1 Configure Dnsmasq. Create a DHCP and DNS Server with Dnsmasq on Ubuntu Server 18.04 Published 18th Dec 2019. This tutorial will show you how to install and configure Dnsmasq on Ubuntu Server 18.04 so that DNS requests by clients on your network are cached. I had Ubuntu 16.04 which I recently upgraded to 18.04. On 16.04 I had dnsmasq with running configuration in parallel with bind. After upgrade, I am not able to start dnsmasq due to following error: dnsmasq: failed to create listening socket for port 53: Address already in use. The remote Ubuntu 18.04 LTS / 20.04 LTS / 21.04 host has packages installed that are affected by a vulnerability as referenced in the USN-4976-1 advisory. A flaw was found in dnsmasq in versions before 2.85. When configured to use a specific server for a given network interface, dnsmasq uses a fixed port while forwarding queries.
Date | Status | Target | Component | Section | Priority | Phased updates | Version | ||
---|---|---|---|---|---|---|---|---|---|
2021-06-02 13:58:45 UTC | Published | Ubuntu Bionic amd64 | updates | universe | net | Optional | 2.79-1ubuntu0.4 | ||
| |||||||||
2021-06-02 13:23:30 UTC | Published | Ubuntu Bionic amd64 | security | universe | net | Optional | 2.79-1ubuntu0.4 | ||
| |||||||||
2021-06-02 13:58:50 UTC | Superseded | Ubuntu Bionic amd64 | updates | universe | net | Optional | 2.79-1ubuntu0.3 | ||
| |||||||||
2021-06-02 13:24:15 UTC | Superseded | Ubuntu Bionic amd64 | security | universe | net | Optional | 2.79-1ubuntu0.3 | ||
| |||||||||
2021-02-24 14:32:27 UTC | Superseded | Ubuntu Bionic amd64 | updates | universe | net | Optional | 2.79-1ubuntu0.2 | ||
| |||||||||
2021-02-24 13:53:47 UTC | Superseded | Ubuntu Bionic amd64 | security | universe | net | Optional | 2.79-1ubuntu0.2 | ||
| |||||||||
2018-04-03 15:10:06 UTC | Published | Ubuntu Bionic amd64 | release | universe | net | Optional | 2.79-1 | ||
| |||||||||
2018-04-03 15:10:50 UTC | Superseded | Ubuntu Bionic amd64 | release | main | net | Optional | 2.79-1 | ||
| |||||||||
Deleted | Ubuntu Bionic amd64 | proposed | main | net | Optional | 2.79-1 | |||
|
Contents |
DNSmasq provides two services, either of which can be used independently.
A local DNS cache can speed up internet browsing because the user's browser will not need to access a domain name server when it looks up a domain name the computer has visited before.
DHCP allows the user's computer to allocate network addresses to other computers on the wired or wireless network. A computer needs a unique network address in order to do access the internet.
DNSmasq is not designed for so-called 'Internet Connection Sharing,' however, it does provide a lot of the services needed in the background. With DNSmasq set up, only two additional commands can set up internet connection sharing (ref?).
Note that the package 'dnsmasq' interferes with Network Manager which can use 'dnsmasq-base' to provide DHCP services when sharing an internet connection. Therefore, if you use network manager (fine in simple set-ups only), then install dnsmasq-base, but not dnsmasq. If you have a more complicated set-up, uninstall network manager, use dnsmasq, or similar software (bind9, dhcpd, etc), and configure things by hand.
Like much of the Ubuntu packages, dnsmasq is in universe. Make sure its enabled, then run these commands
dnsmasq can be configured by editing the file
A DNS server resolves human readable domain names into IP addresses. For example, when one requests ubuntu.com, the DNS server finds the IP address for ubuntu.com . One can run a DNS cache on a computer via the steps below. This will shorten the time required to look up domain names when browsing. The difference in time is on the order of hundreds of milliseconds.
After dnsmasq has been installed, use the text editor of choice, such as gedit, nano or vim to edit:
Note: in order to save modifications, the editor must be run with administrator permissions, e.g. sudo gedit /etc/dnsmasq.conf . Change the line that looks like (should be around line 90):
to,
Now, edit the file
Make sure that around line 20 looks like the following:
The prepend domain-name-servers 127.0.0.1; is the important part of the configuration. Adding the prepend option ensures that 127.0.0.1 will appear on the top of the list of DNS servers. 127.0.0.1 refers to the user's own computer. Whenever the user's computer needs to resolve a domain name, it will forward that request to dnsmasq (which is running at 127.0.0.1).
Now, edit the file:
The file should look something like this,
Don't worry if the above listed nameserver numbers are not the same as what appear in the text editor. But be sure to add the user's computer as a nameserver at the top of the list:
All that is left is to restart dnsmasq so that the changes we made to the configuration file come into effect. We do that via the command:
Now there is a DNS cache set up on the user's computer. To see the difference in speed, we can make use of the dig command twice on our test website:
The first time this happens, the output will look like:
Need for speed most wanted mac 2019. The second time will look like:
except-interface=eth0 if eth0 is the user's internet/LAN connected interface.
Bloons monkey city hacked online games. dhcp-range=192.168.0.20,192.168.0.254,255.255.255.0This range must not clash with your LAN IP address.
Save and exit the file, restart the daemon:
DNSmasq is now listening on some interfaces for DNS lookups and/or DHCP requests. One can verify this by running:
The user can add the line: nameserver 127.0.0.1 to the top of your /etc/resolv.conf file to use the local DNS cache first.
Alternatively, the package resolvconf sorts all this out automatically.
Note: If you have the resolvconf package installed, you cannot use the 'resolv-file=' option in your /etc/dnsmasq.conf configuration file as this value will be overridden by the init.d script when dnsmasq is started up. You should specify your upstream DNS servers using a dns-nameservers line (and optionally a dns-search line and other dns- options) for each interface in /etc/network/interfaces. The resolvconf scripts will automatically create a special file located at /var/run/dnsmasq/resolv.conf with your upstream servers and put 127.0.0.1 in /etc/resolv.conf to ensure DNS queries on your local machine use dnsmasq. For more information, see the resolvconf(8) man page.
Unlike the ISC DHCP server which '.. in some configurations bypasses the kernel firewall rules entirely' - http://thekelleys.org.uk/dnsmasq/docs/FAQ
- for dnsmasq to work, iptables mustn't block the DHCP port
^ This command will cause UFW to open the DHCP port, called bootps in /etc/services
CategoryNetworking