Best Way How to Install and Configure Dnsmasq in Ubuntu 22.04|20.04|18.04

Dnsmasq is an open-source software utility used for providing Domain Name System (DNS) caching, Dynamic Host Configuration Protocol (DHCP) server, router advertisement, and network boot services intended for small network coverage. DHCP option supports both static and dynamic leasing, multiple networks, and IP address ranges.

In this article, am going to take you through how to install Dnsamasq in ubuntu 22.04|20.04|18.04 LTS.

Dnsmasq Subsystems

DNS Subsystem – Provides caching of DNS records such as A, AAAA, CNAME, and PTR.

DHCP Subsystem – Supports DHCPv4, DHCPv6, BOTP, and PXE.

Router Advertisement Subsystem – Provides basic autoconfiguration for IPv6 hosts.

Step 1:Disable systemd-resolve 22.04|20.04|18.04

Since Dnsmasq runs on port 53, you need to disable systemd-resolve which runs on the same port to avoid port conflicts.

$ sudo systemctl disable systemd-resolved
Removed /etc/systemd/system/multi-user.target.wants/systemd-resolved.service.
Removed /etc/systemd/system/dbus-org.freedesktop.resolve1.service.
$ sudo systemctl stop systemd-resolved

Consider removing the existing symlink to resolv.conf file

$ ls -lh /etc/resolv.conf
lrwxrwxrwx 1 root root 39 Jul 26 2018 /etc/resolv.conf ../run/systemd/resolve/stub-resolv.conf
$ sudo unlink /etc/resolv.conf

Create a new resolv.conf file and add public DNS servers you wish. In my case am going to use google DNS. 

$ echo nameserver 8.8.8.8 | sudo tee /etc/resolv.conf

Step 2: Install Dnsmasq in Ubuntu 22.04|20.04|18.04 LTS

Now update your system and install Dnsmasq from apt repositories. 

$ sudo apt update
$ sudo apt install dnsmasq

To find and configuration file for Dnsmasq, navigate to /etc/dnsmasq.conf. Edit the file by modifying it with your desired configs. Below is minimal configurations for it to run and support minimum operations.

$ vim /etc/dnsmasq.conf

port=53

# Never forward addresses in the non-routed address spaces.
bogus-priv

# Uncomment these to enable DNSSEC validation and caching:
# (Requires dnsmasq to be built with DNSSEC option.)
#conf-file=%%PREFIX%%/share/dnsmasq/trust-anchors.conf
#dnssec
# By  default,  dnsmasq  will  send queries to any of the upstream
# servers it knows about and tries to favour servers to are  known
# to  be  up.  Uncommenting this forces dnsmasq to try each query
# with  each  server  strictly  in  the  order  they   appear   in
# /etc/resolv.conf
Strict-order

# If you want dnsmasq to listen for DHCP and DNS requests only on
# specified interfaces (and the loopback) give the name of the
# interface (eg eth0) here.
# Repeat the line for more than one interface.
#interface=
# Or you can specify which interface _not_ to listen on
#except-interface=
# Or which to listen on by address (remember to include 127.0.0.1 if
# you use this.)
listen-address=127.0.0.1 # Put the IP of your server network
# Set this (and domain: see below) if you want to have a domain
# automatically added to simple names in a hosts-file.
expand-hosts

# Set the domain for dnsmasq. this is optional, but if it is set, it
# does the following things.
# 1) Allows DHCP hosts to have fully qualified domain names, as long
#     as the domain part matches this setting.
# 2) Sets the "domain" DHCP option thereby potentially setting the
#    domain of all systems configured by DHCP
# 3) Provides the domain part for "expand-hosts"
domain=example.com

# Set a different domain for a particular subnet
#domain=wireless.thekelleys.org.uk,192.168.2.0/24

To use DNSSEC validation and caching, enable it by uncommenting dnssec in the config file.

When done with editing the file, close it and restart Dnsmasq to apply the changes. 

$ sudo systemctl restart dnsmasq

Step 3:  Add DNS Records to Dnsmasq

Now that you have Dnsmasq running without errors, we can go ahead and add DNS records in /etc/hosts file.  These are records that Dnsmasq will use to respond to clients’ queries. 

$ sudo vim /etc/hosts
127.0.0.1       localhost.localdomain   localhost
::1             localhost6.localdomain6 localhost6
#DNS Records
192.168.0.102 server1.example.com
192.168.0.103 server2.example.com
192.168.0.104 server3.example.com
192.168.0.105 server4.example.com
# The following lines are desirable for IPv6 capable hosts
::1     localhost ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts

Restart Dnsmasq to apply the changes.

$ sudo systemctl restart dnsmasq

Step 3: Test DNS Server Functionality.

To test and verify that your DNS server can handle client requests pointed on it, make sure your DNS nameserver has a static IP set in the network configuration file. For my case am going to edit /etc/resolve.conf file for test purposes.

$ vim /etc/resolv.conf
nameserver 127.0.0.1
nameserver 8.8.8.8

Now test with the dig command to check A records of your hosts set in /etc/hosts file. 

$ dig server2.com

; <<>> DiG 9.11.3-1ubuntu1.16-Ubuntu <<>> server2.com
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 64720
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;server2.com.                   IN      A
;; ANSWER SECTION:
server2.com.            0       IN      A       192.168.0.103

;; Query time: 0 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Sat May 14 13:26:43 EAT 2022
;; MSG SIZE  rcvd: 56

Step 4: Configuring Dnsmasq as A DHCP Server

Dnsmasq can be used to assign IP addresses to other client machines either statically or dynamically. To achieve this, you will need to edit /etc/dnsmasq.conf file and set the necessary options as shown below. Add to the bottom of the file.

$ sudo /etc/dnsmasq.conf

dhcp-range=192.168.10.50,192.168.0.10,255.255.255.250
dhcp-option=option:router,192.168.0.1
dhcp-option=option:dns-server,192.168.0.1
dhcp-option=option:netmask,255.255.255.0

• dhcp-range –  This is the range within which clients will be assigned  IP addresses from. 
• dhcp-option – This is used to set the default gateway, IP of DNS server as well as the network subnet mask. 

Now restart Dnsmasq for new configurations to take effect.

$ sudo systemctl restart dnsmasq

Conclusion

Am hoping that you are now in a better position to install and perform configuration with Dnsmasq as a local DNS server. Thank you for visiting our site and for your great support. Don’t forget to checkout our recent articles, share and leave a comment to help us improve.