DNS (Domain name Service) is a service that provides domain name to IP address resolution for computers on the Internet.
All of these computers have a public domain name assigned by the internet authority ICANN (Internet Corporation for Assigned Names and Numbers).
Records of Domain names and IP addresses are maintained on DNS servers located in many locations.
For home networks DNS services are usually provided by their ISP (internet Service provider).
Home Network Devices and DNS
Home network devices like computers don’t have a public domain name and hence don’t have, or need an entry in the global DNS database.
So how do you locate devices on your home network if , for example, you need to access a local file share or printer?
Well DNS isn’t the only name resolution option and others methods are possible, and are used. Available methods are- broadcast, hosts, wins etc see local name resolution on home networks for more details.
However with the growing use of smart devices using a local DNS server for local name resolution is becoming popular.
The DNSMasq DNS Server
DNSMasq is a free DNS and DHCP server for small computer networks and is provided with most Linux distributions.
In my home installation it is installed on a raspberry pi 3 which I also use as an MQTT server and also runs node-red networking flows.
Understanding The DNS Name Resolution Process
When you type in a web address in your web browser the web browser will first use the DNS protocol to contact the DNS server that has been configured for that device.
The DNS server will respond to the resolution request with the IP address of the website or return a not found message.
Once the browser has the IP address of the website it can connect to it.
If the DNS process fails you get a server not found displayed in the browser.
This process is the same for all applications e.g. email, Skype etc. They all rely on DNS working in the background.
DNS Server Addresses
The addresses of the DNS servers are usually given to the client machine by a DHCP server, but can also be assigned manually.(see Static IP Address on Windows 10 tutorial for an example).
Two DNS server addresses are normally assigned for redundancy purposes.
On Windows you can view the addresses using the ipconfig command.
Setting Up and Using Your Own Local DNS Server
The process for using your own local DNS server to resolve local names is as follows:
- Install And Configure DNSMasq
- Edit the Hosts File
- Test Using Nslookup.
- Configure your clients to use it via DHCP
Before you install DNSMasq it is important that your machine has a fixed IP address.
You can do this locally by editing the dhcp.conf file or using the network GUI utility.
However the best way is to configure it at the DHCP level.
Almost all DHCP server let you assign a fixed IP address to a device.
To install on Linux (e.g ubuntu, Raspberry Pi) use:
sudo apt install dnsmasq.
Like almost all Linux applications configuration is via a text file /etc/dnsmasq.conf
The way it is configured is that all Local DNS requests are handled directly by the DNSMasq server and others that are for external resources are forwarded to the DNS servers you normally use. This is shown in the diagram below:
Although DNSMasq can be used as a DHCP server I use it simply as a DNS server and so the DHCP configuration isn’t used.
Although you can use the /etc/dnsmasq.conf file and uncomment the settings you need I prefer to use my own and copy the original file for safe keeping.
Local Network Domain Name
Although you don’t actually need one I think it best to use one. Appendix G. Private DNS Namespaces recommends these names for internal networks
Note you should not use .local as it is use by mDNS.
Example Configuration File
This is the configuration file I use on my network.
From the screen shot above you can see I use a .home as my local domain name. So all my machines will be of the form name.home this you can see in the hosts file ( shown later).
You can speed up DNS requests for you home network by increasing the cache size using
The default is 150 records. You can even use a large number as each record is only 100 bytes but I’m not sure if you will notice the difference.
DNSMasq uses the local local host file for the machine names so you will need to edit this with the names of your local machines. Below is my current hosts file.
If you make changes to the hosts file you will need to restart DNSMasq to pick up these changes.
The following commands you will find useful:
- sudo systemctl start dnsmasq #start the program
- sudo systemctl stop dnsmasq #stop the program
- sudo systemctl restart dnsmasq #restart the program
- sudo systemctl enable dnsmasq #start dnsmasq on boot
Before you configure your clients to use it you will need to test that it works as expected.
To do this use the nslookup tool. The following screen shot is taken from a windows 10 machine.
The first thing I do is to choose to use the DNSMasq server which is at IP address 192.168.1.21 and the I just enter a few names that I know are configured and then test external domain names using Google.
Configuring the Clients
The easiest way and recommended way is to use your DHCP server to assign the DNS address.
Because two addresses are assigned you will assign the local address and an Internet server address.
You then need to wait until the clients renew their IP address and they will pick up the local DNS server.
Common Questions and Answers
Q1- Is a Local DNS server really necessary?
A1- No not for most home networks?
Q2- Will it make my Internet activity faster?
A2- Yes as many addresses will be cached locally.
Q3- Is it necessary for Home Automation?
A3 No but it will make it easier.
Q4- What happens if my local DNS server is unavailable?
A4- The clients will use the public DNS server that you configured
Q5- Why not just use MDNS?
A6 It would be ideal but not all clients support it.
Having a local DNS server is very useful when you have lots of local machines and local network activity.
It will also be important with home automation devices that use IP.
In addition it should also make Internet activity faster as it uses a local cache.
However it involves another piece of hardware to configure and is not recommended for the non technical person.
- Home Network Subnet Mask Explained
- Name Resolution and DNS on Home Networks
- Understanding DHCP on Home Networks
- Multicast DNS (MDNS) on Home Networks
How to get automatic updates for DHCP leases?
Are you using dnsmasq for dhcp? or your router?
how to configure dnsmasq as non-root user
I don’t believe you can.
Is there some automatic way for the DNS server to recognize the hostnames on the network instead of me entering them manually in the hosts file?
are there any vulnareability known issues by having a home network DNS Server(or any risks) or do i enhance security by doing so ? do i get more privacy by seting up a home network dns server(i.g my ISP wont be able to filter the content i look in the internet)?
Not sure about enhanced security but it makes lookups faster for frequently used domains as they are cached locally. The main reason I use one is for connecting to devices on the home network. It is easier to use mqtt.home than 192.168.1.21.
As for the ISP you can bypass their dns by using google or open dna servers by adding them to your dhcp configuration.
However all your traffic goes through them and so unless it is encrypted using a VPN they can still see it.
Even with a VPN DNS might still go through the ISP
ok… sorry… I got it working- Use DNSMAsq as DNS – was not enabled…. so the dnsmasq was not running on the router. Now it is . All working now 🙂
Thanks .. I tried… pihole running and working nicely… dd-wrt router running… all is working from the router and the pi. can ping and nslookup from those 2 machines….. BUT…. my windows machine… um ? please help… your very first step when you type “nslookup”. and it already knows (how?) that it should send the request to the ip address of your dnsmasq … How that ? I get this “server unknown” , my windows pc don’t know where to go for the dnsmasq…. ( 192.168.9.1 is my gateway/router):
PS C:\WINDOWS\system32> nslookup
Default Server: UnKnown
*** UnKnown can’t find appletv: No response from server
I had a problem that threw me for a while, and is worth repeating here. I’d set up a fair number of static leases (about 55) for various devices on my network on my dd-wrt flashed router, and I noticed that the DHCP server ‘inside’ dnsmasq, although enabled, was constantly stopped. It appears that ‘unacceptable’ characters in the static lease list will do this. What ones? No-one has answered my request on other sites to know exactly what isn’t acceptable, although certainly a # or a – in a device name seems to be a problem. I’ve replaced them all with an underscore and the problem disappeared. A name with a – (dash) or a # (hash or pound) in it, it really seems to throw dnsmasq – so beware!
Tks mike for that info
What’s the benefit of doing this vs just using the hosts file? I assume you could also use it as an ad-blocker by redirecting bad sites to 0.0.0.0 just like you can with the hosts file.
The hosts file needs to be configured on each machine whereas using your own dns server means that it is done once