How to Setup a Local DNS Server Using DNSMasq

DNS (Domain name Service) is a service that provides domain name to IP address resolution for computers on the Internet.

All of these computers have a public domain name assigned by the internet authority ICANN (Internet Corporation for Assigned Names and Numbers).



Records of Domain names and IP addresses are maintained on DNS servers located in many locations.

For home networks DNS services are usually provided by their ISP (internet Service provider).

Home Network Devices and DNS

Home network devices like computers don’t have a public domain name and hence don’t have, or need an entry in the global DNS database.

So how do you locate devices on your home network if , for example, you need to access a local file share or printer?

Well DNS isn’t the only name resolution option and others methods are possible, and are used. Available methods are- broadcast, hosts, wins etc  see local name resolution on home networks for more details.

However with the growing use of smart devices using a local DNS server for local name resolution is becoming popular.

The DNSMasq DNS Server

DNSMasq is a free  DNS and DHCP server for small computer networks and is provided with most Linux distributions.

In my home installation it is installed on a raspberry pi 3 which I also use as an MQTT server and also runs node-red networking flows.

Understanding The DNS Name Resolution Process

When you type in a web address in your web browser the web browser will first use the DNS protocol to contact the DNS server that has been configured for that device.

The DNS server will respond to the resolution request with the IP address of the website or return a not found message.

Once the browser has the IP address of the website it can connect to it.

If the DNS process fails you get a server not found displayed in the browser.

This process is the same for all applications e.g. email, Skype etc. They all rely on DNS working in the background.

DNS Server Addresses

The addresses of the DNS servers are usually given to the client machine by a DHCP server, but can also be assigned manually.(see Static IP Address on Windows 10 tutorial for an example).

Two DNS server addresses are normally assigned for redundancy purposes.

On Windows you can view the addresses using the ipconfig command.

DHCP-assigned-DNS

 

manually-assigned-DNS

Setting Up and Using Your Own Local DNS Server

The process for using your own local DNS server to resolve local names is as follows:

Installing DNSMasq

Before you install DNSMasq it is important that your machine has a fixed IP address.

You can do this locally by editing the dhcp.conf file or using the network GUI utility.

However the best way is to configure it at the DHCP level.

Almost all DHCP servers let you assign a fixed IP address to a device. See DHCP Server setup

To install on Linux (e.g ubuntu, Raspberry Pi) use:

sudo apt install dnsmasq.

Configuring DNSMasq

Like almost all Linux applications configuration is via a text file /etc/dnsmasq.conf

The way it is configured is that all Local DNS requests are handled directly by the DNSMasq server, and others that are for external resources are forwarded to the DNS servers you normally use.

This is shown in the diagram below:

dnsmasq-schematic

Although DNSMasq can be used as a DHCP server I use it simply as a DNS server and so the DHCP configuration isn’t used.

Although you can use the /etc/dnsmasq.conf file and uncomment the settings you need I prefer to use my own and copy the original file for safe keeping.

Local Network Domain Name

You don’t actually need one I think it best to use one. Appendix G. Private DNS Namespaces recommends these names for internal networks

  • intranet
  • internal
  • private
  • corp
  • home
  • lan

My choice is .home

Note you should not use .local as it is use by mDNS.

Example Configuration File

This is the configuration file I use on my network.

dnsmasq-config-file-example

From the screen shot above you can see I use a .home as my local domain name.

So all my machines will be of the form name.home this you can see in the hosts file ( shown later).

You can speed up DNS requests for you home network by increasing the cache size using

cache-size=5000

The default is 150 records. You can even use a large number as each record is only 100 bytes but I’m not sure if you will notice the difference.

Hosts File

DNSMasq uses the local local host file for the machine names so you will need to edit this with the names of your local machines.

Below is my current hosts file.

DNSMasq-host-file

If you make changes to the hosts file you will need to restart DNSMasq to pick up these changes.

The following commands you will find useful:

  • sudo systemctl start dnsmasq #start the program
  • sudo systemctl stop dnsmasq #stop the program
  • sudo systemctl restart dnsmasq #restart the program
  • sudo systemctl enable dnsmasq #start dnsmasq on boot

Testing DNSMasq

Before you configure your clients to use it you will need to test that it works as expected.

To do this use the nslookup tool. The following screen shot is taken from a windows 10 machine.

The first thing I do is to choose to use the DNSMasq server which is at IP address 192.168.1.21 and then I just enter a few names that I know are configured and then test external domain names using Google.

DNSMasq-test

Configuring the Clients

The easiest way and recommended way is to use your DHCP server to assign the DNS address.

Because two addresses are assigned you will assign the local address and an Internet server address.

tplink_dhcp_settings

You then need to wait until the clients renew their IP address and they will pick up the local DNS server.

When is Running a Local DNS Server Important?

If you are running internal services like MQTT,Home Assistant,Media players,security systems etc then an internal DNS server will make your life much easier.

As an example lets say you run an MQTT broker and you have configured your clients to access it using it’s IP address what happens if you move the broker to another machine ?

In this case you will need to reconfigure all clients.

However if you had used an Internal DNS server you would just need to change a record in the DNS database.

Common Questions and Answers

Q1- Is a Local DNS server really necessary?

A1- No not for most home networks?

Q2- Will it make my Internet activity faster?

A2- Yes as many addresses will be cached locally.

Q3- Is it necessary for Home Automation?

A3 No but it will make it easier.

Q4- What happens if my local DNS server is unavailable?

A4- The clients will use the public DNS server that you configured

Q5- Why not just use MDNS?

A5 It would be ideal but not all clients support it.

Q6-Can I use a BInd DNS server on my local network instead of DNSMasq

A6- Yes but Bind is more difficult to setup.

Summary

Having a local DNS server is very useful when you have lots of local machines and local network activity.

It will also be important with home automation devices that use IP.

In addition it should also make Internet activity faster as it uses a local cache.

However it involves another piece of hardware to configure and is not recommended for the non technical person.

Resources:

Related Tutorials:

Please Let me Know if you found it Useful
[Total: 11 Average: 3.8]

14 comments

  1. Is there some automatic way for the DNS server to recognize the hostnames on the network instead of me entering them manually in the hosts file?

  2. are there any vulnareability known issues by having a home network DNS Server(or any risks) or do i enhance security by doing so ? do i get more privacy by seting up a home network dns server(i.g my ISP wont be able to filter the content i look in the internet)?

    1. Not sure about enhanced security but it makes lookups faster for frequently used domains as they are cached locally. The main reason I use one is for connecting to devices on the home network. It is easier to use mqtt.home than 192.168.1.21.
      As for the ISP you can bypass their dns by using google or open dna servers by adding them to your dhcp configuration.
      However all your traffic goes through them and so unless it is encrypted using a VPN they can still see it.
      Even with a VPN DNS might still go through the ISP
      https://www.quora.com/Does-a-VPN-bypass-the-DNS-on-your-router
      Rgds
      Steve

  3. ok… sorry… I got it working- Use DNSMAsq as DNS – was not enabled…. so the dnsmasq was not running on the router. Now it is . All working now 🙂

  4. Thanks .. I tried… pihole running and working nicely… dd-wrt router running… all is working from the router and the pi. can ping and nslookup from those 2 machines….. BUT…. my windows machine… um ? please help… your very first step when you type “nslookup”. and it already knows (how?) that it should send the request to the ip address of your dnsmasq … How that ? I get this “server unknown” , my windows pc don’t know where to go for the dnsmasq…. ( 192.168.9.1 is my gateway/router):

    PS C:\WINDOWS\system32> nslookup
    Default Server: UnKnown
    Address: 192.168.9.1
    > appletv
    Server: UnKnown
    Address: 192.168.9.1
    *** UnKnown can’t find appletv: No response from server

  5. I had a problem that threw me for a while, and is worth repeating here. I’d set up a fair number of static leases (about 55) for various devices on my network on my dd-wrt flashed router, and I noticed that the DHCP server ‘inside’ dnsmasq, although enabled, was constantly stopped. It appears that ‘unacceptable’ characters in the static lease list will do this. What ones? No-one has answered my request on other sites to know exactly what isn’t acceptable, although certainly a # or a – in a device name seems to be a problem. I’ve replaced them all with an underscore and the problem disappeared. A name with a – (dash) or a # (hash or pound) in it, it really seems to throw dnsmasq – so beware!

  6. What’s the benefit of doing this vs just using the hosts file? I assume you could also use it as an ad-blocker by redirecting bad sites to 0.0.0.0 just like you can with the hosts file.

    1. The hosts file needs to be configured on each machine whereas using your own dns server means that it is done once

Leave a Reply to steve Cancel reply

Your email address will not be published. Required fields are marked *