This page looks best with JavaScript enabled

Setting up dns server on raspberry pi ubuntu - dnsmasq

 ·   ·  ☕ 7 min read

    A DNS server is what handles translating a domain name such as pimylifeup.com to its end destination. It’s what helps transform IP addresses from something like “210.345.231.345” to the more user-friendly domain name system.

    By setting up a DNS server on your Raspberry Pi, you can use it to improve the time it takes for your computer to perform DNS requests.

    The DNS server on the Pi will make requests to other DNS servers to determine the IP for that request and cache it. This means when you request that same domain name again, you will be returned that request almost instantly.

    Setting up a DNS Server on the Raspberry Pi

    1. Before we can set up our Raspberry Pi as a DNS server, we must ensure everything is up to date.

    We can do this by running the following two commands on our Raspberry Pi.

    sudo apt update
    sudo apt upgrade
    

    2. Once the update has completed, we can proceed to install the software that we will be using to setup our Pi as a DNS server.

    This software package that we are installing is called DNSmasq. DNSmasq is a lightweight and straightforward DNS server that was designed with small-scale networks in mind.

    Thanks to its lightweight nature, DNSmasq is the perfect solution for setting up a DNS server on a Raspberry Pi as it won’t drain its limited resources.

    We can install dnsmasq to our Raspberry Pi by running the following command.

    sudo apt install dnsmasq
    

    Configuring the DNS Server

    1. Now that we have gone ahead and installed the dnsmasq software to our Raspberry Pi, we should now make some configuration changes to it.

    The changes that we will make to its configuration file will allow your Raspberry Pi to work as a better DNS server.

    We can begin making modifications to the file by running the following command.

    sudo nano /etc/dnsmasq.conf
    

    To find the sections that you are after easier, you can make use of CTRL + W to search for the required text.

    Find

    #domain-needed
    

    Replace with

    domain-needed
    

    This option changes the DNS server so that it does not forward names that do not contain a dot (.) or a domain name (.com) to upstream nameservers.

    Doing this will keep any plain names such as “localhost” or “dlinkrouter” to the local network.

    Find

    #bogus-priv
    

    Replace with

    bogus-priv
    

    This option stops the DNS server from forwarding reverse-lookup queries that have a local IP range to the upstream DNS servers.

    Doing this helps prevent leaking the setup of a local network as the IP addresses will never be sent to the upstream servers.

    Find

    #no-resolv
    

    Replace with

    no-resolv
    

    With this option, we tell dnsmasq not to read the “/etc/resolv.conf” file for its upstream nameservers and to instead rely on the ones specified in its configuration.S

    Find

    #server=/localnet/192.168.0.1
    

    Replace with

    server=8.8.8.8
    server=8.8.4.4
    

    Using this we instruct dnsmasq to utilize Googles DNS servers for its upstream nameservers.

    You can also make use of other public DNS’s such as CloudFlare’s DNS or OpenDNS.

    Find

    #cache-size=150
    

    Replace with

    cache-size=1000
    

    With this option we are increasing the amount of DNS requests that the dnsmasq software will cache.

    By increasing its cache size, we should be able to improve our Raspberry Pi’s DNS Servers overall performance and reduce the time to perform DNS lookups.

    And finally, “expand-hosts” will be useful later to add a fake domain name to our local devices.

    • Then add this line:
    domain=me.local
    

    You can set anything you want
    In my case, me.local will be my local domain name
    If I have a host named “kodi”, I can now access it with “kodi.me.local”
    We’ll see that later

    2. With the changes made to the configuration file, you can now save the file by pressing CTRL + X then Y followed by ENTER.

    Add a local host

    To create a local host (as kodi.me.local), you need to add it in the hosts file

    • Open the hosts file with nano

    sudo nano /etc/hosts

    • Add a line like this at the end

    192.168.1.17 kodi

    This line allows the Raspberry Pi to use “kodi” as a name to reach 192.168.1.17
    After saving, you can ping kodi from the Raspberry Pi

    • Save and exit (CTRL+O, CTRL+X)

    The Raspberry Pi can now use kodi as a host name
    And any computer using the Raspberry Pi as DNS server can use kodi.me.local

    3. As we have made changes to dnsmasq’s configuration, we will need to restart its service so that it reads in our changes.

    We can restart dnsmasq by running the following command.

    sudo systemctl restart dnsmasq
    

    4. Because we made some changes to the dnsmasq service, we should check to ensure that it has started up correctly.

    We can check the status of our DNS server by using the command below..

    sudo systemctl status dnsmasq
    

    If the status shows as “Active: active (running)” then you now have your Raspberry Pi successfully running as a DNS Server.

    You should now be able to point your device to the Rasberry Pi’s IP address to utilize it as a DNS server.

    Testing the Raspberry Pi DNS Server

    1. If you want to test the results of your Raspberry Pi DNS server without changing your DNS you can by making use of the “dig” tool.

    To use the dig tool on your Raspberry Pi, you will need to first install the “dnsutils” package by running the command below.

    sudo apt install dnsutils
    

    2. With the “dnsutils” package installed to the Raspberry Pi, we can go ahead and query our Pi DNS server by running the command below.

    Using “@localhost” we are telling the dig tool to utilize the localhost’s DNS server for the DNS lookup.

    dig pimylifeup.com @localhost
    

    3. From this command, you should get a response as we have below.

    This response shows the answer that the dig software retrieved from the Raspberry Pi’s DNS server.

    From this response, you can see how long the query took to complete as well as additional information.

    pi@raspberrypi:~ $ dig pimylifeup.com
    
    ; <<>> DiG 9.11.5-P4-5.1-Raspbian <<>> pimylifeup.com
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 40018
    ;; flags: qr rd ra; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 1
    
    ;; OPT PSEUDOSECTION:
    ; EDNS: version: 0, flags:; udp: 512
    ;; QUESTION SECTION:
    ;pimylifeup.com.                        IN      A
    
    ;; ANSWER SECTION:
    pimylifeup.com.         257     IN      A       104.25.42.22
    pimylifeup.com.         257     IN      A       104.25.43.22
    
    ;; Query time: 45 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Thu Aug 01 08:04:35 BST 2019
    ;; MSG SIZE  rcvd: 75
    

    4. If you rerun the command, you will notice that the query time will be significantly reduced as it can retrieve the DNS request from the cache.

    As we are requesting from localhost, you should have a query time close to 0 msec.

    ;; Query time: 0 msec
    

    Hopefully, by now, you will have successfully set up your Raspberry Pi to act as a DNS server for your network. If you run into any issues or have any feedback, feel free to drop a comment below.

    Problem I ran in to: port 53 was being used by systemd-resolved

    we can create rc.local

    If you don’t want to screw up the resolver do it like this with rc.local.

    Stop dnsmasq from auto starting.

    servicectl disable dnsmasq

    Create file /etc/rc.local or /etc/rc.d/rc.local depending on distro.

    chmod +x /etc/rc.local

    Edit file:

    #!/bin/bash
    service systemd-resolved stop
    service dnsmasq start

    Check what’s listening on port 53 (domain) with:

    sudo ss -lp "sport = :domain"
    

    We can change what port dnsmasq listens on, by editing the config file:

    sudo nano /etc/dnsmasq.conf
    

    Hit Ctrl+W and type listen-address= and hit enter.

    Uncomment the line and add 127.0.0.1 with a different port than 53 like:

    listen-address=127.0.0.1#5300
    

    Ohidur Rahman Bappy
    WRITTEN BY
    Ohidur Rahman Bappy
    📚Learner 🐍 Developer