Install Dnsmasq for serving your home LAN dhcp clients and caching DNS queries.
sudo apt-get install dnsmasq
Dnsmasq config files are stored in /etc/dnsmasq.d. To get started, create a new config file there. Call it home.conf. This config file will have the basics for dns and dhcp for our home network.
#for debugging... will normally log to /var/log/syslog #log-dhcp #log-queries #log-facility=/var/log/dnsmasq.conf domain-needed bogus-priv domain=mydomain.net expand-hosts local=/mydomain.net/ listen-address=127.0.0.1 listen-address=192.168.1.2 bind-interfaces #### DHCP stuff ##### dhcp-range=lan,192.168.1.100,192.168.1.200 #set default gateway dhcp-option=lan,3,192.168.1.1 #set DNS server dhcp-option=lan,6,192.168.1.2 ##### caching DNS stuff ###### dns-forward-max=5000 cache-size=5000 #upstream dns servers server=188.8.131.52 server=184.108.40.206
Adding domain-needed blocks incomplete requests from leaving your network, such as google instead of google.com. bogus-priv prevents non-routable private addresses from being forwarded out of your network. Using these is simply good netizenship.
Set your private domain name with domain=mydomain.net, replacing mydomain with any domain name your heart desires. You don’t need to register it with a domain name registrar because it’s private and never leaves your LAN.
The expand-hosts directive adds the domain name to your hostnames, so you get fully-qualified domain names like hostname.mydomain.net. Again, these are completely arbitrary and can be whatever you want.
local=/mydomain.net/ ensures that queries for your private domain are only answered by Dnsmasq, from /etc/hosts or DHCP.
The listen-address directive tells Dnsmasq which interface or interfaces to listen on. Always use listen-address because you don’t want Dnsmasq exposed to the wrong networks, and especially not the Internet. Always include the loopback address. You could use the interface= directive instead, for example interface=eth0, but the Linux kernel doesn’t always bring up network interfaces with the same names after reboot. If you have more than one NIC the names could get changed, and then your name services will be messed up.
The bind-interfaces directive ensures that Dnsmasq will listen only to the addresses specificied with listen-address.
The dns-forward-max=5000 directive tells Dnsmasq to cache up to 5000 dns entries. You defiantly want to set this because the default is 150. Also the dns-forward-max=5000 is the max number of concurrent DNS queries. Again, you want to crank that up.
Static IP Addresses
Dnsmasq reads your server’s
/etc/hosts file for local DNS records. Always include the localhost in the first line:
127.0.0.1 localhost 192.168.1.15 server1 192.168.1.16 server2 192.168.1.17 server3
Once you are happy with your configuration, run:
sudo service dnsmasq restart
Dnsmasq logs to the /var/log/syslog so you can see the dhcp clients talking with:
sudo tail -f /var/log/syslog