Skip to content

Instantly share code, notes, and snippets.

@ahsan

ahsan/dns-setup-dnsmasq.md

Last active November 2, 2023 22:41
Show Gist options
  • Save ahsan/5e976427c71a8a16a583460d79f0b3ca to your computer and use it in GitHub Desktop.
Save ahsan/5e976427c71a8a16a583460d79f0b3ca to your computer and use it in GitHub Desktop.
Download ZIP
Setup DNS server for a small home lab network
Raw
dns-setup-dnsmasq.md

This guide is for setting up DNS server in a small lab network.

Server [Ubuntu 20.04]

  1. Configure netplan:
cat << EOF > /etc/netplan/dns_config.yml
network:
  version: 2
  <wifis/ethernets>:
    <interface name>:
      addresses:
        - 192.168.0.16/24
      nameservers:
        search: <local domain e.g home.lab>
        addresses: [1.1.1.1]
EOF

Open /etc/netplan/dns_config.yml and replace the contents inside angled brackets with relevant values.

Apply the netplan configuration:

sudo netplan try
  1. Install dnsmasq
sudo apt-get update && apt-get -y install dnsmasq

The start process for dnsmasq might fail as port 53 might already be in use. To mitigate this, stop and disable the systemd-resolved service.

sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved

Optionally, also remove the resolv configuration file.

sudo rm -v /etc/resolv.conf
  1. Configure dnsmasq
# Create a backup of default configuration
sudo mv /etc/dnsmasq.d/dnsmasq.conf /etc/dnsmasq.d/dnsmasq.conf.bkp

# Create the new config file
cat << EOF > /etc/dnsmasq.d/dnsmasq.conf
domain-needed
bogus-priv
expand-hosts
domain=<local domain e.g home.lab>
local=/<local domain e.g home.lab>/
no-resolv
server=1.1.1.1
cache-size=100
EOF

Open /etc/dnsmasq.d/dnsmasq.conf and replace the contents inside angled brackets with relevant values.

  1. Declare hostnames and their IP addresses in /etc/hosts. For example:
...

192.168.1.1 host-1
192.168.1.2 host-2
  1. Start and enable dnsmasq service
sudo systemctl start dnsmasq
sudo systemctl enable dnsmasq

Bonus: Ad blocking

Get a list of known ad servers e.g from this repository and put it in /etc/dnsmasq.d/ directory:

wget "https://github.com/notracking/hosts-blocklists/blob/master/dnsmasq/dnsmasq.blacklist.txt?raw=true" -O /etc/dnsmasq.d/adblock.dnsmasq.conf

Restart the dnsmasq service

sudo systemctl restart dnsmasq.service

Clients

After running the DNS server on your network, you can configure clients to use the new name server.

Ubuntu

  1. Change /etc/systemd/resolved.conf:
[Resolve]
DNS=<IP address of DNS server>
FallbackDNS=1.1.1.1 #Or some valid DNS server
Domains=home.lab
  1. Restart resolved service
sudo systemctl restart systemd-resolved.service
  1. Check which DNS server is being used:
resolvectl status

MacOS

  1. Open System Preferences > Network > Click on 'Advanced...' button > Open 'DNS' tab
  2. In the DNS Servers field, add the IP address of the DNS server.
  3. In the Search Domains field, add the local domain you configured on the server e.g home.lab.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment