Difference between revisions of "Dnsmasq"
Jump to navigation
Jump to search
| Line 13: | Line 13: | ||
## Install | ## Install | ||
``` | ``` | ||
| − | + | apt-get update && sudo apt-get install -y dnsmasq | |
| − | + | systemctl stop systemd-resolved | |
| − | + | touch /etc/dnsmasq.hosts | |
| − | + | systemctl disable systemd-resolved | |
| − | + | systemctl mask systemd-resolved | |
| − | # | + | ``` |
| − | + | ||
| − | + | ## Undo | |
| + | ``` | ||
| + | systemctl mask systemd-resolved | ||
| + | systemctl enable systemd-resolved | ||
| + | systemctl start systemd-resolved | ||
``` | ``` | ||
| Line 32: | Line 36: | ||
``` | ``` | ||
no-resolv # Don't read /etc/resolv.conf. Get upstream servers only from the command line or the dnsmasq configuration file. | no-resolv # Don't read /etc/resolv.conf. Get upstream servers only from the command line or the dnsmasq configuration file. | ||
| − | |||
| − | |||
server=8.8.8.8 | server=8.8.8.8 | ||
server=8.8.4.4 | server=8.8.4.4 | ||
addn-hosts=/etc/dnsmasq.hosts | addn-hosts=/etc/dnsmasq.hosts | ||
cache-size=1000 # Only cache up to 1000 names | cache-size=1000 # Only cache up to 1000 names | ||
| + | listen-address=127.0.0.1,10.x.x.x # must explicityly set this for non-local network resolves | ||
# server=/example.com/ns.example.com # forward example.com to server | # server=/example.com/ns.example.com # forward example.com to server | ||
# ... | # ... | ||
| Line 44: | Line 47: | ||
``` | ``` | ||
systemctl restart dnsmasq | systemctl restart dnsmasq | ||
| + | dig @10.x.x.x +short prod.example.com -p 15353 | ||
``` | ``` | ||
Revision as of 02:06, 22 August 2020
Related commands
- sudo systemd-resolve --flush-caches
Files of Interest
/var/lib/misc/dnsmasq.leases
Stub Resolver
- https://docs.microsoft.com/en-us/windows-server/identity/ad-ds/plan/reviewing-dns-concepts#:~:text=in%20the%20namespace.-,Recursive%20name%20resolution,which%20it%20is%20not%20authoritative.&text=Forwarding%20and%20root%20hints%20are,which%20they%20are%20not%20authoritative.
- https://www.internetsociety.org/resources/deploy360/dns-privacy/intro/-
- https://www.omnisecu.com/tcpip/recursive-and-iterative-dns-queries.php#:~:text=Recursion%20in%20DNS%20(Domain%20Name,DNS%20Servers%20for%20name%20resolution.
Install
apt-get update && sudo apt-get install -y dnsmasq systemctl stop systemd-resolved touch /etc/dnsmasq.hosts systemctl disable systemd-resolved systemctl mask systemd-resolved
Undo
systemctl mask systemd-resolved systemctl enable systemd-resolved systemctl start systemd-resolved
/etc/dnsmasq.hosts
10.0.0.1 prod.example.com. 10.0.0.2 dev.example.com.
/etc/dnsmasq.conf
no-resolv # Don't read /etc/resolv.conf. Get upstream servers only from the command line or the dnsmasq configuration file. server=8.8.8.8 server=8.8.4.4 addn-hosts=/etc/dnsmasq.hosts cache-size=1000 # Only cache up to 1000 names listen-address=127.0.0.1,10.x.x.x # must explicityly set this for non-local network resolves # server=/example.com/ns.example.com # forward example.com to server # ...
systemctl restart dnsmasq dig @10.x.x.x +short prod.example.com -p 15353