A DNS server becomes very handy on several occasions where you need to define your DNS, disable the automatic DHCP server, and use a static IP. This guide can also be beneficial when you want to deploy and test a Carbonio server in a demo environment.
In this article, you’ll find how to properly install and configure a DNS server using dnsmasq on Ubuntu.
Purpose
Let’s have a very brief introduction to DNS servers and see their purpose.
A Dynamic Host Configuration Protocol (DHCP) server dynamically assigns IP addresses to different devices on a network. It handles default gateways and other network parameters for client devices to communicate properly.
DNS forwarding refers to forwarding DNS requests to a designated DNS server for resolution.
DNS forwarders allow you to forward requests from a local DNS server to a DNS server outside the corporate network, while a DNS caching server answers the recursive requests of clients. This process resolves the DNS queries much faster, improving DNS lookup speeds for previously visited websites.
A DNS server has other purposes besides translating names to IP addresses. For instance, in a mail server, mail transfer agents use a DNS system to locate the most suitable server to deliver e-mail; An MX record provides a mapping between a domain and a mail exchanger. This also provides an additional layer of fault tolerance and load distribution in the server.
What Is dnsmasq?
DNS masquerade or dnsmasq is a lightweight and easy-to-configure DNS forwarder. It is specifically designed to provide a small-scale network with DNS (and optionally DHCP and TFTP) services. It serves the names of local machines that are not included in the global DNS.
How to Install dnsmasq
If you don’t have already installed dnsmasq on your Ubuntu machine, you can easily install it using its default repository as follows:
sudo apt install dnsmasqNote: On Ubuntu 20.04, you may need to disable the default systemd-resolved service, otherwise after installing dnsmasq, you may experience a conflict with port 53 UDP. To resolve the conflict, execute systemctl disable systemd-resolved && systemctl stop systemd-resolved. If you had already installed dnsmasq, a reboot is required using systemctl restart dnsmasq.
Once it’s installed, you can check the status by:
systemctl status dnsmasqYou must see the service running. If not, you can enable it using:
sudo systemctl start dnsmasq
sudo systemctl enable dnsmasqThe result should be similar to this:
[zextras@localhost ~]$ systemctl status dnsmasq
• dnsmasq.service - DNS caching server.
Loaded: loaded (/usr/lib/systemd/system/dnsmasq.service; enabled; vendor pre>
Active: active (running) since Thu 2022-01-20 15:17:03 CET; lmin 15s ago
Main PID: 968 (dnsmasq)
Tasks: 1 (limit: 4810)
Memory: 672.0K
CGroup: /system.slice/dnsmasq.service
└─968 /usr/sbin/dnsmasq -k
Jan 20 15:17:03 localhost.localdomain systemd[1]: Started DNS caching server..
Jan 20 15:17:03 localhost.localdomain dnsmasq[968]: started, version 2.79 cache>
Jan 20 15:17:03 localhost.localdomain dnsmasq[968]: compile time options: IPv6 >
Jan 20 15:17:03 localhost.localdomain dnsmasq[968]: reading /etc/resolv.conf
Jan 20 15:17:03 localhost.localdomain dnsmasq[968]: ignoring nameserver 127.0.0>
Jan 20 15:17:03 localhost.localdomain dnsmasq[968]: read /etc/hosts - 6 address>
lines 1-15/15 (END)Configure dnsmasq server
You can configure your dnsmasq server using the /etc/dnsmasq.conf file. Since DNS is enabled by default, we suggest creating a backup of the file before modifying it. To do so, simply run:
cp /etc/dnsmasq.conf /etc/dnsmasq.conf.origNow you can modify the /etc/dnsmasq.conf file using your preferred text editor such as nano:
nano /etc/dnsmasq.confInsert the following configuration, bearing in mind that these are some example main settings, and you can add some others or change parameters based on your needs:
listen-address=::1,127.0.0.1,192.168.56.100
interface=eth0
domain=domain.abc
address=/domain.abc/127.0.0.1
address=/domain.abc/192.168.56.100
#Google's nameservers
server=8.8.8.8
server=4.4.4.4At the end of the configuration, save and exit.
Now you can use the test command to see possible errors as follows:
sudo dnsmasq --testLet’s dissect each part to understand the settings better:
listen-address– Sets the IP address where dnsmasq will be listening. Here we want our server to listen for DHCP and DNS requests on the LAN therefore we set the listen-address to its LAN IP addresses including the localhost 127.0.0.1. Note that the server IP must be static. To see how to configure a static IP, please refer to How to Set Up a Static IP Address on Ubuntu Server.interface– Restricts the interface to which the dnsmasq listens. You can add more lines for more interfaces.domain– Sets the domain. This means DHCP clients will have the fully qualified domain names (FQDN) as the domain you set. It also sets the domain DHCP option for all clients.address– Forces your local domain to an IP address or addresses.nameservers– Forwards DNS requests to whatever upstream DNS servers you specify. For instance, we used public DNS services provided by Google.
Modifying resolv.conf file
Here we’re going to force all queries to be sent to the dnsmasq. To do so, we set the localhost address as the only nameserver by modifying the resolv.conf file as follows:
nano /etc/resolv.confThen modify it as follows:
# Set localhost as nameserevr
nameserver 127.0.0.1Save and exit.
Change the file’s attributes using the chattr command to make our file immutable. This prevents the local network manager from overwriting our changes.
sudo chattr +i /etc/resolv.confTo confirm if the attribute is set using lsattr command:
sudo lsattr /etc/resolv.confYou should see the attribute i in the output as follows
sudo lsattr /etc/resolv.conf
----i--------------- /etc/resolv.confDefining DNS Hosts and Names
The dnsmasq reads the DNS hosts and names from the hosts file. Therefore we need to modify the /etc/hosts file.
Open the file using:
nano /etc/hostsModify it as below:
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.1ocaldomain6
127.0.0.1 dnsmasq
192.168.56.100 dnsmasq
192.168.56.1 gateway
192.168.56.110 webservertestOther addresses such as MAAS, Nagios, etc. can be defined in separate lines.
Restart dnsmasq to apply the above changes:
sudo systemctl restart dnsmasqNote: If you have the firewall service running, then you need to open DNS and DHCP services in its configuration:
sudo firewall-cmd --add-service=dns --permanent
sudo firewall-cmd --add-service=dhcp --permanent
sudo firewall-cmd --reloadLet’s Test Our Local DNS
To test if everything is working fine we can use bind-utils:
You can install it by:
sudo apt install bind-utilsThen query your DNS nameserver:
dig domain.abcor
nslookup domain.abcIt returns any A record found within the queried hostname’s zone.
Then test the FQDN by:
dig webservertest.domain.abc
or
nslookup webservertest.domain.abcNow your DNS is set up and ready to continue with Carbonio CE installation to create your test environment. To install Carbonio CE on your server, you can follow this community article: