DMSMasq for Slackware01 September 2021
I previously looked at BIND-9 for a private DNS server but in practice it is far too heavy-weight for my use-case of a LAN with only a handful of machines, and after searching for a more suitable replacement for DNRD I came across Dnsmasq. Although this quick how-to was written for Slackware on RaspberryPi it should be fine for any Linux distribution that is not obsessive about custom-patching upstream packages.
My local network use-caseI started using DNRD back in my pre-New Zealand days when I used to run multiple physical machines at once, but the need to serve private domain names disappeared over the years due to a switch away from such a setup to a single system that occasionally ran a virtual machine or two. However since my professional work required me to start using a MacOS box as well as a Linux machine, coupled with a not-exactly-coincidental reintroduction of a dedicated file-server, meant I was more or less back to my old situation of needing private DNS names. This came to a head when I was having to go between my ‘professional’ and ‘personal’ workstations.
In the past I have also made use of a private DHCP server but in this instance I left it disabled because it would conflict with the DHCP server built into the main internet hub. In practice using a private DHCP server is only really useful if there is nothing else on the LAN to dish out addresses, as having a private DHCP server with persistent IPs allocations to specific MAC addresses does not provide any real benefit over just giving the machines in question static configurations. To make matters worse unlike IPv4 you are not supposed to tie IPv6 addresses to MAC addresses, instead using a 14-byte DUID (DHCP unique identifier) to identify a network interface — to me this looks like far more trouble than it is worth.
Using IPv6I have never really paid much attention to IPv6 but during one of my many stays in the UK during the Covid-19 pandemic IPv6 was how I got a remote desktop connection to my system I had left running back in my flat overseas, and as a result I contemplated making much greater use of it in the future. While private DNS can be considered a bit of a luxury with IPv4 things rapidly becomes painful without it when using IPv6, and this need for IPv6 DNS was why DNRD got dumped in favour of something more modern. However I eventually gave up on IPv6 because of how broken BT Internet hubs seemed to be when trying to setup an IPSEC-based VPN, and I settled back into using IPv4 by the time I had started using multiple systems at the house in question.
The settings fileMy preference is for
/etc/hoststo be bypassed so that everything is de-facto controlled by Dnsmasq's own settings files. The
/etc/dnsmasq.confsnippet below does forward and reverse-lookup for machine names specified in
/etc/dnsmasq.hostswhich has the same format as
/etc/hosts, with all other requests being proxied to
192.168.1.254. Dotless names are expanded by having
no-resolv server=192.168.1.254 no-hosts addn-hosts=/etc/dnsmasq.hosts expand-hosts domain=lan interface=eth0
The last line that makes Dnsmasq only listen to
eth0 is a little redundant as the RaspberryPi this is running on only has one network interface.
The extra snippet below makes Dnsmasq act as a DHCP server exclusively for certain machines, for which it will give out fixed IPv4 addresses, although in the end I decided not to use this functionality:
dhcp-ignore=tag:!known dhcp-host=aa:bb:cc:dd:ee:cb,Valhalla,192.168.1.12 dhcp-host=aa:bb:cc:dd:ab:bd,Pear,192.168.1.13 dhcp-host=aa:bb:cc:dd:ab:cb,Pie,192.168.1.14