Dnsmasq

Dnsmasq is a caching DNS forwarder designed to provide DNS service on a small network. It is targeted at home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection but would be a good choice for any small network where low resource use and ease of configuration are important.

Dnsmasq is included in at least the following Linux distributions: Gentoo, Debian, Smoothwall, IP-Cop, floppyfw, and Firebox.

Dnsmasq provides the following features:

  • The DNS configuration of machines behind the firewall is simple and doesn't depend on the details of the ISP's dns servers
  • Clients which try to do DNS lookups while a modem link to the internet is down will time out immediately.
  • Dnsmasq will serve names from the /etc/hosts file on the firewall machine: If the names of local machines are there, then they can all be addressed without having to maintain /etc/hosts on each machine.
  • Dnsmasq will serve names from the DHCP leases file on the firewall machine: If machines specify a hostname when they take out a DHCP lease, then they are addressable in the local DNS.
  • Dnsmasq caches internet addresses (A records and AAAA records) and address-to-name mappings (PTR records), reducing the load on upstream servers and improving performance (especially on modem connections). From version 0.95 the cache honours time-to-live information and removes old records as they expire. From version 0.996 dnsmasq does negative caching. From version 1.2 dnsmasq supports IPv6 addresses, both in its cache and in /etc/hosts.
  • Dnsmasq can be configured to automatically pick up the addresses of it's upstream nameservers from ppp or dhcp configuration. It will automatically reload this information if it changes. This facility will be of particular interest to maintainers of Linux firewall distributions since it allows dns configuration to be made automatic.
  • On IPv6-enabled boxes, dnsmasq can both talk to upstream servers via IPv6 and offer DNS service via IPv6. On dual-stack (IPv4 and IPv6) boxes it talks both protocols and can even act as IPv6-to-IPv4 or IPv4-to-IPv6 forwarder.
  • Dnsmasq can be configured to send queries for certain domains to upstream servers handling only those domains. This makes integration with private DNS systems easy.

    • Dnsmasq has one further feature; it can be configured to return an MX record for the firewall host. This makes it easy to configure the mailer on the local machines to forward all mail to the central mailer on the firewall host. Never lose root messages from your machines again!

    Download.

    Download dnsmasq here. The tarball includes this documentation, source, manpage and control files for building .rpms. There are also pre-built i386 .rpms, and a CHANGELOG. Dnsmasq is part of the Debian distribution, it can be downloaded from here or installed using apt.

    Building rpms.

    Assuming you have the relevant tools installed, you can rebuild .rpms simply by running (as root) 
    rpm -ta dnsmasq-xxx.tar.gz

    License.

    Dnsmasq is distributed under the GPL. See the file COPYING in the distribution for details.

    Contact.

    Dnsmasq was written by Simon Kelley. You can contact me at simon@thekelleys.org.uk. Bugreports, patches, and suggestions for improvements gratefully accepted.