1<HTML> 2<HEAD> 3<TITLE> Dnsmasq - a DNS forwarder for NAT firewalls.</TITLE> 4</HEAD> 5<BODY BGCOLOR="WHITE"> 6<H1 ALIGN=center>Dnsmasq</H1> 7Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP 8 server. It is designed to provide DNS and, optionally, DHCP, to a 9 small network. It can serve the names of local machines which are 10 not in the global DNS. The DHCP server integrates with the DNS 11 server and allows machines with DHCP-allocated addresses 12 to appear in the DNS with names configured either in each host or 13 in a central configuration file. Dnsmasq supports static and dynamic 14 DHCP leases and BOOTP for network booting of diskless machines. 15<P> 16 Dnsmasq is targeted at home networks using NAT and 17connected to the internet via a modem, cable-modem or ADSL 18connection but would be a good choice for any small network where low 19resource use and ease of configuration are important. 20<P> 21Supported platforms include Linux (with glibc and uclibc), *BSD and 22Mac OS X. 23Dnsmasq is included in at least the following Linux distributions: 24Gentoo, Debian, Slackware, Suse, 25Smoothwall, IP-Cop, floppyfw, Firebox, LEAF, Freesco, CoyoteLinux and 26Clarkconnect. It is also available as a FreeBSD port and is used in Linksys wireless routers. 27<P> 28Dnsmasq provides the following features: 29<DIR> 30 31<LI> 32The DNS configuration of machines behind the firewall is simple and 33doesn't depend on the details of the ISP's dns servers 34<LI> 35Clients which try to do DNS lookups while a modem link to the 36internet is down will time out immediately. 37</LI> 38<LI> 39Dnsmasq will serve names from the /etc/hosts file on the firewall 40machine: If the names of local machines are there, then they can all 41be addressed without having to maintain /etc/hosts on each machine. 42</LI> 43<LI> 44Dnsmasq will serve names from the DHCP leases file on the firewall machine: 45If machines specify a hostname when they take out a DHCP lease, then they are 46addressable in the local DNS. <B>UPDATE</B> Dnsmasq version 2 now offers an integrated DHCP server 47instead of the lease file reader. This gives better control of the 48interaction with new functions (for example fixed IP leasess and 49attaching names to ethernet addresses centrally) it's also much 50smaller than dnsmasq and ISC dhcpd which is important for router distros. 51</LI> 52<LI> 53Dnsmasq caches internet addresses (A records and AAAA records) and address-to-name 54mappings (PTR records), reducing the load on upstream servers and 55improving performance (especially on modem connections). From version 560.95 the cache honours time-to-live information and removes old 57records as they expire. From version 0.996 dnsmasq does negative 58caching. From version 1.2 dnsmasq supports IPv6 addresses, both 59in its cache and in /etc/hosts. 60</LI> 61<LI> 62Dnsmasq can be configured to automatically pick up the addresses of 63it's upstream nameservers from ppp or dhcp configuration. It will 64automatically reload this information if it changes. This facility 65will be of particular interest to maintainers of Linux firewall 66distributions since it allows dns configuration to be made automatic. 67</LI> 68<LI> 69On IPv6-enabled boxes, dnsmasq can both talk to upstream servers via IPv6 70and offer DNS service via IPv6. On dual-stack (IPv4 and IPv6) boxes it talks 71both protocols and can even act as IPv6-to-IPv4 or IPv4-to-IPv6 forwarder. 72</LI> 73<LI> 74Dnsmasq can be configured to send queries for certain domains to 75upstream servers handling only those domains. This makes integration 76with private DNS systems easy. 77</LI> 78<LI> 79Dnsmasq can be configured to return an MX record 80for the firewall host. This makes it easy to configure the mailer on the local 81machines to forward all mail to the central mailer on the firewall host. Never 82lose root messages from your machines again! 83</LI> 84<LI> 85For version 1.15 dnsmasq has a facility to work around Verisign's infamous wildcard A record 86in the .com and .net TLDs 87</LI> 88</DIR> 89 90<H2>Download.</H2> 91 92<A HREF="http://www.thekelleys.org.uk/dnsmasq/"> Download</A> dnsmasq here. 93The tarball includes this documentation, source, manpage and control files for building .rpms. 94There are also pre-built i386 .rpms, and a 95<A HREF="CHANGELOG"> CHANGELOG</A>. 96Dnsmasq is part of the Debian distribution, it can be downloaded from 97<A HREF="http://ftp.debian.org/debian/pool/main/d/dnsmasq/"> here</A> or installed using <TT>apt</TT>. 98 99 100<H2>Building rpms.</H2> 101Assuming you have the relevant tools installed, you can rebuild .rpms simply by running (as root) 102 103<PRE> 104rpmbuild -ta dnsmasq-xxx.tar.gz 105</PRE> 106 107Note for Suse users: you will need to re-compress the tar file as 108bzip2 before building using the commands 109<PRE> 110gunzip dnsmasq-xxx.tar.gz 111bzip2 dnsmasq-zzz.tar 112</PRE> 113 114<H2>Links.</H2> 115Ulrich Ivens has a nice HOWTO in German on installing dnsmasq at <A 116HREF="http://howto.linux-hardware-shop.de/dnsmasq.html">http://howto.linux-hardware-shop.de/dnsmasq.html</A> 117and Damien Raude-Morvan has one in French at <A HREF="http://www.drazzib.com/docs-dnsmasq.html">http://www.drazzib.com/docs-dnsmasq.html</A> 118 119<H2>License.</H2> 120Dnsmasq is distributed under the GPL. See the file COPYING in the distribution 121for details. 122 123<H2>Contact.</H2> 124Dnsmasq was written by Simon Kelley. You can contact me at <A HREF="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</A>. Bugreports, patches, and suggestions for improvements gratefully accepted. 125</BODY> 126 127