Installing, dnsmasq, on a Raspberry PI3 server, to serve DNS and DHCP for your home, can and will and save on bandwidth costs by caching DNS results locally. Additionally, having a local DNS Server on your network, may speed up internet browsing significantly. This could also be done for a home-office, or even a small-business network. For larger corporate networks, a larger, more advanced DNS server may be required, such as Bind9.
Running your own internal DNS, and DHCP servers, can help your internal LAN, by making it run faster and more smoothly. If your network, is anything like ours, then this “hack” will reduce the work-load of your, over-taxed Wifi router. We have a million mobile devices running on our Wifi, and this process helped us speed it up, and get it organized. Now all hosts have a name, and a permanent IP Address/DHCP lease. No more having to guess, what the IP address might be of a remote desktop server, that is on the network. Now, your Wifi router, will simply focus on handling Wifi traffic, and let your RPI handle the DNS/DHCP traffic. If you spend a little time, configuring this now, it will work for years to come, just making your internet faster, and slowly saving you time, and money.
Getting Started – Configure Static IP on Computer and Disabling DHCP on Router
The process, is fairly simple, start by assigning a static IP address to your Raspberry PI, or Ubuntu server. In this example, the static IP address we’ll use for the dnsmasq server is: 192.168.x.2.
Read on, about backing up your router’s config, before you proceed with the next step, of disabling DHCP, in your router. After, backing up your config, you’ll need to configure your existing Wifi router, to have DHCP disabled. Then, you’ll need to configure the router, to use 192.168.x.2 (the address of the dnsmasq server), as its new, primary DNS server. Please consult your routers manual, for instructions for doing this in your specific router. However, the process, should be fairly easy on most commercially-available, consumer-level routers.
* Note: I will refer to Wifi Routers, in this post, but it applies equally to Ethernet network routers.
Now you’ll want to temporarily add a static IP address to your computer’s network adapter. Just in case, you can no longer reach your Wifi router via the wireless network. Once you tell your router to stop doing DHCP and reboot it; it will no longer automatically assign IP addresses, to devices that have joined its network. This is why you need to assign your computer a static IP address, first, so that the Wifi router can still be reached on the network.
In this case, you’ll want to assign your computer an IP address, which matches the router’s subnet. So if your router’s IP address was 192.16.x.1, then you’d assign: 192.168.x.3 as the IP address to your computer. Additionally, to assign a static IP address to your computer, you will need these values: subnet mask: 255.255.255.0, default gateway: 192.168.x.1.
So the list of IP’s is as follows. Please adjust them as needed to fit your network setup.
- 192.168.x.1 = Router (default gateway)
- 192.168.x.2 = Reserved IP address for the Raspberry PI / dnsmasq server
- 192.168.x.3 = The statically assigned IP address of your computer, from which you are conducting this installation.
Wifi Router Setup Steps – Disclaimer
So now we have our router at 192.168.x.1, DNS/DHCP server at 192.168.x.2, and your PC, or Mac assigned to 192.168.x.3. All our other hosts, on the local network (LAN), will be assigned in the range: 192.168.x.4 to 192.168.x.100, as shown in the script below.
Once this static IP address is assigned to your computer, you should be able to access your Wifi router, even though you’ve shut off it’s DHCP capabilities. I mention this, because, it’s likely to happen in the initial process of setting this up. You will likely need to reboot your router, and your server, to get the router using the DHCP service, being provided by the dnsmasq server. This is when you may have to temporarily connect to your “disconnected” Wifi router. With the static IP assigned to your computer, browse to: http://192.168.x.1/. This address, will likely host the Wifi router configuration web app, which all routers have. Check your router’s manual, for its specific web app address.
**Once, everything is complete, you should revert your Mac, or PC to use DHCP instead of having a static IP address. Also, don’t forget to add a dhcp-host record for it so it can have a permanently assigned internal IP address and host name.
Download a Backup of your Router’s Config
Check your instruction manual for your specific router, and don’t panic if you get to here, and you think you may’ve bricked your network. Don’t worry, there’s always the little reset button, on your router. Hitting that will reset the router to factory conditions, and that means your DHCP server will be restored, and the Wifi, will be configured as it was, when you first took the router out of the box. To mitigate the risk, of loosing your current Wifi router settings. Please make a backup, of your router’s config, before proceeding with any changes to your router, as described herein. Please check your router’s manual for instructions, on backing up it’s configuration settings to a file that can be downloaded. Make sure to save this file somewhere, in case you need to reset your router, and re-upload it later.
Setting up the Server
Step 1 – Install dnsmasq
On Ubuntu any flavor, and Raspbian for Rapsberry PI, call apt-get to install the dnsmasq server.
apt-get install dnsmasq dnsutils
Step 2 – Configure /etc/dnsmasq.conf
# only forward FQDN
# only forward routable addresses
# ignore resolv.conf, and use the public DNS servers listed below
# OpenDNS public servers, change as needed
# set dns cache higher
# Set local search domain
# This will apply to hosts set in /etc/hosts or via DHCP on the LAN
# domain to append to hosts in local
# ensure that domain is appended to all hostnames in /etc/hosts
# dhcp range, subnet mask, lease time in days
# change to match your ip scheme
# tell server the router's IP address
# change to match your ip scheme
# windows 7 float fix
# DHCP LEASES
# development devices - change to match your ip scheme
# media devices
# add as many entries as needed, for all your devices
# log dhcp requests (minimal)
# log dns requests (there will be a ton)
# uncomment, for debugging dns issues
# leave commented if not needed to keep log file size at a minimum
Pay critical attention to the sectons marked with change to match your ip scheme as they indicate where you should input your IP addresses, and IP address ranges for DHCP.
Setup DHCP Leases
DHCP could be left out of this, and only the DNS portion could be used. However, using the DHCP helps to ensure that all your connected devices consistency receive the same IP address every time they’re connected to your network, which is useful for debugging network issues. Also, assigning DHCP permanent leases (see dhcp-host section), to all your connected devices, lets you control their names as they appear on your network all from one place.
To setup your own permanent DHCP leases, for all of your computers, phones and connected TV’s and devices, replace the value 00:00:00:00:00:00 , as referenced in the dhcp-host section above, with the MAC addresses of your devices, and assign the IP addresses, out of the range specified. To get the MAC address of your Wifi/Ethernet adapter, on Windows, type: ipconfig from the Command Prompt. From a Mac, or Linux, use the command ifconfig from a terminal window. Additionally, if your devices’, have already connected to the DHCP server, their MAC address, will show up in the output, of the showDhcpLeases script (see below). You can copy and paste the MAC address from there, into your /etc/dnsmasq.conf file, as needed. You must of course call service dnsmasq restart, to have changes take effect, anytime you edit dnsmasq’s config file.
Once you’ve added the dhcp-host entry and restarted dnsmasq, the device will have to be rebooted to receive the new lease. Then, their new permanent DHCP lease reservation will take effect with the IP address you’ve assigned. There are other ways besides rebooting, but most likely a reboot will do the trick. If you know your way around your OS, you simply need to get your ethernet/Wifi adapter to renew it’s DHCP lease. Next, call service dnsmasq restart , to see the changes take effect.
Step 3 – Restart dnsmasq
service dnsmasq stop
# make sure to update the run level settings, and that <strong>dnsmasq</strong> starts at reboot
update-rc.d dnsmasq defaults
service dnsmasq start
service dnsmasq status
● dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled)
=============================================>>> ...a bunch of other output here...
Jan 11 15:18:44 pi3 dnsmasq: dnsmasq: syntax check OK.
Jan 11 15:18:45 pi3 systemd: Started dnsmasq - A lightweight DHCP and caching DNS server.
View Real-Time Logging and logrotate
Once the DNS server working correctly, it will experience CONSTANT DNS REQUESTS, so it’s important to shut off logging, especially on a RPI. The standard log file for dnsmasq is located at: /var/log/dnsmasq.log . With the log-queries directive, uncommented in /var/etc/dnsmasq.conf this log file can grow very quickly. Execute the following script from a running dnsmasq server, to see real-time DNS queries being handled. It is interesting see how many can occur, just from a handful of smart TV’s, phones, or computers, running on your network. We recommend commented ing out this (e.g., #log-queries ) directive, when you’re not debugging, so it doesn’t take up a lot of space on your RPI’s SD card.
tail -f /var/log/dnsmasq.log
#use Ctrl+C to break off the output
If not already installed, install logrotate, with apt-get install logrotate , then place the following into /etc/logrotate.d/dnsmasq. If you use this configuration, it’s fine to leave the directive, log-queries , uncommented, but unless you need your logs, there’s no reason to leave DNS logging active. Nonetheless, the logrotate utility, will ensure your log file doesn’t grow too large and cause issues due to your Raspberry PI’s limited SD card space. As a general practice, logrotate should be configured, for any services you install, which requires logging to log files. For more information, on logrotate, type man logrotate, from your Linux terminal.
[ ! -f /var/run/dnsmasq/dnsmasq.pid ] || kill -USR2 `cat /var/run/dnsmasq/dnsmasq.pid`
create 0640 root dnsmasq
Setup a Nightly Maintenance Cron Job
To ensure our server is regularly restarted, let’s schedule a cron job to run nightly. Run the following commands as: root, from your PI terminal. Upon typing crontab -e , the application vim, will likely open. Copy and paste line #3, below, to your open window. Line #3, creates a job, which runs every night at 3AM, and restarts the dnsmasq server. Adjust this setting to suit your setup.
# copy/paste the following line to crontab / vim
0 3 * * * service dnsmasq restart >/dev/null 2>&1
# seems to need to happen on the RPi
@reboot service dnsmasq restart
:wq <- Use this key combination to save, and exit from vim
If you’re new to vim, or it’s been a while, to save, and exit from vim, use the key combination (:wp). That’s the colon character, followed by the the letters ‘wq’, for write, and quit.
If you’re new to cron, then this “magic formula” here, >/dev/null 2>&1 , redirects any output generated by service dnsmasq restart , and redirects it to /dev/null . That’s just a confusing way of saying, it throws away all the output, from the command, so it doesn’t fill up the cron logs. Use it on any cron jobs, that you don’t want command output, in your cron logs. Technically, there’s a few more details in the “magic formula“, so here’s a link.
Step 4 – Testing
Once the server is running, we need to verify that the DNS service is working correctly. You can test this using a command-line tool called, nslookup (installed by apt-get install dnsutils, or use dig if you prefer). Under the hood, the dnsmasq server, will make requests to the public, DNS servers, which are configured in /etc/dnsmasq.conf . It will then cache the results locally, from the public servers. On subsequent requests the results will be cached, by your dnsmasq server, and the public DNS servers will not be queried again, until the cache has expired.
A simple test to prove that your dnsmasq server is resolving DNS queries as it should, is as follows:
# usage: nslookup domain-name dns-server
nslookup daylightdonuts.com 18.104.22.168 # 192.168.2.2 is my RPI w static IP, running dnsmasq server
Address: 192.168.2.158 # Ha...I wish I had on-site...wait, no I don't.
Showing DHCP Clients List
Also, here’s any easy script to see what DHCP leases are active in the system. This will tell you all devices on your network and give you their IP address and MAC address in one convenient place.
Save it as showDhcpLease.sh , then give it execute permission, and run it, to see the active leases displayed.
chmod 755 showDhcpLeases.sh # set permissions once
./showDhcpLeases.sh # execute it anytime you want to see connected devices
# output should resemble
1491948202 00:00:00:00:00:00 192.168.0.27 Mikes-Main-Mac 00:00:00:00:00:00
1491948153 00:00:00:00:00:00 192.168.0.29 Mikes-iPhone 00:00:00:00:00:00
This setup for the home, or home-office, can save time, energy and cost, all for around $100 (less if you already have a USB mouse and keyboard). It may save bandwidth costs, and speed up your network. The RPI is useful for many other things, as well, even desktop computer. Try it out, and give us feedback, if you see a performance increase or not. If you’re on a Mac, trying to connect to a “headless” RPI. This is easily done using ssh from the Terminal app (e.g., $ ssh firstname.lastname@example.org ). If you’re running Windows, you can still use ssh. You’ll need to download a ssh client. Download either, Putty, or buy SecureCRT, which is great.
In addition to all these benefits, hosting your own DNS server comes in very handy, for doing development, with IoT device discovery, using DNS, as the discovery mechanism. iOS and Android, both have DNS resolver libraries. Using DNS as the discovery mechanism is a viable solution, for one-off devices, that could come hard-coded with a default DNS name. This could potentially help to avoid a more complex discovery process for your IoT product. Many consumer Wifi routers, do not allow DNS customizations, so this RPI approach would be required, or something much more pricey. Many higher-end routers, do have the ability to assign DNS names to specific hosts. Check your router’s manual, for details about it’s capabilities.
Raspberry PI DYIY projects, are a low-cost way to “hack” your digital life. The full power of the Linux operating system paired, with a powerful, and feature-rich, Micro-controller, with a ton of capabilities. All this, makes Raspberry PI a great platform for DYIY projects.
Need Ubuntu, or a Raspberry PI3?
See the previous post, if you have a spare computer, and want to setup an Ubuntu server. Vilros is a good store to buy a Raspberry PI3. Or, go with Adafruit, they won’t steer you wrong either. ← Not an affiliate links