For some application, it is useful to have a DNS server running locally on your maching. I use dnsmasq for this. However, ubuntu configures dnsmasq for use on a gateway per default, which is not what I want it for. I want the following things changed:
- dnsmasq should use as upstream DNS server whatever resolvoncf resp. dhclient determine to be my DNS server.
- all my local programs should however ask only dnsmasq to resolve names.
- dnsmasq shall work locally only, not act as a DNS server for others in the network
- dnsmasq shall not act as a DHCP server.
So, here's the setup for /etc/dnsmasq.conf:
# Never forward plain names (without a dot or domain part) domain-needed # Never forward addresses in the non-routed address spaces. bogus-priv # use the resolv.conf generated by resolvoncf for upstream resolution. # /etc/resolv.conf will initially be a symlink to that file. we will change that later, see below. resolv-file=/etc/resolvconf/run/resolv.conf # try upstream servers strictly in order # useful if you want to override the upsteam DNS server you get from DHCP in the resolvconf config. strict-order # only work locally interface=lo listen-address=127.0.0.1 # NOTE: the bind-interfaces is rejected by dnsmasq on my machione, even though it's present in the example config. odd. # but the restrictions above should be sufficient anyway. # bind-interfaces=lo # no DHCP (since we only listen to loopback, we only need to exclude loopback) no-dhcp-interface=lo
If you have a stupid ISP that uses wildcard A records to grab requests for unknown domains, you can filter them out like this:
# filter bogus A records bogus-nxdomain=62.157.140.133 bogus-nxdomain=80.156.86.78
If you want to serve SRV records for special services (in this case, Jabber multi user chat):
# The fields are <name>,<target>,<port>,<priority>,<weight> srv-host=_xmpp-server._tcp.conference.yourbox,yourbox,5269
Then restart dnsmasq:
> sudo /etc/init.d/dnsmasq restart
Now we only have to tell all programs on the local system to use dnsmasq to resolve domains. The DNS server used to resolve domains is configured in /etc/resolv.conf, which resolvonf turns into a symlink to the file it generates, which (on ubuntu) is /etc/resolvconf/run/resolv.conf. Since we want dnsmasq to act as an intermediarry, we remove the symlink and replace it by a file containg a single nameserver entry:
# check that /etc/resolv.conf actually is a symlink > ls -l /etc/resolv.conf lrwxrwxrwx 1 root root 31 2009-02-11 22:37 /etc/resolv.conf -> /etc/resolvconf/run/resolv.conf # if so, remove it, then create a fresh one: > sudo rm /etc/resolv.conf > sudo vim /etc/resolv.conf
The new file should contain the following:
# NOTE: dnsmasq is running on this system. It uses the upstream servers defined in # /etc/resolvconf/run/resolv.conf wich is automatically (re-)generated by resolvconf. # For temporary overrides, edit /etc/resolvconf/run/resolv.conf # For permanent overrides, edit /etc/resolvconf/resolv.conf.d/head nameserver 127.0.0.1
Don't forget to make it readable by all:
> sudo chmod 644 /etc/resolv.conf
now, try it out by typing:
> host loclhost localhost has address 127.0.0.1
This should work for any hostname you specify in /etc/hosts. If you get no response, or some other address, somethign went wrong.
Note that resolvconf will complain if /etc/resolv.conf is no longer a symlink. According to the man page, this can be fixed by adding to following to /etc/default/resolvconf:
REPORT_ABSENT_SYMLINK=no
However, this doesn't work for me. resolvconf still complains.
(no comments yet)