Ubuntu/Bespin/DNS: Difference between revisions
From charlesreid1
(Created page with "Up: Ubuntu/Bespin Previous: Ubuntu/Bespin/PIA Next: Ubuntu/Bespin/PiHole This page covers the installation of dnsmasq to provide DHCP and DNS services. ==Insta...") |
|||
| Line 50: | Line 50: | ||
# define what to do if no name resolution | # define what to do if no name resolution | ||
# | # all dns queries use pihole dns server | ||
server=127.53.0.1 | |||
server=127.53 | |||
# send dnsmasq logs to a single place | # send dnsmasq logs to a single place | ||
Revision as of 05:24, 19 August 2020
Up: Ubuntu/Bespin
Previous: Ubuntu/Bespin/PIA
Next: Ubuntu/Bespin/PiHole
This page covers the installation of dnsmasq to provide DHCP and DNS services.
Install dnsmasq
Start by installing dnsmasq with apt-get:
sudo apt-get -y install dnsmasq
This will try to start dnsmasq, but it will fail and print red text. This is fine - the system's built-in systemd-resolved is already listening on port 53 so we will need to disable this service.
ORDER IS IMPORTANT! We need dnsmasq installed FIRST, because disabling systemd-resolved will cause DNS queries to fail, so the internet connection will break. We need dnsmasq ready to start and take over the DNS duties.
sudo systemctl disable systemd-resolved sudo systemctl stop systemd-resolved
Preserve the original dnsmasq config file, which has a lot of useful information:
sudo mv /etc/dnsmasq.conf{,.orig}
Now create the dnsmasq config file
dnsmasq config without hostapd
/etc/dnsmasq.conf
# don't send external traffic that is missing a domain domain-needed # don't send external traffic that has bogus private ip bogus-priv # set the local domain domain=mylocalnet local=/mylocalnet/ # listen on these interfaces and only these interfaces listen-address=127.0.0.1 # don't read /etc/resolv.conf no-resolv # define what to do if no name resolution # all dns queries use pihole dns server server=127.53.0.1 # send dnsmasq logs to a single place log-facility=/var/log/dnsmasq.log
dnsmasq config with hostapd
/etc/dnsmasq.conf
# don't send external traffic that is missing a domain domain-needed # don't send external traffic that has bogus private ip bogus-priv # set the local domain domain=mynet local=/mynet/ # listen on these interfaces and only these interfaces listen-address=127.0.0.1 listen-address=192.168.10.1 bind-interfaces # define range of IP addresses to hand out dhcp-range=192.168.10.100,192.168.10.150,255.255.255.0,24h # define what to do if no name resolution no-resolv server=8.8.8.8 # send dnsmasq logs to a single place log-facility=/var/log/dnsmasq.log
Now we are ready to start up dnsmasq:
sudo systemctl enable dnsmasq sudo systemctl start dnsmasq
Set Preferred DNS Nameservers
Set preferred nameservers by editing the dhcp configuration file:
/etc/dhcp/dhcpcd.conf
static domain_name_servers=8.8.8.8
or for dhclient:
/etc/dhcp/dhclient.conf
prepend domain-name-servers 127.0.0.1;
(THESE INSTRUCTIONS FROM RaspberryPi/Hotspot ARE OLD)
Remove the existing file at /etc/resolv.conf (a symlink to a network manager thing). Create a new version of the file that specifies preferred nameservers:
nameserver 8.8.8.8
NOTE: this file will be overwritten at boot by Network Manager. If your DNS is broken and dnsmasq does not seem to be able to find a preferred nameserver, circle back and double-check that network manager has been disabled.
Improved Logging
Dnsmasq configuration file has a log-facility option to control where logs go. Add this to the config file:
log-facility=/var/log/dnsmasq.log