|Source Repository:||Repository:Gentoo Portage Tree|
Summary: Small forwarding DNS server
- Add support for acting as an authorative DNS server.
- Add support for Linux conntrack connection marking.
- Install extra command line tools for manually managing DHCP leases.
- Enable support for acting as a DHCP server.
- Enable support DNSSEC validation and caching.
- Enable support for calling scripts when leases change.
- Enables built in TFTP server for netbooting.
As this page deals with DNS it has the potential to break your internet access! Ensure you have stable live media that can restore your system.
Dnsmasq is a dns cache, dhcp, and pxe server. This package is lightweight, and will work well for individual computers, or small lans.
# emerge net-dns/dnsmasq
/etc/dnsmasq.conf is where most of dnsmasq's configuration is done. It's file is well commented, and ready for several scenarios.
place other upstream dns servers in /etc/resolv.dnsmasq.conf with your preferred DNS server at the top of the list. The first console command in the block will wipe out existing /etc/resolv.dnsmasq.conf settings, back them up if you have anything important in them.
# echo "nameserver 184.108.40.206" > /etc/resolv.dnsmasq.conf
... resolv-file=/etc/resolv.dnsmasq.conf listen-address=127.0.0.1
To listen to a DNS server on an alternate port: In this example we'll install dnscrypt-proxy (package not on wiki - please add):
... #resolv-file=/etc/resolv.dnsmasq.conf server=127.0.0.1#2053 listen-address=127.0.0.1
Now your localhost / 127.0.0.1 is your primary DNS to point net connection scripts to. This is the point of no return command. Start the service before you run this, and be prepaired to test with dig that it's pulling up servers through dnsmasq.
# echo "nameserver 127.0.0.1" > /etc/resolv.confThis is the revert to known working DNS servers command:
# echo "nameserver 220.127.116.11" > /etc/resolv.conf
# rc-update add dnsmasq default # rc
Package:Bind-tools contains dns testing utilities. To verify that dns requests are returned from the local server: emerge bind-tools, then run:
# dig google.com | grep -i server ;; SERVER: 127.0.0.1#53(127.0.0.1)