|Source Repository:||Repository:Gentoo Portage Tree|
Summary: Small forwarding DNS server
- Add support for acting as an authorative DNS server.
- Add support for Linux conntrack connection marking.
- Install extra command line tools for manually managing DHCP leases.
- Enable support for acting as a DHCP server.
- Enable support DNSSEC validation and caching.
- Enable support for calling scripts when leases change.
- Enables built in TFTP server for netbooting.
OpenSSH 7 Disables DSA Keys By DefaultPlease be aware of this important change to avoid getting locked out of your Funtoo server.
Project Unfork StatusHere's an update on Project Unfork, plus other neat things.
IP Space Migration ContinuesAll Funtoo user containers in the 8.28 IP space will be moving into our new IP space (172.97) over the next few days. If you have DNS set up -- be sure to watch your container and update to the new IP! container.host.funtoo.org DNS will be updated after the move.
As this page deals with DNS it has the potential to break your internet access! Ensure you have stable live media that can restore your system.
Dnsmasq is a dns cache, dhcp, and pxe server. This package is lightweight, and will work well for individual computers, or small lans.
# emerge net-dns/dnsmasq
/etc/dnsmasq.conf is where most of dnsmasq's configuration is done. It's file is well commented, and ready for several scenarios.
place other upstream dns servers in /etc/resolv.dnsmasq.conf with your preferred DNS server at the top of the list. The first console command in the block will wipe out existing /etc/resolv.dnsmasq.conf settings, back them up if you have anything important in them.
# echo "nameserver 126.96.36.199" > /etc/resolv.dnsmasq.conf
... resolv-file=/etc/resolv.dnsmasq.conf listen-address=127.0.0.1
To listen to a DNS server on an alternate port: In this example we'll install dnscrypt-proxy (package not on wiki - please add):
... #resolv-file=/etc/resolv.dnsmasq.conf server=127.0.0.1#2053 listen-address=127.0.0.1
Now your localhost / 127.0.0.1 is your primary DNS to point net connection scripts to. This is the point of no return command. Start the service before you run this, and be prepaired to test with dig that it's pulling up servers through dnsmasq.
# echo "nameserver 127.0.0.1" > /etc/resolv.confThis is the revert to known working DNS servers command:
# echo "nameserver 188.8.131.52" > /etc/resolv.conf
# rc-update add dnsmasq default # rc
Package:Bind-tools contains dns testing utilities. To verify that dns requests are returned from the local server: emerge bind-tools, then run:
# dig google.com | grep -i server ;; SERVER: 127.0.0.1#53(127.0.0.1)