Create an account


Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
Fedora - Use dnsmasq to provide DNS & DHCP services

#1
Use dnsmasq to provide DNS & DHCP services

Many tech enthusiasts find the ability to control their host name resolution important. Setting up servers and services usually requires some form of fixed address, and sometimes also requires special forms of resolution such as defining Kerberos or LDAP servers, mail servers, etc. All of this can be achieved with dnsmasq.

dnsmasq is a lightweight and simple program which enables issuing DHCP addresses on your network and registering the hostname & IP address in DNS. This configuration also allows external resolution, so your whole network will be able to speak to itself and find external sites too.

This article covers installing and configuring dnsmasq on either a virtual machine or small physical machine like a Raspberry Pi so it can provide these services in your home network or lab. If you have an existing setup and just need to adjust the settings for your local workstation, read the previous article which covers configuring the dnsmasq plugin in NetworkManager.

Install dnsmasq


First, install the dnsmasq package:

sudo dnf install dnsmasq

Next, enable and start the dnsmasq service:

sudo systemctl enable --now dnsmasq

Configure dnsmasq


First, make a backup copy of the dnsmasq.conf file:

sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.orig

Next, edit the file and make changes to the following to reflect your network. In this example, mydomain.org is the domain name, 192.168.1.10 is the IP address of the dnsmasq server and 192.168.1.1 is the default gateway.

sudo vi /etc/dnsmasq.conf

Insert the following contents:

domain-needed
bogus-priv
no-resolv
server=8.8.8.8
server=8.8.4.4
local=/mydomain.org/
listen-address=::1,127.0.0.1,192.168.1.10
expand-hosts
domain=mydomain.org
dhcp-range=192.168.1.100,192.168.1.200,24h
dhcp-option=option:router,192.168.1.1
dhcp-authoritative
dhcp-leasefile=/var/lib/dnsmasq/dnsmasq.leases

Test the config to check for typos and syntax errors:

$ sudo dnsmasq --test
dnsmasq: syntax check OK.

Now edit the hosts file, which can contain both statically- and dynamically-allocated hosts. Static addresses should lie outside the DHCP range you specified earlier. Hosts using DHCP but which need a fixed address should be entered here with an address within the DHCP range.

sudo vi /etc/hosts

The first two lines should be there already. Add the remaining lines to configure the router, the dnsmasq server, and two additional servers.

127.0.0.1   localhost localhost.localdomain
::1         localhost localhost.localdomain
192.168.1.1    router
192.168.1.10   dnsmasq
192.168.1.20   server1
192.168.1.30   server2

Restart the dnsmasq service:

sudo systemctl restart dnsmasq

Next add the services to the firewall to allow the clients to connect:

sudo firewall-cmd --add-service={dns,dhcp}
sudo firewall-cmd --runtime-to-permanent

Test name resolution


First, install bind-utils to get the nslookup and dig packages. These allow you to perform both forward and reverse lookups. You could use ping if you’d rather not install extra packages. but these tools are worth installing for the additional troubleshooting functionality they can provide.

sudo dnf install bind-utils

Now test the resolution. First, test the forward (hostname to IP address) resolution:

$ nslookup server1
Server:       127.0.0.1
Address:    127.0.0.1#53
Name:    server1.mydomain.org
Address: 192.168.1.20

Next, test the reverse (IP address to hostname) resolution:

$ nslookup 192.168.1.20
20.1.168.192.in-addr.arpa    name = server1.mydomain.org.

Finally, test resolving hostnames outside of your network:

$ nslookup fedoramagazine.org
Server:       127.0.0.1
Address:    127.0.0.1#53
Non-authoritative answer:
Name:    fedoramagazine.org
Address: 35.196.109.67

Test DHCP leases


To test DHCP leases, you need to boot a machine which uses DHCP to obtain an IP address. Any Fedora variant will do that by default. Once you have booted the client machine, check that it has an address and that it corresponds to the lease file for dnsmasq.

From the machine running dnsmasq:

$ sudo cat /var/lib/dnsmasq/dnsmasq.leases
1598023942 52:54:00:8e:d5:db 192.168.1.100 server3 01:52:54:00:8e:d5:db
1598019169 52:54:00:9c:5a:bb 192.168.1.101 server4 01:52:54:00:9c:5a:bb

Extending functionality


You can assign hosts a fixed IP address via DHCP by adding it to your hosts file with the address you want (within your DHCP range). Do this by adding into the dnsmasq.conf file the following line, which assigns the IP listed to any host that has that name:

dhcp-host=myhost

Alternatively, you can specify a MAC address which should always be given a fixed IP address:

dhcp-host=11:22:33:44:55:66,192.168.1.123

You can specify a PXE boot server if you need to automate machine builds

tftp-root=/tftpboot
dhcp-boot=/tftpboot/pxelinux.0,boothost,192.168.1.240

This should point to the actual URL of your TFTP server.

If you need to specify SRV or TXT records, for example for LDAP, Kerberos or similar, you can add these:

srv-host=_ldap._tcp.mydomain.org,ldap-server.mydomain.org,389
srv-host=_kerberos._udp.mydomain.org,krb-server.mydomain.org,88
srv-host=_kerberos._tcp.mydomain.org,krb-server.mydomain.org,88
srv-host=_kerberos-master._udp.mydomain.org,krb-server.mydomain.org,88
srv-host=_kerberos-adm._tcp.mydomain.org,krb-server.mydomain.org,749
srv-host=_kpasswd._udp.mydomain.org,krb-server.mydomain.org,464
txt-record=_kerberos.mydomain.org,KRB-SERVER.MYDOMAIN.ORG

There are many other options in dnsmasq. The comments in the original config file describe most of them. For full details, read the man page, either locally or online.



https://www.sickgaming.net/blog/2020/09/...-services/
Reply



Possibly Related Threads…
Thread Author Replies Views Last Post
  Fedora - Contribute at the Fedora Test Week for Kernel 5.9 xSicKxBot 0 5 Today, 12:22 AM
Last Post: xSicKxBot
  Fedora - Announcing the release of Fedora 33 Beta xSicKxBot 0 30 09-29-2020, 09:01 PM
Last Post: xSicKxBot
  Fedora - Now available: Fedora on Lenovo laptops! xSicKxBot 0 29 09-25-2020, 07:51 PM
Last Post: xSicKxBot
  Fedora - Ankur Sinha: How do you Fedora? xSicKxBot 0 46 09-11-2020, 02:22 PM
Last Post: xSicKxBot
  Fedora - Contribute at the Fedora Test Week for Btrfs xSicKxBot 0 68 08-26-2020, 01:20 PM
Last Post: xSicKxBot
  Fedora - Btrfs Coming to Fedora 33 xSicKxBot 0 75 08-24-2020, 01:28 PM
Last Post: xSicKxBot
  Fedora - Configure Fedora to practice and compose music xSicKxBot 0 63 08-22-2020, 12:44 PM
Last Post: xSicKxBot
  Fedora - Contribute at the Fedora Kernel and GNOME test days xSicKxBot 0 76 08-18-2020, 02:42 PM
Last Post: xSicKxBot
  Fedora - Create a wifi hotspot with Raspberry Pi 3 and Fedora xSicKxBot 0 90 08-12-2020, 12:36 PM
Last Post: xSicKxBot
  Fedora - install Fedora on a Raspberry Pi 3 xSicKxBot 0 107 08-07-2020, 01:04 PM
Last Post: xSicKxBot

Forum Jump:

Become a Patron!
[-]
Upcoming Events

[-]
Latest Threads
[1.06] BO4 Zombie Trainer (Call of duty ...
Last Post: Tom_Pdv
Today 09:03 PM
» Replies: 12
» Views: 440
[Tut] How to Build Your Brand as a Freel...
Last Post: xSicKxBot
Today 08:58 PM
» Replies: 0
» Views: 1
(Indie Deal) FREE Ghost Sweeper, ? NBA 2...
Last Post: xSicKxBot
Today 08:58 PM
» Replies: 0
» Views: 2
Drag[en]gine Hands-On
Last Post: xSicKxBot
Today 08:58 PM
» Replies: 0
» Views: 2
AppleInsider - Apple TV Remote app influ...
Last Post: xSicKxBot
Today 08:58 PM
» Replies: 0
» Views: 1
News - Nightdive Studios Delays Its Enha...
Last Post: xSicKxBot
Today 08:58 PM
» Replies: 0
» Views: 1
News - PS5 Third-Party Face Plates Are A...
Last Post: xSicKxBot
Today 08:58 PM
» Replies: 0
» Views: 2
Xbox Wire - Xbox Insider Release Notes –...
Last Post: xSicKxBot
Today 02:31 PM
» Replies: 0
» Views: 4
News - Video: The lighting technology of...
Last Post: xSicKxBot
Today 02:30 PM
» Replies: 0
» Views: 5
News - Talking Point: What Are You Playi...
Last Post: xSicKxBot
Today 02:22 PM
» Replies: 0
» Views: 4

[-]
Twitter

[-]
Sponsored
Get the Deal of the Week at RefurBees.com

Copyright © SickGaming.net 2012-2020