How To Setup Dnsmasq As A Local Caching DNS Server On Your Linux Machine

Are you looking to speed up DNS resolution on your laptop or even network? If you answered yes to this question then keep reading as in this post we will be taking a look at how to setup dnsmasq as a local resolver cache on your linux machine.

In this post I will be using my Kali Linux laptop which is a rolling distribution based off of Debian.

Installation of dnsmasq

Installation of dnsmasq can be done in a few easy steps

  1. Run apt update.
  2. Run apt install dnsmasq -y (the -y just tells the install to proceed with out having the user press y for yes).

Once the installation of dnsmasq has completed you will now need to configure it as a local caching dns server

Configuration of dnsmasq

Get dnsmasq to Use Local Machine as Caching Resolver

Debian has a resolve.conf file which is auto generated by the network manager and has upstream DNS servers that the laptop will use.

Create a new file called dnsmasq.upstream, but in reality the name of the file can be anything you want it to be.

In this file all you need to put is the following:

nameserver 1.1.1.1

nameserver 8.8.8.8

I have the name servers set first to Cloudflare DNS and then Google DNS. These can be set to any public DNS of your choice.

In the next step we will amend and enable a few settings in the dnsmasq.conf file in order to use this file instead of the default resolv.conf

Adjust the dnsmasq Configuration File

There are a number of settings we need to uncomment in the dns mask configuration file.

Open the dnsmasq.conf file with your editor of choice. This file is found in /etc.

Once in the file you will need to uncomment the following settings:

Uncomment and set resolv-file to the path where the dnsmasq.upstream file is located. This would be in /etc.

resolve-file=/etc/dnsmasq.upstream

Next uncomment strict-order. This tells dnsmasq to use the name servers in the dnsmasq.upstream file in the order that they appear in this file.

Next we uncomment the interface=lo line. This line tells dnsmasq to use the loop back device.

We then uncomment the listen-address=127.0.0.1 which tells dnsmasq to use its own local DNS cache prior to going to upstream servers.

Lastly we uncomment bind-interfaces. This tells dnsmasq to bind only to the interface that it is listening on, which in this case is the loop back interface.

Now we save the file and then restart dnsmasq. We will also enable dnsmasq so it starts on boot.

systemctl restart dnsmasq

systemctl enable dnsmasq

Test to see if dnsmasq is using localhost to resolve

To test to see if the local caching resolver is working run the following command:

dig google.com @127.0.0.1

This will query to see what record google has and will display it on the screen.

At the bottom you will see a line that says SERVER: 127.0.0.1#53 this means that dnsmasq is using your local caching resolver is being used prior to going upstream.

The advantage with this is that it speeds up website loading times especially if these are sites you have already visited and are in your cache.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.