Shulou(Shulou.com)06/01 Report--

This article will explain in detail what the common uses of Dnsmasq are, and the editor thinks it is very practical, so I share it with you for reference. I hope you can get something after reading this article.

Dnsmasq provides network infrastructure for small networks: DNS,DHCP, router advertisements, and network booting. It is designed to be lightweight and takes up a small amount of space, and is suitable for routers and firewalls with limited resources. It is also widely used for sharing smartphones and portable hotspots, and supports virtual networks in the virtualization framework.

Test configuration

When you test the new configuration, you should run Dnsmasq from the command line instead of using the daemon. The following example shows how to run it without a daemon while displaying the output of the instruction and keeping the running log:

# dnsmasq-- no-daemon-- log-queriesdnsmasq: started, version 2.75 cachesize 150dnsmasq: compile time options: IPv6 GNU-getoptDBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrackipset auth DNSSEC loop-detect inotifydnsmasq: reading / etc/resolv.confdnsmasq: using nameserver 192.168.0.1#53dnsmasq: read / etc/hosts-9 addresses

You can see a lot of useful information in this small example, including the version, the compilation parameters, the system name service file, and its listening address. You can use Ctrl+C to stop the process. By default, Dnsmasq does not have its own log file, so logs are recorded in multiple places in the / var/log directory. You can use the classic grep to find Dnsmasq log files. The following instruction recursively searches / var/log, displays the matching line number after each matching file name, and ignores the contents of / var/log/dist-upgrade:

# grep-ir-- exclude-dir=dist-upgrade dnsmasq / var/log/

There is an interesting trick to note when using grep-exclude-dir=: don't use the full path, just write the directory name.

You can use the following command line parameters to let Dnsmasq use the file you specified as its own log file:

# dnsmasq-no-daemon-log-queries-log-facility=/var/log/dnsmasq.log

Or add log-facility=/var/log/dnsmasq.log to your Dnsmasq configuration file.

Configuration file

The configuration file for Dnsmasq is located in / etc/dnsmasq.conf. Your Linux distribution may also use / etc/default/dnsmasq, / etc/dnsmasq.d/, or / etc/dnsmasq.d-available/ (no, we can't unify the standard, because it violates the will of Linux's secret council Linux Cat Herd Ruling Cabal). You have a lot of freedom to place your configuration files at will.

/ etc/dnsmasq.conf is a highly respected boss. Dnsmasq reads it first when it starts. / etc/dnsmasq.conf can use the conf-file= option to invoke other configuration files, such as conf-file=/etc/dnsmasqextrastuff.conf, or use the conf-dir= option to invoke all files in the directory, such as conf-dir=/etc/dnsmasq.d.

Whenever you make changes to the configuration file, you must restart Dnsmasq.

You can also include or ignore configuration files based on the extension. An asterisk indicates inclusion, and no asterisk indicates exclusion:

Conf-dir=/etc/dnsmasq.d/, * .conf, * .fooconf-dir=/etc/dnsmasq.d, .old, .bak, .tmp

You can use the-addn-hosts= option to distribute your host configuration in multiple files.

Dnsmasq includes a syntax checker:

Dnsmasq-- testdnsmasq: syntax check OK. Practical configuration

Always join these lines:

Domain-neededbogus-priv they can prevent packets containing malformed domain names or private IP addresses from leaving your network. Let your name service use only Dnsmasq, not / etc/resolv.conf or any other name service file: no-resolv uses another domain name server. The first example is to use different domain name servers for only one domain name. The second and third examples are OpenDNS public servers: server=/fooxample.com/192.168.0.1server=208.67.222.222server=208.67.220.220

You can also limit some domain names to local resolution, but do not affect others. These restricted domain names can only be resolved from / etc/hosts or DHCP:

Local=/mehxample.com/local=/fooxample.com/

Restrict network interfaces for Dnsmasq snooping:

Interface=eth0interface=wlan1

Dnsmasq reads and uses / etc/hosts by default. This is a quick and good way to configure a large number of domain names, and / etc/hosts only needs to be on the same computer as Dnsmasq. You can also make this process a little faster by writing only the hostname in the / etc/hosts file and then using Dnsmasq to add the domain name. / etc/hosts looks like this:

127.0.0.1 localhost192.168.0.1 host2192.168.0.2 host3192.168.0.3 host4

Then write the following lines to dnsmasq.conf (change it to your own domain name, of course):

Expand-hostsdomain=mehxample.com

Dnsmasq will automatically extend these hostnames to the full domain name, such as host2 will become host2.mehxample.com.

DNS pan domain name

Generally speaking, using DNS pan-domain names is not a good habit because they are too easy to be misused. But they can be useful sometimes, such as under the tight protection of your local area network. One example is that using DNS pan-domain names makes Kubernetes clusters much easier to manage, unless you like to write DNS records for hundreds of your applications. Assuming that your Kubernetes domain name is mehxample.com, the following line of configuration allows Dnsmasq to resolve all requests for mehxample.com:

Address=/mehxample.com/192.168.0.5 the address used here is the public network IP address of your cluster. This responds to requests for all hostnames and subdomains of mehxample.com, unless the target address of the request is already configured in DHCP or / etc/hosts.

This is the end of the article on "what are the common uses of Dnsmasq". I hope the above content can be of some help to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.