Dnsmasq

Last updated

dnsmasq
Developer(s) Simon Kelley
Initial release2001;23 years ago (2001)
Stable release
2.90 [1] / 13 February 2024;10 months ago (13 February 2024)
Repository
Written in C [2]
Operating system Unix-like
Type DNS server
License GNU General Public License Version 2 or 3 [3]
Website thekelleys.org.uk/dnsmasq/doc.html OOjs UI icon edit-ltr-progressive.svg

dnsmasq is free software providing Domain Name System (DNS) caching, a Dynamic Host Configuration Protocol (DHCP) server, router advertisement and network boot features, intended for small computer networks. [4] [5]

Contents

dnsmasq has low requirements for system resources, [6] [7] can run on Linux, BSDs, Android and macOS, and is included in most Linux distributions. Consequently, it "is present in a lot of home routers and certain Internet of Things gadgets" [4] and is included in Android. [5]

Details

dnsmasq is a lightweight, easy to configure DNS forwarder, designed to provide DNS, and optionally DHCP and Trivial File Transfer Protocol (TFTP) services, to a small-scale network. It can serve the names of local machines which are not in the global DNS.

dnsmasq's DHCP server supports static and dynamic DHCP leases, multiple networks and IP address ranges. The DHCP server integrates with the DNS server and allows local machines with DHCP-allocated addresses to appear in the DNS. dnsmasq caches DNS records, reducing the load on upstream nameservers and improving performance, and can be configured to automatically pick up the addresses of its upstream servers.

dnsmasq accepts DNS queries and either answers them from a small, local cache or forwards them to a real, recursive DNS server. It loads the contents of /etc/hosts, so that local host names which do not appear in the global DNS can be resolved. This also means that records added to your local /etc/hosts file with the format "0.0.0.0 annoyingsite.com" can be used to prevent references to "annoyingsite.com" from being resolved by your browser. This can quickly evolve to a local ad blocker when combined with adblocking site list providers. If done on a router, one can efficiently remove advertising content for an entire household or company.

dnsmasq supports modern Internet standards such as IPv6 and Domain Name System Security Extensions (DNSSEC), network booting with support for Bootstrap Protocol (BOOTP), Preboot Execution Environment (PXE) and TFTP and also Lua scripting.

Some Internet service-providers rewrite the NXDOMAIN (domain does not exist) responses from DNS servers, which forces web browsers to a search page whenever a user attempts to browse to a domain that does not exist. dnsmasq can filter out these "bogus" NXDOMAIN records, preventing this potentially unwanted behavior.

See also

Related Research Articles

The Domain Name System (DNS) is a hierarchical and distributed name service that provides a naming system for computers, services, and other resources on the Internet or other Internet Protocol (IP) networks. It associates various information with domain names assigned to each of the associated entities. Most prominently, it translates readily memorized domain names to the numerical IP addresses needed for locating and identifying computer services and devices with the underlying network protocols. The Domain Name System has been an essential component of the functionality of the Internet since 1985.

The Dynamic Host Configuration Protocol (DHCP) is a network management protocol used on Internet Protocol (IP) networks for automatically assigning IP addresses and other communication parameters to devices connected to the network using a client–server architecture.

A name server is a computer application that implements a network service for providing responses to queries against a directory service. It translates an often humanly meaningful, text-based identifier to a system-internal, often numeric identification or addressing component. This service is performed by the server in response to a service protocol request.

<span class="mw-page-title-main">Proxy server</span> Computer server that makes and receives requests on behalf of a user

In computer networking, a proxy server is a server application that acts as an intermediary between a client requesting a resource and the server providing that resource. It improves privacy, security, and possibly performance in the process.

Dynamic DNS (DDNS) is a method of automatically updating a name server in the Domain Name System (DNS), often in real time, with the active DDNS configuration of its configured hostnames, addresses or other information.

Zero-configuration networking (zeroconf) is a set of technologies that automatically creates a usable computer network based on the Internet Protocol Suite (TCP/IP) when computers or network peripherals are interconnected. It does not require manual operator intervention or special configuration servers. Without zeroconf, a network administrator must set up network services, such as Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS), or configure each computer's network settings manually.

<span class="mw-page-title-main">Preboot Execution Environment</span> Standard for booting from a server

In computing, the Preboot eXecution Environment specification describes a standardized client–server environment that boots a software assembly, retrieved from a network, on PXE-enabled clients. On the client side it requires only a PXE-capable network interface controller (NIC), and uses a small set of industry-standard network protocols such as Dynamic Host Configuration Protocol (DHCP) and Trivial File Transfer Protocol (TFTP).

<span class="mw-page-title-main">ARP spoofing</span> Cyberattack which associates the attackers MAC address with the IP address of another host

In computer networking, ARP spoofing is a technique by which an attacker sends (spoofed) Address Resolution Protocol (ARP) messages onto a local area network. Generally, the aim is to associate the attacker's MAC address with the IP address of another host, such as the default gateway, causing any traffic meant for that IP address to be sent to the attacker instead.

ipconfig Console application program

ipconfig is a console application program of some computer operating systems that displays all current TCP/IP network configuration values refreshes Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS) settings.

The Web Proxy Auto-Discovery (WPAD) Protocol is a method used by clients to locate the URL of a configuration file using DHCP and/or DNS discovery methods. Once detection and download of the configuration file is complete, it can be executed to determine the proxy for a specified URL.

Microsoft DNS is the name given to the implementation of domain name system services provided in Microsoft Windows operating systems.

<span class="mw-page-title-main">NetworkManager</span> Software

NetworkManager is a daemon that sits on top of libudev and other Linux kernel interfaces and provides a high-level interface for the configuration of the network interfaces.

This article presents a comparison of the features, platform support, and packaging of many independent implementations of Domain Name System (DNS) name server software.

A proxy auto-config (PAC) file defines how web browsers and other user agents can automatically choose the appropriate proxy server for fetching a given URL.

The Dynamic Host Configuration Protocol version 6 (DHCPv6) is a network protocol for configuring Internet Protocol version 6 (IPv6) hosts with IP addresses, IP prefixes, default route, local segment MTU, and other configuration data required to operate in an IPv6 network. It is not just the IPv6 equivalent of the Dynamic Host Configuration Protocol for IPv4.

<span class="mw-page-title-main">Zeroshell</span> Linux distribution

Zeroshell is a small open-source Linux distribution for servers and embedded systems which aims to provide network services. Its administration relies on a web-based graphical interface; no shell is needed to administer and configure it. Zeroshell is available as Live CD and CompactFlash images, and VMware virtual machines.

DNS hijacking, DNS poisoning, or DNS redirection is the practice of subverting the resolution of Domain Name System (DNS) queries. This can be achieved by malware that overrides a computer's TCP/IP configuration to point at a rogue DNS server under the control of an attacker, or through modifying the behaviour of a trusted DNS server so that it does not comply with internet standards.

Cisco Prime Network Registrar (CNR) is a Cisco software product that includes components for Domain Name System (DNS) services, Dynamic Host Configuration Protocol services, Trivial File Transfer Protocol (TFTP) services, and Simple Network Management Protocol functions. CNR provides a regional and local management structure and is supported on server hardware and software based on 32-bit and 64-bit architectures. This product is now called Cisco Prime Network Registrar.

A search domain is a domain used as part of a domain search list. The search list, as well as the local domain name, is used by a resolver to create a fully qualified domain name (FQDN) from a relative name. For this purpose, the local domain name functions as a single-item search list.

<span class="mw-page-title-main">Pi-hole</span> Network level ad- and tracker-blocking app

Pi-hole is a Linux network-level advertisement and Internet tracker blocking application which acts as a DNS sinkhole and optionally a DHCP server, intended for use on a private network. It is designed for low-power embedded devices with network capability, such as the Raspberry Pi, but can be installed on almost any Linux machine.

References

  1. "[Dnsmasq-discuss] Announce: dnsmasq-2.90".
  2. "Dnsmasq". Open Hub. Black Duck Software. Archived from the original on 29 November 2014. Retrieved 19 November 2014.
  3. "Dnsmasq - network services for small networks". Archived from the original on 4 May 2011. Retrieved 19 November 2014.
  4. 1 2 Thomson, Iain (2 October 2017). "Dnsmasq and the seven flaws: Patch these nasty remote-control holes". The Register. Archived from the original on 4 October 2017. Retrieved 5 October 2017.
  5. 1 2 Goodin, Dan (3 October 2017). "Code-execution flaws threaten users of routers, Linux, and other OSes". Ars Technica. Archived from the original on 5 October 2017. Retrieved 5 October 2017.
  6. "dnsmasq". Debian Wiki . Archived from the original on 29 November 2014. Retrieved 19 November 2014.
  7. "dnsmasq". Arch Linux Wiki . Archived from the original on 24 September 2014. Retrieved 19 November 2014.
This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.