Dnsmasq is a lightweight server designed to provide DNS (and optionally DHCP and TFTP) services to a small-scale network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. Dnsmasq supports static and dynamic DHCP leases and BOOTP for network booting of diskless machines.
The developers of dnsmasq targeted home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection. But the system would function well in any small network where low resource-use and ease of configuration are important.
In ubuntu >12.04 dnsmasq is now running by default due to being hard coded into network manager.
Using dnsmasq as local resolver by default on desktop installations
That’s the second big change of this release. On a desktop install, your DNS server is going to be “127.0.0.1? which points to a NetworkManager-managed dnsmasq server.
This was done to better support split DNS for VPN users and to better handle DNS failures and fallbacks. This dnsmasq server isn’t a caching server for security reason to avoid risks related to local cache poisoning and users eavesdropping on other’s DNS queries on a multi-user system.
The big advantage is that if you connect to a VPN, instead of having all your DNS traffic be routed through the VPN like in the past, you’ll instead only send DNS queries related to the subnet and domains announced by that VPN. This is especially interesting for high latency VPN links where everything would be slowed down in the past.
As for dealing with DNS failures, dnsmasq often sends the DNS queries to more than one DNS servers (if you received multiple when establishing your connection) and will detect bogus/dead ones and simply ignore them until they start returning sensible information again. This is to compare against the libc’s way of doing DNS resolving where the state of the DNS servers can’t be saved (as it’s just a library) and so every single application has to go through the same, trying the first DNS, waiting for it to timeout, using the next one.
If you don’t want a local resolver you can turn it off DNSMASQ using the following procedure
You need to edit /etc/NetworkManager/NetworkManager.conf file
and comment out the following line from
Save and exit the file
Now you need to network-manager using the following command
Source from here
The developers of dnsmasq targeted home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection. But the system would function well in any small network where low resource-use and ease of configuration are important.
In ubuntu >12.04 dnsmasq is now running by default due to being hard coded into network manager.
Using dnsmasq as local resolver by default on desktop installations
That’s the second big change of this release. On a desktop install, your DNS server is going to be “127.0.0.1? which points to a NetworkManager-managed dnsmasq server.
This was done to better support split DNS for VPN users and to better handle DNS failures and fallbacks. This dnsmasq server isn’t a caching server for security reason to avoid risks related to local cache poisoning and users eavesdropping on other’s DNS queries on a multi-user system.
The big advantage is that if you connect to a VPN, instead of having all your DNS traffic be routed through the VPN like in the past, you’ll instead only send DNS queries related to the subnet and domains announced by that VPN. This is especially interesting for high latency VPN links where everything would be slowed down in the past.
As for dealing with DNS failures, dnsmasq often sends the DNS queries to more than one DNS servers (if you received multiple when establishing your connection) and will detect bogus/dead ones and simply ignore them until they start returning sensible information again. This is to compare against the libc’s way of doing DNS resolving where the state of the DNS servers can’t be saved (as it’s just a library) and so every single application has to go through the same, trying the first DNS, waiting for it to timeout, using the next one.
If you don’t want a local resolver you can turn it off DNSMASQ using the following procedure
You need to edit /etc/NetworkManager/NetworkManager.conf file
gksudo gedit /etc/NetworkManager/NetworkManager.conf
and comment out the following line from
dns=dnsmasqto
#dns=dnsmasq
Save and exit the file
Now you need to network-manager using the following command
sudo restart network-manager
Source from here
No comments:
Post a Comment
The Open Source Web Hosting company