CentOS Stream 9
Sponsored Link

Dnsmasq : Install and Configure
2022/01/11
 
Install Dnsmasq that is the lightweight DNS forwarder and DHCP Server Software.
[1] Install Dnsmasq.
[root@dlp ~]#
dnf -y install dnsmasq
[2] Configure Dnsmasq.
[root@dlp ~]#
vi /etc/dnsmasq.conf
# line 12 : add network interface setting to listen on

interface=enp1s0
# line 19 : uncomment
# never forward addresses in the non-routed address spaces

domain-needed
# line 21 : uncomment
# query with each server strictly in the order in resolv.conf

bogus-priv
# line 53 : uncomment
# query with each server strictly in the order in [resolv.conf]

strict-order
# line 67 : add if you need
# query the specific domain name to the specific DNS server
# example below means query [server.education] domain to [10.0.0.10] server

server=/server.education/10.0.0.10
# line 145 : uncomment # add domain name automatically to hostnames

expand-hosts
# line 155 : add your own domain name

domain=srv.world
[root@dlp ~]#
systemctl enable --now dnsmasq

[3] For DNS records, add them in [/etc/hosts].
Then, Dnsmasq will answer to queries from client hosts.
[root@dlp ~]#
vi /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
# add records
10.0.0.30   dlp.srv.world dlp
10.0.0.31   www.srv.world www 

[root@dlp ~]#
systemctl restart dnsmasq

[4] If Firewalld is running, allow DNS service. DNS uses [53/TCP,UDP].
[root@dlp ~]#
firewall-cmd --add-service=dns

success
[root@dlp ~]#
firewall-cmd --runtime-to-permanent

success
[5] Verify Name or Address Resolution from a client host in your network.
[root@node01 ~]#
dnf -y install bind-utils
# change DNS to Dnsmasq Server (replace [enp1s0] to your own environment)

[root@node01 ~]#
nmcli connection modify enp1s0 ipv4.dns 10.0.0.30

[root@node01 ~]#
nmcli connection down enp1s0; nmcli connection up enp1s0
[root@node01 ~]#
dig dlp.srv.world.


; <<>> DiG 9.16.23-RH <<>> dlp.srv.world.
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 41550
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;dlp.srv.world.                 IN      A

;; ANSWER SECTION:
dlp.srv.world.          0       IN      A       10.0.0.30

;; Query time: 1 msec
;; SERVER: 10.0.0.30#53(10.0.0.30)
;; WHEN: Tue Jan 11 11:47:08 JST 2022
;; MSG SIZE  rcvd: 58

[root@node01 ~]#
dig -x 10.0.0.30


; <<>> DiG 9.16.23-RH <<>> -x 10.0.0.30
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 65502
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;30.0.0.10.in-addr.arpa.                IN      PTR

;; ANSWER SECTION:
30.0.0.10.in-addr.arpa. 0       IN      PTR     dlp.srv.world.

;; Query time: 2 msec
;; SERVER: 10.0.0.30#53(10.0.0.30)
;; WHEN: Tue Jan 11 11:47:58 JST 2022
;; MSG SIZE  rcvd: 78
Matched Content