Create a DHCP and DNS Server with Dnsmasq on Ubuntu Server 18.04

Introduction

Dnsmasq is a free local DNS, DHCP and read-only TFTP server with support for BOOTP and PXE. It is lightweight while being capable of handling DNS and DHCP for at least a thousand clients.

Prerequisites

Ubuntu Server 18.04 running on VMware Fusion was used to test the steps in this tutorial.

Before you begin, you’ll need to install Ubuntu Server 18.04 and configure it to use a static IP address. I’ve used 10.1.1.250 as the IP address throughout this guide.

Let’s begin.

Step 1: Update the hosts file

Once you’ve assigned a static IP address, edit the hostname in the /etc/hosts file so that it resolves to the static IP. For example, if your hostname is dnsmasq, edit the line:

127.0.1.1  dnsmasq

To

10.1.1.250  dnsmasq

This will allow clients to resolve the static IP of the DNS server.

Step 2: Install Dnsmasq

Run the following command to install Dnsmasq

sudo apt install dnsmasq

Modify the /etc/resolv.conf file so that it uses the local Dnsmasq server to resolve DNS requests.

echo "nameserver 127.0.0.1" | sudo tee /etc/resolv.conf

We’ll add the public DNS servers to the Dnsmaq config file in the next step.

Step 3: Configure DNS

The Dnsmasq configuration file on Ubuntu is located at /etc/dnsmasq.conf. First we will create a backup by running the following command:

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.bak

Now create a new file by running:

sudo vim /etc/dnsmasq.conf

Add the following contents to the file:

# Global settings
domain-needed
bogus-priv
no-resolv
expand-hosts
filterwin2k

# Upstream nameservers
server=8.8.4.4
server=8.8.8.8

# domain name
domain=vsphere.lab
local=/vsphere.lab/

listen-address=127.0.0.1
listen-address=10.1.1.250

In the example config above, you might want to change the upstream nameservers from Googles to something different. You’ll also want to change the domain, local and listen-address options to suit your environment.

Save the file and apply the changes by restarting Dnsmasq with the following command:

sudo systemctl restart dnsmasq

Step 4: Configure DHCP

If you want to use the built-in DHCP server that comes with Dnsmaq, add the following to the config file and restart the service to apply the changes.

# DHCP options
dhcp-range=10.1.1.11,10.1.1.249,12h
dhcp-lease-max=100
dhcp-option=option:router,10.1.1.2
dhcp-option=option:dns-server,10.1.1.250
dhcp-option=option:netmask,255.255.255.0

You’ll want to adjust the IP settings and the range to suit your requirements.

How to assign fixed addresses

If you have any devices on your network that you’d like to fix the IP address of without having to change it to static in the device’s settings, you can do that by obtaining the MAC address of the device and adding an entry to the config like in the example below:

dhcp-host=00:0C:29:D0:95:5E,10.1.1.11,esxi01

In this example, I’m fixing the device with the MAC address of 00:0C:29:D0:95:5E to the IP of 10.1.1.11 and giving it a hostname of esxi01.

How to view DHCP Leases

If you want to see what DHCP leases have been created you can run the following command:

$ cat /var/lib/misc/dnsmasq.leases
1576643810 00:0c:29:d0:95:5e 10.1.1.201 testing ff:2b:94:34:c1:00:02:00:00:ab:11:80:ed:c7:78:b1:6f:4e:59
1576617132 00:0c:29:14:8a:0e 10.1.1.53 * *

This is can be a useful way of determining the MAC address of a machine before fixing its IP address.

How to add DNS Hosts

Hosts that are assigned via DHCP can already be resolved by other clients on your LAN, but if you want to add custom hosts to resolve, you can do it by adding them to the /etc/hosts file.

For example, adding the following:

10.1.2.100  dev
10.1.2.101  staging

To the hosts file will resolve dev to 10.1.2.100. It will also resolve dev.vsphere.lab because of the domain and expand-hosts options set in the config file.

Conclusion

In this post, we learned how to install and configure Dnsmasq as a local DNS server. Using a local DNS server can speed up web response times when multiple devices on your network access the same domain name.

There’s more that Dnsmasq can do, such as network booting systems with BOOTP and PXE, or blocking domains by adding them to the hosts file with a local IP address.

In a future post, I will write a tutorial on how to use Dnsmasq to install Ubuntu over the network using PXE and the built-in TFTP server.

Written by: Tony Mackay