You don't need a Pi to run dnsmasq. It will run on any (most?) linux computer. However, you typically want DHCP/DNS always on and the Pi is a low power device that is efficient enough to leave running all the time.
nice! Quick question. Before you add the MAC address of your phone etc. to your config file, because your DHCP is unable to assign an IP, does that mean that you cannot connect to the internet? I wonder whether this will cause a pain every time you have a guest over, and they want to use the wifi.. (for home networks). Thanks!
Yes, that's correct. The setup used in the video is specifically configured for tightly controlling who gets on your network. Of course, you don't have to set it up that way, but that was the focus of this video.
@@carpienet interesting thanks for clearing that up! I suppose it can be a great feature when you want to avoid wifi pirates haha. I however live with a few people who are not technically inclined, so I don't want to be a nuisance lol
:) Understood. If you still want to take advantage of having a few machines named and/or statically assigned but everyone else dynamically assigned, you can remove the `static` option from the `dhcp-range` config line. dnsmasq will honor the static assignments but still give out dynamic assignments to unknown devices.
I'm not sure I understand the question, as I haven't used libvirt directly. The DNS service here as presented would be for your host and guests only as long the DNS port isn't presented to the outside world through your router. Are you asking if you could run the setup in a virtual machine? I would think you could as long as the VM has a routable IP on your network and exposes the DNS port.
@@carpienet Ok. Trying to get this done. No luck for now. Making some mistake which i don't see. I think its related to how NAT bridges work. Anyway, thank you for sharing. Will get my first Pi this evening. :)
Although I haven't done this, I believe it is. I think all you have to do is leave out the MAC address in the `dhcp-host` entry. Just put in the name and the desired IP address. If the client makes a DHCP request with the specific hostname, it should get the IP address you set.
Thanks! If you add the option "domain=home.lan" ("home.lan" could be any domain you want) to the config file, you will have fully qualified domain names. In that case, dnsmasq will give you the correct address when you reference "thedoctor.home.lan" or, still, just "thedoctor". The accompanying article on my website (carpie.net/articles/setting-up-a-home-network-dhcp-dns-server-with-dnsmasq) does this.
Great tutorial and really easy to follow. However, I have a strange problem. I can ping devices by name from my pi and even my phone but NOT from my PC (running Linux Mint) or my wife's PC (running Windows 10). I just get the error "Name or service not known." Any ideas what I've done wrong? I'm sure it's something simple.
You are using static IPs for all the connected devices. Can we use DHCP. I mean we have a DHCP network and we want to set up dns server but not with static ip.?
Sure! You do not have to do static reservation. To do "normal" DHCP, just remove the `static` keyword out of the `dhcp-range` option and do not provide an IP address in the `dhcp-host` lines.
I install my web site in my RPi because I want to access my website via raspberrypi/mywebsite. I use my laptop (Windows 10), I can access my website without issue. However, when I use my android phone or my Ipad, I can't access my website via raspberrypi/mywebsite so is this method can resolve my issue ? all my devices are using the same networks
Yes! This method will allow any device on your local network to access other devices on the same network by the name you give them. Just make sure, once this is set up, that you disable DHCP service on your existing router/access point.
Yes, dnsmasq will serve names out of /etc/hosts, so you can put an entry in there for fb.com and point it to any IP that you want. For example, you could point it to the Pi's address and run, say nginx on the Pi to show a custom page. If you're looking to block ad sites and the like en masse , maybe check out pi-hole.net/.
No, not the client, just the Pi. Since you set up the Pi as your DNS server, if fb.com is in the Pi's /etc/hosts, dnsmasq will use that when resolving. So when your client looks up fb.com, it will make the DNS request to look up the name and the Pi will reply with what's in its /etc/hosts entry.
What is the point of doing all this to achieve somthing your router already does for you? Why not show a tutorial where the pi's dns server assigns a local name to an ip adress already issued by the by the routers dhcp server.
The point of this particular video is strictly controlling what is allowed on your network and assigning specific addresses/names to those devices. If a device is not in your list, it is not allowed on your network. If don't need/want that level of control, then using the router's DHCP is fine. If you want the control, but don't care about the address, then just remove the `static` keyword out of the `dhcp-range` option and don't provide an IP on the host reservation line.
@@carpienet thank you, this is answering exactly the question I had as well in my mind :) if I just want a simple blocker,. It would replace pihole, right? I just would miss out caching and the nice webfrontend?
@@Dus3826 Pihole is/uses a DNS server as well. I haven't used it, but it is possible that you could do the manual host assignment with it as well using the same technique I showed here. That said, if you use this setup and want to do pihole-like DNS blocking for specific address, you can create a new file, say, `/etc/dnsmasq.d/blocked.conf`, and add entries like `address=/adsrvr.org/127.0.0.1`. This will force DNS to return a localhost address when that name is looked up and effectively block outgoing traffic to that host.
Old comment I know, but I had a use case for this recently. I was temporarily setting up a SonicWall TZ270 for a few months. SonicWalls don't do internal DNS resolution very well because (as a business-grade firewall) it expects you to have a DNS server already. So I deployed dnsmasq as a DHCP+DNS server on a first generation Raspberry Pi model B instead. It worked a treat and is so light that the Pi didn't break a sweat despite being ancient.
Excellent tutorial and explaining skills!
Nice explanation. 👍thanks
Awesome tutorial, thanks
Tutorial yang bagus, keren pisan.
Thanks for the content, Why do we need a RaspBerry pi? can we do this with another computer?
You don't need a Pi to run dnsmasq. It will run on any (most?) linux computer. However, you typically want DHCP/DNS always on and the Pi is a low power device that is efficient enough to leave running all the time.
nice! Quick question. Before you add the MAC address of your phone etc. to your config file, because your DHCP is unable to assign an IP, does that mean that you cannot connect to the internet? I wonder whether this will cause a pain every time you have a guest over, and they want to use the wifi.. (for home networks). Thanks!
Yes, that's correct. The setup used in the video is specifically configured for tightly controlling who gets on your network. Of course, you don't have to set it up that way, but that was the focus of this video.
@@carpienet interesting thanks for clearing that up! I suppose it can be a great feature when you want to avoid wifi pirates haha. I however live with a few people who are not technically inclined, so I don't want to be a nuisance lol
:) Understood. If you still want to take advantage of having a few machines named and/or statically assigned but everyone else dynamically assigned, you can remove the `static` option from the `dhcp-range` config line. dnsmasq will honor the static assignments but still give out dynamic assignments to unknown devices.
@@carpienet ah great, thanks for the tip!
Would it be possible to set DNS up in Libvirt? Like dedicated DNS for host and guests only.
I'm not sure I understand the question, as I haven't used libvirt directly. The DNS service here as presented would be for your host and guests only as long the DNS port isn't presented to the outside world through your router. Are you asking if you could run the setup in a virtual machine? I would think you could as long as the VM has a routable IP on your network and exposes the DNS port.
@@carpienet Ok. Trying to get this done. No luck for now. Making some mistake which i don't see. I think its related to how NAT bridges work.
Anyway, thank you for sharing. Will get my first Pi this evening. :)
@@Oswee Congratulations on your first PI! They are wonderful machines.
is it possible dhcp server give device ip address by device's hostname?
Although I haven't done this, I believe it is. I think all you have to do is leave out the MAC address in the `dhcp-host` entry. Just put in the name and the desired IP address. If the client makes a DHCP request with the specific hostname, it should get the IP address you set.
Can you expand on this to add fully qualified domains? Awesome tutorial!
Thanks! If you add the option "domain=home.lan" ("home.lan" could be any domain you want) to the config file, you will have fully qualified domain names. In that case, dnsmasq will give you the correct address when you reference "thedoctor.home.lan" or, still, just "thedoctor". The accompanying article on my website (carpie.net/articles/setting-up-a-home-network-dhcp-dns-server-with-dnsmasq) does this.
wow, this is the best comment ever!!! thanks!
Great tutorial and really easy to follow. However, I have a strange problem. I can ping devices by name from my pi and even my phone but NOT from my PC (running Linux Mint) or my wife's PC (running Windows 10). I just get the error "Name or service not known." Any ideas what I've done wrong? I'm sure it's something simple.
Panic over! I followed the extra steps on your website regarding /etc/hosts and everything's running perfectly now.
You are using static IPs for all the connected devices. Can we use DHCP. I mean we have a DHCP network and we want to set up dns server but not with static ip.?
Sure! You do not have to do static reservation. To do "normal" DHCP, just remove the `static` keyword out of the `dhcp-range` option and do not provide an IP address in the `dhcp-host` lines.
When I did the changes and restarted the service, the service failed.
Check /var/log/syslog to see if there are specific dnsmasq errors.
In case of DHCP mode, do we still need to disable DHCP from the router.?
Yes. Generally speaking, you only want one DHCP service on your LAN.
I install my web site in my RPi because I want to access my website via raspberrypi/mywebsite. I use my laptop (Windows 10), I can access my website without issue. However, when I use my android phone or my Ipad, I can't access my website via raspberrypi/mywebsite so is this method can resolve my issue ? all my devices are using the same networks
Yes! This method will allow any device on your local network to access other devices on the same network by the name you give them. Just make sure, once this is set up, that you disable DHCP service on your existing router/access point.
Can I block website with this? Say redirect fb.com to somewhere over the network and show a block page?
Yes, dnsmasq will serve names out of /etc/hosts, so you can put an entry in there for fb.com and point it to any IP that you want. For example, you could point it to the Pi's address and run, say nginx on the Pi to show a custom page. If you're looking to block ad sites and the like en masse , maybe check out pi-hole.net/.
@@carpienet so i still need to access the clients host file right?
No, not the client, just the Pi. Since you set up the Pi as your DNS server, if fb.com is in the Pi's /etc/hosts, dnsmasq will use that when resolving. So when your client looks up fb.com, it will make the DNS request to look up the name and the Pi will reply with what's in its /etc/hosts entry.
Oh let me try that! Thanks
What is the point of doing all this to achieve somthing your router already does for you? Why not show a tutorial where the pi's dns server assigns a local name to an ip adress already issued by the by the routers dhcp server.
The point of this particular video is strictly controlling what is allowed on your network and assigning specific addresses/names to those devices. If a device is not in your list, it is not allowed on your network. If don't need/want that level of control, then using the router's DHCP is fine. If you want the control, but don't care about the address, then just remove the `static` keyword out of the `dhcp-range` option and don't provide an IP on the host reservation line.
@@carpienet thank you, this is answering exactly the question I had as well in my mind :) if I just want a simple blocker,. It would replace pihole, right? I just would miss out caching and the nice webfrontend?
@@Dus3826 Pihole is/uses a DNS server as well. I haven't used it, but it is possible that you could do the manual host assignment with it as well using the same technique I showed here. That said, if you use this setup and want to do pihole-like DNS blocking for specific address, you can create a new file, say, `/etc/dnsmasq.d/blocked.conf`, and add entries like `address=/adsrvr.org/127.0.0.1`. This will force DNS to return a localhost address when that name is looked up and effectively block outgoing traffic to that host.
Old comment I know, but I had a use case for this recently. I was temporarily setting up a SonicWall TZ270 for a few months. SonicWalls don't do internal DNS resolution very well because (as a business-grade firewall) it expects you to have a DNS server already. So I deployed dnsmasq as a DHCP+DNS server on a first generation Raspberry Pi model B instead. It worked a treat and is so light that the Pi didn't break a sweat despite being ancient.