Set up DNS forwarding with dnsmasq¶
Here you will install and configure dnsmasq as a DNS forwarder, used to
resolve all your custom top-level domains to
127.0.0.1. With it, you
won’t need to update
/etc/hosts file to add new host names as they
will be dynamically resolved.
Installation on Ubuntu is a little bit tricky, since
systemd-resolved does not play very well with
when configured with
dnsmasq. The following steps will enable proper
configuration so that
dnsmasq gets started from
and that network connectivity changes are handled transparently.
First we need to install
sudo apt install dnsmasq
After installation, you will get an error message that the process cannot start, like this:
Job for dnsmasq.service failed because the control process exited with error code.
See "systemctl status dnsmasq.service" and "journalctl -xe" for details.
This is happening because
systemd-resolved is already listening on
that port. Ignore this for now. Next, enable
sudo vi /etc/NetworkManager/NetworkManager.conf
dnsmasq in the
[main] section so that it looks
And then execute the following command to let
sudo rm /etc/resolv.conf ; sudo ln -s /var/run/NetworkManager/resolv.conf /etc/resolv.conf
Finally, restart the NetworkManager:
sudo systemctl reload NetworkManager
Note: if you want to revert to
/etc/resolv.conf points to
2.1 Update configuration file¶
Edit configuration file
/etc/NetworkManager/dnsmasq.d/dnsmasq.conf and replace the
existing configuration with the following content:
If the file does not exist in the directory you need to create it.
Default configuration will still be available for reference in
On Ubuntu this process will be started automatically in the future and it’s enabled to start after a reboot by default.
But for now you need to restart NetworkManager for config to be loaded
If you need to start/stop or enable/disable it, use
sudo systemctl start NetworkManager
sudo systemctl stop NetworkManager
sudo systemctl is-enabled NetworkManager
sudo systemctl enable NetworkManager
sudo systemctl disable NetworkManager
Test resolving by pinging a bogus domain on your custom top-level domain.
Execute on the command line:
You should get a response from
PING asdfghjkl.sf (127.0.0.1): 56 data bytes
64 bytes from 127.0.0.1: icmp_seq=0 ttl=64 time=0.028 ms
64 bytes from 127.0.0.1: icmp_seq=1 ttl=64 time=0.045 ms
64 bytes from 127.0.0.1: icmp_seq=2 ttl=64 time=0.130 ms
--- asdfghjkl.sf ping statistics ---
3 packets transmitted, 3 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 0.028/0.068/0.130/0.045 ms
If you received output similar to the above, it means dnsmasq is correctly configured for the given domain. Successfully test all configured top-level domains, and you’re finished with this part of the setup.