Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks. Supported platforms include Linux (with glibc and uclibc), Android, *BSD, and Mac OS X. Dnsmasq is included in most Linux distributions and the ports systems of FreeBSD, OpenBSD and NetBSD. Dnsmasq provides full IPv6 support.
Wildcard DNS record
A wildcard DNS record is a record in a DNS zone that will match requests for non-existent domain names. A wildcard DNS record is specified by using a "*" as the leftmost label (part) of a domain name, e.g. *.example.com. The exact rules for when a wild card will match are specified in RFC 1034, but the rules are neither intuitive nor clearly specified. This has resulted in incompatible implementations and unexpected results when they are used.
Run command in terminal
$ ruby -e "$(curl -fsSL https://raw.github.com/Homebrew/homebrew/go/install)"
Install Dnsmasq via brew
$ brew install dnsmasq
After install, create
etc folder in
/usr/local/ path, then copy and rename
$ sudo cp /usr/local/opt/dnsmasq/dnsmasq.conf.example /usr/local/etc/dnsmasq.conf
$ sudo touch /usr/local/etc/resolv.dnsmasq.conf
Use your favorite text editor to edit the resolv.dnsmasq.conf file
$ sudo subl /usr/local/etc/resolv.dnsmasq.conf
Add your favorite DNS address, you can add more, such as OpenDNS, like this
nameserver 188.8.131.52 nameserver 184.108.40.206 nameserver 220.127.116.11 nameserver 18.104.22.168
dnsmasq.conf file, add following code
resolv-file=/usr/local/etc/resolv.dnsmasq.conf strict-order no-hosts cache-size=32768 listen-address=127.0.0.1
Note: that's possible that more than one listen-address behind the IP separated by a comma, for example, you write the
listen-address=127.0.0.1,192.168.1.102, 192.168.1.102 is your computer IP address in current network, you can achieve the same equipment within a local area network by setting the DNS for the IP, to achieve through your dnsmasq to query dns, ie a LAN WildCard DNS Record.
To start automatically and run Dnsmasq, running in a Terminal
$ sudo cp -fv /usr/local/opt/dnsmasq/*.plist /Library/LaunchDaemons $ sudo launchctl load /Library/LaunchDaemons/homebrew.mxcl.dnsmasq.plist
Now, you can set you Mac DNS to 127.0.0.1 to use Dnsmasq. With LAN users can also modify the DNS IP to connect this Mac. This premise is to set this Mac IP in listen-address.
If you're using Ubuntu server, the default firewall configuration tool for Ubuntu is ufw. Anyway for anyone that is wondering, to allow a DHCP server to work through ufw, after enabling ufw on the same computer as is running the DHCP server, by running:
$ sudo ufw enable
all you need to do is:
$ sudo ufw allow bootps
Also if you are using dnsmasq like me and you want the same computer to work as a dns forwarder, you will want to run:
$ sudo ufw allow domain
To check the operation, you can run following command in a terminal to check whether you are using the local dns Dnsmasq were parsed.
$ dig g.cn
Dnsmasq Wildcard DNS Record
We just installed the dnsmasq, now configure Wildcard DNS record. To add rules, only additional content to file in
Dnsmasq Wildcard DNS Record Rules like this
This means, *. google.com/* will be directed to the IP of 22.214.171.124.
Google Wildcard DNS Record Service
Let's add the Wildcard DNS record rules apply to most Google services.
First need to find an available IP. It is best servers in the United States, this will ensure that most of the services available.
Known Google's IP is available in China is 126.96.36.199
Add following rules in
address=/google.com/188.8.131.52 address=/googleapis.com/184.108.40.206 address=/googlevideo.com/220.127.116.11 address=/google.com.hk/18.104.22.168 address=/youtube.com/22.214.171.124 address=/ytimg.com/126.96.36.199 address=/ggpht.com/188.8.131.52 address=/googleusercontent.com/184.108.40.206
Restart Dnsmasq Service
$ sudo launchctl stop homebrew.mxcl.dnsmasq $ sudo launchctl start homebrew.mxcl.dnsmasq
Flush Local DNS Cache
OS X 10.10
$ sudo discoveryutil udnsflushcaches
OS X 10.9
dscacheutil -flushcache; sudo killall -HUP mDNSResponder
OS X 10.7 – 10.8
$ sudo killall -HUP mDNSResponder
OS X 10.5 – 10.6
$ sudo dscacheutil -flushcache
$ ipconfig /flushdns
Linux (depending on what you’re running)
/etc/init.d/named restart /etc/init.d/nscd restart
If you're using Google Chrome browser, visit
chrome://net-internals/#dns to cleanup cache.
Install Dnsmasq on Ubuntu
$ sudo apt-get install dnsmasq
$ sudo vim /etc/dnsmasq.conf
conf-dir=/etc/dnsmasq.d, and create
dnsmasq.conf file in
/etc/dnsmasq.d folder, then edit it.
$ sudo vim /etc/dnsmasq.d/dnsmasq.conf
Start Dnsmasq Service
$ sudo service dnsmasq start