This article will show to configure a simple lightweight local DNS with DNSMASQ in Oracle Linux 7.
This is handy for a small private network and quite useful for a oracle homelab, especially to resolv hostname and domain name.
In this article, you'll need ...
... Oracle Linux 7 installed (see oel7 installation here)
... root access is needed
Install dnsmasq
# install dnsmasq
[root]$ yum install dnsmasq -y
# make dnsmasq start a automatically on reboot
[root]$ systemctl enable dnsmasq
# start dnsmasq
[root]$ systemctl start dnsmasq
Configure dnsmasq
we are going to configure dnsmasq for the following hostname oralab01.uxora.com
As root, use the following commands:
# make sure your hostname is configured
[root]$ cat /etc/hostname
oralab01.uxora.com
# create listen-uxora.com
[root]$ echo bind-interfaces > /etc/dnsmasq.d/listen-uxora.com
# add listening address
[root]$ echo $( echo 127.0.0.1 && hostname -I 2>/dev/null ) | xargs -d" " -I{} echo listen-address={} >> /etc/dnsmasq.d/listen-uxora.com
# add domain information
[root]$ echo "uxora.com" | xargs -I{} echo "local=/{}/ domain={}" | tr ' ' '\n' >> /etc/dnsmasq.d/listen-uxora.com
# configure networkmanager to generate the right /etc/resolv.conf
[root]$ nmcli con mod eth0 ipv4.dns 127.0.0.1 ipv4.dns-search uxora.com
[root]$ nmcli con mod eth0 connection.autoconnect no
[root]$ nmcli con up eth0
# OLD method (keep for archive)
#[root]$ ls /etc/sysconfig/network-scripts/ifcfg-eth* | xargs -I{} echo "cat {} | \
#grep -v -e ^PEERDNS -e ^DOMAIN -e ^DNS > /tmp/ifcfg.tmp; \
#echo PEERDNS=no DNS1=127.0.0.1 DOMAIN=uxora.com | tr ' ' '\n' >> /tmp/ifcfg.tmp; \
#cat /tmp/ifcfg.tmp > {} && rm /tmp/ifcfg.tmp;" | sh
# restart eth0
[root]$ ifdown eth0 && ifup eth0
Device 'eth0' successfully disconnected.
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/11)
# check /etc/resolv.conf
[root]$ cat /etc/resolv.conf
# Generated by NetworkManager
search uxora.com
nameserver 127.0.0.1
If you need to add more nameservers, do as below.
# add/change this line in /etc/dnsmasq.conf
[root]$ echo "resolv-file=/etc/resolv.dnsmasq.conf" >> /etc/dnsmasq.d/listen-uxora.com
# create /etc/resolv.dnsmasq.conf with nameservers
[root]$ cat >> /etc/resolv.dnsmasq.conf <<-_EOF_
# Google's nameservers, for example
nameserver 8.8.8.8
nameserver 8.8.4.4
_EOF_
Then simply add entries to /etc/hosts file to make dnsmasq to resolve hostname
# add/change entries in /etc/hosts
[root]$ cat /etc/hosts
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
# PUBLIC
192.168.0.31 oralab01 oralab01.uxora.com
192.168.0.32 oralab02 oralab02.uxora.com
# VIRTUAL
192.168.0.131 oralab01-vip oralab01-vip.uxora.com
192.168.0.132 oralab02-vip oralab02-vip.uxora.com
# SCAN
192.168.0.231 oralab-scan oralab-scan.uxora.com
192.168.0.232 oralab-scan oralab-scan.uxora.com
192.168.0.233 oralab-scan oralab-scan.uxora.com
# restart dnsmasq
[root]$ systemctl restart dnsmasq
Firewall
If you are using the Linux firewall, you need to open port 53 specifically.
For the iptables firewall, use the following commands.
[root]$ iptables -I INPUT -p tcp --dport 53 -j ACCEPT
[root]$ iptables -I INPUT -p udp --dport 53 -j ACCEPT
[root]$ service iptables save
For the firewalld firewall, use the following commands to open the port for the current runtime and permanently to persist through reboots.
[root]$ firewall-cmd --zone=public --add-port=53/tcp
[root]$ firewall-cmd --zone=public --add-port=53/udp
[root]$ firewall-cmd --permanent --zone=public --add-port=53/tcp
[root]$ firewall-cmd --permanent --zone=public --add-port=53/udp
Please leave comments and suggestions,
Michel.
Enjoyed this article? Please like it or share it.
Please connect with one of social login below (or fill up name and email)