My new Netgear Nighthawk X4S R7800 router surprisingly doesn't have a DNS-feature, not even with the replacement ROM from Voxel.

Furthermore, the router's DHCP feature doesn't allow for setting the DNS server to use, something even my ancient Asus RT-N56U had (but was rather slow on the other hand generally speaking...)!

Also, I've been having dns-resolution problems forever with plain vanilla installs of Ubuntu!

Anyway, after a discussion on forum, I found out it was possible to add a DNS feature to the router by way of dnsmasq.
The downside was that I'd need a USB-stick constantly attached to the router, and do some non-standard hacking as well on the firmware. And I felt the documentation was a bit lacking on how to do this.

So, the dnsmasq route got me thinking and after a brief google search, I found out how to make dnsmasq work for me.
Turns out it was quite simple...

Since I use Proxmox, I opted to create a new minimal vm to keep the service separate from all the other services I use.
The notes below assumes the vm is up and running and ready to have dnsmasq installed.

A different, and less resource consuming path would be to use a Proxmox container for this simple service. That is however another article for laters.


What is dnsmasq?

See,not%20in%20the%20global%20DNS. for more info!




Installing dnsmasq.

# apt install dnsmasq
# systemctl status dnsmasq
# systemctl enable dnsmasq
# systemctl stop dnsmasq
# systemctl start dnsmasq
# systemctl status dnsmasq
# cp /etc/dnsmasq.conf /etc/dnsmasq.conf.2020-12-27


The contents of /etc/dnsmasq.conf is usually all commented out.

With hints from various sources on the web, I added the below to end of the file.


# The address is the static IP of this server
# You can find this ip by running ifconfig and look for the
# IP of the interface which is connected to the router.

# Use open source DNS servers

# Create custom 'domains'.
# Custom 'domains' can also be added in /etc/hosts
# For testing purposes, commented when done


 After editing the conf-file, I restarted the dnsmasq daemon.

# systemctl restart dnsmasq
# systemctl status dnsmasq


The server-side setup is now done.

What remains is to tell the clients to use the DNS server, as well as any other server you might have on your LAN.

On my Kubuntu client it'd look like this. Note the DNS Servers as well as the Method fields.


DeepinScreenshot select area 20201227144742


Now pinging on name works!

# ping nfs 
PING nfs.skynet-tng.internal ( 56(84) bytes of data.
64 bytes from nfs ( icmp_seq=1 ttl=64 time=0.441 ms
64 bytes from nfs ( icmp_seq=2 ttl=64 time=0.453 ms 



Dnsmasq domains

Dnsmasq offers two ways of setting up DNS-entries.

  1. Enter them in /etc/dnsmasq.conf as address=/name/IP.



  1. Have dnsmasq use your /etc/hosts.

I opted for 2.

They way it's setup is I use a gitlab repo to keep track of a single hosts file. This is then the only place I update as needed.

The hosts file is then synced once an hour to my dnsmasq server's local repo.

From the local repo, I copy the hosts file to /etc hourly, by way of a jenkins job. It's actually a simple bash script that just copies the hosts file from the local repo to /etc.
I also make sure the owners and octal permissions are properly set, just in case.

# cat /home/sorin/git/scripts-and-stuff/common/

/usr/bin/cp -fv /home/sorin/git/scripts-and-stuff/dns/hosts /etc/hosts
/usr/bin/chown root.root /etc/hosts
/usr/bin/chown 644 /etc/hosts


And that's it!

Pinging and ssh'ing with names is finally working properly!



Further customizations

Adserver blocking with dnsmasq, as well as other customizations, can be found nicely listed on the sites under Sources below.

















Stop Spam Harvesters, Join Project Honey Pot


Get a free SSL certificate!


The leading nonprofit defending digital privacy, free speech, and innovation.


The Linux Foundation provides a neutral, trusted hub for developers and organizations to code, manage, and scale open technology projects and ecosystems.


Kubuntu is an operating system built by a worldwide community of developers, testers, supporters and translators.


 43ef5c89 CanonicalUbuntudarktext