Installing dnsmasq on FreeNas 9.1

dnsmasq is a small DNS/DHCP server.  Because of its size and ease of configuration, it’s an ideal solution for a small network.

This is one of the easiest plugins to install on Freenas

Create the jail

Create a standard jail and untick the vanilla option.  This means you can install PC-BSD PBI packages and BSD packages.

Think of a suitably descriptive name. I chose dhcp_dns so its role is immediately obvious.

I also gave it its own IP address.

Select the autostart also.

Change into the jail

You can either use the shell menu item in the FreeNas GUI to get a pop-up window.  I prefer to ssh into the FreeNas box.  See the documentation on the FreeNas site on setting up the ssh server.

[root@freenas ~]# jls
JID IP Address Hostname Path
 1   -         database /mnt/volume1/jails/database
 2   -         dhcp_dns /mnt/volume1/jails/dhcp_dns

type

jexec 2 /bin/csh

to change into the jail.  Remember to replace the “2” with the number of the jail from the list you got from the jls command.

Installing dnsmasq

I chose to use the package manager (the pkg command)

root@dhcp_dns:/#pkg search dnsmasq
dnsmasq-2.66,1
root@dhcp_dns:/#

The line in red is the name of the package that the search returned.

To install it simply type

root@dhcp_dns:/#pkg install dnsmasq

 Configuring dnsmasq

An example configuration file is found in /usr/local/etc/dnsmasq.conf.example.  I find this is useful to keep as a master copy as it’s well commented, so the main configuration file can be tidied up.

root@dhcp_dns:/ #cd /usr/local/etc
root@dhcp_dns:/usr/local/etc #cp dnsmasq.conf.example dnsmasq.conf
root@dhcp_dns:/usr/local/etc # ls dns*
  dnsmasq.conf dnsmasq.conf.example

now edit the configuration file. I’m used to using vi, which is installed as standard when you create the jail.  If you want to use another editor, then you will need to install that.

Create a local hosts file (optional)

dnsmasq will normally read from /etc/hosts.  If you’re adding/removing machines, then you will need to keep this up-to-date for  the name lookups to work. I use a separate hosts file, so that the one held in the /etc directory is always a minimal version.

Create the file/usr/local/etc/hosts and add all the machines and ip addresses that you have hard coded.  Even if you’re serving out IP addresses via DHCP to the entire network, your router will almost certainly have a hard-coded IP address. This is usually number “1” on whatever subnet that the manufacturer has set up as default.

For all the  home/small office/DSL/Cable routers I’ve come across the address defaults to either 192.168.0.1 or 192.168.1.1

So I just call this “gateway” and put the following entry in the /usr/local/etc/hosts file

# $FreeBSD: src/etc/hosts,v 1.16.34.1.2.1 2009/10/25 01:10:29 kensmith Exp $
#
# Host Database
#
# This file should contain the addresses and aliases for local 
# hosts that
# share this file. Replace 'my.domain' below with the domainname 
# of your machine.
#
# In the presence of the domain name service or NIS, this file may
# not be consulted at all; see /etc/nsswitch.conf for the 
# resolution order.
#
#
192.168.1.1 gateway gateway.localdomain

If you’ve set up you own local domain, add the correct name here also.

Check that the resolv.conf file exists

This sits in the /etc directory. This lists (in IP format) the name servers that you use to resolve internet addresses. The entries here will usually be provided by your ISP.  When dnsmasq can’t provide an answer to a DNS query it uses this file to see where to interrogate next.

Check that the lease directory exists

The leases are written to a lease file.  This won’t be big.

#mkdir -p /var/db/dnsmasq/

 Set up a basic configuration

 

domain-needed
bogus-priv
resolv-file=/etc/resolv.conf
strict-order
local=/mydomain/

except-interface=lo0
listen-address=192.168.1.3
addn-hosts=/usr/local/etc/hosts
expand-hosts
domain=/mydomain/
dhcp-range=192.168.1.150,192.168.1.180,12h
dhcp-leasefile=/var/db/dnsmasq/dnsmasq.leases
dhcp-authoritative
cache-size=250

bogus-nxdomain=64.94.110.11
bogus-nxdomain=194.168.4.100
bogus-nxdomain=194.168.8.100
bogus-nxdomain=81.200.64.50
bogus-nxdomain=67.215.65.132
  • The listen-address is the same IP address that you gave the jail when you created it
  •  the bogus-nxdomains lines were in the the example, so I left them in
  • the dhcp range can be anything in the range, but avoid any hard-coded devices
  • the dhcp-lease file is placed in the directory created above
  • replace the mydomain in the local= and domain= lines with your own domain
  • the resolv-file should point to /etc/resolv.conf (unless you’ve moved it)
  • The addn-hosts line gives the location of our own host file we created above.

Autostart dnsmasq

When the jail starts, we want dnsmasq to start automatically. The following lines just need to be added to /etc/rc.conf.

dnsmasq_enable="YES"
dnsmasq_conf="/usr/local/etc/dnsmasq.conf"

Strictly speaking, the second line doesn’t need to be there, but I like to explicitly put these in so that my rc.conf file becomes a useful bit of documentation also.

 

 

2 thoughts on “Installing dnsmasq on FreeNas 9.1

Hi - Please leave a comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.