How to Add dnsmasq and keep systemd-resolved (18.04 to 20.04)

network-manager dns dnsmasq systemd-resolved
20,959

Solution 1

I wanted to get fast dns resolution with dnsmasq and keep the default systemd-resolved/NetworkManager setup untouched for future use. Yes the huge dns caching of dnsmasq can improve browsing speed. Yes the goal was to keep the default featured dns setup of 18.04

  1. Install dnmasq
  2. Configure it (listen address and dns servers)
  3. Configure NetWorkManager for manual dns server address
  4. Check verify

1 - With sudo

apt-get -y install dnsmasq

2 - With sudo

tee -a /etc/dnsmasq.conf << ENDdm
interface=lo
bind-interfaces
listen-address=127.0.0.1
# DNS server from OpenDns. Use yours...
server=208.67.222.222
server=208.67.220.220
ENDdm

systemctl restart dnsmasq
systemctl enable dnsmasq

3 - With USER, configure NetworkManager

# Get NM first active profile name
NetManProfile=$(nmcli -t  connection show --active | cut -f 01 -d ':')
# remove, if exists, current dns servers
nmcli con mod "$NetManProfile" ipv4.dns ""
# set 'manual' dns server
nmcli con mod "$NetManProfile" ipv4.ignore-auto-dns yes
# set dnsmasq as manually set dns server
nmcli con mod "$NetManProfile" ipv4.dns 127.0.0.1
# i also disabled ip6, do what u want
nmcli con mod "$NetManProfile" ipv6.method ignore
# reconnect to take effect
nmcli connection down "$NetManProfile"
nmcli connection up "$NetManProfile"

4 - Check verify

  • systemd-resolved listen on 127.0.0.53 as should by default
  • dnsmasq listen on 127.0.0.1 as set in /etc/dnsmasq
  • systemd-resolved took 127.0.0.1 from NetworkManager
netstat -antup
Proto Recv-Q Send-Q Adresse locale          Adresse distante        Etat       PID/Program name    
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      1036/dnsmasq        
tcp        0      0 127.0.0.53:53           0.0.0.0:*               LISTEN      766/systemd-resolve
cat /run/systemd/resolve/resolv.conf 
nameserver 127.0.0.1

Solution 2

I have a specific use case that works great. I run dnsmasq on my LAN router (an Ubuntu server machine, with no systemd-resolved), and let the LAN machines behind the router default to vanilla systemd-resolved DNS resolution. It's all possible and works elegantly, with a few tweaks to dnsmasq:

# Make clients that request IPs use this box for DNS
dhcp-option=option:router,192.168.0.1

domain=mydomain.lan
local=/mydomain.lan/
expand-hosts

Now I can stand up a gazillion Ubuntu VMs inside my LAN and never have to fiddle with DNS any more - it just works.

The tweaks are required because systemd-resolved does not allow you to use "single-label" host names (with no dot in them), unlike dnsmasq and "classic DNS". Once you get dnsmasq to automatically extend LAN host names into FQDNs, everything is happy. This took me a LONG time to figure out, btw. These systemd-resolved issues 1 2 helped me crack the problem.

Solution 3

I tried to find a reasonable solution and looks that there are different approaches.

I wanted to stay at most within the distribution layout while keeping all business requirements fulfilled. This is what I collected around and tested to work on clean Ubuntu 18.04 and KDE Neon flavour:

# Install required package and reconfigure service plans (i.e. disablesystemd-resolved, enable dnsmasq
sudo apt-get install dnsmasq
sudo systemctl disable systemd-resolved
sudo systemctl stop systemd-resolved
sudo systemctl enable dnsmasq

# These two lines should work on most environments, but .. :-) - so I kept them commented out for less experienced users
# Just add or change 'dns=dnsmasq' to your NetworkManager.conf to the section [main]
# and yes, the sed expression can be better :-)

#sudo cp /etc/NetworkManager/NetworkManager.conf /etc/NetworkManager/NetworkManager.conf.backup
#sudo bash -c 'cat /etc/NetworkManager/NetworkManager.conf.backup |sed -e "s/^dns=.*//"| sed -e "s/\[main\]/\[main\]\ndns=dnsmasq/" >/etc/NetworkManager/NetworkManager.conf'

# Restart NetworkManager to make the change above applied
sudo systemctl restart NetworkManager

# This removes the systemd resolv.conf link only if it has NetworkManager replacement :-)
ls /var/run/NetworkManager/resolv.conf && sudo rm /etc/resolv.conf

# And add NetworkManager's resolv.conf available for the system resolver
sudo ln -s /var/run/NetworkManager/resolv.conf /etc/resolv.conf

(please note that the only general difference with the above answers is that the NetworkManager handle the dnsmasq DNS server assignments automatically

Share:
20,959

Related videos on Youtube

cmak.fr
Author by

cmak.fr

Updated on September 18, 2022

Comments

  • cmak.fr
    cmak.fr over 1 year

    I want to get fast dns resolution with dnsmasq and keep the default systemd-resolved.

    Looking for an elegant way to do this

    • Daniel
      Daniel over 5 years
      You do realize that systemd-resolved also caches DNS lookups? You don’t need dnsmasq on a system with systemd-resolved. You should read Is systemd-resolved useful?
    • cmak.fr
      cmak.fr over 5 years
      I know - But there is a very significant 'detail'... - dnsmasq as a huge dns cache - The dns cache of systemd-resolved is very smaller and can not be tuned - The dns resolution speed becomes highly improved as the huge cache of dnsmasq has been filled by requests.
    • Daniel
      Daniel over 5 years
      The default unconfigured cache in systemd-resolved is actual larger than dnsmasq.
    • Julius
      Julius over 5 years
      Actually, dnsmasq does a whole lot more than systemd-resolved; See gist.github.com/jult/4eba88bdd34a57cc79d6#gistcomment-170666‌​6 and gist.github.com/jult/4eba88bdd34a57cc79d6#file-hostsupdater-‌​sh to name but a few..
    • cmak.fr
      cmak.fr over 5 years
      @Aeyoun : by reading systemd-resolved source code, you can see that the dns cache limit of 4096 is bytes, not entries. dnsmasq has a larger -and configurable- dns cache size.
  • cmak.fr
    cmak.fr over 5 years
    I will not implement what you described. I want the default systemd-resolved remaining untouched for eventual future use of NetworkManager.
  • cmak.fr
    cmak.fr over 5 years
    works but what happen when networkmanager is upgraded with apt-get --upgrade
  • Venca B Spam
    Venca B Spam over 5 years
    To be honest I do not know. It depends what maintainer of the Ubuntu 18.04 decides. If he/she keeps the systemd-resolved service disabled and will not modify NetworkManager.conf (which is by default resolved interactively in case of conflict), then it could survive until Ubuntu 20.04 where it will be hopefully fixed.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Lost editing DNS config in Ubuntu 18.04
dnsmasq : failed to create listening socket for port 53: Address already in use
/var/run/dnsmasq/resolv.conf nameserver contents
how to setup split-dns for vpn with network-manager
NetworkManager writing to resolv.conf every reboot, breaking dnsmasq?
Why do none of my local servers resolve?
18.04: Bionic Beaver: enforce static /etc/resolv.conf
What is my DNS server?
DNS not working after upgrade 17.04 to 17.10
How to disable systemd-resolved and resolve DNS with dnsmasq?