0

When investigating how the DNS setup of my OS (Ubuntu 12.04) works, I came to some questions I could not really find on the web.

So what I observed was, that Ubuntu uses dnsmasq as a DNS resolver. When loooking into /etc/resolv.conf, 127.0.1.1 is listed as nameserver.

So the question here is, if dnsmasq is just used as a resolver and the resolver normally looks into /etc/resolv.conf to get the IP of the nameserver, how does this make sense?

It would only make sense if dnsmasq was used as a local DNS server, meaning that the actual OS's resolver would send all DNS queries to the local dnsmasq listening on port 53.

Improve this question
1

1 Answer 1

Reset to default
1

If you read loads of docs dnsmasq makes a lot of sense.

Everything asks the local port 53 for name resolution so it means it's effectively a local dns proxy. Then when you configure your system DNS it finds external query information.

You don't configure dnsmasq in /etc/resolv.conf. There is something like 3 or 5 files to configure to populate resolv.conf dynamically at run-time.

Check the archwiki for details (it's the best resource I've found for dnsmasq configuration), but suffice it to say that dnsmasq is effectively a local dns proxy that allows you to centralize management of other apps.

Say for example you want to statically configure secure dns over SSL with TCP. You don't have to get every app to understand it. You just have to get dnsmasq to understand it. Then all apps magically understand.

I was hesitant to like dnsmasq for a while, but I now understand why it's a great idea.

Improve this answer
3
  • ah I see, that makes sense. So just to make it clear, dnsmasq is NOT the OS's actual dns resolver? Commented Jun 13, 2013 at 14:26
  • It sort of is (as far as apps can tell), but it's not as far as ultimate resolution is concerned. Commented Jun 13, 2013 at 14:29
  • hm, so if for example the browser has a dns request, the libc resolver statically sends it to 127.0.1.1(dnsmasq), and dnsmasq then sends the query to the actual dns server, right? Commented Jun 13, 2013 at 14:54

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.