SETTING UP A RASPBERRY PI AS A DHCP AND DNS SERVER

dnsmasq:

  1. If dnsmasq is used as dhcp server, the local hostnames are automatically added “on the fly” to its dns cache. No need for an additional daemon.
  2. Dnsmasq is easier to install, and administrate than ISC dhcp-server+bind
  3. Its lease file is much easier to parse if need arises.
  4. Dnsmasq takes up less memory and CPU than ISC dhcp-server + Bind (approx. 10 times less)
  5. Dnsmasq does not bypass the kernel firewall rules like ISC daemon allegedly does in some configurations.

There is a package for the Pi and so you can install it in the usual way using apt-get.

  • DNS forwarding and cache – You still use your existing DNS (be it your ISP’s DNS, Google public DNS, or OpenDNS) for accessing the Internet. In theory, the caching it provides could increase performance, though I don’t have any expectations about that.
  • DNS for static IPs – Define domain names for devices with static IPs on your network.
  • DHCP – General DHCP provider.
  • DNS for DHCP clients – For any client that leases an IP from dnsmasq, it will also provide a domain name to that IP. Essentially your own internal dynamic DNS.

PICKING INTERNAL DOMAIN NAMES

I started out planning to pick some TLD not used by ICANN (e.g. .local or .home) for my internal domains. Most posts I read on this subject recommended against that in case ICANN decided to use it in the future. Honestly, I don’t expect that to be an issue, but I followed their advice anyway.

The recommendation was to stick with a domain you already own and designate a subdomain for all of your internal hosts to be assigned under. For example, if you own mydomain.com, you could designate lan.mydomain.com to be the root for all of your internal domains. A device might then be assigned mydevice.lan.mydomain.com. Gets a little wordy, but at least the namespace is safe.

Step 1

At the Pi command line use apt-get update to download any package updates and then write the changes to the local package cache.

sudo apt-get update

sudo apt-get upgrade

Step 2

In newer Raspian versions, interface configuration is handled by dhcpcd by default. We need to tell it to ignore wlan0, as we will be configuring it with a static IP address elsewhere. So open up the dhcpcd configuration file with:

sudo vi /etc/dhcpcd.conf

and add the following line to the bottom of the file:

denyinterfaces wlan0  

Note: This must be ABOVE any interface lines you may have added (if you have added any)!

Restart the service and check is all running:

sudo service dhcpcd restart
sudo service dhcpcd status

Step 2

Install the server software.

sudo apt-get install dnsmasq

 Step 3

The next step is to modify the configuration file to suit your requirements.  This configures how the DNS server and the DHCP provider should behave. I’ll discuss the main options I used, but the example configuration file provided with the install has good documentation.

sudo mv /etc/dnsmasq.conf /etc/dnsmasq.conf.orig  
sudo vi /etc/dnsmasq.conf  

Paste the following into the new file:

# Use interface wlan0 interface=wlan0 # Explicitly specify the address to listen on listen-address=192.168.77.254 # Bind to the interface to make sure we aren't sending things elsewhere bind-interfaces # don't forward unqualified names (e.g. myserver) domain-needed # won't forward some non-routed addresses bogus-priv # won't forward requests for the intranet subdomain local=/nissan.hfcs.local/ # Assign IP addresses between 192.168.77.50 and 192.168.77.150 # with a 12 hour lease time dhcp-range=192.168.77.50,192.168.77.150,12h # Forward DNS requests to the local DNS and then Google DNS server=172.16.77.254 server=8.8.8.8 server=8.8.4.4 # append the domain (below) to all hosts domain=nissan.hfcs.local # Use the /etc/ethers file to specify static mappings read-ethers

Save the changes.

Step 4

/ETC/RESOLV.CONF

This shouldnt need to be touched as it should get the details by DHCP from the local LAN.  Mine is:

# Generated by resolvconf
domain hfcs.local
nameserver 127.0.0.1

Step 5

/ETC/HOSTS

You’ll want to leave the existing contents, but add the host names for any of your devices using static IPs. You do not need every device listed in here, just the ones you want to be addressable via a domain name.

Format is <IP> <host name>, and the host name should only be the lowest level qualifier of the host (not the full domain name). For example, if you want a device to be mydevice.lan.mydomain.com, only specify mydevice.

192.168.1.301 mynas
192.168.1.302 webserver

Step 6

/ETC/ETHERS

This is only needed if you have a few devices you want to assign static IPs to, but can’t or don’t want to configure the static IP on the devices themselves.

This is simply a <MAC> <IP> formatted file, with one mapping per line, for example:

00:00:00:00:00:00 192.168.0.200
00:00:00:00:00:01 192.168.0.201

Finishing up!

Run the following command

sudo service dnsmasq start

you can always check the status of the DHCP server with

sudo service dnsmasq status

To start the daemon services. Verify that they start successfully (no ‘failure’ or ‘errors’)
Then to make it so it runs every time on boot

sudo update-rc.d dnsmasq enable