DNSMASQ(1)                                             DNSMASQ(1)



NAME
       dnsmasq - A caching DNS forwarder.

SYNOPSIS
       dnsmasq [OPTION]...

DESCRIPTION
       dnsmasq  is  a  lightweight DNS forwarder.  It accepts DNS
       queries and either answers them from a small, local, cache
       or  forwards  them  to  a  real, recursive, DNS server. It
       loads the contents of /etc/hosts into the cache at startup
       so  that local hostnames which do not appear in the global
       DNS can be resolved. It can also  read  hostnames  from  a
       DHCP  leases file so that local hosts which have addresses
       allocated by DHCP can be named.


       dnsmasq is  lightweight  and  easy  to  configure.  It  is
       intended  as  be  run  on NAT firewalls and  provide a DNS
       service to a small LAN.

OPTIONS
       -h, --no-hosts
              Don't read the hostnames in /etc/hosts.

       -d, --no-daemon
              Debug mode, don't fork  to  the  background,  don't
              write  a  pid  file, print a complete cache dump on
              receipt on SIGUSR1.

       -v, --version
              Print the version number.

       -p, --port=<port>
              Listen on <port> instead of the standard  DNS  port
              (53). Useful mainly for debugging.

       -i, --interface=<interface name>
              Listen  only  on the specified interface. More than
              one interface may be specified. Dnsmasq always lis­
              tens  on  the  loopback (local) interface. If no -i
              flags are given, dnsmasq listens on  all  available
              interfaces.

       -b, --bogus-priv
              Bogus  private reverse lookups. All reverse lookups
              for private IP ranges  (ie  192.168.x.x,  etc)  are
              resolved to their own IP address.

       -r, --resolv-file=<file>
              Read  the  IP addresses of the upstream nameservers
              from <file>, instead of /etc/resolv.conf.  For  the
              format  of  this  file  see resolv.conf(5) the only
              lines relevant to dnsmasq are nameserver ones.

       -m, --mx-host=<mx name>
              Return an mx record named <mx name> pointing to the
              host  on  which  dnsmasq is running. This is useful
              for directing mail from systems on a LAN to a  cen­
              tral server.

       -c, --cache-size=<cachesize>
              Set the size of dnsmasq's cache. The default is 300
              names. Setting the  cache  size  to  zero  disables
              caching.

       -l, --dhcp-lease=<path>
              Read DHCP leases from the specified lease file. The
              file is of the format created by the ISC dhcp  dae­
              mon:  see dhcpd.leases(5) for details. Dnsmasq will
              re-read the file as it changes. Any host which sets
              the  "hostname"  or  "client-hostname"  option will
              have that name inserted into dnsmasq's cache.

       -s, --domain-suffix=<domain>
              Specifies the domain which hosts read from the DHCP
              leases file must have to be legal. The intention is
              to constrain hostnames so that an untrusted host on
              the LAN cannot advertise it's name via dhcp as e.g.
              "microsoft.com" and capture traffic not  meant  for
              it. If no domain suffix it specified, then any DHCP
              hostname with a domain part (ie with a period) will
              be  disallowed  and logged. If suffix is specified,
              then hostnames with a domain part are allowed, pro­
              vided  the domain part matches the suffix. In addi­
              tion, when a suffix is set then hostnames without a
              domain  part  have  the suffix added as an optional
              domain part. Eg on my network I can  set  --domain-
              suffix=thekelleys.org.uk  and  have a machine whose
              DHCP hostname is "laptop". The IP address for  that
              machine  is available from dnsmasq both as "laptop"
              and "laptop.thekelleys.org.uk".

NOTES
       When it receives a SIGHUP, dnsmasq clears  its  cache  and
       re-loads /etc/hosts.

       When  it  receives a SIGUSR1, dnsmasq writes cache statis­
       tics to the system log. It writes the cache size, the num­
       ber  of  names  which  have  had to removed from the cache
       before they expired in order to make room  for  new  names
       and  the total number of names have been inserted into the
       cache. In --no-daemon mode, a complete dump  of  the  con­
       tents of the cache is made to stdout.

       dnsmasq  checks  the modification time of /etc/resolv.conf
       (or equivalent if --resolv-file is used) and  re-reads  it
       if  it  changes.  This  allows  the  DNS servers to be set
       dynamically by PPP or DHCP. Absence of /etc/resolv.conf is
       not  an  error since it may not have been created before a
       PPP connection exists. Dnsmasq simply  keeps  checking  in
       case /etc/resolv.conf is created at any time.

       In order to configure dnsmasq to act as cache for the host
       on which it is  running,  put  "nameserver  127.0.0.1"  in
       /etc/resolv.conf   and   put   the   real  nameservers  in
       /etc/resolv.dnsmasq (or similar) then run dnsmasq with the
       -r /etc/resolv.dnsmasq option.

FILES
       /etc/resolv.conf

       /etc/hosts

       /etc/dhcp.leases

       /var/run/dnsmasq.pid

SEE ALSO
       dhcp.leases(5), hosts(5), resolver(5)

AUTHOR
       This   manual   page   was   written   by   Simon   Kelley
       <simon@thekelleys.org.uk>.





                                                       DNSMASQ(1)