dnsmasq
PrevNext
My Nuxtjs thoughts for static site buildingBuildkite - First Impressions

I've been so used to BIND that seeing/reading dnsmasq for the first time it was dismissed as 'not the real thing'. In a way I was right: it wasn't designed to replace BIND. The bigger takeway was that I was wrong: it has the not-BIND features that I really needed, in a way that's so easy to manage.

DNS features

Forwarding for Consul

With Consul set up across my hosts and jails there's no need to remember IP addresses. dnsmasq extends DNS lookup into the domain name Consul uses (default: .consul) with just one config line.

server=/consul/<Consul server address>#8600

DNS blacklist

I use the host-blocklists database by simply downloading the latest list and register it again with one config line.

conf-file=/usr/local/etc/dnsmasq.d/dnsmasq.blacklist.txt

DHCP features

Nothing fancy: dnsmasq comes with a fairly configurable DHCP service I use to auto-address my jails as they get spun up. Useful features includes

  1. By-interface service restriction
  2. Static DHCP (by MAC)