Replying to Name Servers - Dnsmasq

sten, most networks have their own DNS lookup system. There are only 13 'root servers' in the world, that are scattered around the world (with the majority in the USA). They are named a.root-servers.net through to m.root-servers.net and mostly have IP addresses starting with 192.*** (though some have 202 and 128) These would be used if you don't have a local DNS server (or one thats closer then a world server)

My Broadband Modem has a built in DNS Server (and from memory, so does the wireless router). So there is no real need to install other dns software onto the computer if the modem is going to do it for me!

You can tell where the DNS server is on your network by the first two lines that come up when you enter a nslookup command.

Server: dns-cache-2.<name-of-your-ISP>
Address: <IP-address-of-some-DNS-server-at-your-ISP>

if the server is a local name, or the address is a private ip address, then the DNS server that you are using is a local one.

Still the program is a nice simple one to use (I installed it after reading this article!) and i recommend it to anyone that wants to have their own DNS lookup service!

so does this let u make ur own dns server?
i was told theres only like 15 in the world.

In Linux, BIND is the most widely used DNS server package.
However, most people who are just starting out tend find it very difficult to deal with BIND's many options.

There is another package that few people have heard of, called dnsmasq - it's a nifty super-lightweight name server, which is very easy to configure.

But first of all, let me explain what a name server is: it's a machine that holds a database against which it's performing look-ups in order to translate host names to IP addresses. In DNS jargon, this process of translation is called "resolving".

For instance, when you type www.google.com in the address bar of your browser, your request is mapped against a list of known IP addresses for servers, and the name server returns the actual number for www.google.com - that, in a nutshell, is what a name server does.

In order to better understand the concept, please do the following experiment with me - open a command prompt and type:

nslookup www.google.com

The result should look like this:

# nslookup www.google.comServer:  dns-cache-2.<name-of-your-ISP>Address: <IP-address-of-some-DNS-server-at-your-ISP>Non-authoritative answer:Name:       www.l.google.comAddresses:  209.85.129.147, 209.85.129.99, 209.85.129.104Aliases:    www.google.com#

nslookup is this cool little network troubleshooting utility which is embedded in most operating systems nowadays, regardless whether Linux or Windows.
nslookup also works the other way around - grab one of the IP addresses from the above output and type this at the command prompt:

nslookup 209.85.129.104

The result should look like this:

# nslookup 209.85.129.104Server:  dns-cache-2.<name-of-your-ISP>Address: <IP-address-of-some-DNS-server-at-your-ISP>Name:    fk-in-f104.google.comAddress:  209.85.129.104#

One of the reasons why it's interesting to run a DNS server at home is that these host-name-IP-address pairs can be cached in order to enable faster lookups - the first time you go out to www.google.com, it has to go out there and resolve that against the IP address, but then your domestic DNS server can "save that result", and so the next computer on your home network that asks for www.google.com will find a copy of the IP address right there, handy, and so it's much quicker, so your general web experience is smoother and faster.

You can also couple this with a DHCP server, which is a server piece of software that hands out IP addresses to clients as they connect. This function may or may not be built into the firmware of your home router - most modern routers provide it.

I am not going to explain how to download and install dnsmasq, just google it - the process should be pretty straightforward.
More information about the configuration can be found here:
http://www.enterpris...cle.php/3377351

The main configuration file is /etc/dnsmasq.conf and the script to start / stop the server is /etc/init.d/dnsmasq.
The configuration file is very well commented, it really explains exactly what every single line does, so I would highly recommend going through it and really reading it.

In this context, let me first describe a very important configuration file that exists in every Linux system:
/etc/resolv.conf
This is normally where the IP addresses of your name servers are held, and one of these IP addresses will be picked by nslookup when you invoke it like I described above, it is <IP-address-of-some-DNS-server-at-your-ISP> in this case.
On the Linux server where you install dnsmasq, this file needs to contain the IP addresses that your ISP has provided to you - the real ones, so to speak.
But on all other Linux machines on your network, which act as DNS clients, this file needs to contain the IP address of the newly installed dnsmasq server on your own local network.

As you can see in the article that I linked to above, you need to prepend the string "nameserver " to every IP address which you maintain in any /etc/resolv.conf file.

As a side note, you can actually see in the system logs that, when a client requests a DNS lookup, the dnsmasq server is picking up that request and passing it along on behalf of the client.

There are a couple of other things which you can do with dnsmasq, for instance you can redirect particular "offending" domain names of advertising companies to a local IP address (127.0.0.1 localhost) in order to defeat ads. I remember from a while ago seeing that this was the topic of another discussion on astahost, but the solution was to change the hosts file on every computer on your network as opposed to doing it once for everybody.

One other thing you can do is foil SiteFinder type abusive practices. Read the article I linked above for more information on Sitefinder.