dnsmasq as DNS cache server for NextCloudPi and Raspbian

Alright, so you already have your own NextCloudPi server ( or any other similar service ) at home. You also registered for Dynamic DNS with no-ip.org and set it up using the installer from last post.

Now you might or might not have another extra problem.

You can configure your Android or laptop sync client for NextCloud with your flashy new dynamic DNS domain, so you can access to your private cloud at home from outside, but depending on the modem-router provided by your ISP, you will find that you might not be able to access through URL from inside your house.

In this situation you

  • Can access from the street typing something like mycloud.ownyourbits.com
  • You can only access from inside your house using your local IP. Something like 192.168.0.130.

This happens because you modem-router DNS combined with the configuration of your Internet Provider is not set well enough to redirect the DNS queries that you direct towards the outside of your house back towards the inside.

If it does not work for you is because this is happening

The solution to this is to set up your own DNS server inside your house, and point all of your devices to it.

You then have the ability to configure it to direct any queries to mycloud.ownyourbits.com to 192.168.0.130 .

Your new situation would be like this

For this, we will use the dnsmasq daemon. It is a very compact little server that also has the ability to provide DHCP and more, but here we will use it as a DNS redirect server with cache.

A nice upside is that we will achieve DNS caching, so we will accelerate all the internet lookups inside our home! More on that later.

Configuration

There are two options for configuration, depending on wether you are installing it in your already set up and running Raspberry Pi ( online installation ), or if you use the NextCloudPi image. See details below, but the configuration is exactly the same.

  • DOMAIN is the URL to access from outside and inside your house. Use the same one you signed up with no-ip.org or any other DDNS provider.
  • IP is the local IP of your Raspberry Pi in your network. In my case is 192.168.0.130
  • DNSSERVER is your ISP’s DNS server preferably. If you do not know this IP try to figure out which one it is. Maybe it will show up if you write cat /etc/resolv.conf , maybe it will be on your modem-router administration URL.
  • CACHESIZE is the number of DNS URLs to keep in cache. 150 is the default, I have 1000.

If you cannot discover your ISP DNS, Google DNS ( 8.8.8.8 and 4.4.4.4 ) will always work for your, but the one provided by your ISP will always be faster, not to talk about the privacy implications of Google knowing every single URL you use.

On some modem-routers, you can set your RPi local address as the primary DNS provider. Keep your ISP DNS provider as secondary. If you can do this, no further configuration is needed.

Otherwise, you will need to configure your devices to use your Raspberry Pi’s address for DNS lookups.

For your PC, configure it in Network Manager if that is what you use, or set it up in /etc/resolv.conf like this

For your Android, you will sadly need to configure a static address. Configure your Raspberry Pi as your primary DNS provider and your ISP as your second.

Whenever you are outside of your house, the local address will have no configured route, so it will use the secondary DNS provider without any speed penalty.

Installation

Get it already made

I have included this in the latest release of my NextCloudPi, a ready to use Raspbian 8 image featuring NextCloud 11, HTTP2, PHP7 and more.

Follow the instructions provided. Once up and running, from your Raspberry Pi write

Do it yourself

First, clone the repo

Online installation through SSH

Use the generic software installer with the script dnsmasq.sh

Adjust to the IP address of your Raspberry Pi.

If you do not want to be asked for the username and password, and you changed the default password for user pi, you can specify username and/or password in the command line.

Offline installation

You can do this process offline using QEMU.

Extract the SD card and copy the image to your computer (adjust sdx).

Then,

Once done, you can copy it back (adjust sdx).

Usage

In order to check that it works, you can use the dig utility from the bind-tools package.

Try it out with any URL

You can verify that the query went through your dnsmasq server in 192.168.0.130  and took 38 milliseconds.

You can also see that because the query was not cached, your RPi had to ask your ISP provider for the IP address associated with this URL.

Let’s do the same query a second time

This time the query is cached, so our RPi will answer directly with the IP associated to the URL, and it will be way faster, we went down to 0 milliseconds!

Rich content websites can be constantly querying different URLs and a single website can be loaded by the combination of many HTTP requests. In this cases, the performance benefit of having cached DNS results will be more noticeable.

Extras

If you would like to provide a URL for a particular IP in your local network, you can specify this in two ways.

  • dnsmasq can read the contents of /etc/hosts  in your Raspberry Pi, so just by adding entries there, those URLs will be available in you local network.

  • you can also specify the DNS rule in /etc/dnsmasq.conf using a line like this

This behaviour can be modified by other configuration parameters in /etc/dnsmasq.conf.

You can also set up dnsmasq as a local DNS cache for your computer. The main configuration options to change in /etc/dnsmasq.conf  are

Code

github

References

 

https://wiki.archlinux.org/index.php/dnsmasq

https://www.g-loaded.eu/2010/09/18/caching-nameserver-using-dnsmasq/

Humbly sharing things that I find useful [ github | gist ]