This post will explain ddwrt dnsmasq caching dns server configuration
Using a ddwrt dnsmasq caching dns server lets machines in your LAN resolve DNS from a machine inside your local network, ultimately reducing the time to resolve an IP address from a domain name. If there is a result in your LAN’s dns cache then it is served from inside your LAN, if a result is not available, then the DNS caching machine will query an external DNS service and store the result so that it is available inside your LAN.
This tutorial will show you how to setup 3 things with dnsmasq on dd-wrt
– local dns caching server
– local domain resolution
– blocking malicious hosts using someonewhocares.org hosts file
ssh into your dd-wrt
wget http://someonewhocares.org/hosts/hosts -O /opt/hosts.nuke
setup > basic
local dns 0.0.0.0
use dnsmasq for dns > on
static dns 1 > 8.8.8.8 (or any other dns server)
static dns 2 > 8.8.4.4 (or any other dns server)
services > services > dhcp
used domain > LAN & WLAN
services > services > dnsmasq
dnsmasq on
localdns on
no dns rebind on
strict order on
add mac to dns off
other
address=/dev/192.168.0.115
address=/gitlab.dev/192.168.0.116
address=/gitlabci.dev/192.168.0.117
addn-hosts=/opt/hosts.nuke
etc
you will now be able to get local access to whatever.dev inside your local network and your dd-wrt will also block malicious hosts for all users in your LAN – you have a ddwrt dnsmasq caching dns server!
You might also want to set up a cron job on the router to download the latest list from soneonewhocares.org, for example once a week. To enable this, you should add a cron job in admin > administration > cron
0 4 * * 0 wget http://someonewhocares.org/hosts/hosts -O /opt/hosts.nuke
using the above code would trigger a cron job at 4:00 am every Sunday. This will keep you up to date when new hosts are added to the block list and will automatically block them once added to your router.
