Ddwrt dnsmasq caching dns server

This post will explain ddwrt dnsmasq caching dns server configuration

Using a ddwrt dnsmasq caching dns server lets machines in your LAN resolve DNS from a machine inside your local network, ultimately reducing the time to resolve an IP address from a domain name. If there is a result in your LAN’s dns cache then it is served from inside your LAN, if a result is not available, then the DNS caching machine will query an external DNS service and store the result so that it is available inside your LAN.

This tutorial will show you how to setup 3 things with dnsmasq on dd-wrt
– local dns caching server
– local domain resolution
– blocking malicious hosts using someonewhocares.org hosts file

ssh into your dd-wrt


    wget http://someonewhocares.org/hosts/hosts -O /opt/hosts.nuke

setup > basic

local dns 0.0.0.0
use dnsmasq for dns > on

static dns 1 > 8.8.8.8 (or any other dns server)
static dns 2 > 8.8.4.4 (or any other dns server)

services > services > dhcp

used domain > LAN & WLAN

services > services > dnsmasq

dnsmasq on
localdns on
no dns rebind on
strict order on
add mac to dns off

other
address=/dev/192.168.0.115
address=/gitlab.dev/192.168.0.116
address=/gitlabci.dev/192.168.0.117
addn-hosts=/opt/hosts.nuke

etc

you will now be able to get local access to whatever.dev inside your local network and your dd-wrt will also block malicious hosts for all users in your LAN – you have a ddwrt dnsmasq caching dns server!

You might also want to set up a cron job on the router to download the latest list from soneonewhocares.org, for example once a week. To enable this, you should add a cron job in admin > administration > cron


0 4 * * 0 wget http://someonewhocares.org/hosts/hosts -O /opt/hosts.nuke

using the above code would trigger a cron job at 4:00 am every Sunday. This will keep you up to date when new hosts are added to the block list and will automatically block them once added to your router.

Sources: http://someonewhocares.org/hosts/hosts

Leave a Reply