DIY project: How to use Raspberry Pi to build DNS server?
4 min readDIY project: How to use Raspberry Pi to build DNS server?
DIY project: How to use Raspberry Pi to build DNS server?
Self-built DNS server can avoid DNS hijacking by ISP and speed up network access to a certain extent. In addition, after customizing some configurations, ad blocking and other functions can be realized. Here we use dnsmasq on the Raspberry Pi to build such a DNS server.
Install dnsmasq
sudo apt-get install dnsmasq
Configure dnsmasq
First back up the original configuration file, the command line is as follows:
sudo cp /etc/dnsmasq.conf /etc/dnsmasq.conf.bak
Then edit the configuration file, the command line is as follows:
sudo vi /etc/dnsmasq.conf
Here, we first press esc to enter the command mode, then use the shortcut key yddG to clear the file, then use i to enter the insert mode, ctrl+v to paste the following configuration content, press esc after pasting is complete, and finally use :wq to save the file:
resolv-file=/etc/my_dns.conf
strict-order
cache-size=10000
listen-address=127.0.0.1,192.168.1.37
address=/pi.com/192.168.1.37
Which 192.168.1.37is the Raspberry Pi LAN ip, address=/pi.com/192.168.1.37in order to test the rules and raspberry come to the site to resolve pi.com.
Other explanations:
-
resolve-file: Define the upstream DNS server of dnsmasq, the default is /etc/resolv.conf. But resolv.conf will be reset by the system every time the Raspberry Pi restarts, so we specify the resolve-file file
-
strict-order: Means to perform DNS resolution from top to bottom in strict accordance with the order in the resolv-file file
-
listen-address: Define the address that dnsmasq listens to. The default is to monitor all network cards of the machine. In order to use other devices on the LAN, you need to add the LAN ip of the Raspberry Pi
-
cache-size: the number of caches
-
address: The ip address for custom domain name resolution, take the domain name pi.com as an example. It can also be configured in other files, and the configuration file can be placed in /etc/dnsmasq.d/. For example, you can create a new file test.conf under /etc/dnsmasq.d/, add this rule, and the effect is equivalent
Edit my_dns.conf, the command line is as follows:
sudo nano /etc/my_dns.conf
Paste the following content:
nameserver 127.0.0.1
nameserver 119.29.29.29
nameserver 182.254.116.116
ctrl+o to save, then press Enter to confirm, then ctrl+x to exit.
Note, major dns (DNSpod recommended):
Google DNS:
8.8.8.8
8.8.4.4
Cloudflare DNS:
1.1.1.1
1.0.0.1
DNSpode:
119.29.29.29
182.254.116.116
Ad blocking and other configuration
dnsmasq will first detect the hosts file and parse the ip through it. We can modify the Raspberry Pi hosts file to achieve the need for blocking advertisements and other requirements.
Create a hosts folder in the user directory (/home/pi), place a hosts.sh script in the folder, and modify the file permissions:
cd ~
mkdir hosts
cd hosts
touch hosts.sh
sudo chmod 777 hosts.sh
After editing the file, the command line is as follows:
nano hosts.sh
Paste the following content:
#!/bin/sh
cd /home/pi/hosts/
echo “***download g hosts file***”
wget –no-check-certificate https://raw.githubusercontent.com/googlehosts/hosts/master/hosts-files/hosts -O hosts_g.txt;
echo “***download ad hosts file***”
wget –no-check-certificate https://raw.githubusercontent.com/vokins/yhosts/master/hosts -O hosts_ad.txt;
echo “***merge hosts file***”
cat hosts_g.txt hosts_ad.txt > hosts.txt
echo “***copy hosts file***”
sudo cp hosts.txt /etc/hosts
echo “***hosts file update done”
ctrl+o to save, then press Enter to confirm, then ctrl+x to exit.
Run it after editing, the command line is as follows:
sudo sh hosts.sh
Set the timing to execute the update hosts script, the command line is as follows:
sudo crontab -e
Add the following content to the end of the file (executed once every day at 3:30):
30 3 * * * sh /home/pi/hosts/hosts.sh
Restart dnsmasq
sudo service dnsmasq restart
View dnsmasq status
sudo service dnsmasq status
View network status
You can use dig to check the relevant URL to test whether dns is effective.
If dnsutils is not installed, install it through the following command:
sudo apt-get install dnsutils
Then you can simply test through the following command line:
dig pi.com
Use DNS on other devices
It can be set individually only on the device, as follows:
macOS:
Open network settings-advanced-dns and configure it as Raspberry Pi ip.
Windows:
Control Panel-Network and Internet items-View network status and tasks-Change adapter settings-Right-click the local connection being used-Properties-Double-click Internet Protocol 4 (TCP/IPV4), and fill in the content to the relevant section.
Here, it is recommended to configure the router, that is, configure the DNS of the router’s LAN port as the Raspberry Pi ip, so that there is no need to configure the device separately.
For example: ASUS router (RT-AC68U), set the internal network-DHCP server-DNS Server 1 to the Raspberry Pi ip, then apply it, other devices are similar.
