How to disable DNSMASQ in ubuntu 12.04(Precise)

Sponsored Link
Dnsmasq is a lightweight server designed to provide DNS (and optionally DHCP and TFTP) services to a small-scale network. It can serve the names of local machines which are not in the global DNS. The DHCP server integrates with the DNS server and allows machines with DHCP-allocated addresses to appear in the DNS with names configured either in each host or in a central configuration file. Dnsmasq supports static and dynamic DHCP leases and BOOTP for network booting of diskless machines.

The developers of dnsmasq targeted home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection. But the system would function well in any small network where low resource-use and ease of configuration are important.

In ubuntu 12.04 dnsmasq is now running by default due to being hard coded into network manager.

Using dnsmasq as local resolver by default on desktop installations

That’s the second big change of this release. On a desktop install, your DNS server is going to be “127.0.0.1? which points to a NetworkManager-managed dnsmasq server.

This was done to better support split DNS for VPN users and to better handle DNS failures and fallbacks. This dnsmasq server isn’t a caching server for security reason to avoid risks related to local cache poisoning and users eavesdropping on other’s DNS queries on a multi-user system.

The big advantage is that if you connect to a VPN, instead of having all your DNS traffic be routed through the VPN like in the past, you’ll instead only send DNS queries related to the subnet and domains announced by that VPN. This is especially interesting for high latency VPN links where everything would be slowed down in the past.

As for dealing with DNS failures, dnsmasq often sends the DNS queries to more than one DNS servers (if you received multiple when establishing your connection) and will detect bogus/dead ones and simply ignore them until they start returning sensible information again. This is to compare against the libc’s way of doing DNS resolving where the state of the DNS servers can’t be saved (as it’s just a library) and so every single application has to go through the same, trying the first DNS, waiting for it to timeout, using the next one.

If you don’t want a local resolver you can turn it off DNSMASQ using the following procedure

You need to edit /etc/NetworkManager/NetworkManager.conf file

gksudo gedit /etc/NetworkManager/NetworkManager.conf

and comment out the following line from

dns=dnsmasq

to

#dns=dnsmasq

Save and exit the file

Now you need to network-manager using the following command

sudo restart network-manager

Source from here

Sponsored Link

Incoming search terms:

Related posts

5 thoughts on “How to disable DNSMASQ in ubuntu 12.04(Precise)

  1. This way does not work for me. It seems that damned dnsmasq is enabled by default… That’s a very bad idea…

    [Reply]

  2. Finally I’ve found the way to make DNS-client work pretty well. I removed the symbolic link /etc/resolv.conf (this is a symbolic link to /run/resolvconf/resolv.conf) and created true resolv.conf with it’s stuff (sudo vi /etc/resolv.conf)… Now it isn’t being updated after rebooting…

    [Reply]

  3. What about these Ubuntu scripts that reset that Dnsmasq back to defaults?….I heard about them, but I do not want Ubuntu to reset the config files after I change them.

    You paint a very rosy picture of Dnsmasq, when in truth it makes users highly vulnerable to security exploits. Dnsmasq is a HORRIBLE thing to install on a system intended for home users.

    There is an arguable case for DNSmasq in VPS servers, though that case is negated by the widely publicized and yet unpatched security exploits against it.

    There is absolutely NO good argument for it on a home network. You cannot honestly believe that the network manager, and not bloated ugly Unity, is what would weigh down a ‘Home Network’. The very idea of that is laughable to me. If your computers can run unity then they can do without Dnsmasq, and I am not even convinced that adding it improves performance or footprint at all.

    Also, it may be such that installing Dnsmasq was actually to target users of P2P services. It can be used to destroy the anonymity provided by using a virtual machine by holding all of the info in one place….In addition, it can open ports and even log, and then broadcast servers running on localhost either to your ISP or to anyone snooping from outside of your home.

    Dnsmasq should be regarded as poison to a privacy conscious user. The ONLY time it might be a good idea to use it would be if you were paying for a VPS and you wanted the host provider to manage security instead of yourself. However, it is not even ideal for that because of how much data it shares about its network. In addition to that problem, there are well documented exploits against it that are still unpatched, and every home system and server that uses it is vulnerable.

    [Reply]

  4. Thnx . After upgrading from 11 to 12lts my internet connection on Ubuntu was not working intermittently. This was irritating as this was happening on Ubuntu only and not windows which is the second os on this machine. I finally pinpointed the problem to dnsmasq which is enabled on 12 as I never had this problem on Ubuntu 11 prior. Disabling dnsmasq by ur method seems to have solved my problem as I have not faced ny issues in my connection in a couple of hrs since disabling it.

    [Reply]

Leave a comment

Your email address will not be published. Required fields are marked *