Improve DNS performance for Linux / Windows desktop using DNS caching software

Posted on in Categories Debian Linux, FreeBSD, Gentoo Linux, Howto, Linux, OpenBSD, RedHat/Fedora Linux, Tips, Tuning, Ubuntu Linux, UNIX last updated October 6, 2005

One of my friend recently send me an email. It reads as follows:

“…My DSL service providers DNS server seems to be little slow, they have two servers it takes little time (some time upto 2 seconds) to resolve a domain name, once domain resolved, browsing speed remains the same, what should I do to improve DNS performance?….”

The answer is use a DNS proxy i.e. Dnsmasq. It is a a lightweight, easy to configure DNS forwarder and optional DHCP server. Dnsmasq is targeted at home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection but would be a good choice for any small network where low resource use and ease of configuration are important. The main use of the DNS proxy is to increase speed. Generally all computer send their request to ISP’s DNS servers. But with DNS proxy request are cached. It stands between your local system and firewall server. Here is our sample network setup, 192.168.1.1-3 are all desktop system, 192.168.1.254 is our Linux firewall server:

Laptop | Desktop --> Linux Server --> ADSL Modem/Router
                   Firewall
192.168.1.1         192.168.1.254 -> Dynamic or
192.168.1.2                          Static IP assign
192.168.1.3                          by ISP

Login to your Linux firewall server and install Dnsmasq .

Step # 1 : Install Dnsmasq (Debian Linux)

# apt-get install dnsmasq

Fedora/Redhat/Centos user, use yum command to install dnsmasq:

# yum install dnsmasq

RedHat Linux user use rpm/up2date command to install it:

# up2date -i dnsmasq

Step # 2 Configure Dnsmasq

To be frank you don’t have to change a single line in /etc/dnsmasq.conf. However you need to setup 127.0.0.1 as dns server name in /etc/resolve.conf file:

# vi /etc/resolve.conf

nameserver 127.0.0.1
nameserver 202.54.10.1
nameserver 202.54.20.1

Replace 202.54.10.1/202.54.20.1 with your actual ISP DNS server IPS. The dnsmasq should read the list of ISP nameservers from the automatically /etc/resolv.conf. You should list 127.0.0.1 as the first nameserver address in /etc/resolv.conf. So local desktop clients always gets cached queries.

Step # 3 Restart/start Dnsmasq

# /etc/init.d/dnsmasq start

Step # 4 Update DNS server IPS for all desktop systems

Point your windows XP or Linux Desktop client to IP of Linux firewall server i.e. 192.168.1.254 (see above network diagram)

It is easy to use Dnsmasq rather than setting up caching BIND server. But hold on it has some cool usage too. You can add domains which you want to force to specific IP address. For example, doubleclick.net displays ugly adds on many sites, just send this server it to our 127.0.0.1 (i.e. your local server ). Just open a file /etc/dnsmasq.conf and add following line to it:
address=/doubleclick.net/127.0.0.1

Restart Dnsmasq and make sure you runs local webserver at 127.0.0.1 with some default page. Read the Dnsmasq man page and docs for more information.

Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin and a trainer for the Linux operating system/Unix shell scripting. He has worked with global clients and in various industries, including IT, education, defense and space research, and the nonprofit sector. Follow him on Twitter, Facebook, Google+.

7 comment

  1. I know this post is stale, but I just stumbled upon it. But anyway, wow, that makes a really big difference. All this time I had no idea that so much of my time was wasted on DNS lookups.

  2. Is it possible to make system to show dialog on KDE/Gnome desktop before shutdown? So it would be possible to cancel shutdown process or give it delay which after it will try shutdown next time.

Leave a Comment