One of my friend recently send me an email. It reads as follows:

“…My DSL service providers DNS server seems to be little slow, they have two servers it takes little time (some time upto 2 seconds) to resolve a domain name, once domain resolved, browsing speed remains the same, what should I do to improve DNS performance?….”

The answer is use a DNS proxy i.e. Dnsmasq. It is a a lightweight, easy to configure DNS forwarder and optional DHCP server. Dnsmasq is targeted at home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection but would be a good choice for any small network where low resource use and ease of configuration are important. The main use of the DNS proxy is to increase speed. Generally all computer send their request to ISP’s DNS servers. But with DNS proxy request are cached. It stands between your local system and firewall server. Here is our sample network setup, are all desktop system, is our Linux firewall server:

Laptop | Desktop --> Linux Server --> ADSL Modem/Router
                   Firewall -> Dynamic or                          Static IP assign                          by ISP

Login to your Linux firewall server and install Dnsmasq .

Step # 1 : Install Dnsmasq (Debian Linux)

# apt-get install dnsmasq

Fedora/Redhat/Centos user, use yum command to install dnsmasq:

# yum install dnsmasq

RedHat Linux user use rpm/up2date command to install it:

# up2date -i dnsmasq

Step # 2 Configure Dnsmasq

To be frank you don’t have to change a single line in /etc/dnsmasq.conf. However you need to setup as dns server name in /etc/resolve.conf file:

# vi /etc/resolve.conf


Replace with your actual ISP DNS server IPS. The dnsmasq should read the list of ISP nameservers from the automatically /etc/resolv.conf. You should list as the first nameserver address in /etc/resolv.conf. So local desktop clients always gets cached queries.

Step # 3 Restart/start Dnsmasq

# /etc/init.d/dnsmasq start

Step # 4 Update DNS server IPS for all desktop systems

Point your windows XP or Linux Desktop client to IP of Linux firewall server i.e. (see above network diagram)

It is easy to use Dnsmasq rather than setting up caching BIND server. But hold on it has some cool usage too. You can add domains which you want to force to specific IP address. For example, displays ugly adds on many sites, just send this server it to our (i.e. your local server ). Just open a file /etc/dnsmasq.conf and add following line to it:

Restart Dnsmasq and make sure you runs local webserver at with some default page. Read the Dnsmasq man page and docs for more information.

🐧 Get the latest tutorials on Linux, Open Source & DevOps via RSS feed or Weekly email newsletter.

🐧 7 comments so far... add one

CategoryList of Unix and Linux commands
Disk space analyzersdf ncdu pydf
File Managementcat cp mkdir tree
FirewallAlpine Awall CentOS 8 OpenSUSE RHEL 8 Ubuntu 16.04 Ubuntu 18.04 Ubuntu 20.04
Network UtilitiesNetHogs dig host ip nmap
OpenVPNCentOS 7 CentOS 8 Debian 10 Debian 8/9 Ubuntu 18.04 Ubuntu 20.04
Package Managerapk apt
Processes Managementbg chroot cron disown fg jobs killall kill pidof pstree pwdx time
Searchinggrep whereis which
User Informationgroups id lastcomm last lid/libuser-lid logname members users whoami who w
WireGuard VPNAlpine CentOS 8 Debian 10 Firewall Ubuntu 20.04
7 comments… add one
  • Anonymous Oct 21, 2005 @ 19:05

    I know this post is stale, but I just stumbled upon it. But anyway, wow, that makes a really big difference. All this time I had no idea that so much of my time was wasted on DNS lookups.

  • irc0x00 Aug 25, 2008 @ 6:35

    Great post! exactly what i was looking for. Setting up BIND cache server is too much of a hassle, and in my experience eats up more system resources.

  • irc0x00 Jul 17, 2009 @ 13:43

    Me again! :p just wanna add a note – those who want to set up a caching DNS server i.e DNS cache will be persistent (even after reboot) might wanna look into pdnsd (it also has a dhcp and tftp? server inbuilt). Pdnsd is just as easy to configure and probably has more options – and the best part, persistent DNS caches 😀

  • Gunasekaran Mani Oct 21, 2009 @ 20:54

    Could you send a email to me on All GLOBAL DNS address of All ISP’s in US and Australia

  • Larry Mar 19, 2010 @ 11:18

    Is it possible to make system to show dialog on KDE/Gnome desktop before shutdown? So it would be possible to cancel shutdown process or give it delay which after it will try shutdown next time.

  • Ade Jan 8, 2012 @ 11:56

    Thanks, giving it a try.

  • Jack Mar 19, 2012 @ 21:48

    I would be very careful of using doubleclick or google dns servers for that matter. They collect information and can cause privacy concerns.

Leave a Reply

Your email address will not be published.

Use HTML <pre>...</pre> for code samples. Still have questions? Post it on our forum