Improve DNS performance for Linux / Windows desktop using DNS caching software

last updated in Categories Debian Linux, FreeBSD, Gentoo Linux, Howto, Linux, OpenBSD, RedHat/Fedora Linux, Tips, Tuning, Ubuntu Linux, UNIX

One of my friend recently send me an email. It reads as follows:


“…My DSL service providers DNS server seems to be little slow, they have two servers it takes little time (some time upto 2 seconds) to resolve a domain name, once domain resolved, browsing speed remains the same, what should I do to improve DNS performance?….”

The answer is use a DNS proxy i.e. Dnsmasq. It is a a lightweight, easy to configure DNS forwarder and optional DHCP server. Dnsmasq is targeted at home networks using NAT and connected to the internet via a modem, cable-modem or ADSL connection but would be a good choice for any small network where low resource use and ease of configuration are important. The main use of the DNS proxy is to increase speed. Generally all computer send their request to ISP’s DNS servers. But with DNS proxy request are cached. It stands between your local system and firewall server. Here is our sample network setup, are all desktop system, is our Linux firewall server:

Laptop | Desktop --> Linux Server --> ADSL Modem/Router
                   Firewall -> Dynamic or                          Static IP assign                          by ISP

Login to your Linux firewall server and install Dnsmasq .

Step # 1 : Install Dnsmasq (Debian Linux)

# apt-get install dnsmasq

Fedora/Redhat/Centos user, use yum command to install dnsmasq:

# yum install dnsmasq

RedHat Linux user use rpm/up2date command to install it:

# up2date -i dnsmasq

Step # 2 Configure Dnsmasq

To be frank you don’t have to change a single line in /etc/dnsmasq.conf. However you need to setup as dns server name in /etc/resolve.conf file:

# vi /etc/resolve.conf


Replace with your actual ISP DNS server IPS. The dnsmasq should read the list of ISP nameservers from the automatically /etc/resolv.conf. You should list as the first nameserver address in /etc/resolv.conf. So local desktop clients always gets cached queries.

Step # 3 Restart/start Dnsmasq

# /etc/init.d/dnsmasq start

Step # 4 Update DNS server IPS for all desktop systems

Point your windows XP or Linux Desktop client to IP of Linux firewall server i.e. (see above network diagram)

It is easy to use Dnsmasq rather than setting up caching BIND server. But hold on it has some cool usage too. You can add domains which you want to force to specific IP address. For example, displays ugly adds on many sites, just send this server it to our (i.e. your local server ). Just open a file /etc/dnsmasq.conf and add following line to it:

Restart Dnsmasq and make sure you runs local webserver at with some default page. Read the Dnsmasq man page and docs for more information.


Posted by: Vivek Gite

The author is the creator of nixCraft and a seasoned sysadmin, DevOps engineer, and a trainer for the Linux operating system/Unix shell scripting. Get the latest tutorials on SysAdmin, Linux/Unix and open source topics via RSS/XML feed or weekly email newsletter.

7 comment

  1. I know this post is stale, but I just stumbled upon it. But anyway, wow, that makes a really big difference. All this time I had no idea that so much of my time was wasted on DNS lookups.

  2. Great post! exactly what i was looking for. Setting up BIND cache server is too much of a hassle, and in my experience eats up more system resources.

  3. Me again! :p just wanna add a note – those who want to set up a caching DNS server i.e DNS cache will be persistent (even after reboot) might wanna look into pdnsd (it also has a dhcp and tftp? server inbuilt). Pdnsd is just as easy to configure and probably has more options – and the best part, persistent DNS caches 😀

  4. Is it possible to make system to show dialog on KDE/Gnome desktop before shutdown? So it would be possible to cancel shutdown process or give it delay which after it will try shutdown next time.

  5. I would be very careful of using doubleclick or google dns servers for that matter. They collect information and can cause privacy concerns.

    Have a question? Post it on our forum!