Now, couple of days back , I setup dnsmasq in NetworkManager but was astonished to see that there was no dnsmasq running. I checked with dig and saw that there was no response from localhost for dns queries. Checked “ps -eaf|grep dns” and found that there was no dnsmasq running. I knew that once you mention “dns=dnsmasq” in the NetworkManager then it should start up but that was not happening. And then I checked audit log, found that some permissions were denied by SELinux.
First check if dnsmasq is indeed having issues because of SELinux:
Dnsmasq is lightweight, easy to configure DNS forwarder and DHCP server.
It is designed to provide DNS and, optionally, DHCP, to a small network.
It can serve the names of local machines which are not in the global
DNS. The DHCP server integrates with the DNS server and allows machines
with DHCP-allocated addresses to appear in the DNS with names configured
either in each host or in a central configuration file. Dnsmasq supports
static and dynamic DHCP leases and BOOTP for network booting of diskless
and for the installation :
sudo yum install dnsmasq
So, now that it is installed, all you need to do is add the following in file: /etc/NetworkManager/NetworkManager.conf
in the main section. Restart your network manager using sysctl and you should see that command:
should show result like below:
google.com. 185 IN A 184.108.40.206
google.com. 185 IN A 220.127.116.11
google.com. 185 IN A 18.104.22.168
google.com. 185 IN A 22.214.171.124
;; Query time: 50 msec ;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Mon Jan 14 17:16:39 2013
;; MSG SIZE rcvd: 215
If it does not, then you might want to add a dispatcher to Network Manager that adds localhost to your “/etc/resolv.conf” file. And here is the name of the file – /etc/NetworkManager/dispatcher.d/localhost-prepend and the contents
# Prepend localhost to resolv.conf for dnsmasq
if [[ ! $(grep 127.0.0.1 /etc/resolv.conf) ]]; then
sed -i '1s|^|nameserver 127.0.0.1n|' /etc/resolv.conf
To help find especially undesirable DNS queries, dnstop provides a
number of filters.
dnstop can either read packets from the live capture device, or from a
Couple of days back, I realized there was too much network activity on my
system, although I was not doing anything. Fired up wireshark and to my
astonishment, there was too much of DNS traffic on the network. But the
problem was analyzing the data in wireshark and this is where dnstop came
into light. It helped me narrow down the issue within minutes and problems