Today we are going to add a wildcard DNS entry to our systems DNS resolver, to allow for easy local web application development (on Ubuntu 12.04). So, if we have a project called “LeaseWebLabs” that is (or will be) hosted on http://www.leaseweb.com/labs, we might want to develop it on http://www.leaseweblabs.dev. To achieve this we need to change the DNS resolving (resolving = hostname to IP address conversion) of specific hostnames. We want to achieve that anything ending with “.dev” resolves to the IP address 127.0.0.1 (which is the localhost).
Goal: *.dev ==[resolves-to]==> 127.0.0.1
Before we go into the details, let me give you an overview of the applications involved. The applications and/or files that have a part in DNS resolving (on Ubuntu) are:
- /etc/hosts (this file is used to override the resolver)
- network-manager (the network icon on your desktop)
- dnsmasq-base (local resolver, installed by default, unconfigurable)
- dnsmasq (full configurable version that can be added manually)
- resolvconf (manages the contents of the file “/etc/resolv.conf”)
- avahi-daemon (a.k.a. ZeroConf or Bonjour, this uses .local)
- apache2 (the webserver needs to respond to the .dev hostname)
You can add “127.0.0.1 leaseweblabs.dev” to your “/etc/hosts” and the problem is solved. Easy right? This works, but it is NOT possible to have a wildcard DNS entry in the ‘hosts’ file. This means you will have to update the ‘hosts’ file for every hostname you want to use. This can be a problem when your web application works with dynamically generated subdomains. Fortunately, there is a workaround.
To understand the workaround we first need to understand how Ubuntu does DNS resolving. From version 12.04 onward, it uses the “dnsmasq-base” package to do DNS resolving, which is started by the “network-manager” service. This base version does not allow you to use a “/etc/dnsmasq.conf” file for configuring and will just serve the contents of the “/etc/hosts” file (and rules added by the network manager).
Wildcard DNS entries are possible in the dnsmasq config file “/etc/dnsmasq.conf”. The format of the wildcard entries in “/etc/dnsmasq.conf” is “address=/dev/127.0.0.1”, where “dev” is the wildcard domain (e.g. *.dev). You should try to avoid running an open resolver and add the line “listen-address=127.0.0.1” and “bind-interfaces”. Note that you should not use “.local”, since avahi-daemon is using that. You can make it work, but it will be slower, since ZeroConf (mdns) has to check your local network for devices first.
To disable the non-configurable dnsmasq-base, we can simply comment out the line “dns=dnsmasq” in “/etc/NetworkManager/NetworkManager.conf”. Next we can install the full dnsmasq using “sudo apt-get install dnsmasq”. Note that it won’t start because the old dnsmasq is still running. When you want to start using the full dnsmasq it will complain that it failed to create a listening socket, like this:
dnsmasq: failed to create listening socket: Address already in use
Now we can find the process-id of dnsmasq (base) and kill it using the word kill and the process-id.
NB: Your process-id will be different.
maurits@nuc:~$ sudo netstat -plant | grep :53 tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 3101/dnsmasq maurits@nuc:~$ sudo kill -9 3101
Now restart the dnsmasq service using “sudo service dnsmasq restart” to start the full dnsmasq without any problems. Now to make sure your connections will use your new resolver, you must make sure it is added to network connections. You do this by adding the “prepend domain-name-servers 127.0.0.1;” line to “/etc/dhcp/dhclient.conf”. After that you have to disconnect and reconnect all connections (also wired) or restart the network manager (which does the same) using “sudo service network-manager restart”. Now when you click on “Connection Information” in the network manager menu you should see that “Primary DNS” is set to “127.0.0.1”.
NB: It is important you configure Apache to respond to the new “.dev” hostname in its virtualhost configuration. In our case we changed the servername to “ServerName leaseweblabs.dev” in “/etc/apache2/sites-available/leaseweblabs”. After modifying this you need to reload apache2 with “sudo service apache2 reload”.
By default, dnsmasq will look for upstream DNS servers when resolving. To debug this solution you may want to uncomment “#log-queries” in “/etc/dnsmasq.conf” and see in real-time what is happening using “tail -f /var/log/syslog”. You can also type “cat /run/resolvconf/interface/NetworkManager” at any time, to see what effective list of resolvers is being used. To force an update of the resolver configuration you can execute “resolvconf -u”, but this is normally not needed.
Use “dig leaseweblabs.dev” or “telnet leaseweblabs.dev 80” and do the same with a public website: “dig google.com” or “telnet google.com 80”. If there are answers to the “dig” requests and telnet connects successfully, you should probably be looking at your virtual host configuration.
$ sudo nano /etc/NetworkManager/NetworkManager.conf - search for "dns=dnsmasq" - replace with "#dns=dnsmasq" $ sudo apt-get install dnsmasq $ sudo nano /etc/dnsmasq.conf - append line: "listen-address=127.0.0.1" - append line: "bind-interfaces" - append line: "address=/dev/127.0.0.1" $ sudo netstat -plant | grep :53 - look for "NUMBER/dnsmasq" $ sudo kill -9 NUMBER - fill in the number you found for "NUMBER" $ sudo service dnsmasq restart $ sudo nano /etc/dhcp/dhclient.conf - append line: "prepend domain-name-servers 127.0.0.1;" $ sudo service network-manager restart
Did you try this, but you didn’t succeed? Do you have improvements? Let me know!