Wildcard DNS in your Ubuntu hosts file using dnsmasq

Today we are going to add a wildcard DNS entry to our systems DNS resolver, to allow for easy local web application development (on Ubuntu 12.04). So, if we have a project called “LeaseWebLabs” that is (or will be) hosted on http://www.leaseweb.com/labs, we might want to develop it on http://www.leaseweblabs.dev. To achieve this we need to change the DNS resolving (resolving = hostname to IP address conversion) of specific hostnames. We want to achieve that anything ending with “.dev” resolves to the IP address 127.0.0.1 (which is the localhost).

Goal: *.dev ==[resolves-to]==> 127.0.0.1

Before we go into the details, let me give you an overview of the applications involved. The applications and/or files that have a part in DNS resolving (on Ubuntu) are:

  1. /etc/hosts (this file is used to override the resolver)
  2. network-manager (the network icon on your desktop)
  3. dnsmasq-base (local resolver, installed by default, unconfigurable)
  4. dnsmasq (full configurable version that can be added manually)
  5. resolvconf (manages the contents of the file “/etc/resolv.conf”)
  6. avahi-daemon (a.k.a. ZeroConf or Bonjour, this uses .local)
  7. apache2 (the webserver needs to respond to the .dev hostname)

Long instructions

You can add “127.0.0.1 leaseweblabs.dev” to your “/etc/hosts” and the problem is solved. Easy right? This works, but it is NOT possible to have a wildcard DNS entry in the ‘hosts’ file. This means you will have to update the ‘hosts’ file for every hostname you want to use. This can be a problem when your web application works with dynamically generated subdomains. Fortunately, there is a workaround.

To understand the workaround we first need to understand how Ubuntu does DNS resolving. From version 12.04 onward, it uses the “dnsmasq-base” package to do DNS resolving, which is started by the “network-manager” service. This base version does not allow you to use a “/etc/dnsmasq.conf” file for configuring and will just serve the contents of the “/etc/hosts” file (and rules added by the network manager).

Wildcard DNS entries are possible in the dnsmasq config file “/etc/dnsmasq.conf”. The format of the wildcard entries in “/etc/dnsmasq.conf” is “address=/dev/127.0.0.1”, where “dev” is the wildcard domain (e.g. *.dev). You should try to avoid running an open resolver and add the line “listen-address=127.0.0.1” and “bind-interfaces”. Note that you should not use “.local”, since avahi-daemon is using that. You can make it work, but it will be slower, since ZeroConf (mdns) has to check your local network for devices first.

To disable the non-configurable dnsmasq-base, we can simply comment out the line “dns=dnsmasq” in “/etc/NetworkManager/NetworkManager.conf”. Next we can install the full dnsmasq using “sudo apt-get install dnsmasq”. Note that it won’t start because the old dnsmasq is still running. When you want to start using the full dnsmasq it will complain that it failed to create a listening socket, like this:

dnsmasq: failed to create listening socket: Address already in use

Now we can find the process-id of dnsmasq (base) and kill it using the word kill and the process-id.

NB: Your process-id will be different.

maurits@nuc:~$ sudo netstat -plant | grep :53
tcp        0      0 127.0.0.1:53            0.0.0.0:*               LISTEN      3101/dnsmasq
maurits@nuc:~$ sudo kill -9 3101

Now restart the dnsmasq service using “sudo service dnsmasq restart” to start the full dnsmasq without any problems. Now to make sure your connections will use your new resolver, you must make sure it is added to network connections. You do this by adding the “prepend domain-name-servers 127.0.0.1;” line to “/etc/dhcp/dhclient.conf”. After that you have to disconnect and reconnect all connections (also wired) or restart the network manager (which does the same) using “sudo service network-manager restart”. Now when you click on “Connection Information” in the network manager menu you should see that “Primary DNS” is set to “127.0.0.1”.

NB: It is important you configure Apache to respond to the new “.dev” hostname in its virtualhost configuration. In our case we changed the servername to “ServerName leaseweblabs.dev” in “/etc/apache2/sites-available/leaseweblabs”. After modifying this you need to reload apache2 with “sudo service apache2 reload”.

Debugging

By default, dnsmasq will look for upstream DNS servers when resolving. To debug this solution you may want to uncomment “#log-queries” in “/etc/dnsmasq.conf” and see in real-time what is happening using “tail -f /var/log/syslog”. You can also type “cat /run/resolvconf/interface/NetworkManager” at any time, to see what effective list of resolvers is being used. To force an update of the resolver configuration you can execute “resolvconf -u”, but this is normally not needed.

Use “dig leaseweblabs.dev” or “telnet leaseweblabs.dev 80” and do the same with a public website: “dig google.com” or “telnet google.com 80”. If there are answers to the “dig” requests and telnet connects successfully, you should probably be looking at your virtual host configuration.

Short instructions

$ sudo nano /etc/NetworkManager/NetworkManager.conf
- search for "dns=dnsmasq"
- replace with "#dns=dnsmasq"
$ sudo apt-get install dnsmasq
$ sudo nano /etc/dnsmasq.conf
- append line: "listen-address=127.0.0.1"
- append line: "bind-interfaces"
- append line: "address=/dev/127.0.0.1"
$ sudo netstat -plant | grep :53
- look for "NUMBER/dnsmasq"
$ sudo kill -9 NUMBER
- fill in the number you found for "NUMBER"
$ sudo service dnsmasq restart
$ sudo nano /etc/dhcp/dhclient.conf
- append line: "prepend domain-name-servers 127.0.0.1;"
$ sudo service network-manager restart

Did you try this, but you didn’t succeed? Do you have improvements? Let me know!

Share

Stream Spotify via Airplay to your Linux HTPC

Today we will show you how to setup your Linux HTPC as AirPlay target so that you can stream music services like Spotify from your iPhone or iPad to it. A Home Theater PC (HTPC) or Media Center computer is a PC connected to a TV and/or audio system that supports video, photo, audio playback, and sometimes video recording (PVR) functionality.

Spotify is a commercial music streaming service providing DRM-protected content from a range of major and independent record labels, including Sony, EMI, Warner Music Group and Universal. Today (June 21st 2013) Spotify is available in: Australia, Austria, Belgium, Denmark, Finland, France, Germany, Netherlands, New Zealand, Norway, Spain, Sweden, Switzerland, UK, US, Ireland, Andorra, Liechtenstein, Monaco, Luxemburg. It has very nice “app” for the iPad or iPhone to select and play music.

Alternatives to Spotify are:


If you have both a Linux HTPC and a (paid) Spotify premium account you can combine them into an awesome entertainment system. The convenient part is that you will use your iPhone/iPad to choose music that will be streamed over the Wifi using the AirPlay protocol to your HTPC and then to your sound system. I assume your home network/living room setup looks like this:

shairtunes_network

What we are going to do is add a service to the HTPC that allows us to play music on the stereo system. We are going to be using the AirPlay protocol that is created by Apple and allows you to play stream audio from an Apple device towards speakers or a stereo line-out. The first device to support AirPlay protocol was the AirPort express home Wifi router by Apple. Nowadays you can get a really cool portable speaker or regular speaker with Wifi support that allow you to stream directly to them using the AirPlay protocol.

Even if you are very Linux minded it could happen that you get an iPhone from your boss. In that case you might not be willing to invest in Apple (related) products like the speakers mentioned above. What you can do is install “shairport”: a software package that allows your free Linux machine to behave like an AirPlay target. This way you can enjoy music from your iPhone on your speakers via your Linux HTPC. You need to install the dependencies, download the code, compile and install it. This sounds like a lot of work, but it is actually not that hard:

sudo apt-get install build-essential libssl-dev libcrypt-openssl-rsa-perl libao-dev libio-socket-inet6-perl libwww-perl avahi-utils pkg-config
sudo cpan install HTTP::Request HTTP::Message Crypt::OpenSSL::RSA IO::Socket::INET6 Net::SDP
wget https://github.com/abrasive/shairport/archive/master.zip
unzip master.zip
cd shairport-master/
make
perl shairport.pl
sudo make install

Now all you need to do is start the “shairport” service and you are ready to enjoy your new audio setup:

sudo /etc/init.d/shairport restart

Enjoy the music!

Share

DD-WRT in Repeater Bridge mode

ddwrt

DD-WRT is a third party developed firmware, released under the terms of the GPL for many ieee802.11a/b/g/h/n wireless routers based on a Broadcom or Atheros chip reference design. — DD-WRT wiki

Today we are discussing DD-WRT and specifically how you can do some cool stuff that you would not be able to do with your current wireless router. Chances are that your home router is compatible with DD-WRT. You can find this out by checking the DD-WRT router database. With DD-WRT firmware loaded, your router is able to do some tricks it might not be able to do before. One of these things might involve the repeater bridge mode, which can improve your WiFi range at home. Since devices are automatically switching between WiFi and 3G, especially since the 3G prices (in the Netherlands) are quite high and/or low data traffic limits apply, this mode is a necessity.

So what is the plan? Let’s assume you have a living room with an (non wireless) Internet modem, a server, a printer and a laptop. In your study you have another three PC’s. You need a Mac, a Windows PC and a Linux computer right? Occasionally you bring your laptop from the living room. Let’s assume your wife (or husband) did not allow you to put a nice fast gigabit cable connection between your living room and the study, because he/she feels the cables do not match the interior design. Obviously there is no arguing and you need to go wireless. The fastest wireless connections you get now follow the N standard with a theoretical maximum of 300 Mbps. In reality you will probably only get a fraction of that, because of the distance you need to cover. In my house I get about 25 Mbit with going one floor up and passing a bathroom. But anyway, this would be the network layout you can build using DD-WRT on you router:

Repeater_Bridge

The funny poles are actually DD-WRT routers and one is configured as the primary. If your modem has wireless and a switch you can just leave that primary router out, since it is just configured as a standard access point. The secondary is actually a DD-WRT router in repeater bridge mode. This means it connects to the access point by wireless and then announces it’s own SSID (e.g. “wifi-study”) whereas the primary announces the “wifi-living”. Now you can use your laptop in the study as well, and connect the PC’s to the router through wired connections. Note that you can replace the antenna with a Yagi antenna and boost the transmission power to get a better reach and a higher wireless speed.

If you run the router in repeater bridge mode, there are a few settings you need to make sure you set correctly:

  1. You must set your encryption to “WPA2 personal” with “AES” encryption.
  2. You must set your wireless channel to a fixed one, so do NOT put it on “auto”.
  3. Please make sure you follow the instructions carefully.

If you do not yet own a DD-WRT capable router you might consider getting one of these new, very fast routers:

  • Netgear WNDR4300
  • Asus RT-AC66U
  • TP-Link TL-WDR4300
  • Cisco Linksys E4200

These very fast routers have awesome specifications and can run DD-WRT perfectly. I have the older, slower Cisco Linksys E2500 and even older and slower Cisco Linksys WRT54GL routers myself, but they also run DD-WRT fine.

Share