Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. It is designed to be
lightweight and have a small footprint, suitable for resource constrained routers and firewalls. It has also been widely used
for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks.
Supported platforms include Linux (with glibc and uclibc), Android, *BSD, and Mac OS X. Dnsmasq is included in most
Linux distributions and the ports systems of FreeBSD, OpenBSD and NetBSD. Dnsmasq provides full IPv6 support.
The DNS subsystem provides a local DNS server for the network, with forwarding of all query types to upstream recursive DNS servers and
cacheing of common record types (A, AAAA, CNAME and PTR, also DNSKEY and DS when DNSSEC is enabled).
Local DNS names can be defined by reading /etc/hosts, by importing names from the DHCP subsystem, or by configuration of a wide range of useful record types.
Upstream servers can be configured in a variety of convenient ways, including dynamic configuration as these change on moving upstream network.
Authoritative DNS mode allows local DNS names may be exported to zone in the global DNS. Dnsmasq acts as authoritative server for this zone, and also provides
zone transfer to secondaries for the zone, if required.
DNSSEC validation may be performed on DNS replies from upstream nameservers, providing security against spoofing and cache poisoning.
Specified sub-domains can be directed to their own upstream DNS servers, making VPN configuration easy.
Internationalised domain names are supported.
The DHCP subsystem supports DHCPv4, DHCPv6, BOOTP and PXE.
Both static and dynamic DHCP leases are supported, along with stateless mode in DHCPv6.
The PXE system is a full PXE server, supporting netboot menus and multiple architecture support. It
includes proxy-mode, where the PXE system co-operates with another DHCP server.
There is a built in read-only TFTP server to support netboot.
Machines which are configured by DHCP have their names automatically
included in the DNS and the names can specified by each machine or
centrally by associating a name with a MAC address or UID in the dnsmasq
The Router Advertisement subsystem provides basic autoconfiguration for IPv6 hosts. It can be used stand-alone or in conjunction with DHCPv6.
The M and O bits are configurable, to control hosts' use of DHCPv6.
Router advertisements can include the RDNSS option.
There is a mode which uses name information from DHCPv4 configuration to provide DNS entries
for autoconfigured IPv6 addresses which would otherwise be anonymous.
For extra compactness, unused features may be omitted at compile time.
Download dnsmasq here.
The tarball includes this documentation, source, and manpage.
There is also a CHANGELOG and a FAQ.
Dnsmasq has a git repository which contains the complete release
history of version 2 and development history from 2.60. You can
the repo, or get a copy using git protocol with the command
git clone git://thekelleys.org.uk/dnsmasq.git
Dnsmasq is distributed under the GPL, version 2 or version 3 at your discretion. See the files COPYING and COPYING-v3 in the distribution
There is a dnsmasq mailing list at
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss which should be the
first location for queries, bugreports, suggestions etc. The list is mirrored, with a
search facility, at
You can contact me at firstname.lastname@example.org.
Dnsmasq is mainly written and maintained by Simon Kelley. For most of its life, dnsmasq has been a spare-time project.
These days I'm working on it as my main activity.
I don't have an employer or anyone who pays me regularly to work on dnsmasq. If you'd like to make
a contribution towards my expenses, please use the donation button below.