# Trying to optimize DNSMasq



## danaeckel (Feb 20, 2013)

I recently found a website that stated if I use DNSMasq I should change resolv.conf to have 127.0.0.1, and create a resolv.dnsmasq that would contain the information resolv.conf once contained, and also change the line in DNSMasq to point to this file.
Well, I did this, and when I reboot resolv.conf changes back to what it was. Why would that be?

Dana


----------



## SirDice (Feb 20, 2013)

danaeckel said:
			
		

> Well, I did this, and when I reboot resolv.conf changes back to what it was. Why would that be?


Simple, really. It's DHCP that does this. DHCP supplies an IP address, subnet mask, default gateway _and_ DNS servers.

Create a file called /etc/dhclient-enter-hooks and put this in:

```
add_new_resolv_conf() {
        # We don't want /etc/resolv.conf changed
        # So this is an empty function
        return 0
}
```
Now dhclient(8) won't overwrite your /etc/resolv.conf anymore.


----------



## danaeckel (Feb 20, 2013)

Hey thanks, that worked. My next question would be what is the advantage of setting it up to the local host? If one doesn't then your network doesn't take advantage of the DNS cache? Dana


----------



## marwis (Feb 20, 2013)

There are many advantages in setting up your local DNS resolver.  See my post from last month:



			
				marwis said:
			
		

> You can use a local DNS resolver for many things, e.g.
> 
> 
> advertisment and tracking prevention with dns/adsuck independent of your browser so no plugins are needed,
> ...


----------



## danaeckel (Feb 21, 2013)

Wow, you can do lots with that. Right now I use a host file to block ads. Sometimes I run into sites that can detect I am blocking them. Would dns/adsuck make those sites believe I'm not blocking ads?
Also would dns/djbdns cache be any different than DNSMasq?

Thank you.


----------



## marwis (Feb 27, 2013)

> Right now I use a host file to block ads. Sometimes I run into sites that can detect I am blocking them. Would dns/adsuck make those sites believe I'm not blocking ads?


dns/adsuck uses the same principle.  It has a list of hosts files filled with domain names it blocks.  I believe it wouldn't make a difference from this point of view.

Out of curiosity, which sites can detect you're blocking their advertisments?  I've never came across such a site.


> Also would dns/djbdns cache be any different than DNSMasq?


The last time I checked, dns/dnsmasq had the cache size hardcoded in the source code.  It was about 100000 records.  dnscache() can have its cache size in bytes configured a simple configuration file.

The other thing I appreciated was the separation of DNS process and logging process multilog().  At one point I needed to change the logging settings and I could do so without any downtime of the DNS service that was handling 10-15 concurrent requests.


----------



## danaeckel (Mar 2, 2013)

Well, one site that can detect is abc.com


----------



## marwis (Mar 2, 2013)

You're right.  This site is blacklisted also in the default dns/adsuck configuration as one big commercial:

```
# grep abc\.com /var/adsuck/Hosts.pub /var/adsuck/hosts.small
Hosts.pub:127.0.0.1 abc.com
Hosts.pub:127.0.0.1 ads.contentabc.com
Hosts.pub:127.0.0.1 bidabc.com
Hosts.pub:127.0.0.1 click-abc.com
Hosts.pub:127.0.0.1 clickabc.com
Hosts.pub:127.0.0.1 dating-abc.com
Hosts.pub:127.0.0.1 en.boabc.com
Hosts.pub:127.0.0.1 oascentral.13abc.com
Hosts.pub:127.0.0.1 searchabc.com
Hosts.pub:127.0.0.1 www.abc.com
Hosts.pub:127.0.0.1 www.vodyseabc.com
Hosts.pub:127.0.0.1 wwwabc.com
hosts.small:127.0.0.1  static.contentabc.com
hosts.small:127.0.0.1  ads.contentabc.com
hosts.small:127.0.0.1  ads2.contentabc.com
```

When I come across a site that is worth kicking out of the blacklist, I do so and make adsuck reload its configuration with `# kill -s USR1 $(pgrep adsuck)`


----------

