How to configure Dnsmasq for Android clients?

Staex on Android resolves node ids to IP addresses using the parent node. This is due to Android OS not allowing us to run local DNS resolver on the device, leaving us with the option of using the resolver with an external IP address. The parent node hosts such a resolver.

In this how-to we use Dnsmasq as DNS resolver. We use Dnsmasq due to its simple configuration and due to the fact that it is widely available across many Linux distributions.

First we install Dnsmasq using platform's package manager.

apt-get install dnsmasq
dnf install dnsmasq
opkg install dnsmasq

Next we configure Dnsmasq to listen on all addresses on port 53.

# file /etc/dnsmasq.conf
# listen on all addresses
listen-address =
# listen on loopback for local name resolution
listen-address =
# use MCC to resolve domains
# use MCC to resolve DNS names without domains
# use MCC to resolve dynamic IP addresses from network

Now we enable Dnsmasq to run on boot and restart it to apply the new configuration.

systemctl enable dnsmasq
systemctl restart dnsmasq
service enable dnsmasq
service restart dnsmasq

Done! Now when you specify this server as the parent of the Android device, the device will use Dnsmasq to resolve all DNS names from MCC network and from the Internet. Please continue to IP forwarding how-to to enable Internet browsing for Android clients.

Note. Dnsmasq listening on a public IP is vulnerable to DDoS attacks. How to protect from such attacks is out of scope of this article. Please do your own research before opening port 53 to the public.

See also