How to setup a LAN DNS server using MaraDNS under Windows 7

Are you tired of using 192.168.0.x to refer to the computers within your LAN? Setting up a DNS server and getting domain names for your local computers is surprisingly easy - even on Windows.

0. Preliminary setup: make sure each computer gets a constant IP address

Before setting up the DNS server, you need to ensure that each computer or virtual machine gets a fixed IP address. Otherwise the IP address of the computer may change on each reboot.

This should be done on your router, which is usually located either at 192.168.0.1 or 192.168.1.1 (check your current local IP address by running the Command Prompt and "ipconfig", which shows your current IP address). Check your router manual on instructions how to log in, most routers have a HTTP-based configuration system which can be accessed when connected to the router.

In my case (I have a Asus RT-N11), the address was 192.168.1.1. Make sure that the computers you want to setup IPs for are connected, then find the "Status" or "DHCP Leases" listing on the router web interface. This listing will contain the MAC addresses for each host. Here is mine:

Host Name       MAC Address       IP Address      Lease
--------------------------------------------------------------
HOST1        00-11-22-33-F0-AC 192.168.1.5     60016 secs.
HOST2        00-11-33-44-F2-2C 192.168.1.6     85074 secs.

A MAC address is a unique identifier given to each network adapter. It allows you to setup fixed IPs.

Find the router functionality which allows you to "Assign IP Addresses Manually". This should enable you to specify a MAC address and a corresponding fixed IP address. Do this for each of the network adapters you wish to have a fixed IP address. On the Asus RT-N11 this was under "IP Config" -> "DHCP Server".

Add a MAC address <-> IP address pair for each computer.

1. Get MaraDNS

MaraDNS is a free, lightweight and relatively easy-to-configure DNS server for Windows and Linux. Download it from here and unzip it to some folder.

2. Configure MaraDNS

Open "secret.txt" and change the value to something else (random characters).

The MaraDNS configuration is in the "mararc" file in the same directory. DNS servers have two sets of functionality. They can function as a "Authoritative name server" or a "Recursive/caching name server".

Authoritative name servers specify IP addresses for domain names. Recursive name servers store information from authoritative name servers and pass on queries in a recursive manner.

We will be configuring both authoritative and recursive functionality in MaraDNS.

2.1 Authoritative configuration

We will configure the server to provide authoritative names of the LAN domain names. Pick any domain, I chose "local.com" (note though that you will not be able to access the actual "local.com" website if you pick an existing domain name).

Add configuration lines to "mararc" like these:

csv2 = {}
csv2["local.com."] = "db.lan.txt"

Where local.com is the domain name you picked, and db.lan.txt is the name of the second configuration file which we will be creating next (change it if you want to name the second configuration file).

Create a new file named "db.lan.txt" in the same directory as MaraDNS.

For each of the computers you want to resolve to a name, add a line to "db.lan.txt". For example, for two machines, one "dev.local.com" and the other "blog.local.com", add the following lines:

dev.%       192.168.1.4 ~
blog.%        192.168.1.6 ~

Done!

2.2 Recursive configuration

We will setup MaraDNS to ask your default name servers for all other domains so that you can resolve all other domain names to their correct IP addresses.

Find out your ISP's DNS server addresses. These are likely to be listed either on the Router status page, or by checking the details on your network adapter.

Now add your ISP's DNS servers as upstream servers in "mararc":

upstream_servers = {}
upstream_servers["."] = "xxx.xxx.xxx.xxx, yyy.yyy.yyy.yyy"

Where xxx.xxx.xxx.xxx and yyy.yyy.yyy.yyy are your ISP's DNS servers.

Done!

3. Run MaraDNS and test it using askmara.exe

Double-click "runmara.bat" , and leave the server running.

Open a command prompt, navigate to the MaraDNS directory and try running:

askmara.exe Agoogle.com.

and

askmara.exe Ablog.local.com.

You should get replies like this:

# Querying the server with the IP 127.0.0.1
# Question: Agoogle.com.
google.com. +300 a 74.125.67.100
google.com. +300 a 74.125.53.100
google.com. +300 a 74.125.45.100
# NS replies:
# AR replies:

and:

# Querying the server with the IP 127.0.0.1
# Question: Ablog.local.com.
blog.local.com. +86400 a 192.168.1.6
# NS replies:
#local.com. +86400 ns synth-ip-7f000001.local.com.
# AR replies:
#synth-ip-7f000001.local.com. +86400 a 127.0.0.1

If you get problems with the first query, you messed up the recursive DNS settings (are your ISP DNS server addresses correct?), and if you get an error with the second query, you messed up the authoritative settings.

4. Change MaraDNS to reply to queries from your LAN

Shutdown the MaraDNS window, and change the first two lines of "mararc" to something like:

ipv4_bind_addresses = "192.168.1.2
recursive_acl = "192.168.1.0/24"

Where 192.168.1.2 is the IP address of the computer on which the server will be running and the "192.168.1" part of recursive_acl is the same as on your network (might be 192.168.0.0/24).

Start MaraDNS again, and leave it running.

5. Setup your router to hand out your new DNS server

Open your router's web interface and find the DHCP server settings. There should be an option to set up a DNS server. Write the IP address of the computer on which the DNS server will be running.

For each of your computers, disconnect the network (e.g. by disabling and enabling it in Windows, or by using "ifconfig eth0 down"/"ifconfig eth0 up" on Linux).

That's it, you should now be able to refer to your LAN computers by their domain names.

Comments

Maxime: I love reading through your blog, I wanted to leave a little comment to support you and wish you a good continuation, or when I read your lines I found your article very interested, thank you for sharing.

rancell: Eighty percent of success is showing up.

Computer Gamers: My cousin would really appreciate this blog post. We were just talking about this. hehe

P1 Linda: Many thanks for telling. I haven't really have time to understand this yet still I've bookmarked it so that I will be able to read it later on.

Blondell Gonzalaz: Good day I just wanted to know on if you could write another post to go a bit further into detail on the topic? This one was great but I would love to hear more!

Randi Gapinski: Very interesting. I've subscribed to your feed.

Kylee Stuckemeyer: Morning, It is nice to stumble upon a good website like this one. Do you mind if I use some of the information here, and I'll leave a link back to your site?

Virtual Crowds: DNS Verification FTW...

I found your entry very interesting so I've added a Trackback to it on my weblog. Hope you like that... :)...

Mr Lapin: Unlike the comments above, this one is not spam. :-)

Kudos, Mixu. Thanks to this well-written cookbook, I was able to implement a lan dns server on an ancient Win98 laptop. The only change I had to make was removing the start and exit commands from the batch script that starts the server.

This works great. I appreciate your taking time to provide the entry.

Mikito Takada: Thanks for the nice comments! They keep me motivated to write :)

Paul Heckles: Hi, a very good blog indeed exactly what I was looking for - almost! I am also trying use the internal DNS server I have set up as an internet name server i.e. I have used DYNDNS to create a static hostname for my router, then I have updated the nameserver on my domain provider to the static hostname, now I need to forward nameserver requests from my router to my internal DNS server, can this be done with a router firwall forwarding rule? Many thanks

Mikkell: Upstream_servers no longer supported