Forge Home


Puppet Dnsmasq management module


87,838 latest version

2.6 quality score

We run a couple of automated
scans to help you access a
module's quality. Each module is
given a score based on how well
the author has formatted their
code and documentation and
modules are also checked for
malware using VirusTotal.

Please note, the information below
is for guidance only and neither of
these methods should be considered
an endorsement by Puppet.

Version information

  • 2.6.1 (latest)
  • 2.6.0
  • 2.4.0
  • 2.3.0
  • 2.2.0
  • 2.1.0
  • 2.0.0-rc1 (pre-release)
  • 1.1.2
  • 1.1.1
  • 1.1.0 (deleted)
  • 1.0.1 (deleted)
  • 1.0.0 (deleted)
released Oct 16th 2014
This version is compatible with:
  • Puppet Enterprise 3.2.x
  • Puppet 3.x
  • RedHat, CentOS, OracleLinux, Debian, Ubuntu, DragonFly, FreeBSD

Start using this module

  • r10k or Code Manager
  • Bolt
  • Manual installation
  • Direct download

Add this module to your Puppetfile:

mod 'lex-dnsmasq', '2.6.1'
Learn more about managing modules with a Puppetfile

Add this module to your Bolt project:

bolt module add lex-dnsmasq
Learn more about using this module with an existing project

Manually install this module globally with Puppet module tool:

puppet module install lex-dnsmasq --version 2.6.1

Direct download is not typically how you would use a Puppet module to manage your infrastructure, but you may want to download the module in order to inspect the code.



lex/dnsmasq — version 2.6.1 Oct 16th 2014


I wrote this module in need of managing bunch of servers running dnsmasq.

It features some advanced features like:

  • Basic dnsmasq management (service, installation)
  • Cross-OS support (Debian, Ubuntu, RHEL, FreeBSD)
  • Loads of options in basic config (ie TFTP) (If you need any additional option that does not supported in this module, just ping me)
  • Support for DHCP configuration.
  • Support for adding static DHCP records (MAC -> IP binding)
  • Support for adding static DNS records (IP -> hostname binding)
  • Support for DHCP options
  • Support for dnsmasq tagging system
  • And much more


  • puppet >= 2.6
  • puppetlabs/concat >= 1.0.0
  • puppetlabs/stdlib


Build Status


  • Unset as much as possible from base class by default

Basic class

Will install dnsmasq to act as DNS and TFTP (if specified) server

All possible options shown here

class { 'dnsmasq':
  interface         => 'lo',
  listen_address    => '',
  no_dhcp_interface => '',
  domain            => 'int.lan',
  port              => '53',
  expand_hosts      => true,
  enable_tftp       => true,
  tftp_root         => '/var/lib/tftpboot',
  dhcp_boot         => 'pxelinux.0',
  domain_needed     => true,
  bogus_priv        => true,
  no_negcache       => true,
  no_hosts          => true,
  resolv_file       => '/etc/resolv.conf',
  cache_size        => 1000,
  restart           => true,

DHCP server configuration

Will add DHCP support to dnsmasq. This can be used multiple times to setup multiple DHCP servers. Parameter "paramset" is optional, this one makes use of tagging system in dnsmasq

dnsmasq::dhcp { 'dhcp': 
  paramset   => 'hadoop0' #optional
  dhcp_start => '',
  dhcp_end   => '',
  netmask    => '',
  lease_time => '24h'

Static DHCP record configuration

Will add static DHCP record to DHCP server with hostname. Please be aware that example-host will also be used as DNS name.

dnsmasq::dhcpstatic { 'example-host':
  mac => 'DE:AD:BE:EF:CA:FE',
  ip  => '',

Host record configuration

Will add static A, AAAA and PTR record

dnsmasq::hostrecord { "example-host-dns,":
  ip  => '',

A record configuration

Will add static A record, this record will always override upstream data

dnsmasq::address { "":
  ip  => '',

CNAME records

Will add canonical name record. Please note that dnsmasq cname is NOT regular cname and can be only for targets which are names from DHCP leases or /etc/hosts, so it's more like alias for hostname

dnsmasq::cname { "mail":
  hostname => "post"

SRV records

Will add srv record which always overrides upstream data. Priority argument is optional.

dnsmasq::srv { "":
  hostname => "",
  port     => "389",
  priority => "1",

MX records

Will create MX (mail eXchange) record which always override upstream data

dnsmasq::mx { "":
  hostname   => "",
  preference => "50",

PTR records

Allows you to create PTR records for rDNS and DNS-SD.

dnsmasq::ptr { "_http._tcp.dns-sd-services":
  value => '"New Employee Page._http._tcp.dns-sd-services"'

TXT records

Allows you to create TXT records

dnsmasq::txt { "":
  value => "name=value,paper=A4"

(this actually should be done via array, will fix later)

DHCP option configuration

Will add dhcp option. Can be used for all types of options, ie:

  • numeric ( dnsmasq::dhcpoption { '53': ... }
  • ipv4-option ( dnsmasq::dhcpoption { 'option:router': ... }
  • ipv6-option ( dnsmasq::dhcpoption { 'option6:dns-server': ... }

Can be used multiple times.

dnsmasq::dhcpoption { 'option:router':
  content => '',
  paramtag => 'sometag', #optional

DHCP booting (PXE)

Allows you to setup different PXE servers in different subnets. paramtag is optional, you can use this to specify subnet for bootserver, using tag you previously specified in dnsmasq::dhcp
Can be used multiple times.

dnsmasq::dhcpboot { 'hadoop-pxe':
  paramtag   => 'hadoop0', #optional
  file       => 'pxelinux.0', 
  hostname   => 'newoffice', #optional
  bootserver => '' #optional

Per-subnet domain

Allows you to specify different domain for specific subnets. Can be used multiple times.

dnsmasq::domain { '':
  subnet => '',

DNS server

Configure the DNS server to query external DNS servers

dnsmasq::dnsserver { 'dns':
  ip => '',

Or, to query specific zone

dnsmasq::dnsserver { 'forward-zone':
  domain => "dumb.domain.tld",
  ip => "",

### DNS-RR records 
Allows dnsmasq to serve arbitrary records, for example:
dnsmasq::dnsrr { 'example-sshfp':
    domain => '',
    type   => '44',
    rdata  => '2:1:123456789abcdef67890123456789abcdef67890'

###Running in Docker containers When running in a Docker container, dnsmasq tries to drop root privileges. This causes the following error:

dnsmasq: setting capabilities failed: Operation not permitted

In this case you can use the run_as_user to provide the appropriate user to run as:

class { 'dnsmasq':
  interface         => 'lo',
  listen_address    => '',
  no_dhcp_interface => '',
  run_as_user       => 'root',