Local DNS Server Deployment

Local DNS Server filtering enables secure DNS traffic on the local network. DNSCyte docker images need to be installed in one of the supported Linux distributions.

Alternatively, it can be installed as a plugin on the pfsense firewall. Local DNS server deployment enables the identification of the endpoint IP address and MAC address. Different "Security Profiles" to different users based on MAC address, IP address and hostname can be assigned.

Getting Docker Files

Local DNS solution is implemented as a docker file to remove platform dependency. It can be installed as a docker image on any platform. Before downloading and installation image ensure that suitable docker community edition (docker-ce) installed on the system. Please refer to docker installation guides to install docker-ce. DnsSense docker images can be downloaded using http://download.dnscyte.com/dnscyte/DnsSense.tar.gz or using the below command on linux su

wget http://download.dnscyte.com/dnscyte/DnsSense.tar.gz

After downloading compressed file extract it by using tar command as below.

tar -zxvf DnsSense.tar.gz

Command extract files under dnssense folder and this folder contains required installation files and scripts

Figure 1. DnsSense installation Files

Installing Image

After downloading and extracting installation files, below command needs to be executed as root or as Sudo users to register the box under the account. Go to dnssense folder and run following command:

bash dnssenseregister.bash

During the registration, process script will ask DNSCyte account and password for registration. Once registered, installation of the device will appear under the "Devices" menu in the deployment section.

Figure 2 Local DNS Boxes

After successfull registration of your devices yo need to enable docker containers to start Local DNS filtering. To enable docker image execute following commands under dnssense folder.

apt-get install curl jq dnsutils
docker load < dns.sense_docker.1.0.5
sh ./docker.run.sh
iptables -t nat -A PREROUTING -i eth0 -p udp --dport 53 -j REDIRECT --to-port 5353

After finishing installations check your deployment.

Figure 3. Installation Check
  1. curl,jg and dnsutils packages installed in Ubuntu system in example. Please change it to your system package manager if you are using different Linux distribution

  2. For iptables command change "eth0" to suitable interface name to your deployment. DNS request reach this interface will be redirected to port 5353. Docker images bind itself to port 5353 to listen DNS queries.

Assigning Security Profile

Once the installation is complete system is ready to start filtering. By default, "Monitoring_Profile" is assigned to newly registered devices. Different security profiles can be assigned by selecting the suitable "Security Profile" to the device by selecting it from the drop-down list. After choosing the profile click Save button and changes will be applied immediately.

Figure 4. Assigning Security Profile

Monitoring Device Traffic

All box traffic can be monitored under the monitoring section. Local DNS box sends local user IP address information for the DNS requests

Figure 6 Local DNS Server Log View