Dnsmasq for Android

Android does not allow applications to run local DNS resolvers on the device. Because MCC's built-in DNS server runs locally, Android clients cannot use it directly. The solution is to install Dnsmasq on the parent node and use it as an external DNS resolver that Android clients can query.

Install Dnsmasq on the parent node using the appropriate package manager:

• Ubuntu / Debian: sudo apt-get install dnsmasq
• CentOS / Fedora: sudo dnf install dnsmasq
• OpenWRT: opkg install dnsmasq

Edit the Dnsmasq configuration file (typically /etc/dnsmasq.conf) to forward MCC domain queries to the local MCC DNS server:

listen-address = 0.0.0.0
listen-address = 127.0.0.1
server=/home.arpa/127.0.0.1#8353
server=//127.0.0.1#8353
server=/83.10.in-addr.arpa./127.0.0.1#8353

This tells Dnsmasq to listen on all interfaces and forward .home.arpa queries (and reverse lookups for the MCC IPv4 range) to the MCC resolver on port 8353.

On systemd-based distributions:

sudo systemctl enable dnsmasq
sudo systemctl restart dnsmasq

On OpenRC-based systems, use the equivalent service commands to enable and restart Dnsmasq.

With Dnsmasq listening on 0.0.0.0, it is exposed on all network interfaces, including public-facing ones. This makes it vulnerable to DNS amplification DDoS attacks. It is strongly recommended to restrict access using firewall rules or bind Dnsmasq only to trusted interfaces in production environments.