Tomato includes Dnsmasq, a lightweight DNS forwarder and DHCP server. By default Dnsmasq is configured to only cache 150 DNS lookups; a very small number that can easily be exceeded by a typical home network. I decided to share my research and write this simple howto if you want to enable and use dnsmasq within Tomato. 1. First consider using OpenDNS as your dns provider. OpenDNS servers are faster and have a larger DNS lookup cache than your typical ISP provider DNS server. OpenDNS by default protects you from phising sites and auto-corrects mistyped urls. If you sign up for an account at opendns.com you will also get the benefit of network shortcuts, stat gathering, and website blocking. But you do not need an account to use the OpenDNS servers. Go to: Basic ->Network And in the LAN section, under Static DNS, enter the OpenDNS servers IP addresses. 184.108.40.206 220.127.116.11 Click Save. 2. Now we are going to enable dnsmasq and add some options. Go to: Advanced ->DHCP / DNS Use Internal Caching DNS Forwarder: This option enables the dnsmasq DNS lookup caching. Use Received DNS With Static DNS: This option configures dnsmasq to use your ISP's DNS server in addition to any Static DNS entries you have specified. I turn this off since my ISP's DNS server can be slow at peak hours. Upon startup Dnsmasq sends a query to all configured DNS servers in /etc/resolv.dnsmasq. The first server to reply back becomes the primary DNS server. If the server stops responding then Dnsmasq sends out another request and reassigns the primary server. Intercept DNS Port (UDP 53): This option may be helpful when used with OpenDNS for parental control. When enabled, anything going out to UDP port 53 is redirected to Dnsmasq. e.g. A client on your network can still configure their own DNS server for lookups to bypass the dnsmasq server on your router. By enabling this option their DNS lookup will get always get redirected if they are going over port 53. Dnsmasq Custom Configuration: The options and comments are taken directly from the Dnsmasq man page. Enter the following options into the text box: Code: cache-size=2048 log-async=5 #strict-order cache-size: Set the size of dnsmasq's cache. The default is 150 names. Setting the cache size to zero disables caching. log-async: Enable asynchronous logging and optionally set the limit on the number of lines which will be queued by dnsmasq when writing to the syslog is slow. Dnsmasq can log asynchronously: this allows it to continue functioning without being blocked by syslog, and allows syslog to use dnsmasq for DNS queries without risking deadlock. If the queue of log-lines becomes full, dnsmasq will log the overflow, and the number of messages lost. The default queue length is 5, a sane value would be 5-25, and a maximum limit of 100 is imposed. extra: (commented out with a #) strict-order: By default, dnsmasq will send queries to any of the upstream servers it knows about and sets the server that is first to respond as the primary server. Setting this flag forces dnsmasq to try each query with each server strictly in the order they appear in /etc/resolv.dnsmasq (which is the order of the Static DNS list). Click Save. Finally, check your logs to make sure your changes and options took effect: Code: Oct 7 00:27:26 tomato user.warn kernel: nvram_commit(): init Oct 7 00:27:27 tomato user.warn kernel: nvram_commit(): end Oct 7 00:27:28 tomato daemon.info dnsmasq: exiting on receipt of SIGTERM Oct 7 00:27:28 tomato daemon.info dnsmasq: started, version 2.40 cachesize 2048 Oct 7 00:27:28 tomato daemon.info dnsmasq: compile time options: no-IPv6 GNU-getopt no-RTC no-ISC-leasefile no-DBus no-I18N no-TFTP Oct 7 00:27:28 tomato daemon.info dnsmasq: asynchronous logging enabled, queue limit is 5 messages Oct 7 00:27:28 tomato daemon.info dnsmasq: DHCP, IP range 192.168.1.100 -- 192.168.1.149, lease time 1d Oct 7 00:27:28 tomato daemon.info dnsmasq: reading /etc/resolv.dnsmasq Oct 7 00:27:28 tomato daemon.info dnsmasq: using nameserver 18.104.22.168#53 Oct 7 00:27:28 tomato daemon.info dnsmasq: using nameserver 22.214.171.124#53 Oct 7 00:27:28 tomato daemon.info dnsmasq: read /etc/hosts - 0 addresses Oct 7 00:27:28 tomato daemon.info dnsmasq: read /etc/hosts.dnsmasq - 1 addresses Impact on lookup speed and memory: FYI, dnsmasq uses a hash function to store and lookup DNS names, which means it can find any name in its cache at a constant time. The practical application is that we can set a high limit on dnsmasq cache size and it won't slow down. The hard limit is 10000 if you have enough ram to store it. So far I have not exhausted my free RAM on my WRT54GLv1.1, but since I just changed the dnsmasq settings I haven't had time to stress the higher limits. Criticism and comments are welcome. I want to improve this guide. I will finish up commenting on all the options later. EDIT - Update: I just wanted to say that I have been using 8192 as my cache-size for a long time now without any issues, I have plenty of free ram left. 10000 isn't a problem either, at least on my configuration. Just make sure that you aren't running out of ram and you should be ok.