Skip to content

🛠️ High-Availability DNS Setup on Two Raspberry Pi (Ubuntu 24.04, Dual Interfaces)

This guide provides complete instructions to set up two Raspberry Pi devices running Ubuntu Server 24.04 as highly available DNS servers with dnsmasq and keepalived, using both Ethernet (eth0) and Wi-Fi (wlan0) interfaces.

🌐 Network Design

Device Interface IP Address
rpi-dns1 eth0 192.168.1.10
wlan0 192.168.1.12
rpi-dns2 eth0 192.168.1.11
wlan0 192.168.1.13
VIP (floating) both 192.168.1.53

1️⃣ Configure Static IPs with Netplan

Edit or create: /etc/netplan/01-netcfg.yaml

rpi-dns1 Example:

network:
  version: 2
  renderer: networkd
  ethernets:
    eth0:
      dhcp4: no
      addresses: [192.168.1.10/24]
      gateway4: 192.168.1.1
      nameservers:
        addresses: [1.1.1.1, 8.8.8.8]
  wifis:
    wlan0:
      dhcp4: no
      addresses: [192.168.1.12/24]
      access-points:
        "YourSSID":
          password: "YourPassword"
      nameservers:
        addresses: [1.1.1.1, 8.8.8.8]

rpi-dns2 Example:

Use .11 and .13 for eth0 and wlan0 respectively.

Apply settings: 

sudo netplan apply

2️⃣ Install and Configure dnsmasq

Install: 

sudo apt update
sudo apt install dnsmasq -y

Create /etc/dnsmasq.d/custom-dns.conf: 

listen-address=127.0.0.1,192.168.1.10,192.168.1.12
interface=eth0
interface=wlan0
bind-interfaces

server=1.1.1.1
server=8.8.8.8

address=/printer.lan/192.168.1.50
address=/nas.lan/192.168.1.100

domain-needed
bogus-priv
localise-queries

Repeat on rpi-dns2 with correct interface IPs.

Enable and start: 

sudo systemctl enable dnsmasq
sudo systemctl restart dnsmasq

3️⃣ Disable systemd-resolved (if it conflicts with dnsmasq)

Check if running: 

sudo systemctl status systemd-resolved

If yes, stop and disable: 

sudo systemctl stop systemd-resolved
sudo systemctl disable systemd-resolved
sudo rm /etc/resolv.conf
echo "nameserver 1.1.1.1" | sudo tee /etc/resolv.conf

4️⃣ Install and Configure keepalived

Install: 

sudo apt install keepalived -y

🔐 About the authentication block:

  • This ensures only trusted devices participate in VIP election.
  • The auth_pass value must match on all Pis.
  • It is defined directly in the keepalived.conf file and not stored elsewhere.

On rpi-dns1:

Create /etc/keepalived/keepalived.conf 

vrrp_instance VI_1 {
    state MASTER
    interface eth0
    virtual_router_id 51
    priority 150
    advert_int 1
    authentication {
        auth_type PASS
        auth_pass M3shD1nsSecureVIPFailover!
    }
    virtual_ipaddress {
        192.168.1.53 dev eth0
        192.168.1.53 dev wlan0
    }
}

On rpi-dns2:

Use state BACKUP and priority 100.

Enable and start: 

sudo systemctl enable keepalived
sudo systemctl start keepalived

5️⃣ Test Failover

Check VIP is active: 

ip a | grep 192.168.1.53

Simulate failure: 

sudo systemctl stop keepalived

Check VIP is now on rpi-dns2.

6️⃣ Configure DNS on Linksys Velop

  1. Open Linksys app or admin panel
  2. Navigate to Internet > DNS Settings
  3. Set:
  4. DNS 1: 192.168.1.53
  5. DNS 2: 1.1.1.1 (optional fallback)
  6. Save and reboot mesh if needed

✅ Done!

You now have a fully redundant, dual-interface DNS server setup with VIP failover and clean networking under Ubuntu 24.04.