diff --git a/source/manual/dnsmasq.rst b/source/manual/dnsmasq.rst
new file mode 100644
index 00000000..8a3b7fbd
--- /dev/null
+++ b/source/manual/dnsmasq.rst
@@ -0,0 +1,37 @@
+==============
+Dnsmasq DNS
+==============
+
+Dnsmasq is a lightweight, easy to configure, DNS forwarder, which can be used to answer to dns queries
+from your network.
+
+Similar functionality is also provided by "Unbound DNS", our standard enabled forward/resolver service.
+
+In some cases people prefer to use dnsmasq or combine it with our default enabled resolver (Unbound).
+
+.. Note::
+
+    Since OPNsense 17.7 Unbound has been our standard DNS service, the main reason for Dnsmasq being shipped
+    in our product is for compatibility. Although there are some use-cases that require Dnsmasq specifically,
+    most users better opt for Unbound.
+
+-------------------------
+General settings
+-------------------------
+
+Most settings are pretty straightforward here, enable the service, listen on a port (53 when empty) and
+assign interfaces to listen to.
+You can register dhcp static mappings as well, so the forwarder will know internally defined hosts.
+
+
+-------------------------
+Host overrides
+-------------------------
+
+Here you define static hostnames, which allow you to reply a specific address when being asked.
+
+-------------------------
+Domain Overrides
+-------------------------
+
+If a specific domain should be answered by a different DNS server, you can configure it here.
diff --git a/source/services.rst b/source/services.rst
index 076d9135..c7a724e3 100644
--- a/source/services.rst
+++ b/source/services.rst
@@ -17,6 +17,7 @@ Your security appliance comes with quite some services to ease network operation
 
    manual/captiveportal
    manual/dhcp
+   manual/dnsmasq
    manual/ips
    manual/proxy
    manual/dynamic_routing