diff --git a/salt/states/dnsmasq/files/dnsmasq.conf.jinja b/salt/states/dnsmasq/files/dnsmasq.conf.jinja
new file mode 100644
index 0000000..b07c435
--- /dev/null
+++ b/salt/states/dnsmasq/files/dnsmasq.conf.jinja
@@ -0,0 +1,7 @@
+interface={{ interface }}
+listen-address= {{ ip }}
+bind-interfaces
+server=1.1.1.1
+domain-needed
+bogus-priv
+dhcp-range={{ ip[0:-1] }}50,{{ ip[0:-1] }}150,12h
diff --git a/salt/states/dnsmasq/init.sls b/salt/states/dnsmasq/init.sls
new file mode 100644
index 0000000..a3dc3f4
--- /dev/null
+++ b/salt/states/dnsmasq/init.sls
@@ -0,0 +1,44 @@
+Install dnsmasq:
+  pkg.installed:
+    - name: dnsmasq
+
+{% set ip = pillar['network']['ip'] -%}
+{% set interface = pillar['network']['interface']['internal'] -%}
+configure dnsmasq for internal interface:
+  file.managed:
+    - name: /etc/dnsmasq.d/{{ interface }}.conf
+    - source: salt://dnsmasq/files/dnsmasq.conf.jinja
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: "0644"
+    - context:
+      ip: {{ ip }}
+      interface: {{ interface }}
+
+{% for vlan in pillar['network']['vlan'] -%}
+{% set id = vlan['id'] -%}
+{% set ip = vlan['address'] -%}
+configure dnsmasq for vlan.{{ id }}:
+  file.managed:
+    - name: /etc/dnsmasq.d/vlan.{{ id }}.conf
+    - source: salt://dnsmasq/files/dnsmasq.conf.jinja
+    - template: jinja
+    - user: root
+    - group: root
+    - mode: "0644"
+    - context:
+      ip: {{ ip }}
+      interface: vlan.{{ id }}
+{% endfor %}
+
+Start dnsmasq:
+  service.running:
+    - name: dnsmasq
+    - enable: True
+    - watch:
+      - file: configure dnsmasq for internal interface
+      {% for vlan in pillar['network']['vlan'] -%}
+      {% set id = vlan['id'] -%}
+      - file: configure dnsmasq for vlan.{{ id }}
+      {% endfor %}