c2023/dnsmasq
13
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

init

Browse Source
This commit is contained in:
baiobelfer 2025-05-15 09:16:05 +02:00
commit 6c097b826e
3 changed files with 157 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

BIN
doc/main.pdf Normal file
View File

Binary file not shown.

156
doc/main.tex Normal file
View File

@ -0,0 +1,156 @@
\documentclass[a4paper,12pt]{article}
\usepackage[utf8]{inputenc}
\usepackage[T1]{fontenc}
\usepackage{lmodern}
\usepackage{geometry}
\geometry{margin=1in}
\usepackage{listings}
\usepackage{xcolor}
\usepackage{parskip}
\lstset{
basicstyle=\ttfamily\small,
breaklines=true,
frame=single,
numbers=left,
numberstyle=\tiny,
keywordstyle=\color{blue},
commentstyle=\color{gray},
stringstyle=\color{red}
}
\begin{document}
\title{Basic Configuration of dnsmasq in an Incus Container on Debian with Netplan}
\author{}
\date{}
\maketitle
\section{Introduction}
This guide provides step-by-step instructions for setting up \texttt{dnsmasq} as a DNS and DHCP server in an Incus container running Debian. The network configuration is managed using Netplan to ensure proper network integration.
\section{Prerequisites}
Before proceeding, ensure the following:
\begin{itemize}
\item Incus is installed on the host system (\texttt{sudo apt install incus}).
\item A Debian-based container is created in Incus.
\item Basic knowledge of Linux networking and container management.
\item Root or sudo access to the host and container.
\end{itemize}
\section{Step-by-Step Configuration}
\subsection{Creating and Setting Up the Incus Container}
% Creating the Incus container
Create a Debian container named \texttt{dnsmasq-container} using the following command on the host:
\begin{lstlisting}[language=bash]
incus create images:debian/12 dnsmasq-container
incus config set dnsmasq-container security.syscalls.intercept.mount true
incus start dnsmasq-container
\end{lstlisting}
The \texttt{security.syscalls.intercept.mount} setting is required for \texttt{dnsmasq} to function correctly in the container.
% Accessing the container
Access the container:
\begin{lstlisting}[language=bash]
incus exec dnsmasq-container -- bash
\end{lstlisting}
\subsection{Installing dnsmasq}
% Installing dnsmasq and dependencies
Update the package list and install \texttt{dnsmasq}:
\begin{lstlisting}[language=bash]
apt update
apt install dnsmasq -y
\end{lstlisting}
\subsection{Configuring the Network with Netplan}
% Setting up the network interface
Configure the container's network using Netplan to assign a static IP address. Edit the Netplan configuration file (e.g., \texttt{/etc/netplan/01-netcfg.yaml}):
\begin{lstlisting}[language=bash]
nano /etc/netplan/01-netcfg.yaml
\end{lstlisting}
Add the following configuration:
\begin{lstlisting}[language=yaml]
network:
version: 2
ethernets:
eth0:
dhcp4: no
addresses:
- 192.168.1.10/24
gateway4: 192.168.1.1
nameservers:
addresses: [8.8.8.8, 8.8.4.4]
\end{lstlisting}
Apply the configuration:
\begin{lstlisting}[language=bash]
netplan apply
\end{lstlisting}
\subsection{Configuring dnsmasq}
% Configuring dnsmasq for DNS and DHCP
Edit the \texttt{dnsmasq} configuration file at \texttt{/etc/dnsmasq.conf}:
\begin{lstlisting}[language=bash]
nano /etc/dnsmasq.conf
\end{lstlisting}
Add or modify the following settings to enable DNS and DHCP:
\begin{lstlisting}
# DNS settings
domain-needed
bogus-priv
no-resolv
server=8.8.8.8
server=8.8.4.4
local=/example.local/
domain=example.local
# DHCP settings
dhcp-range=192.168.1.100,192.168.1.200,12h
dhcp-option=3,192.168.1.1
dhcp-option=6,8.8.8.8,8.8.4.4
\end{lstlisting}
\textbf{Explanation:}
\begin{itemize}
\item \texttt{domain-needed}: Prevents incomplete domain names from being sent to upstream DNS.
\item \texttt{bogus-priv}: Blocks reverse DNS lookups for private IP ranges.
\item \texttt{no-resolv}: Disables reading \texttt{/etc/resolv.conf}.
\item \texttt{server}: Specifies upstream DNS servers (Google DNS in this case).
\item \texttt{local} and \texttt{domain}: Configures a local domain.
\item \texttt{dhcp-range}: Defines the IP range for DHCP clients (from 192.168.1.100 to 192.168.1.200, lease time 12 hours).
\item \texttt{dhcp-option}: Sets the default gateway (option 3) and DNS servers (option 6).
\end{itemize}
\subsection{Starting and Enabling dnsmasq}
% Starting the dnsmasq service
Restart the \texttt{dnsmasq} service to apply the configuration:
\begin{lstlisting}[language=bash]
systemctl restart dnsmasq
systemctl enable dnsmasq
\end{lstlisting}
Verify that \texttt{dnsmasq} is running:
\begin{lstlisting}[language=bash]
systemctl status dnsmasq
\end{lstlisting}
\subsection{Testing the Configuration}
% Testing DNS and DHCP
Test the DNS resolution from within the container:
\begin{lstlisting}[language=bash]
nslookup example.local 192.168.1.10
\end{lstlisting}
To test DHCP, connect a client device to the same network and verify that it receives an IP address in the range \texttt{192.168.1.100--192.168.1.200}.
\section{Troubleshooting}
If \texttt{dnsmasq} fails to start:
\begin{itemize}
\item Check the logs: \texttt{journalctl -u dnsmasq}.
\item Ensure no other service is using port 53 (DNS) or 67 (DHCP).
\item Verify the network configuration with \texttt{ip a} and \texttt{ping 8.8.8.8}.
\end{itemize}
\section{Conclusion}
This guide configures \texttt{dnsmasq} as a DNS and DHCP server in an Incus container on Debian. The Netplan configuration ensures proper network setup. For advanced configurations, refer to the \texttt{dnsmasq} documentation (\texttt{man dnsmasq}).
\end{document}

1
token.txt Normal file
View File

@ -0,0 +1 @@
t8:37b0111174ee4067a3c1c27dace2f4874d3f0860