c2023/dnsmasq
14
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: c2023:build
Branches Tags
c2023:build
c2023:fabian-poprawione2
c2023:fabian-poprawione
c2023:f1
c2023:fabian
..
compare: c2023:f1
Branches Tags
c2023:fabian-poprawione2
c2023:fabian-poprawione
c2023:f1
c2023:fabian
c2023:build

1 Commits
build ... f1

Author SHA1 Message Date
baiobelfer
3a18edc2d5 added veth 2025-05-15 10:28:20 +02:00
4 changed files with 510 additions and 360 deletions
Show Stats Expand all files Collapse all files

18
doc/main.aux
View File

@ -1,18 +0,0 @@
\relax
\@writefile{toc}{\contentsline {section}{\numberline {1}Introduction}{1}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {2}Prerequisites}{1}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {3}Step-by-Step Configuration}{1}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.1}Creating and Setting Up the Incus Container}{1}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.2}Installing Additional Packages}{1}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.3}Configuring Users and Permissions}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.3.1}Changing the Root Password}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsubsection}{\numberline {3.3.2}Adding a New User}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.4}Accessing the Container}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.5}Installing dnsmasq}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.6}Configuring the Network with Netplan}{2}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.7}Configuring dnsmasq}{3}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.8}Starting and Enabling dnsmasq}{4}{}\protected@file@percent }
\@writefile{toc}{\contentsline {subsection}{\numberline {3.9}Testing the Configuration}{4}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {4}Troubleshooting}{4}{}\protected@file@percent }
\@writefile{toc}{\contentsline {section}{\numberline {5}Conclusion}{4}{}\protected@file@percent }
\gdef \@abspage@last{4}

337
doc/main.log
View File

@ -1,337 +0,0 @@
This is pdfTeX, Version 3.141592653-2.6-1.40.26 (TeX Live 2025/dev/Debian) (preloaded format=pdflatex 2024.12.27) 15 MAY 2025 09:28
entering extended mode
restricted \write18 enabled.
%&-line parsing enabled.
**main
(./main.tex
LaTeX2e <2024-11-01>
L3 programming layer <2024-11-02>
(/usr/share/texlive/texmf-dist/tex/latex/base/article.cls
Document Class: article 2024/06/29 v1.4n Standard LaTeX document class
(/usr/share/texlive/texmf-dist/tex/latex/base/size12.clo
File: size12.clo 2024/06/29 v1.4n Standard LaTeX file (size option)
)
\c@part=\count196
\c@section=\count197
\c@subsection=\count198
\c@subsubsection=\count199
\c@paragraph=\count266
\c@subparagraph=\count267
\c@figure=\count268
\c@table=\count269
\abovecaptionskip=\skip49
\belowcaptionskip=\skip50
\bibindent=\dimen141
)
(/usr/share/texlive/texmf-dist/tex/latex/base/inputenc.sty
Package: inputenc 2024/02/08 v1.3d Input encoding file
\inpenc@prehook=\toks17
\inpenc@posthook=\toks18
)
(/usr/share/texlive/texmf-dist/tex/latex/base/fontenc.sty
Package: fontenc 2021/04/29 v2.0v Standard LaTeX package
)
(/usr/share/texmf/tex/latex/lm/lmodern.sty
Package: lmodern 2015/05/01 v1.6.1 Latin Modern Fonts
LaTeX Font Info: Overwriting symbol font `operators' in version `normal'
(Font) OT1/cmr/m/n --> OT1/lmr/m/n on input line 22.
LaTeX Font Info: Overwriting symbol font `letters' in version `normal'
(Font) OML/cmm/m/it --> OML/lmm/m/it on input line 23.
LaTeX Font Info: Overwriting symbol font `symbols' in version `normal'
(Font) OMS/cmsy/m/n --> OMS/lmsy/m/n on input line 24.
LaTeX Font Info: Overwriting symbol font `largesymbols' in version `normal'
(Font) OMX/cmex/m/n --> OMX/lmex/m/n on input line 25.
LaTeX Font Info: Overwriting symbol font `operators' in version `bold'
(Font) OT1/cmr/bx/n --> OT1/lmr/bx/n on input line 26.
LaTeX Font Info: Overwriting symbol font `letters' in version `bold'
(Font) OML/cmm/b/it --> OML/lmm/b/it on input line 27.
LaTeX Font Info: Overwriting symbol font `symbols' in version `bold'
(Font) OMS/cmsy/b/n --> OMS/lmsy/b/n on input line 28.
LaTeX Font Info: Overwriting symbol font `largesymbols' in version `bold'
(Font) OMX/cmex/m/n --> OMX/lmex/m/n on input line 29.
LaTeX Font Info: Overwriting math alphabet `\mathbf' in version `normal'
(Font) OT1/cmr/bx/n --> OT1/lmr/bx/n on input line 31.
LaTeX Font Info: Overwriting math alphabet `\mathsf' in version `normal'
(Font) OT1/cmss/m/n --> OT1/lmss/m/n on input line 32.
LaTeX Font Info: Overwriting math alphabet `\mathit' in version `normal'
(Font) OT1/cmr/m/it --> OT1/lmr/m/it on input line 33.
LaTeX Font Info: Overwriting math alphabet `\mathtt' in version `normal'
(Font) OT1/cmtt/m/n --> OT1/lmtt/m/n on input line 34.
LaTeX Font Info: Overwriting math alphabet `\mathbf' in version `bold'
(Font) OT1/cmr/bx/n --> OT1/lmr/bx/n on input line 35.
LaTeX Font Info: Overwriting math alphabet `\mathsf' in version `bold'
(Font) OT1/cmss/bx/n --> OT1/lmss/bx/n on input line 36.
LaTeX Font Info: Overwriting math alphabet `\mathit' in version `bold'
(Font) OT1/cmr/bx/it --> OT1/lmr/bx/it on input line 37.
LaTeX Font Info: Overwriting math alphabet `\mathtt' in version `bold'
(Font) OT1/cmtt/m/n --> OT1/lmtt/m/n on input line 38.
)
(/usr/share/texlive/texmf-dist/tex/latex/geometry/geometry.sty
Package: geometry 2020/01/02 v5.9 Page Geometry
(/usr/share/texlive/texmf-dist/tex/latex/graphics/keyval.sty
Package: keyval 2022/05/29 v1.15 key=value parser (DPC)
\KV@toks@=\toks19
)
(/usr/share/texlive/texmf-dist/tex/generic/iftex/ifvtex.sty
Package: ifvtex 2019/10/25 v1.7 ifvtex legacy package. Use iftex instead.
(/usr/share/texlive/texmf-dist/tex/generic/iftex/iftex.sty
Package: iftex 2022/02/03 v1.0f TeX engine tests
))
\Gm@cnth=\count270
\Gm@cntv=\count271
\c@Gm@tempcnt=\count272
\Gm@bindingoffset=\dimen142
\Gm@wd@mp=\dimen143
\Gm@odd@mp=\dimen144
\Gm@even@mp=\dimen145
\Gm@layoutwidth=\dimen146
\Gm@layoutheight=\dimen147
\Gm@layouthoffset=\dimen148
\Gm@layoutvoffset=\dimen149
\Gm@dimlist=\toks20
)
(/usr/share/texlive/texmf-dist/tex/latex/listings/listings.sty
\lst@mode=\count273
\lst@gtempboxa=\box52
\lst@token=\toks21
\lst@length=\count274
\lst@currlwidth=\dimen150
\lst@column=\count275
\lst@pos=\count276
\lst@lostspace=\dimen151
\lst@width=\dimen152
\lst@newlines=\count277
\lst@lineno=\count278
\lst@maxwidth=\dimen153
(/usr/share/texlive/texmf-dist/tex/latex/listings/lstpatch.sty
File: lstpatch.sty 2024/09/23 1.10c (Carsten Heinz)
)
(/usr/share/texlive/texmf-dist/tex/latex/listings/lstmisc.sty
File: lstmisc.sty 2024/09/23 1.10c (Carsten Heinz)
\c@lstnumber=\count279
\lst@skipnumbers=\count280
\lst@framebox=\box53
)
(/usr/share/texlive/texmf-dist/tex/latex/listings/listings.cfg
File: listings.cfg 2024/09/23 1.10c listings configuration
))
Package: listings 2024/09/23 1.10c (Carsten Heinz)
(/usr/share/texlive/texmf-dist/tex/latex/xcolor/xcolor.sty
Package: xcolor 2024/09/29 v3.02 LaTeX color extensions (UK)
(/usr/share/texlive/texmf-dist/tex/latex/graphics-cfg/color.cfg
File: color.cfg 2016/01/02 v1.6 sample color configuration
)
Package xcolor Info: Driver file: pdftex.def on input line 274.
(/usr/share/texlive/texmf-dist/tex/latex/graphics-def/pdftex.def
File: pdftex.def 2024/04/13 v1.2c Graphics/color driver for pdftex
)
(/usr/share/texlive/texmf-dist/tex/latex/graphics/mathcolor.ltx)
Package xcolor Info: Model `cmy' substituted by `cmy0' on input line 1349.
Package xcolor Info: Model `hsb' substituted by `rgb' on input line 1353.
Package xcolor Info: Model `RGB' extended on input line 1365.
Package xcolor Info: Model `HTML' substituted by `rgb' on input line 1367.
Package xcolor Info: Model `Hsb' substituted by `hsb' on input line 1368.
Package xcolor Info: Model `tHsb' substituted by `hsb' on input line 1369.
Package xcolor Info: Model `HSB' substituted by `hsb' on input line 1370.
Package xcolor Info: Model `Gray' substituted by `gray' on input line 1371.
Package xcolor Info: Model `wave' substituted by `hsb' on input line 1372.
)
(/usr/share/texlive/texmf-dist/tex/latex/parskip/parskip.sty
Package: parskip 2021-03-14 v2.0h non-zero parskip adjustments
(/usr/share/texlive/texmf-dist/tex/latex/kvoptions/kvoptions.sty
Package: kvoptions 2022-06-15 v3.15 Key value format for package options (HO)
(/usr/share/texlive/texmf-dist/tex/generic/ltxcmds/ltxcmds.sty
Package: ltxcmds 2023-12-04 v1.26 LaTeX kernel commands for general use (HO)
)
(/usr/share/texlive/texmf-dist/tex/latex/kvsetkeys/kvsetkeys.sty
Package: kvsetkeys 2022-10-05 v1.19 Key value parser (HO)
))
(/usr/share/texlive/texmf-dist/tex/latex/etoolbox/etoolbox.sty
Package: etoolbox 2020/10/05 v2.5k e-TeX tools for LaTeX (JAW)
\etb@tempcnta=\count281
))
LaTeX Font Info: Trying to load font information for T1+lmr on input line 35
.
(/usr/share/texmf/tex/latex/lm/t1lmr.fd
File: t1lmr.fd 2015/05/01 v1.6.1 Font defs for Latin Modern
)
(/usr/share/texlive/texmf-dist/tex/latex/l3backend/l3backend-pdftex.def
File: l3backend-pdftex.def 2024-05-08 L3 backend support: PDF output (pdfTeX)
\l__color_backend_stack_int=\count282
\l__pdf_internal_box=\box54
)
(./main.aux)
\openout1 = `main.aux'.
LaTeX Font Info: Checking defaults for OML/cmm/m/it on input line 35.
LaTeX Font Info: ... okay on input line 35.
LaTeX Font Info: Checking defaults for OMS/cmsy/m/n on input line 35.
LaTeX Font Info: ... okay on input line 35.
LaTeX Font Info: Checking defaults for OT1/cmr/m/n on input line 35.
LaTeX Font Info: ... okay on input line 35.
LaTeX Font Info: Checking defaults for T1/cmr/m/n on input line 35.
LaTeX Font Info: ... okay on input line 35.
LaTeX Font Info: Checking defaults for TS1/cmr/m/n on input line 35.
LaTeX Font Info: ... okay on input line 35.
LaTeX Font Info: Checking defaults for OMX/cmex/m/n on input line 35.
LaTeX Font Info: ... okay on input line 35.
LaTeX Font Info: Checking defaults for U/cmr/m/n on input line 35.
LaTeX Font Info: ... okay on input line 35.
*geometry* driver: auto-detecting
*geometry* detected driver: pdftex
*geometry* verbose mode - [ preamble ] result:
* driver: pdftex
* paper: a4paper
* layout: <same size as paper>
* layoutoffset:(h,v)=(0.0pt,0.0pt)
* modes:
* h-part:(L,W,R)=(72.26999pt, 452.9679pt, 72.26999pt)
* v-part:(T,H,B)=(72.26999pt, 700.50687pt, 72.26999pt)
* \paperwidth=597.50787pt
* \paperheight=845.04684pt
* \textwidth=452.9679pt
* \textheight=700.50687pt
* \oddsidemargin=0.0pt
* \evensidemargin=0.0pt
* \topmargin=-37.0pt
* \headheight=12.0pt
* \headsep=25.0pt
* \topskip=12.0pt
* \footskip=30.0pt
* \marginparwidth=35.0pt
* \marginparsep=10.0pt
* \columnsep=10.0pt
* \skip\footins=10.8pt plus 4.0pt minus 2.0pt
* \hoffset=0.0pt
* \voffset=0.0pt
* \mag=1000
* \@twocolumnfalse
* \@twosidefalse
* \@mparswitchfalse
* \@reversemarginfalse
* (1in=72.27pt=25.4mm, 1cm=28.453pt)
\c@lstlisting=\count283
(/usr/share/texlive/texmf-dist/tex/context/base/mkii/supp-pdf.mkii
[Loading MPS to PDF converter (version 2006.09.02).]
\scratchcounter=\count284
\scratchdimen=\dimen154
\scratchbox=\box55
\nofMPsegments=\count285
\nofMParguments=\count286
\everyMPshowfont=\toks22
\MPscratchCnt=\count287
\MPscratchDim=\dimen155
\MPnumerator=\count288
\makeMPintoPDFobject=\count289
\everyMPtoPDFconversion=\toks23
)
LaTeX Font Info: Trying to load font information for OT1+lmr on input line 4
0.
(/usr/share/texmf/tex/latex/lm/ot1lmr.fd
File: ot1lmr.fd 2015/05/01 v1.6.1 Font defs for Latin Modern
)
LaTeX Font Info: Trying to load font information for OML+lmm on input line 4
0.
(/usr/share/texmf/tex/latex/lm/omllmm.fd
File: omllmm.fd 2015/05/01 v1.6.1 Font defs for Latin Modern
)
LaTeX Font Info: Trying to load font information for OMS+lmsy on input line
40.
(/usr/share/texmf/tex/latex/lm/omslmsy.fd
File: omslmsy.fd 2015/05/01 v1.6.1 Font defs for Latin Modern
)
LaTeX Font Info: Trying to load font information for OMX+lmex on input line
40.
(/usr/share/texmf/tex/latex/lm/omxlmex.fd
File: omxlmex.fd 2015/05/01 v1.6.1 Font defs for Latin Modern
)
LaTeX Font Info: External font `lmex10' loaded for size
(Font) <14.4> on input line 40.
LaTeX Font Info: External font `lmex10' loaded for size
(Font) <10> on input line 40.
LaTeX Font Info: External font `lmex10' loaded for size
(Font) <7> on input line 40.
LaTeX Font Info: Trying to load font information for T1+lmtt on input line 4
3.
(/usr/share/texmf/tex/latex/lm/t1lmtt.fd
File: t1lmtt.fd 2015/05/01 v1.6.1 Font defs for Latin Modern
)
LaTeX Font Info: Trying to load font information for TS1+lmr on input line 4
8.
(/usr/share/texmf/tex/latex/lm/ts1lmr.fd
File: ts1lmr.fd 2015/05/01 v1.6.1 Font defs for Latin Modern
)
(/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty
File: lstlang1.sty 2024/09/23 1.10c listings language file
)
(/usr/share/texlive/texmf-dist/tex/latex/listings/lstlang1.sty
File: lstlang1.sty 2024/09/23 1.10c listings language file
)
Overfull \hbox (23.59369pt too wide) in paragraph at lines 65--66
\T1/lmr/m/n/12 The \T1/lmtt/m/n/12 security.syscalls.intercept.mount\T1/lmr/m/n
/12 , \T1/lmtt/m/n/12 security.nesting\T1/lmr/m/n/12 , and \T1/lmtt/m/n/12 secu
rity.privileged
[]
[1
{/var/lib/texmf/fonts/map/pdftex/updmap/pdftex.map}{/usr/share/texmf/fonts/enc/
dvips/lm/lm-ec.enc}{/usr/share/texmf/fonts/enc/dvips/lm/lm-ts1.enc}]
[2]
LaTeX Font Info: Font shape `T1/lmtt/bx/n' in size <10.95> not available
(Font) Font shape `T1/lmtt/b/n' tried instead on input line 117.
Overfull \hbox (25.69144pt too wide) in paragraph at lines 164--165
[]\T1/lmtt/m/n/12 dhcp-range\T1/lmr/m/n/12 : De-fines the IP range for DHCP cli
ents (from 192.168.1.100 to 192.168.1.200,
[]
[3]
[4] (./main.aux)
***********
LaTeX2e <2024-11-01>
L3 programming layer <2024-11-02>
***********
)
Here is how much of TeX's memory you used:
5009 strings out of 473362
72806 string characters out of 5723554
842560 words of memory out of 5000000
28076 multiletter control sequences out of 15000+600000
598499 words of font info for 61 fonts, out of 8000000 for 9000
1141 hyphenation exceptions out of 8191
57i,6n,65p,493b,1661s stack positions out of 10000i,1000n,20000p,200000b,200000s
</usr/share/texmf/fonts/type1/public/lm/lmbx12.pfb></usr/share/texmf/fonts/ty
pe1/public/lm/lmr12.pfb></usr/share/texmf/fonts/type1/public/lm/lmr17.pfb></usr
/share/texmf/fonts/type1/public/lm/lmr6.pfb></usr/share/texmf/fonts/type1/publi
c/lm/lmtk10.pfb></usr/share/texmf/fonts/type1/public/lm/lmtt10.pfb></usr/share/
texmf/fonts/type1/public/lm/lmtt12.pfb>
Output written on main.pdf (4 pages, 199974 bytes).
PDF statistics:
57 PDF objects out of 1000 (max. 8388607)
35 compressed objects within 1 object stream
0 named destinations out of 1000 (max. 500000)
1 words of extra memory for PDF output out of 10000 (max. 10000000)

86
doc/main.tex
View File

@ -32,6 +32,20 @@
morestring=[b]{'} morestring=[b]{'}
} }
% Define Python language for listings
\lstdefinelanguage{python}{
keywords={def,class,import,from,as,try,except,with,return,raise,if,elif,else,for,in,while,break,continue},
keywordstyle=\color{blue}\bfseries,
basicstyle=\ttfamily\small,
sensitive=true,
comment=[l]{\#},
commentstyle=\color{gray}\itshape,
stringstyle=\color{red},
morestring=[b]{"},
morestring=[b]{'},
identifierstyle=\color{black}
}
\begin{document} \begin{document}
\title{Basic Configuration of dnsmasq in an Incus Container on Debian with Netplan} \title{Basic Configuration of dnsmasq in an Incus Container on Debian with Netplan}
@ -40,13 +54,14 @@
\maketitle \maketitle
\section{Introduction} \section{Introduction}
This guide provides step-by-step instructions for setting up \texttt{dnsmasq} as a DNS and DHCP server in an Incus container running Debian. The network configuration is managed using Netplan to ensure proper network integration. This guide provides step-by-step instructions for setting up \texttt{dnsmasq} as a DNS and DHCP server in an Incus container running Debian. The network configuration is managed using Netplan and a custom Python script to create virtual Ethernet (veth) pairs and bridges, ensuring proper network integration.
\section{Prerequisites} \section{Prerequisites}
Before proceeding, ensure the following: Before proceeding, ensure the following:
\begin{itemize} \begin{itemize}
\item Incus is installed on the host system (\texttt{sudo apt install incus}). \item Incus is installed on the host system (\texttt{sudo apt install incus}).
\item A Debian-based container is created in Incus. \item A Debian-based container is created in Incus.
\item Python 3 and the \texttt{pyroute2} package are installed on the host (\texttt{sudo apt install python3 python3-pyroute2}).
\item Basic knowledge of Linux networking and container management. \item Basic knowledge of Linux networking and container management.
\item Root or sudo access to the host and container. \item Root or sudo access to the host and container.
\end{itemize} \end{itemize}
@ -107,8 +122,50 @@ incus exec dnsmasq-container -- apt update
incus exec dnsmasq-container -- apt install dnsmasq -y incus exec dnsmasq-container -- apt install dnsmasq -y
\end{lstlisting} \end{lstlisting}
\subsection{Configuring Network with Veth Pairs and Netplan}
To enable advanced networking, use the provided Python script (\texttt{link.py}) to create a virtual Ethernet (veth) pair connecting the container to the host's network namespace, with an optional bridge for network integration. Save the following script as \texttt{link.py} on the host:
\begin{lstlisting}[language=python]
import argparse
import os
import subprocess
import sys
from pyroute2 import IPRoute, NetNS
# ... (rest of the link.py script as provided) ...
\end{lstlisting}
Run the script to create a veth pair, move one end to the container's network namespace, and attach it to a bridge on the host. First, identify the container's name or ID:
\begin{lstlisting}[language=bash]
incus list
\end{lstlisting}
Assuming the container name is \texttt{dnsmasq-container}, execute the script with sudo privileges:
\begin{lstlisting}[language=bash]
sudo python3 link.py --namespace1 dnsmasq-container --namespace2 1 \
--name1 veth-container --name2 veth-host \
--bridge2 br0 --type1 incus
\end{lstlisting}
\textbf{Explanation:}
\begin{itemize}
\item \texttt{--namespace1 dnsmasq-container}: Specifies the container's network namespace (Incus container).
\item \texttt{--namespace2 1}: Specifies the default (host) namespace.
\item \texttt{--name1 veth-container}: Names the veth interface inside the container.
\item \texttt{--name2 veth-host}: Names the veth interface on the host.
\item \texttt{--bridge2 br0}: Attaches the host's veth interface to a bridge named \texttt{br0}.
\item \texttt{--type1 incus}: Indicates that \texttt{namespace1} is an Incus container.
\end{itemize}
Before running the script, ensure the bridge \texttt{br0} exists on the host. Create it if necessary:
\begin{lstlisting}[language=bash]
sudo ip link add name br0 type bridge
sudo ip link set br0 up
\end{lstlisting}
The script exposes the container's network namespace, creates the veth pair, moves \texttt{veth-container} to the container's namespace, attaches \texttt{veth-host} to \texttt{br0}, and brings both interfaces up.
\subsection{Configuring the Network with Netplan} \subsection{Configuring the Network with Netplan}
Configure the container's network using Netplan to assign a static IP address. Create or edit the Netplan configuration file at \texttt{/etc/netplan/01-netcfg.yaml}: Configure the container's network using Netplan to assign a static IP address to the \texttt{veth-container} interface (aliased as \texttt{eth0} for simplicity). Create or edit the Netplan configuration file at \texttt{/etc/netplan/01-netcfg.yaml} inside the container:
\begin{lstlisting}[language=bash] \begin{lstlisting}[language=bash]
incus exec dnsmasq-container -- nano /etc/netplan/01-netcfg.yaml incus exec dnsmasq-container -- nano /etc/netplan/01-netcfg.yaml
\end{lstlisting} \end{lstlisting}
@ -118,6 +175,8 @@ network:
version: 2 version: 2
ethernets: ethernets:
eth0: eth0:
match:
name: veth-container
dhcp4: no dhcp4: no
addresses: addresses:
- 192.168.1.10/24 - 192.168.1.10/24
@ -127,11 +186,27 @@ network:
nameservers: nameservers:
addresses: [8.8.8.8, 8.8.4.4] addresses: [8.8.8.8, 8.8.4.4]
\end{lstlisting} \end{lstlisting}
\textbf{Explanation:}
\begin{itemize}
\item \texttt{match: name: veth-container}: Matches the \texttt{veth-container} interface created by the script, aliased as \texttt{eth0}.
\item \texttt{dhcp4: no}: Disables DHCP to use a static IP.
\item \texttt{addresses}: Assigns the static IP \texttt{192.168.1.10/24}.
\item \texttt{routes}: Sets the default gateway to \texttt{192.168.1.1}.
\item \texttt{nameservers}: Specifies Google's DNS servers.
\end{itemize}
Apply the configuration: Apply the configuration:
\begin{lstlisting}[language=bash] \begin{lstlisting}[language=bash]
incus exec dnsmasq-container -- netplan apply incus exec dnsmasq-container -- netplan apply
\end{lstlisting} \end{lstlisting}
Verify the network configuration:
\begin{lstlisting}[language=bash]
incus exec dnsmasq-container -- ip a show eth0
incus exec dnsmasq-container -- ping 8.8.8.8
\end{lstlisting}
\subsection{Configuring dnsmasq} \subsection{Configuring dnsmasq}
Edit the \texttt{dnsmasq} configuration file at \texttt{/etc/dnsmasq.conf}: Edit the \texttt{dnsmasq} configuration file at \texttt{/etc/dnsmasq.conf}:
\begin{lstlisting}[language=bash] \begin{lstlisting}[language=bash]
@ -181,7 +256,7 @@ Test DNS resolution from within the container:
\begin{lstlisting}[language=bash] \begin{lstlisting}[language=bash]
incus exec dnsmasq-container -- nslookup example.local 192.168.1.10 incus exec dnsmasq-container -- nslookup example.local 192.168.1.10
\end{lstlisting} \end{lstlisting}
To test DHCP, connect a client device to the same network and verify that it receives an IP address in the range \texttt{192.168.1.100--192.168.1.200}. To test DHCP, connect a client device to the same network (via the \texttt{br0} bridge) and verify that it receives an IP address in the range \texttt{192.168.1.100--192.168.1.200}.
\section{Troubleshooting} \section{Troubleshooting}
If \texttt{dnsmasq} fails to start: If \texttt{dnsmasq} fails to start:
@ -189,9 +264,10 @@ If \texttt{dnsmasq} fails to start:
\item Check the logs: \texttt{incus exec dnsmasq-container -- journalctl -u dnsmasq}. \item Check the logs: \texttt{incus exec dnsmasq-container -- journalctl -u dnsmasq}.
\item Ensure no other service is using port 53 (DNS) or 67 (DHCP). \item Ensure no other service is using port 53 (DNS) or 67 (DHCP).
\item Verify the network configuration with \texttt{incus exec dnsmasq-container -- ip a} and \texttt{incus exec dnsmasq-container -- ping 8.8.8.8}. \item Verify the network configuration with \texttt{incus exec dnsmasq-container -- ip a} and \texttt{incus exec dnsmasq-container -- ping 8.8.8.8}.
\item Confirm the veth pair and bridge setup: \texttt{ip link show} on the host and \texttt{incus exec dnsmasq-container -- ip link show}.
\end{itemize} \end{itemize}
\section{Conclusion} \section{Conclusion}
This guide configures \texttt{dnsmasq} as a DNS and DHCP server in an Incus container on Debian. The Netplan configuration ensures proper network setup. For advanced configurations, refer to the \texttt{dnsmasq} documentation (\texttt{man dnsmasq}). This guide configures \texttt{dnsmasq} as a DNS and DHCP server in an Incus container on Debian. The \texttt{link.py} script and Netplan configuration ensure a robust network setup with veth pairs and static IP addressing. For advanced configurations, refer to the \texttt{dnsmasq} documentation (\texttt{man dnsmasq}) and \texttt{pyroute2} documentation.
\end{document} \end{document}

429
py/link.,py Normal file
View File

@ -0,0 +1,429 @@
import argparse
import os
import subprocess
import sys
from pyroute2 import IPRoute, NetNS
class NetworkNamespaceManager:
"""
Provides functionalities to manage network namespaces.
Network namespaces partition network resources such as network links,
IP addresses, and port numbers into disjoint sets.
"""
@staticmethod
def list_netns():
"""
List all available network namespaces.
Scans the '/var/run/netns' directory and prints out all
the network namespace files present. If no namespaces are found, it
prints a message indicating that.
"""
netns_dir = "/var/run/netns"
try:
netns_files = os.listdir(netns_dir)
if netns_files:
print("List of available network namespaces:")
for netns_file in netns_files:
print(f"- {netns_file}")
else:
print("No network namespaces found.")
except OSError as e:
print(f"Error listing network namespaces: {e}")
class ContainerNetnsExposer:
"""
Responsible for exposing network namespaces of containers.
Supports Docker, LXC, LXD, and Incus containers, allowing the user to interact
with their network namespaces.
"""
def __init__(self):
"""
Initializes the ContainerNetnsExposer instance.
"""
self.netns_pid = None
self.netns_path = None
def expose_container_netns(self, container_id_or_name, container_type='docker'):
"""
Expose the network namespace of a specified container.
Parameters:
container_id_or_name (str): The identifier or name of the container.
container_type (str): The type of the container ('docker', 'lxc', 'lxd', or 'incus').
Returns:
str: The PID of the container as a string.
Raises:
SystemExit: If the container type is unsupported or if there is an error
in retrieving the container's PID.
"""
if container_type == 'docker':
self.get_docker_container_pid(container_id_or_name)
elif container_type in ('lxc', 'lxd', 'incus'):
self.get_lxc_container_pid(container_id_or_name, container_type)
else:
print("Unsupported container type. Only 'docker', 'lxc', 'lxd', and 'incus' are supported.")
sys.exit(1)
self.create_netns_directory()
self.create_or_remove_netns_symlink()
return str(self.netns_pid)
def get_docker_container_pid(self, container_id_or_name):
"""
Retrieve the PID of a Docker container.
Parameters:
container_id_or_name (str): The identifier or name of the Docker container.
Raises:
SystemExit: If there is an error in retrieving the Docker container's PID.
"""
try:
self.netns_pid = subprocess.check_output(
["sudo", "docker", "inspect", "-f", "{{.State.Pid}}", container_id_or_name],
universal_newlines=True
).strip()
except subprocess.CalledProcessError:
print("Error retrieving Docker container PID. Make sure the container exists and is running.")
sys.exit(1)
def get_lxc_container_pid(self, container_name, container_type='lxc'):
"""
Retrieve the PID of an LXC, LXD, or Incus container.
Parameters:
container_name (str): The name of the container.
container_type (str): The type of the container ('lxc', 'lxd', or 'incus').
Raises:
SystemExit: If there is an error in retrieving the container's PID.
"""
try:
if container_type == 'lxc':
output = subprocess.check_output(
["lxc-info", "-n", container_name, "-p"],
universal_newlines=True
)
self.netns_pid = output.strip().split()[-1]
elif container_type == 'lxd':
output = subprocess.check_output(
["sudo", "lxc", "info", container_name],
universal_newlines=True
)
for line in output.splitlines():
if line.strip().startswith("PID:"):
self.netns_pid = line.split(':')[1].strip()
break
else:
print(f"PID not found in 'lxc info' output for container '{container_name}'.")
sys.exit(1)
elif container_type == 'incus':
output = subprocess.check_output(
["sudo", "incus", "info", container_name],
universal_newlines=True
)
for line in output.splitlines():
if line.strip().startswith("PID:"):
self.netns_pid = line.split(':')[1].strip()
break
else:
print(f"PID not found in 'incus info' output for container '{container_name}'.")
sys.exit(1)
except subprocess.CalledProcessError as e:
print(f"Error retrieving {container_type.upper()} container PID for '{container_name}'. Error: {e}")
sys.exit(1)
def create_netns_directory(self):
"""
Create the network namespace directory if it does not exist.
Ensures that the directory '/var/run/netns' exists, which is used
to store network namespace symlinks.
"""
try:
subprocess.run(["sudo", "mkdir", "-p", "/var/run/netns"], check=True)
except subprocess.CalledProcessError as e:
print(f"Error creating network namespace directory: {e.stderr.strip()}")
sys.exit(1)
def create_or_remove_netns_symlink(self):
"""
Create or remove a symlink to the network namespace of a container.
Sets up a symlink in '/var/run/netns', pointing to the network namespace
of the container identified by its PID. If a symlink with the same name
already exists, it is removed before creating a new one.
"""
self.netns_path = f"/var/run/netns/{self.netns_pid}"
try:
if os.path.exists(self.netns_path):
subprocess.run(["sudo", "rm", "-rf", self.netns_path], check=True)
subprocess.run(["sudo", "ln", "-s", f"/proc/{self.netns_pid}/ns/net", self.netns_path], check=True)
except subprocess.CalledProcessError as e:
print(f"Error creating or removing symlink: {e}")
sys.exit(1)
class IfaceManager:
"""
Manages network interfaces, including creation, deletion, and configuration
of veth pairs, VLANs, and bridges.
"""
def delete(self, iface_name, namespace=None):
"""
Delete a network interface.
Parameters:
iface_name (str): The name of the interface to delete.
namespace (str, optional): The network namespace where the interface exists.
Raises:
Exception: If the interface cannot be deleted.
"""
try:
if namespace:
context_manager = NetNS(namespace)
else:
context_manager = IPRoute()
with context_manager as ns:
iface_idx_list = ns.link_lookup(ifname=iface_name)
if not iface_idx_list:
raise ValueError(f"Interface {iface_name} not found.")
iface_idx = iface_idx_list[0]
ns.link('del', index=iface_idx)
except Exception as e:
print(f"Error deleting interface {iface_name} in namespace {namespace}: {e}")
def create_veth(self, iface1, iface2, namespace=None):
"""
Create a veth pair.
Parameters:
iface1 (str): The name of the first interface.
iface2 (str): The name of the second interface.
namespace (str, optional): The network namespace where to create the veth pair.
Raises:
Exception: If the veth pair cannot be created.
"""
try:
if namespace:
context_manager = NetNS(namespace)
else:
context_manager = IPRoute()
with context_manager as ns:
ns.link('add', ifname=iface1, peer={'ifname': iface2}, kind='veth')
except Exception as e:
print(f"Error creating veth pair {iface1} and {iface2}: {e}")
def create_vlan(self, base_iface, vlan_id, namespace=None):
"""
Create a VLAN interface.
Parameters:
base_iface (str): The base interface name.
vlan_id (int): The VLAN ID.
namespace (str, optional): The network namespace where to create the VLAN interface.
Raises:
Exception: If the VLAN interface cannot be created.
"""
try:
if namespace:
context_manager = NetNS(namespace)
else:
context_manager = IPRoute()
with context_manager as ns:
base_iface_idx_list = ns.link_lookup(ifname=base_iface)
if not base_iface_idx_list:
raise ValueError(f"Base interface {base_iface} not found.")
base_iface_idx = base_iface_idx_list[0]
vlan_iface = f"{base_iface}.{vlan_id}"
ns.link('add', ifname=vlan_iface, link=base_iface_idx, kind='vlan', vlan_info={'id': vlan_id})
except Exception as e:
print(f"Error creating VLAN on interface {base_iface}: {e}")
def create_bridge(self, bridge_name, namespace=None):
"""
Create a bridge interface.
Parameters:
bridge_name (str): The name of the bridge.
namespace (str, optional): The network namespace where to create the bridge.
Raises:
Exception: If the bridge cannot be created.
"""
try:
if namespace:
context_manager = NetNS(namespace)
else:
context_manager = IPRoute()
with context_manager as ns:
ns.link('add', ifname=bridge_name, kind='bridge')
except Exception as e:
print(f"Error creating bridge {bridge_name}: {e}")
def move(self, iface, namespace):
"""
Move a network interface to another namespace.
Parameters:
iface (str): The interface name to move.
namespace (str): The target network namespace.
Raises:
Exception: If the interface cannot be moved.
"""
try:
ipr = IPRoute()
idx_list = ipr.link_lookup(ifname=iface)
if not idx_list:
raise ValueError(f"Interface {iface} not found.")
idx = idx_list[0]
ipr.link('set', index=idx, net_ns_fd=namespace)
except Exception as e:
print(f"Error moving interface {iface} to namespace {namespace}: {e}")
def set_interface_up(self, iface_name, namespace=None):
"""
Set a network interface up.
Parameters:
iface_name (str): The name of the interface.
namespace (str, optional): The network namespace where the interface exists.
Raises:
Exception: If the interface cannot be set up.
"""
try:
if namespace:
context_manager = NetNS(namespace)
else:
context_manager = IPRoute()
with context_manager as ns:
iface_idx_list = ns.link_lookup(ifname=iface_name)
if not iface_idx_list:
raise ValueError(f"Interface {iface_name} not found.")
iface_idx = iface_idx_list[0]
ns.link("set", index=iface_idx, state="up")
except Exception as e:
print(f"Error setting up interface {iface_name} in namespace {namespace}: {e}")
def attach_to_bridge(self, iface_name, bridge_name, namespace=None):
"""
Attach an interface to a bridge.
Parameters:
iface_name (str): The name of the interface.
bridge_name (str): The name of the bridge.
namespace (str, optional): The network namespace where the interface and bridge exist.
Raises:
Exception: If the interface cannot be attached to the bridge.
"""
try:
if namespace:
context_manager = NetNS(namespace)
else:
context_manager = IPRoute()
with context_manager as ns:
iface_idx_list = ns.link_lookup(ifname=iface_name)
if not iface_idx_list:
raise ValueError(f"Interface {iface_name} not found.")
iface_idx = iface_idx_list[0]
bridge_idx_list = ns.link_lookup(ifname=bridge_name)
if not bridge_idx_list:
raise ValueError(f"Bridge {bridge_name} not found.")
bridge_idx = bridge_idx_list[0]
ns.link("set", index=iface_idx, master=bridge_idx)
except Exception as e:
print(f"Error attaching interface {iface_name} to bridge {bridge_name} in namespace {namespace}: {e}")
def interpret_namespace(namespace_arg):
"""
Interpret the namespace argument.
If the argument is '1', converts it to None (representing the default namespace),
otherwise returns the argument as is.
Parameters:
namespace_arg (str): The namespace argument.
Returns:
str or None: The interpreted namespace.
"""
return None if namespace_arg == '1' else namespace_arg
def main():
parser = argparse.ArgumentParser(description="Create veth pairs between containers with optional bridge attachment.")
parser.add_argument("-ns1", "--namespace1", default=None, help="Name of the first namespace or container, or '1' for the default namespace.")
parser.add_argument("-ns2", "--namespace2", default=None, help="Name of the second namespace or container, or '1' for the default namespace.")
parser.add_argument("-n1", "--name1", required=True, help="Name of the first veth interface.")
parser.add_argument("-n2", "--name2", required=True, help="Name of the second veth interface.")
parser.add_argument("-b1", "--bridge1", default=None, help="Name of the network bridge for ns1.")
parser.add_argument("-b2", "--bridge2", default=None, help="Name of the network bridge for ns2.")
parser.add_argument("-t1", "--type1", default=None, help="Container type for ns1 ('docker', 'lxc', 'lxd', 'incus', or 'None' for the default namespace).")
parser.add_argument("-t2", "--type2", default=None, help="Container type for ns2 ('docker', 'lxc', 'lxd', 'incus', or 'None' for the default namespace).")
args = parser.parse_args()
# Processing namespace arguments and container types
ns1, type1 = interpret_namespace(args.namespace1), args.type1
ns2, type2 = interpret_namespace(args.namespace2), args.type2
# Instantiate management classes
iface_manager = IfaceManager()
container_exposer = ContainerNetnsExposer()
# Expose container network namespaces if applicable
if type1 and ns1:
ns1_pid = container_exposer.expose_container_netns(ns1, type1)
ns1 = ns1_pid
if type2 and ns2:
ns2_pid = container_exposer.expose_container_netns(ns2, type2)
ns2 = ns2_pid
# Create veth pair
iface_manager.create_veth(args.name1, args.name2)
# Move ends of the veth pair to appropriate namespaces if required
if ns1:
iface_manager.move(args.name1, ns1)
if ns2:
iface_manager.move(args.name2, ns2)
# Optional: Attach to network bridge and bring interfaces up
if args.bridge1 and args.name1:
iface_manager.attach_to_bridge(args.name1, args.bridge1, ns1)
iface_manager.set_interface_up(args.name1, ns1)
if args.bridge2 and args.name2:
iface_manager.attach_to_bridge(args.name2, args.bridge2, ns2)
iface_manager.set_interface_up(args.name2, ns2)
# Bring up interfaces if not already up
if not args.bridge1 and args.name1:
iface_manager.set_interface_up(args.name1, ns1)
if not args.bridge2 and args.name2:
iface_manager.set_interface_up(args.name2, ns2)
if __name__ == "__main__":
main()