# dnsmasq DNS and file.server on the LXC This document describes the dnsmasq DNS configuration on the provisioning LXC and the static hostname **file.server** used for the fileserver. ## What was changed ### 1. dnsmasq now provides DNS on eth1 Previously, dnsmasq on the LXC was configured with **`port=0`**, which disabled DNS and provided only DHCP and TFTP on the provisioning interface (eth1). **Change:** `port=0` was removed so dnsmasq also acts as a DNS server on eth1 (port 53). Clients that receive DHCP from dnsmasq will use the LXC as their DNS server for the provisioning LAN. - **DHCP** on eth1 — unchanged (range from `lan-subnet.conf`, e.g. 10.20.40.100–10.20.40.200). - **TFTP/PXE** on eth1 — unchanged (toggle with `/opt/cm4-provisioning/toggle-network-boot-dhcp.sh`). - **DNS** on eth1 — **new**: local static records (e.g. `file.server`) plus forwarding of other queries via the LXC’s `/etc/resolv.conf`. ### 2. Static DNS record: file.server → eth1 IP A static A record was added so the hostname **file.server** resolves to the LXC’s eth1 address (the provisioning LAN gateway). That IP is taken from **`/opt/cm4-provisioning/lan-subnet.conf`** as **`LAN_GW`** (e.g. `10.20.40.1`). **dnsmasq config (written by `setup-network-boot-on-lxc.sh`):** ```text address=/file.server/${LAN_GW} ``` So scripts and devices on the provisioning LAN can use **`http://file.server/...`** (or `file.server` in general) without hardcoding the LXC’s IP. The IP stays correct even if the LAN subnet is changed and the setup script is re-run. ### 3. Files modified in the repo | File | Change | |------|--------| | **scripts/setup-network-boot-on-lxc.sh** | Removed `port=0`; added `address=/file.server/${LAN_GW}` and comments in the generated `/etc/dnsmasq.d/network-boot.conf`. | | **lxc/dnsmasq-network-boot.conf** | Template updated: removed `port=0`, added comment for DNS and `file.server` (commented example). | ### 4. Applied on LXC (root@10.20.40.1) On **2025-03-04** the setup script was run against **root@10.20.40.1**: ```bash ./emmc-provisioning/scripts/setup-network-boot-on-lxc.sh root@10.20.40.1 ``` Result on that LXC: - **LAN:** 10.20.40.0/24, gateway 10.20.40.1 (from existing `lan-subnet.conf`). - **DHCP:** 10.20.40.100–10.20.40.200 on eth1. - **DNS:** Enabled on eth1; **file.server** → **10.20.40.1**. - dnsmasq and NAT were (re)configured; TFTP root and network boot toggle unchanged. So on the provisioning LAN, **file.server** resolves to **10.20.40.1** (the LXC’s eth1). ## How to use file.server in scripts On devices that get DHCP (and thus DNS) from the LXC on the provisioning LAN: - Use **`http://file.server/...`** (or `file.server` as hostname) instead of `http://10.20.40.1/...`. - No need to hardcode the LXC IP; if you change the subnet and re-run the setup script, **file.server** will still point at the correct gateway. Example: ```bash curl -O http://file.server/cloud-init/seed.img ``` ## Adding more static DNS entries To add more names (e.g. `fileserver` or another hostname), add more **`address=/name/${LAN_GW}`** lines in the heredoc in **scripts/setup-network-boot-on-lxc.sh** (where `network-boot.conf` is generated), or add a separate file under `/etc/dnsmasq.d/` on the LXC with the same format. Then restart dnsmasq: ```bash systemctl restart dnsmasq ``` ## Re-applying on another or existing LXC To apply or refresh this configuration on any LXC: ```bash ./emmc-provisioning/scripts/setup-network-boot-on-lxc.sh root@ [SUBNET] ``` Example with explicit subnet: ```bash ./emmc-provisioning/scripts/setup-network-boot-on-lxc.sh root@10.20.40.1 10.20.40.1/24 ``` This rewrites `/etc/dnsmasq.d/network-boot.conf` (including `address=/file.server/${LAN_GW}`) and restarts dnsmasq. ## Verification on the LXC ```bash # DNS and file.server grep -E 'address=|port=' /etc/dnsmasq.d/network-boot.conf # Resolve file.server (from a client on the provisioning LAN, or from LXC with server 127.0.0.1) getent hosts file.server # or: dig @10.20.40.1 file.server ``` Expected: **file.server** resolves to the LAN gateway (e.g. 10.20.40.1).