reterminal-dm4/emmc-provisioning/docs/DNSMASQ-DNS-FILESERVER.md

dnsmasq DNS and file.server on the LXC

This document describes the dnsmasq DNS configuration on the provisioning LXC and the static hostname file.server used for the fileserver.

What was changed

1. dnsmasq now provides DNS on eth1

Previously, dnsmasq on the LXC was configured with port=0, which disabled DNS and provided only DHCP and TFTP on the provisioning interface (eth1).

Change: port=0 was removed so dnsmasq also acts as a DNS server on eth1 (port 53). Clients that receive DHCP from dnsmasq will use the LXC as their DNS server for the provisioning LAN.

• DHCP on eth1 — unchanged (range from lan-subnet.conf, e.g. 10.20.40.100–10.20.40.200).
• TFTP/PXE on eth1 — unchanged (toggle with /opt/cm4-provisioning/toggle-network-boot-dhcp.sh).
• DNS on eth1 — new: local static records (e.g. file.server) plus forwarding of other queries via the LXC’s /etc/resolv.conf.

2. Static DNS record: file.server → eth1 IP

A static A record was added so the hostname file.server resolves to the LXC’s eth1 address (the provisioning LAN gateway). That IP is taken from /opt/cm4-provisioning/lan-subnet.conf as LAN_GW (e.g. 10.20.40.1).

dnsmasq config (written by setup-network-boot-on-lxc.sh):

address=/file.server/${LAN_GW}

So scripts and devices on the provisioning LAN can use http://file.server/... (or file.server in general) without hardcoding the LXC’s IP. The IP stays correct even if the LAN subnet is changed and the setup script is re-run.

3. Files modified in the repo

File	Change
scripts/setup-network-boot-on-lxc.sh	Removed port=0; added address=/file.server/${LAN_GW} and comments in the generated /etc/dnsmasq.d/network-boot.conf.
lxc/dnsmasq-network-boot.conf	Template updated: removed port=0, added comment for DNS and file.server (commented example).

4. Applied on LXC (root@10.20.40.1)

On 2025-03-04 the setup script was run against root@10.20.40.1:

./emmc-provisioning/scripts/setup-network-boot-on-lxc.sh root@10.20.40.1

Result on that LXC:

• LAN: 10.20.40.0/24, gateway 10.20.40.1 (from existing lan-subnet.conf).
• DHCP: 10.20.40.100–10.20.40.200 on eth1.
• DNS: Enabled on eth1; file.server → 10.20.40.1.
• dnsmasq and NAT were (re)configured; TFTP root and network boot toggle unchanged.

So on the provisioning LAN, file.server resolves to 10.20.40.1 (the LXC’s eth1).

How to use file.server in scripts

On devices that get DHCP (and thus DNS) from the LXC on the provisioning LAN:

• Use http://file.server/... (or file.server as hostname) instead of http://10.20.40.1/....
• No need to hardcode the LXC IP; if you change the subnet and re-run the setup script, file.server will still point at the correct gateway.

Example:

curl -O http://file.server/cloud-init/seed.img

Adding more static DNS entries

To add more names (e.g. fileserver or another hostname), add more address=/name/${LAN_GW} lines in the heredoc in scripts/setup-network-boot-on-lxc.sh (where network-boot.conf is generated), or add a separate file under /etc/dnsmasq.d/ on the LXC with the same format. Then restart dnsmasq:

systemctl restart dnsmasq

Re-applying on another or existing LXC

To apply or refresh this configuration on any LXC:

./emmc-provisioning/scripts/setup-network-boot-on-lxc.sh root@<LXC-IP> [SUBNET]

Example with explicit subnet:

./emmc-provisioning/scripts/setup-network-boot-on-lxc.sh root@10.20.40.1 10.20.40.1/24

This rewrites /etc/dnsmasq.d/network-boot.conf (including address=/file.server/${LAN_GW}) and restarts dnsmasq.

Verification on the LXC

# DNS and file.server
grep -E 'address=|port=' /etc/dnsmasq.d/network-boot.conf

# Resolve file.server (from a client on the provisioning LAN, or from LXC with server 127.0.0.1)
getent hosts file.server
# or: dig @10.20.40.1 file.server

Expected: file.server resolves to the LAN gateway (e.g. 10.20.40.1).