Welcome to configuring Ubuntu Server 22.04 as a router tutorial series!
- Setup Ubuntu Server 22.04 as a NAT Router with Qemu/KVM, Part 1
- Setup Ubuntu Server 22.04 as a DHCP Server with Qemu/KVM, Part 2
- Setup Ubuntu Server 22.04 as a DNS Server with Qemu/KVM, Part 3
One of the most popular programs for Linux operating systems providing DHCP service is dnsmasq.
Install dnsmasq:
sudo apt -y install dnsmasq
The response should look similar to this:
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following additional packages will be installed:
dns-root-data dnsmasq-base
Suggested packages:
resolvconf
The following NEW packages will be installed:
dns-root-data dnsmasq dnsmasq-base
0 upgraded, 3 newly installed, 0 to remove and 49 not upgraded.
Need to get 379 kB of archives.
After this operation, 974 kB of additional disk space will be used.
Get:1 http://id.archive.ubuntu.com/ubuntu jammy/main amd64 dns-root-data all 2021011101 [5256 B]
Get:2 http://id.archive.ubuntu.com/ubuntu jammy-updates/main amd64 dnsmasq-base amd64 2.86-1.1ubuntu0.3 [354 kB]
Get:3 http://id.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 dnsmasq all 2.86-1.1ubuntu0.3 [19.2 kB]
Fetched 379 kB in 1s (575 kB/s)
debconf: delaying package configuration, since apt-utils is not installed
Selecting previously unselected package dns-root-data.
(Reading database ... 67590 files and directories currently installed.)
Preparing to unpack .../dns-root-data_2021011101_all.deb ...
Unpacking dns-root-data (2021011101) ...
Selecting previously unselected package dnsmasq-base.
Preparing to unpack .../dnsmasq-base_2.86-1.1ubuntu0.3_amd64.deb ...
Unpacking dnsmasq-base (2.86-1.1ubuntu0.3) ...
Selecting previously unselected package dnsmasq.
Preparing to unpack .../dnsmasq_2.86-1.1ubuntu0.3_all.deb ...
Unpacking dnsmasq (2.86-1.1ubuntu0.3) ...
Setting up dnsmasq-base (2.86-1.1ubuntu0.3) ...
Setting up dns-root-data (2021011101) ...
Setting up dnsmasq (2.86-1.1ubuntu0.3) ...
Created symlink /etc/systemd/system/multi-user.target.wants/dnsmasq.service → /lib/systemd/system/dnsmasq.service.
Job for dnsmasq.service failed because the control process exited with error code.
See "systemctl status dnsmasq.service" and "journalctl -xeu dnsmasq.service" for details.
invoke-rc.d: initscript dnsmasq, action "start" failed.
× dnsmasq.service - dnsmasq - A lightweight DHCP and caching DNS server
Loaded: loaded (/lib/systemd/system/dnsmasq.service; enabled; vendor preset: enabled)
Active: failed (Result: exit-code) since Fri 2023-08-11 16:02:30 UTC; 12ms ago
Process: 1011 ExecStartPre=/etc/init.d/dnsmasq checkconfig (code=exited, status=0/SUCCESS)
Process: 1032 ExecStart=/etc/init.d/dnsmasq systemd-exec (code=exited, status=2)
CPU: 30ms
Aug 11 16:02:30 metapod systemd[1]: Starting dnsmasq - A lightweight DHCP and caching DNS server...
Aug 11 16:02:30 metapod dnsmasq[1032]: dnsmasq: failed to create listening socket for port 53: Address already in use
Aug 11 16:02:30 metapod dnsmasq[1032]: failed to create listening socket for port 53: Address already in use
Aug 11 16:02:30 metapod dnsmasq[1032]: FAILED to start up
Aug 11 16:02:30 metapod systemd[1]: dnsmasq.service: Control process exited, code=exited, status=2/INVALIDARGUMENT
Aug 11 16:02:30 metapod systemd[1]: dnsmasq.service: Failed with result 'exit-code'.
Aug 11 16:02:30 metapod systemd[1]: Failed to start dnsmasq - A lightweight DHCP and caching DNS server.
Processing triggers for dbus (1.12.20-2ubuntu4.1) ...
debconf: unable to initialize frontend: Dialog
debconf: (No usable dialog-like program is installed, so the dialog based frontend cannot be used. at /usr/share/perl5/Debconf/FrontEnd/Dialog.pm line 78.)
debconf: falling back to frontend: Readline
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
If it complain about "dnsmasq: failed to create listening socket for port 53: Address already in use", you can ignore it.
To enable DHCP service, you need to configure /etc/dnsmasq.conf
.
By default dnsmasq enables DNS service. You can turn it off by changing the port to 0:
port=0
The DHCPv4 server is activated by specifying an IPv4 address range and a router:
dhcp-range=set:enp0s5v4,172.16.0.2,172.16.0.254,255.255.255.0,12h
dhcp-option=tag:enp0s5v4,option:router,172.16.0.1
The above configuration instructs dnsmasq to offer IPv4 addresses between 172.16.0.2
and 172.16.0.254
with a subnet 255.255.255.0
on the interface enp0s5
. Issued IPs will have a lease lifetime of twelve hours, after which clients will need to request a renewed lease.
Restart the dnsmasq service to apply your changes:
sudo systemctl restart dnsmasq
By default DHCP uses UDP ports 68 and 67 to initiate communication between the IPv4 client and server. If port 67 is in use by another process, DHCP server cannot communicate with DHCPv4 clients.
To open UDP port 67 in ufw, run:
sudo ufw allow 67/udp
Dnsmasq also provides full IPv6 support.
The DHCPv6 server is activated by specifying an IPv6 address range and enabling IPv6 Router Advertisement feature:
dhcp-range=set:enp0s5v6,::2,::ffff,constructor:enp0s5,slaac,64,12h
enable-ra
The above configuration instructs dnsmasq to offer IPv6 addresses between fde0:fa74:a7a2:87e4::2
and fde0:fa74:a7a2:87e4::ffff
with prefix length 64 bits on the interface enp0s5
.
Restart the dnsmasq service to apply your changes:
sudo systemctl restart dnsmasq
By default DHCP uses UDP ports 546 and 547 to initiate communication between the IPv6 client and server. If port 547 is in use by another process, DHCP server cannot communicate with DHCPv6 clients.
To open UDP port 547 in ufw, run:
sudo ufw allow 547/udp
Now the client computers should obtain IPv4 address and IPv6 address automatically.