DHCP: Advertise DNS Server with port (not 53)

Question

In my network I have a small docker swarm running several apps. Latest I tried to setup two new services offering DHCP with ispcpd and DNS with unbound to the network.

Master of the swarm is a new QNAP NAS controlling several Pi3 (for availability, the SDCards sometimes crash in 24/7 use). The DHCP is up and running, but the DNS cannot be started on port 53, because this port is blocked by dnsmasq on the QNAP. The docker/lxc implementation in QNAPs Container station works with dnsmasq for dhcp/dns services in the containers networks. So this port is blocked. I can run it on a different port, let's say 54. But in the DHCP Options as far as I can see from documentations I can only list the dns servers, but no port specifications.

Is there a way to advertise a DNS server along with port information?

If you can configure the `dnsmasq` on the QNAP, then you could set it up to forward requests to the `unbound` daemon. — Kapil, Oct 31 '18 at 02:22

score 0 · Accepted Answer · answered Nov 02 '18 at 16:43

As mentioned by Michael Hampton, I can't advertise a specific port for DNS.

Because I don't want to change QNAPs dnsmasq-config (would be lost on every package update), I installed a systemd service on the other nodes in my docker swarm (not the QNAP itself), starting the the dns as local container.

This way the qnap doesn't try to bind the host port 53, because the containers dont run in swarm scope.

A little of topic, but this is the script I used for the service:

#
# Docker + unbound DNS systemd service
#
# This service aims to make the update and invocation of the docker-dns
# container seemless.  It automatically downloads the latest docker-dns
# image and instantiates a Docker container with that image.  At shutdown it
# cleans-up the old container.
#
# In the event the service dies (crashes, or is killed) systemd will attempt
# to restart the service every 10 seconds until the service is stopped with
# `systemctl stop docker-dns@NAME`.
#
# To use:
# 1. Create a Docker volume source folder named `NAME` in DATA_SRC path where NAME is the
#    user's choice to describe the use of the container.
# 2. Download this service file to /etc/systemd/system/docker-dns@.service
# 3. Enable and start the service template with:
#    `systemctl enable --now docker-dns@NAME.service`
# 4. Verify service start-up with:
#    `systemctl status docker-dns@NAME.service`
#    `journalctl --unit docker-dns@NAME.service`
#
# For more information, see the systemd manual pages.
#
[Unit]
Description=unbound DNS Docker Container
Documentation=
After=network.target docker.socket
Requires=docker.socket

[Service]
RestartSec=10
Restart=always

Environment="NAME=dns-%i"
Environment="DATA_VOL=/mnt/nas/dns/%i"
Environment="IMG=192.168.0.65:6088/unbound:latest"

# To override environment variables, use local configuration directory:
# /etc/systemd/system/docker-openvpn@foo.d/local.conf
# http://www.freedesktop.org/software/systemd/man/systemd.unit.html

# Clean-up bad state if still hanging around
ExecStartPre=-/usr/bin/docker rm -f $NAME

# Attempt to pull new image for security updates
ExecStartPre=-/usr/bin/docker pull $IMG

# Main process
ExecStart=/usr/bin/docker run --rm -v ${DATA_VOL}:/usr/local/etc/unbound.zones.d.src --name ${NAME} -p 53 -p 53/udp --net=host ${IMG} $

[Install]
WantedBy=multi-user.target

DHCP: Advertise DNS Server with port (not 53)

1 Answers1