# What is dnsmasq?
# It is a caching DNS resolver/DHCP server/ TFTP server:
# Dnsmasq provides network infrastructure for small networks: DNS, DHCP, router advertisement and network boot. 
# It is designed to be lightweight and have a small footprint, suitable for resource constrained routers and firewalls
# http://www.thekelleys.org.uk/dnsmasq/doc.html

# THE man page: http://www.thekelleys.org.uk/dnsmasq/docs/dnsmasq-man.html
# Authoritative and complete
# DHCP options: https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xhtml

## In order to make dnsmasq run on systemd system, need to disable systemd caching resolver  
## May 02 00:23:36 ubuntu-2004-server dnsmasq[1468]: dnsmasq: failed to create listening socket for port 53: Address already in use
## systemctl  disable  systemd-resolved.service
## reboot
## rm /etc/resolv.conf
## Replace resolv.conf telling it to talk to dnsmasq
## nameserver 127.0.0.1
## search locallocal.islocal

# Basic DNS/DHCP server
interface=ens4                     # Restrict to LAN interfaces - do not server DNS/DHCP on WAN! 
bind-interfaces
dhcp-option=3,192.168.234.1        # Router for the LAN
dhcp-option=4,192.168.234.1        # NTP server for the LAN
dhcp-option=6,192.168.234.1        # Domain Server (DNS) for the LAN
# Set range of DHCP addresses to serve, netmask and lease duration in seconds
dhcp-range=192.168.234.10,192.168.234.254,255.255.255.0,3600 
#Multiple listen interfaces: A dhcp-range for each (dnamasq will figure out which interface to serve on):
#dhcp-range=192.168.244.10,192.168.244.254,255.255.255.0,3600 

local=/locallocal.islocal/         # What is our domain?
dhcp-authoritative                 # We are THE DHCP server in this network
expand-hosts                       # Any sinple name (no ".") in /etc/hosts gets our domain appended

server=8.8.8.8                    # Our upstream domain name servers
#resolv-file=/etc/resolv.conf      # Our upstream domain name servers
#strict-order                       # Query upstream DNS in the order they appear in resolv.conf
bogus-priv                         # Do not forward reverse-lookup misses on my network upstream
dhcp-leasefile=/var/lib/misc/dnsmasq.leases # Keep track of DHCP leases

# Static DNS records: host and PTR - and tags!
# set:tagname, address, MAC, DNS hostname
# tags are used in dnsmasq to ID groups across directives/lines
dhcp-host=set:tag01,192.168.234.101,52:54:00:b7:d7:5f,firstserver
# Add reverse/PTR records
address=/firstserver.locallocal.islocal/192.168.234.101
ptr-record=101.234.168.192.in-addr.arpa,firstserver.locallocal.islocal
# You can also send custom data to clients with DHCP
# Options 224-254 are reserved for private use
# The client sees the result in:
# /var/lib/dhcp/dhclient.leases
dhcp-option-force=tag:tag01,224,"InventoryBarcode"

# You can refuse to give an address to a particular MAC address
#dhcp-host=5c:51:4f:a9:ae:f7,ignore

# I often keep track of client configs in a separate file in /etc/dnsmasq.d/hosts.conf

# For use with Samba4 domain controller configured with Internal DNS
# https://wiki.samba.org/index.php/Setting_up_Samba_as_an_Active_Directory_Domain_Controller
#domain-needed
#domain=daytona-domain.cs.uwaterloo.ca
#dhcp-option=44,192.168.126.1            # Netbios Name Server (WINS)
#port=0                                  # Turn off DNS functionality: Only server DHCP/TFTP. Let Samba4 do DNS.

# PXE install 
#enable-tftp                              # DNSSAMQ has a built-in tftp server.  Easy to configure and use
#tftp-root=/srv/tftp/boot/grub            # tftp server root
#dhcp-match=set:x86PC, option:client-arch, 0
#dhcp-match=set:BC_EFI, option:client-arch, 6
#dhcp-match=set:BC_EFI, option:client-arch, 7
#dhcp-match=set:BC_EFI, option:client-arch, 9
#dhcp-match=set:POWER_EFI, option:client-arch, e
##pxe-service=tag:x86PC,x86PC, "Legacy BIOS PXE", i386-pc/core.0
##pxe-service=tag:BC_EFI,BC_EFI, "UEFI PXE", BOOTX64.EFI
##pxe-service=tag:POWER_EFI,Alpha, "POWER EFI PXE", powerpc-ieee1275/core.elf
#dhcp-boot=tag:x86PC,pxelinux.0
#dhcp-boot=tag:BC_EFI, BOOTX64.EFI
#dhcp-boot=tag:POWER_EFI,pxelinux.cfg/test

# Boot of PXE client will load BOOTX64.EFI and then local grubx64.efi
# grubx64.efi will poll the tftp server for grub.cfg (installer/boot details) with a more specific progression of addresses (in hex)
# Yes, grub can netboot!
#May  4 21:18:26 ubuntu-2004-server dnsmasq-dhcp[1570]: DHCPACK(ens4) 192.168.234.101 52:54:00:b7:d7:5f firstserver
#May  4 21:18:26 ubuntu-2004-server dnsmasq-tftp[1570]: error 8 User aborted the transfer received from 192.168.234.101
#May  4 21:18:26 ubuntu-2004-server dnsmasq-tftp[1570]: failed sending /srv/tftp/boot/grub/BOOTX64.EFI to 192.168.234.101
#May  4 21:18:26 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/BOOTX64.EFI to 192.168.234.101
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/grubx64.efi to 192.168.234.101
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-01-52-54-00-b7-d7-5f not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C0A8EA65 not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C0A8EA6 not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C0A8EA not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C0A8E not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C0A8 not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C0A not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C0 not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: file /srv/tftp/boot/grub/grub.cfg-C not found
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/grub.cfg to 192.168.234.101
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/EFI/BOOT/x86_64-efi/command.lst to 192.168.234.101
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/EFI/BOOT/x86_64-efi/fs.lst to 192.168.234.101
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/EFI/BOOT/x86_64-efi/crypto.lst to 192.168.234.101
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/EFI/BOOT/x86_64-efi/terminal.lst to 192.168.234.101
#May  4 21:18:27 ubuntu-2004-server dnsmasq-tftp[1570]: sent /srv/tftp/boot/grub/grub.cfg to 192.168.234.101

# Installer has changed for Ubuntu 20.04.  Need to investigate and update!


# iSCSI via DHCP
# Use LIO/target cli to configure iSCSI target (block device on network)
# https://wiki.archlinux.org/index.php/ISCSI/LIO
# Works with all hardware if you use iPXE USB boot
#dhcp-host=00:01:2e:6e:b3:ae,192.168.1.51,net:mythbuntu1604level4
#dhcp-option=mythbuntu1604level4,17,iscsi:192.168.1.15:tcp:3260:0:iqn.2003-01.org.linux-iscsi.target.x8664:sn.85ed4c5d752c 

# Provisiongin Cisco/Linksys VoIP phones
# tftp server delivers config files
#dhcp-option=67,192.168.234.1       

##  Things to explore

# Can also do HTTP boot
# https://lenovopress.com/lp0736.pdf
# https://en.opensuse.org/UEFI_HTTPBoot_Server_Setup

# DNSSEC
# https://wiki.gentoo.org/wiki/Dnsmasq
#trust-anchor=.,19036,8,2,49AAC11D7B6F6446702E54A1607371607A1A41855200FD2CE1CDDE32F24E8FB5
#dnssec-check-unsigned