OpenWRT (AND Container) noob here. I run OpenWRT as a LXC on Proxmox.
Firmware Version OpenWrt 24.10.1 r28597-0425664679 / LuCI (HEAD detached at 2ac26e56) branch 25.103.51521~2ac26e5
WAN is configured static. Whenever I run nslookup in diagnostics I get
;; connection timed out; no servers could be reached
nslookup: write to '127.0.0.1': Connection refused
nslookup: write to '::1': Connection refused
Also clients can not use this LXC for DNS.
I uninstalled dnsmasq before installing dnsmasq-full but I think the problem was there before.
I run something similar (OpenWRT as LXC) in another place on another proxmox-host but there, WAN is using DHCP and no problems. But I can't do this here.
So it might or might be not related to any of this.
There is some lxc prep template that disables dnsmasq sandboxing and it can start in containers. In general containers are not supported due to most functionality pertaining low level networking, just use proxmox kvm virtual machine and you will be fine. Those can have serial console to be operated without gui.
I am more a GUI user. Almost the same LXC is running elsewhere without a problem, so I am very puzzled, what the actual problem is. And I need all the performance I can get with very low memory footprint, that is why it should be a LXC.
I used the same LXC that worked elsewhere so I copied it but I had to change several things. If I check Processes, dnsmasq is missing on that problematic LXC.
While I don't have any knowledge about this stuff, I don't get that it works on one host but not the other...
you uninstalled dnsmasq then installed dnsmasq-full? was it installed successfully? can you check with: opkg list-installed dnsm* ? or Luci / system / software / installed ?
You are right, dnsmasq-full is working fine in a vm.
I didn't patch anything myself and it is probably much above my knowledge. Also my search didn't find anything useful (to me).
What I want to do is this, having an ipset with ddns-names in it.
Is it still true that I need to have dnsmasq-full for that? I can't tell and test this easily right now. I hope the linked answer is correct because I never was able to test it back in the day.
If I still need dnsmasq-full, maybe someone can point me to the right direction for an LXC, if it is feasible for me... again noob here about anything talked here, even linux in general.
the reason why i was asking because when you removed dnsmasq package then you were left without dns resolver. if the lxc wan was working and being your default gateway (as default) and there is an external (i.e. outside ot Proxmox) dns resolver then you could download the dnsmasq-full package. but you need to verify if it is really the case and dnsmasq-full was properly installed. then either should restart lxc or the dnsmasq service (`service dnsmasq restart˙) as after install it most probably is not started hence your nslookup cannot connect to default configured local dnsmasq instance. that's why you got the error message.
what @brada4 is suggesting by the way, that lxc use case is not supported officially as there are too many unknowns and restrictions (i.e. you use the host's kernel and not owrt's kernel, the former is not tailered for networking). and it can/will cause problems. so better go with vm method.
Yes but brada4 is right.
I have my "template" from images.linuxcontainers.org so I am out of luck. This proxmox host doesn't allow for hardware virtualization, running OpenWRT as LXC would have been nice...
On the WAN interface, Advanced Tab:
Disable Use DNS servers advertised by peer
Set your Use custom DNS servers, use at least two e.g. 9.9.9.9 and 1.0.0.1 or other trusted public DNS servers
