Just for background, I am trying to make my homelab better while also exploring adding an XCP-NG server and things like that. Currently, I have one low-power device running my most essential services as my UPS can keep it and the network switches up for almost three hours and I have a separate device for running heavier stuff on as its UPS can only keep it up for about 15 minutes. I have never used XCP-NG, but I figured adding it to my repertoire wouldn’t hurt.
I am not a networking expert, I do not work in the field (though, I’ve always like sysadmin/netadmin type stuff and it could be an interesting job) and as such I am not knowledgeable of all the common tools and services people use, so I’d appreciate not getting flamed for not knowing everything yet.
So, with all the above in mind, how do people handle adding newly-spun-up VMs and containers (Docker, LXC, LXD, something else?) to their DNS, so they can be accessed just by a name instead of an IP-address? I am currently using pfSense as my DNS-resolver, but every time I spin something new up, I have to go and manually add entries there and it gets kinda tedious; being able to just spin up something and it immediately being accessible by its hostname would be very nice. This being a homelab, I expose only Nextcloud and Wireguard to the Internet and everything else I access by connecting to my Wireguard instance and I have no intention of exposing my internal DNS-servers anywhere.
Welcome to the forums and there are ways of doing it but I don’t really use them so hopefully others will chime in. I have a few things that are configured in HAProxy but I don’t change them enough to warrant the effort of setting up automation around things like that. I am fine with just using IP’s when testing labs or setting up demo’s for my YouTube tutorials.
Are you running Kea DHCP or the legacy ISC DHCP inside of pfsense? I had this problem and traced it directly to using Kea DHCP. When I reverted back to legacy DHCP, the issue was resolved.
I am using Unbound on pfSense, but I have disabled automatic registration via DHCP, if that is what you were thinking of, because it works extremely poorly with Unbound; every time a device comes online, Unbound has to restart and that means temporary DNS lookup failures and it having to start building the cache from scratch. Kea is also currently unuseable with even worse bugs (I hear they’re fixing a number of issues for pfSense 2.8.x, but we’ll see)
Sounds like you would have to move dns/dhcp off pfsense to get this working on your router. Leveling up in that way is more work than just updating the DNS records in pfsense.
If you are just accessing containers running on your host systemd-resolved will do the name resolution automatically, if you use it. I don’t use docker and I stopped using LXC/LXD so I can’t confirm containers in those environments will update systemd-resolved. It works with systemd-nspawn. I moved to that b/c it is super simple and less code to install (assuming you already use systemd).
When that feature stopped working well in pfSense (back when they switched to unbound), I was truly disappointed. Now, I register static leases for all the important stuff on my network and that does give me hostname resolution.
If you’re looking for an external dns option, Pi-Hole can provided dhcp on your network and give automatic name resolution. A more fun and technical way would be to run the raw services. There’s a terrific story about running bind and dhcpd at ArsTechnica right now. When you want to do that or not, it’s a fun read.
I am using a similar setup to yours and haven’t noticed any Unbound issues. Mine is running on OPNSense and I have enabled automatic registration via DHCP.
The workflow for me is: define a new VM in Proxmox VE, copy the MAC address into a new OPNSense DHCP static entry, input the name. From there it’s all automated. There is also a secondary BIND server that is feeding domain information into Unbound for anything non-dhcp related.
Well, OPNsense isn’t pfSense, so maybe Unbound doesn’t do it there. On pfSense, however, it is a known issue and if you e.g. have a bunch of low-power sensors that wake up every now and then, connect to WiFi and obtain an IP via DHCP, then go back to deep sleep…well, the constant restarting of Unbound makes it just unuseable.
Um, that’s not automatic. That’s just manually adding the entry, which I am already doing.
You have to define the IP address and host name for the MAC address somewhere
Unless you’re okay with automatic IP assignment which I am not. I prefer to assign static DHCP entries for all of the servers. This assignment is the only manual step and cannot be avoided.
