Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Re: dhcp-users Digest, Vol 112, Issue 2 (george Nopicture)
2. Static only hosts, no dynamic/reserved leases (Simon Hobson)
3. ddns-fwd-name using the wrong name (Rob Moser)
----------------------------------------------------------------------
Message: 1
Date: Wed, 7 Feb 2018 14:24:44 +0000
From: george Nopicture <mad-proffes...@hotmail.com>
To: "dhcp-users@lists.isc.org" <dhcp-users@lists.isc.org>
Subject: Re: dhcp-users Digest, Vol 112, Issue 2
Message-ID:
<vi1pr08mb28130a248f566568b4f1399d9f...@vi1pr08mb2813.eurprd08.prod.outlook.com>
Content-Type: text/plain; charset="utf-8"
#/etc/dhcp/dhcpd.conf
deny declines;
deny bootp;
authoritative;
subnet 192.168.0.0 netmask 255.255.255.248 {
option domain-name-servers x.y.z.i;
option routers 192.168.0.1;
option broadcast-address 192.168.0.7;
ping-check false;
option subnet-mask 255.255.255.248;
option arp-cache-timeout 42700;
option ip-forwarding off;
default-lease-time 93000;
max-lease-time 93000;
deny unknown-clients;
boot-unknown-clients false;
host fedora {
hardware ethernet 00:fd:vc:c3:6m:qq;
fixed-address 192.168.0.2; }
}
thats my config even if i remove the option lines my pc named fedora
gets an ip from the dhcp. I want only static configuration (meaning to
not being able to see DHCPDISCOVER, DHCPREQUEST lines in journal) even
if i set automatic ip configuration in my desktop's NetworkManager.
Thx
On Wed, 2018-02-07 at 12:00 +0000, dhcp-users-requ...@lists.isc.org
wrote:
> Send dhcp-users mailing list submissions to
> dhcp-users@lists.isc.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.isc.org/mailman/listinfo/dhcp-users
> or, via email, send a message with subject or body 'help' to
> dhcp-users-requ...@lists.isc.org
>
> You can reach the person managing the list at
> dhcp-users-ow...@lists.isc.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of dhcp-users digest..."
>
>
> Today's Topics:
>
> 1. Re: Static only hosts, no dynamic/reserved leases. (Simon
> Hobson)
> 2. Re: dhclient process lifetime (Pavel Zhukov)
> 3. Re: dhclient process lifetime (Lukas Erlacher)
>
>
> -------------------------------------------------------------------
> ---
>
> Message: 1
> Date: Tue, 6 Feb 2018 12:54:33 +0000
> From: Simon Hobson <dh...@thehobsons.co.uk>
> To: Users of ISC DHCP <dhcp-users@lists.isc.org>
> Subject: Re: Static only hosts, no dynamic/reserved leases.
> Message-ID: <7cdb2615-4a7e-4c93-8183-9b41beadf...@thehobsons.co.uk>
> Content-Type: text/plain; charset=us-ascii
>
> george Nopicture <mad-proffes...@hotmail.com> wrote:
>
> > Hello, i have tried every possible combination to achieve an effect
> > of
> > static only configuration where no range is defined in a
> > subnet/pool
> > nor any options are sent to the clients. Only hosts stanzas are
> > defined
> > in dhcpd.conf under a subnet declaration, however if i set my
> > client
> > from my linux machine to boot via dhcp i get an ip from the server
> > and
> > see all the dhcp talking(DISCOVER,REQUEST etc) taking place in
> > journal
> > logs.
> > What i want to achieve is that dhcpd denies talking dhcp protocol
> > at
> > all to any client booting with automatic configuration.
> > Any hints, gotchas would be greatly appreciated.
>
> It should be sufficient to have something like this :
>
> <common options - eg dns servers>
> subnet a.b.c.0 ...
> router a.b.c.d;
> }
>
> host ....
> match ...
> fixed address a.b.c.x;
> }
>
> Any client not listed in a host statement will not get an address as
> there isn't a range to give it one. In the logs you'd see lots of "no
> leases" messages if there are such clients on the network - you can
> suppress these with an "ignore unknown-clients" statement in the
> subnet (or globally) as long as there really are no dynamic clients
> to be served.
>
> If this isn't working for you, then post your config file and example
> log entries.
>
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 06 Feb 2018 16:23:26 +0100
> From: Pavel Zhukov <pzhu...@redhat.com>
> To: Lukas Erlacher <erlac...@in.tum.de>
> Cc: dhcp-users@lists.isc.org
> Subject: Re: dhclient process lifetime
> Message-ID: <87d11ip2fl....@pzhukov-workstation.usersys.redhat.com>
> Content-Type: text/plain
>
> Lukas Erlacher <erlac...@in.tum.de> writes:
> Hello,
>
> You have see something like
> # dhclient -v -4 -pf /run/dhclient.eth0.pid -lf
> /var/lib/dhcp/dhclient.eth0.leases client1
> dhclient(30189) is already running - exiting.
>
> the pid (30189) is stored in /run/dhclient.eth0.pid and it prevent
> second copy of dhclient to be started as it was been
> specified in your command line. Can you check/share content of this
> file?
>
> > Hallo,
> >
> > I hope this is the correct place for isc-dhcp-client (dhclient)
> > issues.
> >
> > I do not understand why dhclient behaves the way it does vis-a-vis
> > process lifetime and hope someone can explain it to me.
> >
> > I am running isc-dhcp-client 4.3.5-3 on Raspbian 9.3.
> >
> > When I run this twice:
> >
> > > dhclient -v -4 -pf /run/dhclient.eth0.pid -lf
> > > /var/lib/dhcp/dhclient.eth0.leases eth0
> >
> > Two dhclient processes will be running. That seems very
> > undesirable,
> > especially since I've already observed a corrupted leasefile that
> > had
> > interleaved writes.
> >
> > If I want to make sure that only one dhclient process is running
> > for an
> > interface, it appears I first have to run dhclient -x to make sure
> > any
> > running process gets killed.
> >
> > Is this normal/intended behaviour?
> >
> > Thanks,
> > Luke
> >
> > _______________________________________________
> > dhcp-users mailing list
> > dhcp-users@lists.isc.org
> > https://lists.isc.org/mailman/listinfo/dhcp-users
>
>
> ------------------------------
>
> Message: 3
> Date: Wed, 7 Feb 2018 09:46:57 +1100
> From: Lukas Erlacher <erlac...@in.tum.de>
> To: Pavel Zhukov <pzhu...@redhat.com>
> Cc: dhcp-users@lists.isc.org
> Subject: Re: dhclient process lifetime
> Message-ID: <8aeb7d13-b99d-eeb2-52e9-eb238cce1...@in.tum.de>
> Content-Type: text/plain; charset="utf-8"
>
> Hi Pavel,
>
> thanks for your reply.
>
> In fact, I see no such message. Here is what I see:
>
> > (testenv) root@manarati-two:~# pgrep -a
> > dhclient
> >
> >
> > (testenv) root@manarati-two:~# cat /run/dhclient.eth0.pid
> > 29121
> > (testenv) root@manarati-two:~# dhclient -v -w -4 -pf
> > /var/run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases
> > eth0
> > Internet Systems Consortium DHCP Client 4.3.5
> > Copyright 2004-2016 Internet Systems Consortium.
> > All rights reserved.
> > For info, please visit https://www.isc.org/software/dhcp/
> >
> > Listening on LPF/eth0/b8:27:eb:be:35:8a
> > Sending on LPF/eth0/b8:27:eb:be:35:8a
> > Sending on Socket/fallback
> > DHCPREQUEST of 192.168.13.151 on eth0 to 255.255.255.255 port 67
> > DHCPACK of 192.168.13.151 from 192.168.13.1
> > RTNETLINK answers: File exists
> > bound to 192.168.13.151 -- renewal in 789 seconds.
> > (testenv) root@manarati-two:~# pgrep -a dhclient
> > 10875 dhclient -v -w -4 -pf /var/run/dhclient.eth0.pid -lf
> > /var/lib/dhcp/dhclient.eth0.leases eth0
> > (testenv) root@manarati-two:~# cat /run/dhclient.eth0.pid
> > 10875
> > (testenv) root@manarati-two:~# dhclient -v -w -4 -pf
> > /var/run/dhclient.eth0.pid -lf /var/lib/dhcp/dhclient.eth0.leases
> > eth0
> > Internet Systems Consortium DHCP Client 4.3.5
> > Copyright 2004-2016 Internet Systems Consortium.
> > All rights reserved.
> > For info, please visit https://www.isc.org/software/dhcp/
> >
> > Listening on LPF/eth0/b8:27:eb:be:35:8a
> > Sending on LPF/eth0/b8:27:eb:be:35:8a
> > Sending on Socket/fallback
> > DHCPREQUEST of 192.168.13.151 on eth0 to 255.255.255.255 port 67
> > DHCPACK of 192.168.13.151 from 192.168.13.1
> > RTNETLINK answers: File exists
> > bound to 192.168.13.151 -- renewal in 729 seconds.
> > (testenv) root@manarati-two:~# pgrep -a dhclient
> > 10875 dhclient -v -w -4 -pf /var/run/dhclient.eth0.pid -lf
> > /var/lib/dhcp/dhclient.eth0.leases eth0
> > 10902 dhclient -v -w -4 -pf /var/run/dhclient.eth0.pid -lf
> > /var/lib/dhcp/dhclient.eth0.leases eth0
> > (testenv) root@manarati-two:~# cat /run/dhclient.eth0.pid
> > 10902
> > (testenv) root@manarati-two:~#
>
> So for some reason dhclient is not performing the check for a running
> instance correctly.
>
> On 02/07/2018 02:23 AM, Pavel Zhukov wrote:
> > Lukas Erlacher <erlac...@in.tum.de> writes:
> > Hello,
> >
> > You have see something like
> > # dhclient -v -4 -pf /run/dhclient.eth0.pid -lf
> > /var/lib/dhcp/dhclient.eth0.leases client1
> > dhclient(30189) is already running - exiting.
> >
> > the pid (30189) is stored in /run/dhclient.eth0.pid and it prevent
> > second copy of dhclient to be started as it was been
> > specified in your command line. Can you check/share content of this
> > file?
> >
>
> -------------- next part --------------
> A non-text attachment was scrubbed...
> Name: smime.p7s
> Type: application/pkcs7-signature
> Size: 5167 bytes
> Desc: S/MIME Cryptographic Signature
> URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20180207
> /87ddd090/attachment-0001.bin>
>
> ------------------------------
>
> Subject: Digest Footer
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
> ------------------------------
>
> End of dhcp-users Digest, Vol 112, Issue 2
> ******************************************
------------------------------
Message: 2
Date: Wed, 7 Feb 2018 20:16:36 +0000
From: Simon Hobson <dh...@thehobsons.co.uk>
To: dhcp-users@lists.isc.org
Subject: Static only hosts, no dynamic/reserved leases
Message-ID: <67cc664e-eaf7-4a3a-9038-6c2d75675...@thehobsons.co.uk>
Content-Type: text/plain; charset=us-ascii
george Nopicture <mad-proffes...@hotmail.com> wrote:
> #/etc/dhcp/dhcpd.conf
>
> deny declines;
> deny bootp;
> authoritative;
>
> subnet 192.168.0.0 netmask 255.255.255.248 {
> option domain-name-servers x.y.z.i;
> option routers 192.168.0.1;
> option broadcast-address 192.168.0.7;
> ping-check false;
> option subnet-mask 255.255.255.248;
> option arp-cache-timeout 42700;
> option ip-forwarding off;
> default-lease-time 93000;
> max-lease-time 93000;
> deny unknown-clients;
> boot-unknown-clients false;
> host fedora {
> hardware ethernet 00:fd:vc:c3:6m:qq;
> fixed-address 192.168.0.2; }
> }
>
> thats my config even if i remove the option lines my pc named fedora
> gets an ip from the dhcp. I want only static configuration (meaning to
> not being able to see DHCPDISCOVER, DHCPREQUEST lines in journal) even
> if i set automatic ip configuration in my desktop's NetworkManager.
Firstly, please don't top post.
Second, really do NOT reply to the digest without resetting the subject
correctly.
Now to the DHCP issue ...
It's really hard to see what's what with no formatting, but for the config you
have, it is correct that host "fedora" gets an address - you've explicitly
configured the server to give it one.
While it won't make any difference in your basic setup, host statements should
NOT be put inside any other section (other than group). They are global in
scope - but putting them inside another construct causes weird inheritance
problems.
Fixing this and adding some formatting, you end up with this :
deny declines;
deny bootp;
authoritative;
subnet 192.168.0.0 netmask 255.255.255.248 {
option domain-name-servers x.y.z.i;
option routers 192.168.0.1;
option broadcast-address 192.168.0.7;
ping-check false;
option subnet-mask 255.255.255.248;
option arp-cache-timeout 42700;
option ip-forwarding off;
default-lease-time 93000;
max-lease-time 93000;
deny unknown-clients;
boot-unknown-clients false;
}
host fedora {
hardware ethernet 00:fd:vc:c3:6m:qq;
fixed-address 192.168.0.2; }
What this says is that ONLY the host "fedora" with MAC address
"00:fd:vc:c3:6m:qq" (I assume that's just some random string you've replaced
the real address with) can get an address, and it will be 192.168.0.2. No other
client will get a lease.
So I'm not clear exactly what you are trying to achieve here. If you don't want
"anything at all" to get a lease then the simple option is not to even start
the DHCP server - if it's not running, then it can't respond to clients.
------------------------------
Message: 3
Date: Wed, 7 Feb 2018 22:30:24 +0000
From: Rob Moser <rob.mo...@nau.edu>
To: "dhcp-users@lists.isc.org" <dhcp-users@lists.isc.org>
Subject: ddns-fwd-name using the wrong name
Message-ID: <e83f765f123644ada06965bae5807...@nau.edu>
Content-Type: text/plain; charset="iso-8859-1"
Hi All,
Short Version:
In most cases our DDNS setup works fine, but an issue has come up where for
some of our hosts the DHCP server seems to pick the wrong ddns-fwd-name to send
in the updates to DNS. How does dhcpd determine what name to use?
More Details:
I can see the DHCP server making updates in it's logs, and see the updates
taking place successfully in the named logs on the other end. It's updating,
it's just using the wrong name. From our dhcpd.leases file on one of the DHCP
servers:
lease <ip address> {
starts 5 2018/02/02 18:54:43;
ends 6 2018/02/03 02:54:43;
tstp 6 2018/02/03 06:54:43;
tsfp 6 2018/02/03 06:54:43;
atsfp 6 2018/02/03 06:54:43;
cltt 5 2018/02/02 18:54:43;
binding state active;
next binding state expired;
hardware ethernet 18:03:73:41:33:5b;
uid "\001\030\003sA3[";
set ddns-fwd-name = "MATH222-20.math.our.domain";
set ddns-txt = "REDACTED";
set ddns-rev-name = "<reverse ip>.in-addr.arpa.";
client-hostname "math133-01";
}
You can see that the client hostname is correctly identified as math133-01, but
ddns-fwd-name gets set to "MATH222-20.math.our.domain". Apparently this
machine?did?have that hostname at some point in the past, before being
re-imaged and re-named, so I got them to do a release and renew, just in case
it was somehow still carrying an old lease, and I observed in the logs that it
went through the full RELEASE/DISCOVER cycle. No change.
The MATH222-20 host does not have a host entry in our dhcpd configs. The
math133-01 has the following entry:
host math133-01.math.our.domain-dynamic {
hardware ethernet 18:03:73:41:33:5b;
ddns-hostname "math133-01";
ddns-domainname "math.our.domain";
option host-name "math133-01";
option domain-name "math.our.domain";
}
The zone config for math.our.domain has nothing but the (correct) ip of the DNS
server, and the key. I've grepped our entire DHCP config tree for any specific
mention of MATH220-20, and found nothing.
Any ideas where dhcpd might be getting this old out-of-date value for
ddns-fwd-name? Thanks for any help,
- rob.
------------------------------
Subject: Digest Footer
_______________________________________________
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 112, Issue 3
******************************************
