Consider this "retransmit" a reminder ...
On Thu, Jun 20, 2019 at 10:26:40AM +0200, Florent Fourcot wrote:
> The idea of this option was already discussed years ago on the mailing
> list:
> https://dnsmasq-discuss.thekelleys.org.narkive.com/ZoFQNaGo/always-ignore-client-identifier#post4
> 
> In our production environnement, we discovered that some devices are
> using 'client identifier' not unique at all, resulting on IP addresses
> conflicts between several devices (we saw up to four devices using same
> IP address).
> 
> The root cause is probably a buggy operating system/configuration of
> decices, but this patch add a configuration workaround on server side
> when fixing clients is impossible.
> 
> Signed-off-by: Charles Daymand <charles.daym...@wifirst.fr>
> Signed-off-by: Florent Fourcot <florent.four...@wifirst.fr>
> ---
>  CHANGELOG        | 4 ++++
>  man/dnsmasq.8    | 6 ++++++
>  man/fr/dnsmasq.8 | 7 +++++++
>  src/dnsmasq.h    | 3 ++-
>  src/option.c     | 3 +++
>  src/rfc2131.c    | 2 +-
>  6 files changed, 23 insertions(+), 2 deletions(-)
> 
> diff --git a/CHANGELOG b/CHANGELOG
> index 8e83c82..a5e9366 100644
> --- a/CHANGELOG
> +++ b/CHANGELOG
> @@ -39,6 +39,10 @@ version 2.81
>       have an interface on the network in that subnet. Many thanks to
>       kamp.de for sponsoring this feature.
>  
> +    Add --dhcp-ignore-clid. This disables reading of DHCP client
> +    identifier option (option 61), so clients are only identified by
> +    MAC addresses.
> +
>       
>  version 2.80
>       Add support for RFC 4039 DHCP rapid commit. Thanks to Ashram Method
> diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
> index bc5ae63..9d5d4d0 100644
> --- a/man/dnsmasq.8
> +++ b/man/dnsmasq.8
> @@ -1405,6 +1405,12 @@ address, and setting this flag enables this mode. Note 
> that in the
>  sequential mode, clients which allow a lease to expire are much more
>  likely to move IP address; for this reason it should not be generally used.
>  .TP
> +.B --dhcp-ignore-clid
> +Dnsmasq is reading 'client identifier' (RFC 2131) option sent by clients
> +(if available) to identify clients. This allow to serve same IP address
> +for a host using several interfaces. Use this option to disable 'client 
> identifier'
> +reading, i.e. to always identify a host using the MAC address.
> +.TP
>  .B --pxe-service=[tag:<tag>,]<CSA>,<menu 
> text>[,<basename>|<bootservicetype>][,<server address>|<server_name>]
>  Most uses of PXE boot-ROMS simply allow the PXE
>  system to obtain an IP address and then download the file specified by
> diff --git a/man/fr/dnsmasq.8 b/man/fr/dnsmasq.8
> index a04c776..dc2fdc0 100644
> --- a/man/fr/dnsmasq.8
> +++ b/man/fr/dnsmasq.8
> @@ -1354,6 +1354,13 @@ Veuillez noter que dans ce mode séquentiel, les 
> clients qui laissent expirer
>  leur bail ont beaucoup plus de chance de voir leur adresse IP changer, aussi
>  cette option ne devrait pas être utilisée dans un cas général.
>  .TP
> +.B --dhcp-ignore-clid
> +Dnsmasq lit l'option 'client identifier' (RFC 2131) envoyée par les clients
> +(si disponible) afin d'identifier les clients. Cela permet de distribuer la
> +même adresse IP à un client utilisant plusieurs interfaces. Activer cette 
> option
> +désactive la lecture du 'client identifier', afin de toujours identifier un 
> client
> +en utilisant l'adresse MAC.
> +.TP
>  .B --pxe-service=[tag:<label>,]<CSA>,<entrée de menu>[,<nom de 
> fichier>|<type de service de démarrage>][,<adresse de serveur>|<nom de 
> serveur>]
>  La plupart des ROMS de démarrage PXE ne permettent au système PXE que la 
> simple
>  obtention d'une adresse IP, le téléchargement du fichier spécifié dans
> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
> index ff3204a..912d216 100644
> --- a/src/dnsmasq.h
> +++ b/src/dnsmasq.h
> @@ -260,7 +260,8 @@ struct event_desc {
>  #define OPT_TFTP_APREF_MAC 56
>  #define OPT_RAPID_COMMIT   57
>  #define OPT_UBUS           58
> -#define OPT_LAST           59
> +#define OPT_IGNORE_CLID    59
> +#define OPT_LAST           60
>  
>  #define OPTION_BITS (sizeof(unsigned int)*8)
>  #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
> diff --git a/src/option.c b/src/option.c
> index 5debcbc..04c9ac6 100644
> --- a/src/option.c
> +++ b/src/option.c
> @@ -167,6 +167,7 @@ struct myoption {
>  #define LOPT_NAME_MATCH    355
>  #define LOPT_CAA           356
>  #define LOPT_SHARED_NET    357
> +#define LOPT_IGNORE_CLID   358
>   
>  #ifdef HAVE_GETOPT_LONG
>  static const struct option opts[] =  
> @@ -339,6 +340,7 @@ static const struct myoption opts[] =
>      { "dhcp-rapid-commit", 0, 0, LOPT_RAPID_COMMIT },
>      { "dumpfile", 1, 0, LOPT_DUMPFILE },
>      { "dumpmask", 1, 0, LOPT_DUMPMASK },
> +    { "dhcp-ignore-clid", 0, 0,  LOPT_IGNORE_CLID },
>      { NULL, 0, 0, 0 }
>    };
>  
> @@ -481,6 +483,7 @@ static struct {
>    { LOPT_CPE_ID, ARG_ONE, "<text>", gettext_noop("Add client identification 
> to forwarded DNS queries."), NULL },
>    { LOPT_DNSSEC, OPT_DNSSEC_PROXY, NULL, gettext_noop("Proxy DNSSEC 
> validation results from upstream nameservers."), NULL },
>    { LOPT_INCR_ADDR, OPT_CONSEC_ADDR, NULL, gettext_noop("Attempt to allocate 
> sequential IP addresses to DHCP clients."), NULL },
> +  { LOPT_IGNORE_CLID, OPT_IGNORE_CLID, NULL, gettext_noop("Ignore client 
> identifier option sent by DHCP clients."), NULL },
>    { LOPT_CONNTRACK, OPT_CONNTRACK, NULL, gettext_noop("Copy connection-track 
> mark from queries to upstream connections."), NULL },
>    { LOPT_FQDN, OPT_FQDN_UPDATE, NULL, gettext_noop("Allow DHCP clients to do 
> their own DDNS updates."), NULL },
>    { LOPT_RA, OPT_RA, NULL, gettext_noop("Send router-advertisements for 
> interfaces doing DHCPv6"), NULL },
> diff --git a/src/rfc2131.c b/src/rfc2131.c
> index 74d81fb..ec2650a 100644
> --- a/src/rfc2131.c
> +++ b/src/rfc2131.c
> @@ -234,7 +234,7 @@ size_t dhcp_reply(struct dhcp_context *context, char 
> *iface_name, int int_index,
>       subnet_addr = option_addr(opt);
>        
>        /* If there is no client identifier option, use the hardware address */
> -      if ((opt = option_find(mess, sz, OPTION_CLIENT_ID, 1)))
> +      if (!option_bool(OPT_IGNORE_CLID) && (opt = option_find(mess, sz, 
> OPTION_CLIENT_ID, 1)))
>       {
>         clid_len = option_len(opt);
>         clid = option_ptr(opt, 0);
> -- 
> 2.11.0
> 

_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to