Hi Simon, > Add --shared-network config. This enables allocation of addresses > the DHCP server in subnets where the server (or relay) doesn't > have an interface on the network in that subnet. Many thanks to > kamp.de for sponsoring this feature. Does this paragraph lack a preposition "by" early on the 2nd line, or am I mis-guessing the purpose?
...enables allocation of addresses *by* the DHCP server... The manual page also seems to offer room for linguistic improvement (apparently written by a German, so I see the typical patterns, and also the misuse of which vs. that. I am attaching a patch series vs. git to fix several issues in the manpage and CHANGELOG.
From 35b88d98429e2fe016d9989d220f6faf2b933764 Mon Sep 17 00:00:00 2001 From: Matthias Andree <matthias.and...@gmx.de> Date: Sun, 5 Apr 2020 11:18:05 +0200 Subject: [PATCH 1/5] man/dnsmasq.8: Properly capitalize DHCP acronym. --- man/dnsmasq.8 | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index 3d01655..60aa251 100644 --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -909,7 +909,7 @@ then the address can be simply :: The optional .B set:<tag> sets an alphanumeric label which marks this network so that -dhcp options may be specified on a per-network basis. +DHCP options may be specified on a per-network basis. When it is prefixed with 'tag:' instead, then its meaning changes from setting a tag to matching it. Only one tag may be set, but more than one tag may be matched. @@ -1017,7 +1017,7 @@ may contain an IPv4 address or one or more IPv6 addresses, or both. IPv6 address .B --dhcp-host=laptop,[1234::56] IPv6 addresses may contain only the host-identifier part: .B --dhcp-host=laptop,[::56] -in which case they act as wildcards in constructed dhcp ranges, with +in which case they act as wildcards in constructed DHCP ranges, with the appropriate network part inserted. For IPv6, an address may include a prefix length: .B --dhcp-host=laptop,[1234:50/126] which (in this case) specifies four addresses, 1234::50 to 1234::53. This (an the ability @@ -1354,7 +1354,7 @@ vendor-identifying vendor classes for the specified enterprise. Please see RFC 3925 for more details of these rare and interesting beasts. .TP .B --dhcp-name-match=set:<tag>,<name>[*] -Set the tag if the given name is supplied by a dhcp client. There may be a single trailing wildcard *, which has the usual meaning. Combined with dhcp-ignore or dhcp-ignore-names this gives the ability to ignore certain clients by name, or disallow certain hostnames from being claimed by a client. +Set the tag if the given name is supplied by a DHCP client. There may be a single trailing wildcard *, which has the usual meaning. Combined with dhcp-ignore or dhcp-ignore-names this gives the ability to ignore certain clients by name, or disallow certain hostnames from being claimed by a client. .TP .B --tag-if=set:<tag>[,set:<tag>[,tag:<tag>[,tag:<tag>]]] Perform boolean operations on tags. Any tag appearing as set:<tag> is set if @@ -1751,7 +1751,7 @@ option also forces the leasechange script to be called on changes to the client-id and lease length and expiry time. .TP .B --script-on-renewal -Call the dhcp script when the lease expiry time changes, for instance when the +Call the DHCP script when the lease expiry time changes, for instance when the lease is renewed. .TP .B --bridge-interface=<interface>,<alias>[,<alias>] @@ -1795,7 +1795,7 @@ firstly it causes the DHCP server to return the domain to any hosts which request it, and secondly it sets the domain which it is legal for DHCP-configured hosts to claim. The intention is to constrain hostnames so that an untrusted host on the LAN cannot advertise -its name via dhcp as e.g. "microsoft.com" and capture traffic not +its name via DHCP as e.g. "microsoft.com" and capture traffic not meant for it. If no domain suffix is specified, then any DHCP hostname with a domain part (ie with a period) will be disallowed and logged. If suffix is specified, then hostnames with a domain @@ -1886,7 +1886,7 @@ The mtu: parameter may be an arbitrary interface name, in which case the MTU val for (eg) advertising the MTU of a WAN interface on the other interfaces of a router. .TP .B --dhcp-reply-delay=[tag:<tag>,]<integer> -Delays sending DHCPOFFER and proxydhcp replies for at least the specified number of seconds. +Delays sending DHCPOFFER and PROXYDHCP replies for at least the specified number of seconds. This can be used as workaround for bugs in PXE boot firmware that does not function properly when receiving an instant reply. This option takes into account the time already spent waiting (e.g. performing ping check) if any. @@ -2022,7 +2022,7 @@ and .I /etc/ethers and any file given by \fB--dhcp-hostsfile\fP, \fB--dhcp-hostsdir\fP, \fB--dhcp-optsfile\fP, \fB--dhcp-optsdir\fP, \fB--addn-hosts\fP or \fB--hostsdir\fP. -The dhcp lease change script is called for all +The DHCP lease change script is called for all existing DHCP leases. If .B --no-poll -- 2.25.2
From 0577a280007cd6dc4389a7ca10f0c5d727640e2e Mon Sep 17 00:00:00 2001 From: Matthias Andree <matthias.and...@gmx.de> Date: Sun, 5 Apr 2020 11:18:32 +0200 Subject: [PATCH 2/5] man/dnsmasq.8: Remove .PP right after .SH. Found by FreeBSD's mandoc -T lint. --- man/dnsmasq.8 | 2 -- 1 file changed, 2 deletions(-) diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index 60aa251..111e6ae 100644 --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -2200,7 +2200,6 @@ as is the tag "bootp", allowing some control over the options returned to different classes of hosts. .SH AUTHORITATIVE CONFIGURATION -.PP Configuring dnsmasq to act as an authoritative DNS server is complicated by the fact that it involves configuration of external DNS servers to provide delegation. We will walk through three scenarios of @@ -2370,7 +2369,6 @@ used, and must match the zone's domain. .SH EXIT CODES -.PP 0 - Dnsmasq successfully forked into the background, or terminated normally if backgrounding is not enabled. .PP -- 2.25.2
From 913448d293872f7a98ceca0278d38da7896a5b02 Mon Sep 17 00:00:00 2001 From: Matthias Andree <matthias.and...@gmx.de> Date: Sun, 5 Apr 2020 11:19:03 +0200 Subject: [PATCH 3/5] man/dnsmasq.8: Improve clarity, language, formatting of --shared-network. --- man/dnsmasq.8 | 31 ++++++++++++++++++++----------- 1 file changed, 20 insertions(+), 11 deletions(-) diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index 111e6ae..e94dafe 100644 --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -1767,25 +1767,34 @@ It is permissible to add more than one alias using more than one \fB--bridge-int \fB--bridge-interface=int1,alias1,alias2\fP is exactly equivalent to \fB--bridge-interface=int1,alias1 --bridge-interface=int1,alias2\fP .TP -.B --shared-network=<interface>|<addr>,<addr> -The DHCP server determines which dhcp ranges are useable for allocating and +.B --shared-network=<interface>,<addr> +.PD 0 +.TP +.B --shared-network=<addr>,<addr> +.PD 1v +The DHCP server determines which DHCP ranges are useable for allocating an address to a DHCP client based on the network from which the DHCP request arrives, and the IP configuration of the server's interface on that network. The shared-network -option extends the available subnets (and therefore dhcp ranges) beyond the -subnets configured on the arrival interface. The first argument is either the -name of an interface or an address which is configured on a local interface, and the +option extends the available subnets (and therefore DHCP ranges) beyond the +subnets configured on the arrival interface. + +The first argument is either the +name of an interface, or an address that is configured on a local interface, and the second argument is an address which defines another subnet on which addresses can be allocated. -To be useful, there must be suitable dhcp-range which allows address allocation on this subnet -and this dhcp-range MUST include the netmask. Use shared-network also needs extra -consideration of routing. Dnsmasq doesn't have the usual information which it uses to + +To be useful, there must be a suitable dhcp-range which allows address allocation on this subnet +and this dhcp-range MUST include the netmask. + +Using shared-network also needs extra +consideration of routing. Dnsmasq does not have the usual information that it uses to determine the default route, so the default route option (or other routing) MUST be -manually configured. The client must have a route to the server: if the two-address form -of shared-network is used, this will be to the first specified address. If the interface,address +configured manually. The client must have a route to the server: if the two-address form +of shared-network is used, this needs to be to the first specified address. If the interface,address form is used, there must be a route to all of the addresses configured on the interface. The two-address form of shared-network is also usable with a DHCP relay: the first address is the address of the relay and the second, as before, specifies an extra subnet which -may be allocated. +addresses may be allocated from. .TP .B \-s, --domain=<domain>[,<address range>[,local]] -- 2.25.2
From 525d92cfdd7d7c8d83f46160799973d502ef8e11 Mon Sep 17 00:00:00 2001 From: Matthias Andree <matthias.and...@gmx.de> Date: Sun, 5 Apr 2020 11:19:27 +0200 Subject: [PATCH 4/5] man/dnsmasq.8: Add date to .TH macro. --- man/dnsmasq.8 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 index e94dafe..a2a60d5 100644 --- a/man/dnsmasq.8 +++ b/man/dnsmasq.8 @@ -1,4 +1,4 @@ -.TH DNSMASQ 8 +.TH DNSMASQ 8 2020-04-05 .SH NAME dnsmasq \- A lightweight DHCP and caching DNS server. .SH SYNOPSIS -- 2.25.2
From 323f1bd72025b3123e1cd7bebd1a9fd96071e70d Mon Sep 17 00:00:00 2001 From: Matthias Andree <matthias.and...@gmx.de> Date: Sun, 5 Apr 2020 11:25:36 +0200 Subject: [PATCH 5/5] CHANGELOG: Minor fixes. --- CHANGELOG | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/CHANGELOG b/CHANGELOG index 31b395c..60b08d0 100644 --- a/CHANGELOG +++ b/CHANGELOG @@ -1,12 +1,12 @@ version 2.81 - Impove cache behaviour for TCP connections. For ease of + Improve cache behaviour for TCP connections. For ease of implementaion, dnsmasq has always forked a new process to handle each incoming TCP connection. A side-effect of this is that any DNS queries answered from TCP connections are not cached: when TCP connections were rare, this was not a problem. - With the coming of DNSSEC, it's now the case that some + With the coming of DNSSEC, it is now the case that some DNSSEC queries have answers which spill to TCP, and if, - for instance, this applies to the keys for the root then + for instance, this applies to the keys for the root, then those never get cached, and performance is very bad. This fix passes cache entries back from the TCP child process to the main server process, and fixes the problem. @@ -35,7 +35,7 @@ version 2.81 configuration. Add --shared-network config. This enables allocation of addresses - the DHCP server in subnets where the server (or relay) doesn't + by the DHCP server in subnets where the server (or relay) does not have an interface on the network in that subnet. Many thanks to kamp.de for sponsoring this feature. @@ -66,7 +66,7 @@ version 2.81 Evgenii Seliavka for the suggestion and initial patch. In the router advert code, handle case where we have two - different interfaces on the same IPv6 net, and we're doing + different interfaces on the same IPv6 net, and we are doing RA/DHCP service on only one of them. Thanks to NIIBE Yutaka for spotting this case and making the initial patch. -- 2.25.2
_______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss