On Sun, Nov 20, 2022 at 12:00:19AM +0200, [email protected] wrote: > Hello, > > I've been struggling with this issue for over a year, and I'm still > not sure if this is a limitation of dnsmasq or I'm doing something > wrong. > > Situation: > > - core switch (Brocade) > - dnsmasq 2.87 running on a VM, IP address 10.11.19.20/24 > - the core switch is configured to use the dnsmasq box as an "ip > helper" (ie: dhcp relay) > - we have multiple /24's on specific VLANs > > The issue is that we can NOT assign IPs to any other than the primary > subnet of the vlan (ve interface) -- hence forward as BB.BB.93.5/24
Please elaborate that "forward". > Relevant config of the interface on the switch: > > SSH@core01(config-vif-501)#sh run int ve 501 > interface ve 501 > vrf forwarding core01 > ip address AA.AA.152.1 255.255.255.0 > ip address AA.AA.153.1 255.255.255.0 > ip address AA.AA.155.1 255.255.255.128 > ip address BB.BB.18.1 255.255.255.0 > ip address BB.BB.93.1 255.255.255.0 > no ip redirect > ip helper-address 1 10.11.19.20 > --- snip --- > ! > > Relevant dnsmasq config: > > # Don't function as a DNS server: > port=0 > log-dhcp > > shared-network=10.11.19.20,AA.AA.152.0 > > # TFTP Configuration > enable-tftp > tftp-root=/srv/pxe > # -- removed irrelevant bootp/tftp stuff > > # Set ranges and tags > dhcp-range=set:405,10.11.19.0,static,255.255.255.0,1h > > dhcp-range=set:501a,AA.AA.152.0,static,255.255.255.0,5m > dhcp-range=set:501b,AA.AA.153.0,static,255.255.255.0,5m > dhcp-range=set:501c,AA.AA.155.0,static,255.255.255.128,5m > dhcp-range=set:501d,BB.BB.18.1,static,255.255.255.0,5m > dhcp-range=set:501e,BB.BB.93.0,static,255.255.255.0,5m > > # Set Netmask > dhcp-option=tag:405,option:netmask,255.255.255.0 > > dhcp-option=tag:501a,option:netmask,255.255.255.0 > dhcp-option=tag:501b,option:netmask,255.255.255.0 > dhcp-option=tag:501c,option:netmask,255.255.255.128 > dhcp-option=tag:501d,option:netmask,255.255.255.0 > dhcp-option=tag:501e,option:netmask,255.255.255.0 > > # Set default gateway > dhcp-option=tag:405,option:router,10.11.19.1 > > dhcp-option=tag:501a,option:router,AA.AA.152.1 > dhcp-option=tag:501b,option:router,AA.AA.153.1 > dhcp-option=tag:501c,option:router,AA.AA.155.1 > dhcp-option=tag:501d,option:router,BB.BB.18.1 > dhcp-option=tag:501e,option:router,BB.BB.93.1 > > # --- hosts --- > dhcp-host=00:50:56:86:71:14,BB.BB.93.5,pxe-host > > This results into the following message in the logs: > > Nov 19 23:51:02 dnsmasq[1611436]: started, version 2.87 DNS disabled > Nov 19 23:51:02 dnsmasq[1611436]: compile time options: IPv6 > GNU-getopt DBus no-UBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack > ipset nftset auth cryptohash DNSSEC loop-detect inotify dumpfile > Nov 19 23:51:02 dnsmasq-dhcp[1611436]: DHCP, static leases only on > AA.AA.155.0, lease time 5m > Nov 19 23:51:02 dnsmasq-dhcp[1611436]: DHCP, static leases only on > BB.BB.93.0, lease time 5m > Nov 19 23:51:02 dnsmasq-dhcp[1611436]: DHCP, static leases only on > BB.BB.18.1, lease time 5m > Nov 19 23:51:02 dnsmasq-dhcp[1611436]: DHCP, static leases only on > AA.AA.155.0, lease time 5m > Nov 19 23:51:02 dnsmasq-dhcp[1611436]: DHCP, static leases only on > AA.AA.153.0, lease time 5m > Nov 19 23:51:02 dnsmasq-dhcp[1611436]: DHCP, static leases only on > AA.AA.152.0, lease time 5m > Nov 19 23:51:02 dnsmasq-dhcp[1611436]: DHCP, static leases only on > 10.11.19.0, lease time 1h > Nov 19 23:51:02 dnsmasq-tftp[1611436]: TFTP root is /srv/pxe > Nov 19 23:51:07 dnsmasq-dhcp[1611436]: 388452072 available DHCP subnet: > AA.AA.152.0/255.255.255.0 > Nov 19 23:51:07 dnsmasq-dhcp[1611436]: 388452072 vendor class: > PXEClient:Arch:00007:UNDI:003000 > Nov 19 23:51:07 dnsmasq-dhcp[1611436]: 388452072 DHCPDISCOVER(ens160) > 00:50:56:86:71:14 no address available > Nov 19 23:51:11 dnsmasq-dhcp[1611436]: 388452072 available DHCP subnet: > AA.AA.152.0/255.255.255.0 > Nov 19 23:51:11 dnsmasq-dhcp[1611436]: 388452072 vendor class: > PXEClient:Arch:00007:UNDI:003000 > Nov 19 23:51:11 dnsmasq-dhcp[1611436]: 388452072 DHCPDISCOVER(ens160) > 00:50:56:86:71:14 no address available > Nov 19 23:51:19 dnsmasq-dhcp[1611436]: 388452072 available DHCP subnet: > AA.AA.152.0/255.255.255.0 > Nov 19 23:51:19 dnsmasq-dhcp[1611436]: 388452072 vendor class: > PXEClient:Arch:00007:UNDI:003000 > Nov 19 23:51:19 dnsmasq-dhcp[1611436]: 388452072 DHCPDISCOVER(ens160) > 00:50:56:86:71:14 no address available > Nov 19 23:51:35 dnsmasq-dhcp[1611436]: 388452072 available DHCP subnet: > AA.AA.152.0/255.255.255.0 > Nov 19 23:51:35 dnsmasq-dhcp[1611436]: 388452072 vendor class: > PXEClient:Arch:00007:UNDI:003000 > Nov 19 23:51:35 dnsmasq-dhcp[1611436]: 388452072 DHCPDISCOVER(ens160) > 00:50:56:86:71:14 no address available > > Relevant tpcdump of the received DHCP Package: > > 23:51:02.144340 08:35:71:f0:fa:c1 > 00:50:56:a6:fd:79, ethertype IPv4 > (0x0800), length 389: (tos 0x1,ECT(1), ttl 63, id 16378, offset 0, > flags [none], proto UDP (17), length 375) > 10.11.20.1.67 > 10.11.19.20.67: [udp sum ok] BOOTP/DHCP, Request > from 00:50:56:86:71:14, length 347, hops 1, xid 0xbb4e1961, secs 28, > Flags [Broadcast] (0x8000) > Gateway-IP AA.AA.152.1 > Client-Ethernet-Address 00:50:56:86:71:14 > Vendor-rfc1048 Extensions > Magic Cookie 0x63825363 > DHCP-Message Option 53, length 1: Discover > MSZ Option 57, length 2: 1472 > Parameter-Request Option 55, length 35: > Subnet-Mask, Time-Zone, Default-Gateway, Time-Server > IEN-Name-Server, Domain-Name-Server, Hostname, BS > Domain-Name, RP, EP, RSZ > TTL, BR, YD, YS > NTP, Vendor-Option, Requested-IP, Lease-Time > Server-ID, RN, RB, Vendor-Class > TFTP, BF, GUID, Option 128 > Option 129, Option 130, Option 131, Option 132 > Option 133, Option 134, Option 135 > GUID Option 97, length 17: > 0.66.6.201.133.10.9.24.55.187.178.66.116.65.71.167.235 > NDI Option 94, length 3: 1.3.0 > ARCH Option 93, length 2: 7 > Vendor-Class Option 60, length 32: > "PXEClient:Arch:00007:UNDI:003000" > > Any help/suggestions on what to do next? Consider to sent the completer configuration. Karma bonuspoints for not malforming it. > Is this just a misconfiguration issue on my side > or it's something that dnsmasq can't/won't do? Or another possibility. Groeten Geert Stappers -- Silence is hard to parse _______________________________________________ Dnsmasq-discuss mailing list [email protected] https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
