Re: dhcpd not starting
Chris, I guess you've got two problems: A) filtering your clients to get them the right options B) delivering vendor specific options. more inline... obsd_m...@chrissmith.org (Chris Smith), 2013.01.01 (Tue) 18:20 (CET): On Tue, Jan 1, 2013 at 7:59 AM, MERIGHI Marcus mcmer-open...@tor.at wrote: I could not figure out which dhcp option(s) you are referring to. Please specify option number and RFC number. For options with names see: dhcp-options(5) (beeing reworked currently) /usr/src/usr.sbin/dhcpd/tables.c For options without names use e.g. ``option-252'' thereby keeping the created *_ip_tables more Do you mean pf.conf(5) tables here? Or dhcp leases table (/var/db/dhcpd.leases)? up-to-date. Option space is also good for preventing some of the WPAD nonsense and assisting in NetBIOS configurations. Could you be more specific, please? Hopefully this commented section of dhcpd.conf I normally use will help: = #windoze option space windoze; option windoze.nbt code 1 = unsigned integer 32; option windoze.release code 2 = unsigned integer 32; option windoze.metric code 3 = unsigned integer 32; My guess is your are talking about RFC 2132 Section 8.4 ``Vendor Specific Information'' (OpenBSD: vendor-encapsulated-options). http://msdn.microsoft.com/en-us/library/cc227275.aspx an example of how to deliver vendor specific: http://www.bytefusion.com/products/ntm/ptnt/configuring_via_dhcp.htm Thus I think it can be done, never done it myself. # 1 = enable NetBIOS over TCP # 2 = disable NetBIOS over TCP option windoze.nbt 1; I do find some NetBIOS options in RFC 2132, but these have the following option number codes: 44 NetBIOS over TCP/IP Name Server Option (OpenBSD: netbios-name-servers) 45 NetBIOS over TCP/IP Datagram Distribution Server Option (OpenBSD: netbios-dd-server) 46 NetBIOS over TCP/IP Node Type Option (OpenBSD: netbios-node-type) 47 NetBIOS over TCP/IP Scope Option (OpenBSD: netbios-scope) Again I think you are talking about vendor specific... # 1 = send DHCPRELEASE on shutdown option windoze.release 1; RFC 2131, Section 3.1, paragraph 6.: 6. The client may choose to relinquish its lease on a network address by sending a DHCPRELEASE message to the server. The client identifies the lease to be released with its 'client identifier', or 'chaddr' and network address in the DHCPRELEASE message. If the client used a 'client identifier' when it obtained the lease, it MUST use the same 'client identifier' in the DHCPRELEASE message. So, you are asking your windoze machines to do what they are supposed to do anyways? Again I think you are talking about vendor specific... # default route cost metric option windoze.metric 1; Again I think you are talking about vendor specific... #/windoze option wpad-url code 252 = text; option wpad-url \n\000; #option wpad-url http://192.168.99.123/proxy.pac\n;; use ``option autoproxy-script'' for that (and see /usr/src/usr.sbin/dhcpd/tables.c). This one works, at least for me. if substring (option vendor-class-identifier, 0, 8) = MSFT 5.0 { vendor-option-space windoze; option netbios-node-type 8; } No such filtering in base dhcpd(8). = Is any of this available in base dhcpd? Maybe I'm just missing it. I do not think so, dhcpd.conf(5): ``For clients whose addresses will be dynamically assigned, there is currently no way to group parameter assignments other than by network topology.'' As far as I know there's only two ways of filtering clients: - dhcp-client-identifier (dhcp-options(5)) - hardware ethernet (dhcpd.conf(5)) By these you could assign your windoze hosts to a common group declaration and assign your windoze options. Bye, Marcus
Re: dhcpd not starting
In-tree dhcp most certainly support options because I am using them: option autoproxy-script http://1.2.3.4/wpad.dat;; Cheers, Lars On Mon, Dec 31, 2012 at 11:19 PM, Chris Smith obsd_m...@chrissmith.orgwrote: Maybe it's a problem due to Unbound being a package and not part of the core system, but a normal configuration such as: host hostname.example.com { hardware ethernet 00:1a:80:f4:75:ad; fixed-address hostname.example.com; } has to be rewritten as: host hostname.example.com { hardware ethernet 00:1a:30:64:75:bc; fixed-address 172.38.202.17; } thereby duplicating efforts or dhcpd will not start on reboot since pkg scripts start after everything else and Unbound has not yet been started. Also as nice as it is to have the core dhcpd create pf tables it has otherwise very limited functionality, such as lack of support for option space, which can be used to request a system release it's lease on shutdown thereby keeping the created *_ip_tables more up-to-date. Option space is also good for preventing some of the WPAD nonsense and assisting in NetBIOS configurations. Using the packaged dhcpd would most likely eliminate the startup issue and provide the missing dhcpd functionality but one would also lose the tight pf integration.
Re: dhcpd not starting
Oh, you mean the space thing. Well, it probably doesn't but I Have never needed that. --- Lars On Wed, Jan 2, 2013 at 6:50 PM, Lars Hansson romaby...@gmail.com wrote: In-tree dhcp most certainly support options because I am using them: option autoproxy-script http://1.2.3.4/wpad.dat;; Cheers, Lars On Mon, Dec 31, 2012 at 11:19 PM, Chris Smith obsd_m...@chrissmith.orgwrote: Maybe it's a problem due to Unbound being a package and not part of the core system, but a normal configuration such as: host hostname.example.com { hardware ethernet 00:1a:80:f4:75:ad; fixed-address hostname.example.com; } has to be rewritten as: host hostname.example.com { hardware ethernet 00:1a:30:64:75:bc; fixed-address 172.38.202.17; } thereby duplicating efforts or dhcpd will not start on reboot since pkg scripts start after everything else and Unbound has not yet been started. Also as nice as it is to have the core dhcpd create pf tables it has otherwise very limited functionality, such as lack of support for option space, which can be used to request a system release it's lease on shutdown thereby keeping the created *_ip_tables more up-to-date. Option space is also good for preventing some of the WPAD nonsense and assisting in NetBIOS configurations. Using the packaged dhcpd would most likely eliminate the startup issue and provide the missing dhcpd functionality but one would also lose the tight pf integration.
Re: dhcpd not starting
obsd_m...@chrissmith.org (Chris Smith), 2013.12.31 (Mon) 16:19 (CET): Maybe it's a problem due to Unbound being a package and not part of the core system, but a normal configuration such as: host hostname.example.com { hardware ethernet 00:1a:80:f4:75:ad; fixed-address hostname.example.com; } has to be rewritten as: host hostname.example.com { hardware ethernet 00:1a:30:64:75:bc; fixed-address 172.38.202.17; } thereby duplicating efforts or dhcpd will not start on reboot since pkg scripts start after everything else and Unbound has not yet been started. Keep hosts(5) and unbound(8) in sync and ``lookup file bind'' in resolv.conf(5). That lets dhcpd(8) resolve your names before net/unbound(8) has come up. $ grep ^include: /var/unbound/etc/unbound.conf.local include: /var/unbound/etc/localzone.hosts.conf $ getent hosts | hoststounbound.sh hosts \ /var/unbound/etc/localzone.hosts.conf $ sudo unbound-control -c /var/unbound/etc/unbound.conf.local reload $ cat hoststounbound.sh # handle with care! #!/bin/sh -e local _zone=${1:-hosts} function _doit { local _zone=${1} local _ip= local _names= local _name= local _word_count= local _word= print server:\n print local-zone: \${_zone}\ transparent\n while read _line; do [[ X${_line} == X#* ]] continue _ip= _names= _word_count=0 for _word in $_line; do if [[ $_word_count -eq 0 ]]; then # first: ip _ip=${_word} elif [[ X${_word} == X#* ]]; then # skip after # in line break else # remains: names and aliases _names=${_names}${_word} fi _word_count=$((_word_count + 1)) done # skip localhost #[[ X${_ip} == X127.0.0.1 || X${_ip} == X::1 ]] continue a=A [[ X${_ip} == X*:* ]] a= for _name in $_names; do print local-data: \${_name} ${a} ${_ip}\ print local-data-ptr: \${_ip} ${_name}\\n done done } _doit ${_zone} Also as nice as it is to have the core dhcpd create pf tables it has otherwise very limited functionality, such as lack of support for option space, which can be used to request a system release it's lease on shutdown I could not figure out which dhcp option(s) you are referring to. Please specify option number and RFC number. For options with names see: dhcp-options(5) (beeing reworked currently) /usr/src/usr.sbin/dhcpd/tables.c For options without names use e.g. ``option-252'' thereby keeping the created *_ip_tables more Do you mean pf.conf(5) tables here? Or dhcp leases table (/var/db/dhcpd.leases)? up-to-date. Option space is also good for preventing some of the WPAD nonsense and assisting in NetBIOS configurations. Could you be more specific, please? Bye, Marcus Using the packaged dhcpd would most likely eliminate the startup issue and provide the missing dhcpd functionality but one would also lose the tight pf integration.
Re: dhcpd not starting
On Tue, Jan 1, 2013 at 7:59 AM, MERIGHI Marcus mcmer-open...@tor.at wrote: I could not figure out which dhcp option(s) you are referring to. Please specify option number and RFC number. For options with names see: dhcp-options(5) (beeing reworked currently) /usr/src/usr.sbin/dhcpd/tables.c For options without names use e.g. ``option-252'' thereby keeping the created *_ip_tables more Do you mean pf.conf(5) tables here? Or dhcp leases table (/var/db/dhcpd.leases)? up-to-date. Option space is also good for preventing some of the WPAD nonsense and assisting in NetBIOS configurations. Could you be more specific, please? Hopefully this commented section of dhcpd.conf I normally use will help: = #windoze option space windoze; option windoze.nbt code 1 = unsigned integer 32; option windoze.release code 2 = unsigned integer 32; option windoze.metric code 3 = unsigned integer 32; # 1 = enable NetBIOS over TCP # 2 = disable NetBIOS over TCP option windoze.nbt 1; # 1 = send DHCPRELEASE on shutdown option windoze.release 1; # default route cost metric option windoze.metric 1; #/windoze option wpad-url code 252 = text; option wpad-url \n\000; #option wpad-url http://192.168.99.123/proxy.pac\n;; if substring (option vendor-class-identifier, 0, 8) = MSFT 5.0 { vendor-option-space windoze; option netbios-node-type 8; } = Is any of this available in base dhcpd? Maybe I'm just missing it. Thanks, Chris
Re: dhcpd not starting
For in base dhcpd you should read manual for dhcpd.conf. Else you can invoke it with some debug/verbose flag in order to get some output regarding what it likes/dislikes in your dhcpd.conf. On 31 dec 2012, at 16:19, Chris Smith obsd_m...@chrissmith.org wrote: Maybe it's a problem due to Unbound being a package and not part of the core system, but a normal configuration such as: host hostname.example.com { hardware ethernet 00:1a:80:f4:75:ad; fixed-address hostname.example.com; } has to be rewritten as: host hostname.example.com { hardware ethernet 00:1a:30:64:75:bc; fixed-address 172.38.202.17; } thereby duplicating efforts or dhcpd will not start on reboot since pkg scripts start after everything else and Unbound has not yet been started. Also as nice as it is to have the core dhcpd create pf tables it has otherwise very limited functionality, such as lack of support for option space, which can be used to request a system release it's lease on shutdown thereby keeping the created *_ip_tables more up-to-date. Option space is also good for preventing some of the WPAD nonsense and assisting in NetBIOS configurations. Using the packaged dhcpd would most likely eliminate the startup issue and provide the missing dhcpd functionality but one would also lose the tight pf integration.