Re: [Dnsmasq-discuss] Enable HAVE_IPSET by default
On Thu, 21 Mar 2013, Simon Kelley wrote: Not specifically in reply to this, but some data. i386, gcc -O2, not stripped, dnsmasq-2.66test23 without -DHAVE_IPSETbinary is 241943 bytes with -DHAVE_IPSET binary is 244177 bytes so the difference is about 1% Happily, that's still the same number of 4K blocks. So it probably won't make any difference at all to the number of flash blocks used. Although it would be worth knowing compressed sizes in a squashfs, compiled with -Os. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Enable HAVE_IPSET by default
Hi all, On Thu, 21 Mar 2013, Vladislav Grishenko wrote: Just my 2 cents, binary size is important on devices with very limited flash size (2Mb, 4Mb). It depends how much size. If it's less than 4Kb when compiled with -Os then I'd say it's pretty irrelevant. Without knowing how much it adds with -Os, it's hard to decide whether it's worth the hassle of keeping the option. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] using only DHCP and propagating upstream nameservers
Hi Ondrej, On Sat, 16 Feb 2013, Ondřej Grover wrote: Thank you, this would solve my problem if the nameservers listed in /etc/resolv.conf on the server didn't change, but they do (the server is more like a router, acquires IP and dns info from my ISP via DHCP). As dnsmasq is able to read /etc/resolv.conf on the server, I was hoping there would be a way for dnsmasq to propagate the nameservers listed there automagicaly to its clients. If the DNS servers listed there change, there's no way to inform the DHCP clients of that. If they continue to use the old servers and those servers stop working, the clients will fail. Just use dnsmasq to proxy to the DNS servers already. dnsmasq will automatically start forwarding queries to new servers when the list changes. And it will cache queries for you, so it will be faster. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Detecting when a DHCP client disconnects
Hi James, On Sun, 23 Dec 2012, James Harvey wrote: I'm trying to detect when a DHCP client state changes, and invoke a script. The dchp-script option works great for new/old leases, but I need to know when client is not longer connected/reachable. Lease duration is 12h currently. I'm keen to avoid having a heartbeat ping out to the client list, but can't think of an alternative. Any suggestions of how to do this would be appreciated. There is no protocol at the IP level that can communicate a client disconnection. If the client disconnects unexpectedly, it has disconnected, it has no way to send any more packets until it's reconnected. The closest you can get at the IP level is when the client disconnects in an expected way, e.g. switching wireless networks or suspending, in which case it may choose to release its IP address to the DHCP server, but this is optional, not required. Your best bet if you want to avoid polling individual end stations is to poll the switches/access points using DHCP, looking for ports whose links go down or wireless clients disassociating (disappearing), and matching their leases using the MAC address. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791.___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Problem with OpenWRT + dnsmasq
Hi Juhani, On Wed, 19 Sep 2012, Juhani Talvela wrote: Sorry, but there is just this one PC connected to the router LAN port. When dnsmasq is running, there is a huge number of connections all aimed at the ISP nameservers with port 53. If the mailing list allows images, you can see the connection and traffic loads attached, here. When I stop dnsmasq, all connections are dropped and no excess traffic is visible. Wonder if I should stop using dnsmasq and go for dhcpcd, instead? This appears to be a rare problem. I've never seen it, and I'd guess that nobody else on the mailing list has either. So we'll need your help to debug and fix it. It's quite likely to be a configuration error in dnsmasq.conf. Please could you capture some of the traffic that appears when dnsmasq is running, and attach excerpts from your system logs (especially regarding dnsmasq) and your dnsmasq.conf file? dhcpcd is a DHCP client daemon, its functionality does not overlap at all with dnsmasq. Did you mean dhcpd? I personally find dhcpd too heavyweight for a small network, and dnsmasq has some very nice and useful features such as DHCP and DNS integration that make me prefer it. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] server-side dynamic resolving
Hi Travis, On Mon, 13 Aug 2012, Travis Hansen wrote: Bind doesn't do it, the client does. CNAME works like this: client -> nsswitch -> server: what's the address of 15z.foo.bar? client <- nsswitch <- server: 15z.foo.bar is a CNAME to 15z.local. client -> nsswitch -> mdns: what's the address of 15z.local? client <- nsswitch <- mdns: 15z.local is at 1.2.3.4 This assumes that nsswitch on the clients is configured to use mdns as well as dns, which on my system (Ubuntu 11.10) it is. Awesome! I believe that will work. Now I just need to figure out how to get bind/dnsmasq to play nicely together on the same machine :) If you've got tips let me konw. In any case I'll report back. Just so I understand the first step mentioned above for my particular setup. Would it be like this? client -> nsswitch -> server dnsmasq: what's the address of 15z.foo.bar -> server bind: what's the address of 15z.foo.bar If you're going to run bind and dnsmasq on the same machine, yes. I was assuming however that you already have someone serving the 15z.foo.bar zone with a full nameserver, and you could just configure that to return CNAMEs. Running a real DNS server and dnsmasq on the same host might be tricky. You might need to add an IP alias on the server and bind bind to that alias, and dnsmasq's DNS server to the main IP address. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] server-side dynamic resolving
Hi Travis, On Sun, 12 Aug 2012, Travis Hansen wrote: Do you control the DNS for the foobar.dev zone, and is it hosted by a full DNS server (not dnsmasq)? If so, just put a CNAME in the zone file: 15z IN CNAME 15z.local. I'm not a dns expert but I doubt this will work either since I'm guessing something like bind is using pure dns lookups and is not capable of using the system resolver(s) (mdns) to find an IP. Bind doesn't do it, the client does. CNAME works like this: client -> nsswitch -> server: what's the address of 15z.foo.bar? client <- nsswitch <- server: 15z.foo.bar is a CNAME to 15z.local. client -> nsswitch -> mdns: what's the address of 15z.local? client <- nsswitch <- mdns: 15z.local is at 1.2.3.4 This assumes that nsswitch on the clients is configured to use mdns as well as dns, which on my system (Ubuntu 11.10) it is. If not, and 15z registers itself with the dnsmasq DHCP server, then you can bypass ahavi/mdns and just CNAME 15z.foobar.dev to the machine 15z in dnsmasq config: cname=15z.foobar.dev,15z This is actually what I tried initially but it was "cname=15z.foobar.dev,15z.local". The documentation says that's not allowed. It has to be a name that's registered in /etc/hosts or by a DHCP client. What I'm up against here (why I can't use cname=15z.foobar.dev,15z) is we have multiple laptops that float around from being plugged in to wireless each with different IPs depending on the nic. What that equates to in dnsmasq terms is static leases but not for '15z' but rather '15z-wifi' *and* '15z-eth0' for example. Do you have to use static leases? Can't you just let dnsmasq allocate the same IP to the client based on its hostname/client ID, whatever connection/MAC it's using? Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] server-side dynamic resolving
Hi Travis, On Sat, 11 Aug 2012, Travis Hansen wrote: > I'm attempting to integrate dnsmasq with mdns. I'm not really sure > how to go about it but I'll explain the scenario... > > 1. My machine is known as '15z' and via mdns clients resolves as 15z.local > 2. I have apache running mod_dnssd (not actually critical to the > situation but gives context at least) with a virtual host > 15z.foobar.dev > 3. I'd like to make it so 15z.foobar.dev gets returned by dnsmasq as > whatever the current value of 15z.local is (the server is running > avahi). > > Anyone have any great suggestions for me? I've thought about > combinations of entering cname records into dnsmasq and somehow trying > to integrate that but ultimately Do you control the DNS for the foobar.dev zone, and is it hosted by a full DNS server (not dnsmasq)? If so, just put a CNAME in the zone file: 15z IN CNAME 15z.local. If not, and 15z registers itself with the dnsmasq DHCP server, then you can bypass ahavi/mdns and just CNAME 15z.foobar.dev to the machine 15z in dnsmasq config: cname=15z.foobar.dev,15z > I couldn't get dnsmasq to return what the local *server* resolves a given name > too (limited to just hosts/dhcp/upstream dns). You probably can't do that without programming, so I suggest you find other ways to achieve what you want first, such as CNAME. > I'd rather not run stuff client side. With a CNAME you don't need to run anything other than a standard resolver on the client side, which most likely you already do. Cheers, Chris. -- Aptivate | http://www.aptivate.org | Phone: +44 1223 967 838 Future Business, Cam City FC, Milton Rd, Cambridge, CB4 1UY, UK Aptivate is a not-for-profit company registered in England and Wales with company number 04980791. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] dhclient makes repeated queries to dnsmasq when running on multiple interfaces
Hi all,
I'm forwarding this query here as well, as it's about a poor interaction
between dhclient and dnsmasq, and there may be a bug in dnsmasq (replying
to the wrong IP address for DHCP queries). Has anyone seen this before or
can help me to solve the problem?
Cheers, Chris.
-- Forwarded message --
Date: Thu, 2 Aug 2012 18:55:51 +0200 (CAT)
From: Chris Wilson
To: dhcp-b...@isc.org
Subject: dhclient makes repeated queries when running on multiple interfaces
Dear sirs,
I'm writing to inquire about the status of your bug #19604, as unfortunately
you do not have a public bug tracker that I can check.
It was mentioned on this Fedora ticket:
https://bugzilla.redhat.com/show_bug.cgi?id=469258 where David Cantrell wrote
"Sadly, no, but I will post any updates from ISC here." That was three years
ago.
This bug appears also to be present in dhclient 3.1.3
(dhcp3-client-2ubuntu3.3), the version in Ubuntu 10.04 (Lucid) LTS. It's
noticeable that when I have a laptop connected using both wired and wireless
interfaces, both configured by DHCP using Network Manager, it send the wireless
DHCP query out of the wired interface:
16:53:03.995187 44:87:fc:0b:22:08 > 00:00:24:cd:fe:be, ethertype IPv4 (0x0800),
length 342: 192.168.128.125.68 > 192.168.128.1.67: BOOTP/DHCP, Request from
74:f0:6d:68:49:de, length 300
Note: 44:87:fc:0b:22:08 and 192.168.128.125 are the addresses of eth0, the
wired interface, while 74:f0:6d:68:49:de and 192.168.128.170 are the wireless
interface:
2: eth0: mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 44:87:fc:0b:22:08 brd ff:ff:ff:ff:ff:ff
inet 192.168.128.125/22 brd 192.168.131.255 scope global eth0
inet6 fe80::4687:fcff:fe0b:2208/64 scope link
valid_lft forever preferred_lft forever
3: wlan0: mtu 1500 qdisc pfifo_fast state UP
qlen 1000
link/ether 74:f0:6d:68:49:de brd ff:ff:ff:ff:ff:ff
inet 192.168.128.170/22 brd 192.168.131.255 scope global wlan0
inet6 fe80::76f0:6dff:fe68:49de/64 scope link
valid_lft forever preferred_lft forever
Now dnsmasq finds an existing lease and replies to the address of the owner of
that lease, instead of the IP address that the request was sent from, but still
using the interface and destination MAC address that the request was received
on. I'm not sure if that's a bug, and the reason why dhclient appears to ignore
the reply?
Aug 2 16:53:03 ipad2 dnsmasq-dhcp[2003]: DHCPREQUEST(br1) 192.168.128.170
74:f0:6d:68:49:de
Aug 2 16:53:03 ipad2 dnsmasq-dhcp[2003]: DHCPACK(br1) 192.168.128.170
74:f0:6d:68:49:de classmate
16:53:04.102038 00:00:24:cd:fe:be > 44:87:fc:0b:22:08, ethertype IPv4 (0x0800),
length 357: 192.168.128.1.67 > 192.168.128.170.68: BOOTP/DHCP, Reply, length
315
Anyway, it appears that dhclient receives and ignores this reply, and sends
another request 10-20 seconds later:
16:58:33 send(3, "<30>Aug 2 16:58:33 dhclient: DHCPREQUEST of 192.168.128.170
on wlan0 to 192.168.128.1 port 67", 94, MSG_NOSIGNAL) = 94
16:58:33 write(2, "DHCPREQUEST of 192.168.128.170 on wlan0 to 192.168.128.1
port 67", 64) = 64
16:58:33 write(2, "\n", 1) = 1
16:58:33 sendto(5,
"\1\1\6\0\356q#5:a\0\0\300\250\200\252\0\0\0\0\0\0\0\0\0\0\0\0t\360mhI\336\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0"...,
300, 0, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("192.168.128.1")}, 16) = 300
16:58:33 gettimeofday({1343919513, 5978}, NULL) = 0
16:58:33 select(7, [5 6], [], [], {9, 994022}) = 1 (in [5], left {9, 961011})
16:58:33 gettimeofday({1343919513, 39657}, NULL) = 0
16:58:33 recvfrom(5,
"\2\1\6\0\356q#5:a\200\0\300\250\200\252\300\250\200\252\300\250\200\1\0\0\0\0t\360mhI\336\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0pxelinux.0\0\0\0\0\0\0\0\0\0\0"...,
1540, 0, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("192.168.128.1")}, [16]) = 315
16:58:33 gettimeofday({1343919513, 40633}, NULL) = 0
16:58:33 select(7, [5 6], [], [], {9, 959367}) = 0 (Timeout)
16:58:43 gettimeofday({1343919523, 10553}, NULL) = 0
16:58:43 time(NULL) = 1343919523
16:58:43 send(3, "<30>Aug 2 16:58:43 dhclient: DHCPREQUEST of 192.168.128.170
on wlan0 to 192.168.128.1 port 67", 94, MSG_NOSIGNAL) = 94
16:58:43 write(2, "DHCPREQUEST of 192.168.128.170 on wlan0 to 192.168.128.1
port 67", 64) = 64
16:58:43 write(2, "\n", 1) = 1
16:58:43 sendto(5,
"\1\1\6\0\356q#5:k\0\0\300\250\200\252\0\0\0\0\0\0\0\0\0\0\0\0t\360mhI\336\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\0\
