Re: [Dnsmasq-discuss] dnsmasq On Subnets - Failing
On Tue, Sep 27, 2022 at 07:06:36PM +0530, Zetacloud wrote: > Hi. > > Thank you, Simon and "john doe" for your responses. I forgot to fix the > mailing list options to get individual emails, only digests, so I can't > respond individually. echo -e '\x57\x54F\0077' and lets hope that meanwhile the digest option is disabled. > I've inserted my responses below, prefixed with >##. Inline responses do NOT get any prefix. It are the replied lines that get prefixes like '> ' > I should also add that I installed and tested my setup with isc-dhcp > and everything works as as it should, with the appropriate interfaces > serving the right IP addresses. > So this is definitely a dnsmaq or dnsmasq.conf issue. http://www.catb.org/~esr/faqs/smart-questions.html#asking > I wanted to use dnsmasq primarily because I've used it before, for DNS, > and I needed a dynamic DNS update mechanism. > > Thanks again for your help. See below, no hard feelings. > Sam > > > On 25/09/2022 17:30, dnsmasq-discuss-requ...@lists.thekelleys.org.uk wrote: > > Today's Topics: > > > > 1. Re: dnsmasq On Subnets - Failing (john doe) > > 2. Re: dnsmasq On Subnets - Failing (Simon Kelley) > > > > > > -- > > > > Message: 1 > > Date: Sat, 24 Sep 2022 14:15:22 +0200 > > From: john doe > > To: dnsmasq-discuss@lists.thekelleys.org.uk > > Subject: Re: [Dnsmasq-discuss] dnsmasq On Subnets - Failing > > Message-ID: <6c183ea9-ac8d-f9c7-d898-ee4862144...@mail.com> > > Content-Type: text/plain; charset=UTF-8; format=flowed > > > > Giving some hints more than an answer. > > > > On 9/23/2022 2:20 PM, Zeta Cloud wrote: > > > Hi. > > > > > > I'm running dnsmasq as the local DHCP server in a container/VM/jail > > > intended to serve as a router for multiple VMs, and the router VM is > > > set up > > > with multiple vnics, each on a different subnet. > > I'll assume that you are talking about VLAN/alias interface. > > They're actually virtual interfaces, and not alias IP addresses assigned > to the same (virtual) hardware network card. > > > > vnic1: Subnet A -> 192.168.11.0 (external) > > What Ip are you realy getting on this interface? > > As indicated, I'm getting 3 IP addresses. > > > > vnic2: Subnet B -> 192.168.21.0 (internal) > > > vnic3: Subnet C -> 192.168.31.0 (storage) > > > > > > The problem I'm having is that as soon as a VM on subnet A requests > > > a DHCP > > > address, dnsmasq will not respond to any future requests from VMs on > > > subnet > > > B or subnet C. If I restart the dnsmasq service, and if the first DHCP > > > request is from subnet B, it won't respond to queries from subnet > > > A/C. Etc. > > > > > Does your network topology works without dnsmasq? > > Yes > > > > Is this peculiar to the particular version of dnsmasq-2.86? I've tried > > > everything, with and without option bind-interfaces, with and without all > > > interfaces explicitly listed, exclude-interfaces, etc. > > > > > See above point. > > > > > Any help on this would be greatly appreciated. I've already spent 2 days > > > trying to figure out what was going on. I'm trying to set up > > > containers/VMs. The problem I face is that once I set up a VM on one > > > subnet, VM creation fails for all other subnets. A restart of dnsmasq > > > doesn't help, because then dnsmasq responds to the first and subsequent > > > DHCP requests from a subnet, but stops responding to VMs on other > > > subnets. > > > > > > Thanks very much. > > > > > Try to get this working with one internal and one external interface. > > Works fine on a single interface, or with single subnet. Rethink that one. > > > My dnsmasq.conf included below for reference. > > > -- > > > dhcp-authoritative > > > dhcp-lease-max=1000 > > > dhcp-leasefile=/var/cache/dnsmasq/dnsmasq.leases > > > dhcp-rapid-commit > > Remove this one for the time being. > Which option are you referring to - dhcp-rapid-commit? > > > log-facility=/var/log/dnsmasq/dnsmasq.log > > > log-queries > > > log-dhcp > > > > > Do you see in the log why dnsmasq is not happy? > No. dnsmasq log shows no reaction, no logs, on any of the other > interfaces/subnets after it serves a DHCP request on any one interface. > > > > # NAT I
Re: [Dnsmasq-discuss] dnsmasq On Subnets - Failing
Hi. Thank you, Simon and "john doe" for your responses. I forgot to fix the mailing list options to get individual emails, only digests, so I can't respond individually. I've inserted my responses below, prefixed with >##. I should also add that I installed and tested my setup with isc-dhcp and everything works as as it should, with the appropriate interfaces serving the right IP addresses. So this is definitely a dnsmaq or dnsmasq.conf issue. I wanted to use dnsmasq primarily because I've used it before, for DNS, and I needed a dynamic DNS update mechanism. Thanks again for your help. Sam On 25/09/2022 17:30, dnsmasq-discuss-requ...@lists.thekelleys.org.uk wrote: Today's Topics: 1. Re: dnsmasq On Subnets - Failing (john doe) 2. Re: dnsmasq On Subnets - Failing (Simon Kelley) -- Message: 1 Date: Sat, 24 Sep 2022 14:15:22 +0200 From: john doe To: dnsmasq-discuss@lists.thekelleys.org.uk Subject: Re: [Dnsmasq-discuss] dnsmasq On Subnets - Failing Message-ID: <6c183ea9-ac8d-f9c7-d898-ee4862144...@mail.com> Content-Type: text/plain; charset=UTF-8; format=flowed Giving some hints more than an answer. On 9/23/2022 2:20 PM, Zeta Cloud wrote: Hi. I'm running dnsmasq as the local DHCP server in a container/VM/jail intended to serve as a router for multiple VMs, and the router VM is set up with multiple vnics, each on a different subnet. I'll assume that you are talking about VLAN/alias interface. >## They're actually virtual interfaces, and not alias IP addresses assigned to the same (virtual) hardware network card. vnic1: Subnet A -> 192.168.11.0 (external) What Ip are you realy getting on this interface? >## As indicated, I'm getting 3 IP addresses. vnic2: Subnet B -> 192.168.21.0 (internal) vnic3: Subnet C -> 192.168.31.0 (storage) The problem I'm having is that as soon as a VM on subnet A requests a DHCP address, dnsmasq will not respond to any future requests from VMs on subnet B or subnet C. If I restart the dnsmasq service, and if the first DHCP request is from subnet B, it won't respond to queries from subnet A/C. Etc. Does your network topology works without dnsmasq? >## Yes Is this peculiar to the particular version of dnsmasq-2.86? I've tried everything, with and without option bind-interfaces, with and without all interfaces explicitly listed, exclude-interfaces, etc. See above point. Any help on this would be greatly appreciated. I've already spent 2 days trying to figure out what was going on. I'm trying to set up containers/VMs. The problem I face is that once I set up a VM on one subnet, VM creation fails for all other subnets. A restart of dnsmasq doesn't help, because then dnsmasq responds to the first and subsequent DHCP requests from a subnet, but stops responding to VMs on other subnets. Thanks very much. Try to get this working with one internal and one external interface. >## Works fine on a single interface, or with single subnet. My dnsmasq.conf included below for reference. -- dhcp-authoritative dhcp-lease-max=1000 dhcp-leasefile=/var/cache/dnsmasq/dnsmasq.leases dhcp-rapid-commit Remove this one for the time being. >## Which option are you referring to - dhcp-rapid-commit? log-facility=/var/log/dnsmasq/dnsmasq.log log-queries log-dhcp Do you see in the log why dnsmasq is not happy? >## No. dnsmasq log shows no reaction, no logs, on any of the other interfaces/subnets after it serves a DHCP request on any one interface. # NAT Interface except-interface=net0 no-dhcp-interface=net0 If you ignore the interface, the other flag is not realy needed. >## Yes, I know, this is just overkill. net0 is connected to the LAN router which also has a DHCP server. domain=zetac.lan # Subnet A interface=net1 bind-interfaces listen-address=192.168.11.1 dhcp-range=set:extl,192.168.11.101,192.168.11.200,12h dhcp-option=tag:extl,option:dns-server,192.168.11.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan # Subnet B interface=net2 bind-interfaces Why do you use this opt multiple times, I would only use it once. >## Actually, I have the settings for each subnet in a different conf file, which helps better manage each subnet. So there is some overlap/repeat with the options. listen-address=192.168.21.1 In this context, I can't say that I see the point of using the above. >## OK dhcp-option=tag:intl,option:dns-server,192.168.21.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan Do you realy need those opts? >## not when they are the same/similar for every subnet. I have left them in the settings for each subnet to later test changing these settings along with the IP address assigned to each subnet. # Subnet B interface=net3 bind-interfaces listen-address=192.168.31.1 dhcp-range=set:intl,192.168.31.101
Re: [Dnsmasq-discuss] dnsmasq On Subnets - Failing
On 23/09/2022 13:20, Zeta Cloud wrote: Hi. I'm running dnsmasq as the local DHCP server in a container/VM/jail intended to serve as a router for multiple VMs, and the router VM is set up with multiple vnics, each on a different subnet. vnic1: Subnet A -> 192.168.11.0 (external) vnic2: Subnet B -> 192.168.21.0 (internal) vnic3: Subnet C -> 192.168.31.0 (storage) The problem I'm having is that as soon as a VM on subnet A requests a DHCP address, dnsmasq will not respond to any future requests from VMs on subnet B or subnet C. If I restart the dnsmasq service, and if the first DHCP request is from subnet B, it won't respond to queries from subnet A/C. Etc. Is this peculiar to the particular version of dnsmasq-2.86? I've tried everything, with and without option bind-interfaces, with and without all interfaces explicitly listed, exclude-interfaces, etc. Any help on this would be greatly appreciated. I've already spent 2 days trying to figure out what was going on. I'm trying to set up containers/VMs. The problem I face is that once I set up a VM on one subnet, VM creation fails for all other subnets. A restart of dnsmasq doesn't help, because then dnsmasq responds to the first and subsequent DHCP requests from a subnet, but stops responding to VMs on other subnets. Thanks very much. Sam My dnsmasq.conf included below for reference. -- dhcp-authoritative dhcp-lease-max=1000 dhcp-leasefile=/var/cache/dnsmasq/dnsmasq.leases dhcp-rapid-commit log-facility=/var/log/dnsmasq/dnsmasq.log log-queries log-dhcp # NAT Interface except-interface=net0 no-dhcp-interface=net0 domain=zetac.lan # Subnet A interface=net1 bind-interfaces listen-address=192.168.11.1 dhcp-range=set:extl,192.168.11.101,192.168.11.200,12h dhcp-option=tag:extl,option:dns-server,192.168.11.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan # Subnet B interface=net2 bind-interfaces listen-address=192.168.21.1 dhcp-range=set:intl,192.168.21.101,192.168.21.200,12h dhcp-option=tag:intl,option:dns-server,192.168.21.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan # Subnet B interface=net3 bind-interfaces listen-address=192.168.31.1 dhcp-range=set:intl,192.168.31.101,192.168.31.200,12h dhcp-option=tag:intl,option:dns-server,192.168.31.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan bogus-priv filterwin2k no-hosts no-resolv no-poll expand-hosts domain-needed dns-forward-max=150 neg-ttl=3600 What netmasks are set _in_the_kernel_ for net1, net2 and net3? The fact that you've set the netmasks as dhcp-options makes me worry that they may not be set correctly, as if they are you wouldn't need the dhcp-options, the correct value would be sent automatically. You have log-dhcp set. Posting the resulting logs here might be useful. Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq On Subnets - Failing
Giving some hints more than an answer. On 9/23/2022 2:20 PM, Zeta Cloud wrote: Hi. I'm running dnsmasq as the local DHCP server in a container/VM/jail intended to serve as a router for multiple VMs, and the router VM is set up with multiple vnics, each on a different subnet. I'll assume that you are talking about VLAN/alias interface. vnic1: Subnet A -> 192.168.11.0 (external) What Ip are you realy getting on this interface? vnic2: Subnet B -> 192.168.21.0 (internal) vnic3: Subnet C -> 192.168.31.0 (storage) The problem I'm having is that as soon as a VM on subnet A requests a DHCP address, dnsmasq will not respond to any future requests from VMs on subnet B or subnet C. If I restart the dnsmasq service, and if the first DHCP request is from subnet B, it won't respond to queries from subnet A/C. Etc. Does your network topology works without dnsmasq? Is this peculiar to the particular version of dnsmasq-2.86? I've tried everything, with and without option bind-interfaces, with and without all interfaces explicitly listed, exclude-interfaces, etc. See above point. Any help on this would be greatly appreciated. I've already spent 2 days trying to figure out what was going on. I'm trying to set up containers/VMs. The problem I face is that once I set up a VM on one subnet, VM creation fails for all other subnets. A restart of dnsmasq doesn't help, because then dnsmasq responds to the first and subsequent DHCP requests from a subnet, but stops responding to VMs on other subnets. Thanks very much. Try to get this working with one internal and one external interface. My dnsmasq.conf included below for reference. -- dhcp-authoritative dhcp-lease-max=1000 dhcp-leasefile=/var/cache/dnsmasq/dnsmasq.leases dhcp-rapid-commit Remove this one for the time being. log-facility=/var/log/dnsmasq/dnsmasq.log log-queries log-dhcp Do you see in the log why dnsmasq is not happy? # NAT Interface except-interface=net0 no-dhcp-interface=net0 If you ignore the interface, the other flag is not realy needed. domain=zetac.lan # Subnet A interface=net1 bind-interfaces listen-address=192.168.11.1 dhcp-range=set:extl,192.168.11.101,192.168.11.200,12h dhcp-option=tag:extl,option:dns-server,192.168.11.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan # Subnet B interface=net2 bind-interfaces Why do you use this opt multiple times, I would only use it once. listen-address=192.168.21.1 In this context, I can't say that I see the point of using the above. dhcp-option=tag:intl,option:dns-server,192.168.21.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan Do you realy need those opts? # Subnet B interface=net3 bind-interfaces listen-address=192.168.31.1 dhcp-range=set:intl,192.168.31.101,192.168.31.200,12h dhcp-option=tag:intl,option:dns-server,192.168.31.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan Same points as for the other subnet. If I may, find a simple network example for two interfaces (internal/external), then get dnsmasq working and build up from there. -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] dnsmasq On Subnets - Failing
Hi. I'm running dnsmasq as the local DHCP server in a container/VM/jail intended to serve as a router for multiple VMs, and the router VM is set up with multiple vnics, each on a different subnet. vnic1: Subnet A -> 192.168.11.0 (external) vnic2: Subnet B -> 192.168.21.0 (internal) vnic3: Subnet C -> 192.168.31.0 (storage) The problem I'm having is that as soon as a VM on subnet A requests a DHCP address, dnsmasq will not respond to any future requests from VMs on subnet B or subnet C. If I restart the dnsmasq service, and if the first DHCP request is from subnet B, it won't respond to queries from subnet A/C. Etc. Is this peculiar to the particular version of dnsmasq-2.86? I've tried everything, with and without option bind-interfaces, with and without all interfaces explicitly listed, exclude-interfaces, etc. Any help on this would be greatly appreciated. I've already spent 2 days trying to figure out what was going on. I'm trying to set up containers/VMs. The problem I face is that once I set up a VM on one subnet, VM creation fails for all other subnets. A restart of dnsmasq doesn't help, because then dnsmasq responds to the first and subsequent DHCP requests from a subnet, but stops responding to VMs on other subnets. Thanks very much. Sam My dnsmasq.conf included below for reference. -- dhcp-authoritative dhcp-lease-max=1000 dhcp-leasefile=/var/cache/dnsmasq/dnsmasq.leases dhcp-rapid-commit log-facility=/var/log/dnsmasq/dnsmasq.log log-queries log-dhcp # NAT Interface except-interface=net0 no-dhcp-interface=net0 domain=zetac.lan # Subnet A interface=net1 bind-interfaces listen-address=192.168.11.1 dhcp-range=set:extl,192.168.11.101,192.168.11.200,12h dhcp-option=tag:extl,option:dns-server,192.168.11.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan # Subnet B interface=net2 bind-interfaces listen-address=192.168.21.1 dhcp-range=set:intl,192.168.21.101,192.168.21.200,12h dhcp-option=tag:intl,option:dns-server,192.168.21.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan # Subnet B interface=net3 bind-interfaces listen-address=192.168.31.1 dhcp-range=set:intl,192.168.31.101,192.168.31.200,12h dhcp-option=tag:intl,option:dns-server,192.168.31.1 dhcp-option=option:netmask,255.255.255.0 dhcp-option=option:domain-name,zetac.lan bogus-priv filterwin2k no-hosts no-resolv no-poll expand-hosts domain-needed dns-forward-max=150 neg-ttl=3600 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
