Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
Sent: Tuesday, October 24, 2023 at 10:15 PM
From: "Simon Kelley"
>
> On 18/10/2023 08:58, Luigi Baldoni via Dnsmasq-discuss wrote:
> >Hello,
> > I'm having a hard time making dnsmasq run together with kea-dhcp4-server on
> > the same machine.
> > Even though they listen on different interfaces, the first one prevents the
> > other from starting.
> > With the old isc-dhcp-server, "bind-interfaces" was enough. But now strace
> > shows
> > 'bind(4, {sa_family=AF_INET, sin_port=htons(67),
> > sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EADDRINUSE (Address already in
> > use)'
> > no matter how much I tinker with the configuration.
> >
> > Any ideas?
>
> This is tricky. Making DHCP work for IPv4 really requires binding the
> wildcard address, 0.0.0.0 and this makes running multiple servers on
> different interface of the same machine problematic. Dnsmasq does its
> best, and pretty much works for multiple dnsmasq instances. There are
> two different actions needed: 1) Set the socket option SO_REUSEPORT on
> the DHCP socket: this allows multiple processes to bind the same port
> number. Dnsmasq always does this when bind-interfaces is set. 2) Bind
> the socket to a physical interface, so that packets send to
> 255.255.255.255 get send to the correct dnsmasq instance based on which
> interface they arrive on. Dnsmasq does this when bind-interfaces is set,
> and it's configured using --interface to listen on exactly one interface.
>
> The problem you have, I think, is that Kea is not sharing nicely in the
> same way. The Kea code on github doesn't set SO_REUSEPORT for DHCPv4 (it
> does for DHCPv6) The old ISC server does raw packet IO to avoid the
> problems with the kernel IP stack for DHCPv4, and that's probably why it
> works. I've not looked at Kea in detail, but it's likely that it uses
> the same approach to making DHCPv4 work using the kernel IP stack that
> dnsmasq does, but it looks like it's not had the time that dnsmasq has
> to accrete the workarounds needed to run multiple DHCP servers in one
> kernel.
>
> I'd suggest that this is a Kea problem, not a dnsmasq one.
Thanks for the in-depth answer.
Will file a bug report upstream and see what the ISC people can tell me.
Regards
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
On 18/10/2023 08:58, Luigi Baldoni via Dnsmasq-discuss wrote:
Hello,
I'm having a hard time making dnsmasq run together with kea-dhcp4-server on the
same machine.
Even though they listen on different interfaces, the first one prevents the
other from starting.
With the old isc-dhcp-server, "bind-interfaces" was enough. But now strace shows
'bind(4, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EADDRINUSE (Address already in use)'
no matter how much I tinker with the configuration.
Any ideas?
This is tricky. Making DHCP work for IPv4 really requires binding the
wildcard address, 0.0.0.0 and this makes running multiple servers on
different interface of the same machine problematic. Dnsmasq does its
best, and pretty much works for multiple dnsmasq instances. There are
two different actions needed: 1) Set the socket option SO_REUSEPORT on
the DHCP socket: this allows multiple processes to bind the same port
number. Dnsmasq always does this when bind-interfaces is set. 2) Bind
the socket to a physical interface, so that packets send to
255.255.255.255 get send to the correct dnsmasq instance based on which
interface they arrive on. Dnsmasq does this when bind-interfaces is set,
and it's configured using --interface to listen on exactly one interface.
The problem you have, I think, is that Kea is not sharing nicely in the
same way. The Kea code on github doesn't set SO_REUSEPORT for DHCPv4 (it
does for DHCPv6) The old ISC server does raw packet IO to avoid the
problems with the kernel IP stack for DHCPv4, and that's probably why it
works. I've not looked at Kea in detail, but it's likely that it uses
the same approach to making DHCPv4 work using the kernel IP stack that
dnsmasq does, but it looks like it's not had the time that dnsmasq has
to accrete the workarounds needed to run multiple DHCP servers in one
kernel.
I'd suggest that this is a Kea problem, not a dnsmasq one.
Cheers,
Simon.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
On Thu, Oct 19, 2023 at 06:59:00PM +0200, Matus UHLAR - fantomas wrote: > Luigi Baldoni wrote: > > > >Applying --no-dhcp-interface for lo and other interfaces did not help. > > > >Would the dhcp server still work if listening on a different interface? > > > > > > yes, that's possible. > > > option bind-interfaces should fix the problem. > > > > That solved the problem with ISC dhcp server, but not with kea. > > perhaps kea also needs option to bind to single interface, Yeah, I also think kea should have such option. Other idea: network name spaces I haven't played with network ns. I can't tell if it solves the "problem" of OP. But it is what I expect from name spaces. Groeten Geert Stappers -- Silence is hard to parse ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
Sent: Thursday, October 19, 2023 at 4:06 PM From: "Matus UHLAR - fantomas" >On Wed Oct 18 09:00:24 UTC 2023, Matus UHLAR wrote: >> I don't see any explicit option to disable dhcp server, but using >> --no-dhcp-interface= option or --dhcp-alternate-port could hep you. On 19.10.23 14:02, Luigi Baldoni via Dnsmasq-discuss wrote: >I do not wish to disable the dhcp server, indeed I want to use it. why do you run kea dhcp server then? On 19.10.23 16:57, Luigi Baldoni via Dnsmasq-discuss wrote: It's different traffic that I wish to handle separately and it's easier for me this way. to run two different DHCP servers on two different interfaces? >Applying --no-dhcp-interface for lo and other interfaces did not help. >Would the dhcp server still work if listening on a different interface? yes, that's possible. option bind-interfaces should fix the problem. That solved the problem with ISC dhcp server, but not with kea. perhaps kea also needs option to bind to single interface, so neither of them will bind to wildcard and they won't try the same interface. >> how is it being started? could the startup procedures be protecting the config by rewriting it to a known state during startup? >On Wed Oct 18 09:56:49 UTC 2023, wkitty42 wrote: >Tried init, systemctl (two different debian installations) and invoking the daemon straight from console: no change. I don't think this will help. Which one? either. Debian installation does not regenerate config at startup AFAIK the problem is that both dnsmasq and kea dhcp server are trying to listen on port 69. On different interfaces. And it's hard for me to understand why both, or dnsmasq at any rate, attempt to listen on interfaces that are explicitly excluded in the configuration. bind-interfaces dnsmasq option should tell it not to bind to wildcard and no-dhcp-interfaces should tell it not to bind to port 69 on specific interfaces. Just find similar option for kea. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. BSE = Mad Cow Desease ... BSA = Mad Software Producents Desease ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
Sent: Thursday, October 19, 2023 at 4:06 PM From: "Matus UHLAR - fantomas" > > >On Wed Oct 18 09:00:24 UTC 2023, Matus UHLAR wrote: > >> I don't see any explicit option to disable dhcp server, but using > >> --no-dhcp-interface= option or --dhcp-alternate-port could hep you. > > On 19.10.23 14:02, Luigi Baldoni via Dnsmasq-discuss wrote: > >I do not wish to disable the dhcp server, indeed I want to use it. > > why do you run kea dhcp server then? It's different traffic that I wish to handle separately and it's easier for me this way. > >Applying --no-dhcp-interface for lo and other interfaces did not help. > >Would the dhcp server still work if listening on a different interface? > > yes, that's possible. > option bind-interfaces should fix the problem. That solved the problem with ISC dhcp server, but not with kea. > >> how is it being started? could the startup procedures be protecting the > >> config by rewriting it to a known state during startup? > > >On Wed Oct 18 09:56:49 UTC 2023, wkitty42 wrote: > >Tried init, systemctl (two different debian installations) and invoking the > >daemon straight from console: no change. > > I don't think this will help. Which one? > the problem is that both dnsmasq and kea dhcp server are trying to listen on > port 69. On different interfaces. And it's hard for me to understand why both, or dnsmasq at any rate, attempt to listen on interfaces that are explicitly excluded in the configuration. Regards ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
On Wed Oct 18 09:00:24 UTC 2023, Matus UHLAR wrote: I don't see any explicit option to disable dhcp server, but using --no-dhcp-interface= option or --dhcp-alternate-port could hep you. On 19.10.23 14:02, Luigi Baldoni via Dnsmasq-discuss wrote: I do not wish to disable the dhcp server, indeed I want to use it. why do you run kea dhcp server then? Applying --no-dhcp-interface for lo and other interfaces did not help. Would the dhcp server still work if listening on a different interface? yes, that's possible. option bind-interfaces should fix the problem. how is it being started? could the startup procedures be protecting the config by rewriting it to a known state during startup? On Wed Oct 18 09:56:49 UTC 2023, wkitty42 wrote: Tried init, systemctl (two different debian installations) and invoking the daemon straight from console: no change. I don't think this will help. the problem is that both dnsmasq and kea dhcp server are trying to listen on port 69. -- Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/ Warning: I wish NOT to receive e-mail advertising to this address. Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu. I drive way too fast to worry about cholesterol. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
On Wed Oct 18 09:00:24 UTC 2023, Matus UHLAR wrote: > I don't see any explicit option to disable dhcp server, but using > --no-dhcp-interface= option or --dhcp-alternate-port could hep you. I do not wish to disable the dhcp server, indeed I want to use it. Applying --no-dhcp-interface for lo and other interfaces did not help. Would the dhcp server still work if listening on a different interface? On Wed Oct 18 09:56:49 UTC 2023, wkitty42 wrote: > how is it being started? could the startup procedures be protecting the > config by rewriting it to a known state during startup? Tried init, systemctl (two different debian installations) and invoking the daemon straight from console: no change. Regards ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
On 10/18/23 3:58 AM, Luigi Baldoni via Dnsmasq-discuss wrote:
Hello,
I'm having a hard time making dnsmasq run together with kea-dhcp4-server on the
same machine.
Even though they listen on different interfaces, the first one prevents the
other from starting.
With the old isc-dhcp-server, "bind-interfaces" was enough. But now strace shows
'bind(4, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EADDRINUSE (Address already in use)'
no matter how much I tinker with the configuration.
how is it being started? could the startup procedures be protecting the config
by rewriting it to a known state during startup?
--
NOTE: No off-list assistance is given without prior approval.
*Please keep mailing list traffic on the list unless*
*a signed and pre-paid contract is in effect with us.*
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Having dnsmasq coexist with other dhcp server
On 18.10.23 09:58, Luigi Baldoni via Dnsmasq-discuss wrote:
I'm having a hard time making dnsmasq run together with kea-dhcp4-server on the
same machine.
Even though they listen on different interfaces, the first one prevents the
other from starting.
With the old isc-dhcp-server, "bind-interfaces" was enough. But now strace shows
'bind(4, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("0.0.0.0")}, 16) = -1 EADDRINUSE (Address already in use)'
no matter how much I tinker with the configuration.
I don't see any explicit option to disable dhcp server, but using
--no-dhcp-interface= option or --dhcp-alternate-port could hep you.
--
Matus UHLAR - fantomas, uh...@fantomas.sk ; http://www.fantomas.sk/
Warning: I wish NOT to receive e-mail advertising to this address.
Varovanie: na tuto adresu chcem NEDOSTAVAT akukolvek reklamnu postu.
WinError #9: Out of error messages.
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
