[Dnsmasq-discuss] Server problems.

2019-05-04 Thread Simon Kelley
This post is partly to apologies for list server problems over the last few week, and partly to test if they are now fixed. Sorry for the noise. Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk

Re: [Dnsmasq-discuss] ubus problem

2019-04-10 Thread Simon Kelley
On 10/04/2019 17:55, Jan Willem Janssen wrote: > On Mon, 2019-04-08 at 20:41 +0100, Simon Kelley wrote: >>> I've to give it some thought about how we could support multiple Dnsmasq >>> instances in >>> combination with UBus. Not sure how the DB

Re: [Dnsmasq-discuss] ubus problem

2019-04-08 Thread Simon Kelley
> > I've to give it some thought about how we could support multiple Dnsmasq > instances in > combination with UBus. Not sure how the DBus implementation would handle > this... It doesn't: the path is a compile-time parameter. It's not clear that the entities on the other end of the UBus

Re: [Dnsmasq-discuss] ubus problem

2019-04-08 Thread Simon Kelley
@Jan? (I suspect that nothing has changed, except that a previously silent error is now no longer silent, but it would be nice to confirm this, and maybe explicitly consider this case.) Simon On 08/04/2019 15:24, e9hack wrote: > Hi, > > I'm using the latest dnsmasq version with openwrt.

Re: [Dnsmasq-discuss] misunderstanding negative caching

2019-04-04 Thread Simon Kelley
ver tried immediately, or c) just a > timeout within system defined time out? > > We are looking to avoid a delay with failing / overloaded DNS servers, > whence asking all those weird questions. > > Thanks again, > > On 4/4/2019 10:39 AM, Simon Kelley wrote: >&g

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

2019-04-04 Thread Simon Kelley
or after iptables, for the packet to be blocked, but still appear (as it did) in the packet capture, it would have to be before iptables. Cheers, Simon. On 04/04/2019 18:42, Conrad Kostecki wrote: > Hi Simon, > > Am 04.04.2019 16:10:32, "Simon Kelley" schrieb: > &g

Re: [Dnsmasq-discuss] misunderstanding negative caching

2019-04-04 Thread Simon Kelley
On 27/03/2019 00:32, alexander.v.lit...@gmail.com wrote: > Dear list, > > I configured dnsmasq with enabled negative cache and neg-ttl 600.  I > attempted to use it with a query that times out (configured fake dns servers > in the config file).  When I ping a host, I have NXDOMAIN in logs. 

Re: [Dnsmasq-discuss] Odd caching behaviour...

2019-04-04 Thread Simon Kelley
oducible, then. That's a pity. Cheers, Simon. > > Cheers, > > John > > > > On Fri, 29 Mar 2019 at 22:43, Simon Kelley <mailto:si...@thekelleys.org.uk>> wrote: > > On 21/03/2019 11:01, John Robson wrote: > > OK, > > > > Maybe th

Re: [Dnsmasq-discuss] dnsmasq router advertisement/DHCPv6 configuration

2019-04-04 Thread Simon Kelley
On 29/03/2019 16:55, Marco Schuster wrote: > Hello all, > > I have a working IPv4 setup as follows: > 1) AVM FritzBox as DSL router > 2) Debian / dnsmasq 2.80-1 router, with eth0 being uplink to the > FritzBox and eth1.X the client VLANs (1-16) > 3) a couple dozen clients in the different VLANs >

Re: [Dnsmasq-discuss] Preferred vs Valid dhcpv6 lifetime

2019-04-04 Thread Simon Kelley
On 03/04/2019 04:56, Bryce Larson wrote: > In many dhcpv6 servers and on layer 3 switches, you can configure the > valid lifetime and the preferred lifetime separately for dhcpv6 leases.  > Does that functionality exist in dnsmasq?  It doesn't seem to be > documented in the man page.  Looking

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

2019-04-04 Thread Simon Kelley
On 03/04/2019 19:47, Conrad Kostecki wrote: > Hi, > in order to make PXE possible with older notebooks, I've compiled for > myself Netboot. > This is a piece of software, which starts from floppy, where you can > load your dos paket driver and start PXE. > Basically, it makes possible to boot with

Re: [Dnsmasq-discuss] 'shared-network' behavior would be huge

2019-04-01 Thread Simon Kelley
; have a 'shared-network' config line for each even though one will be a > bit redundant (shared-network=192.168.127.254,192.168.127.0)? Yes, that should work fine. Cheers, Simon. > > So far, this is really great. Thank you so much. > > > Regards, > Ryan Gray > &

Re: [Dnsmasq-discuss] 'shared-network' behavior would be huge

2019-03-31 Thread Simon Kelley
ough information in this case. You can set tag in the dhcp-range, as before, and use it to control the DHCP options sent to the client (which should include router, as the normal default route option won't be sent. Simon. > On Fri, Mar 29, 2019 at 4:13 PM Simon Kelley wrote: >> >> O

Re: [Dnsmasq-discuss] Odd caching behaviour...

2019-03-29 Thread Simon Kelley
On 21/03/2019 11:01, John Robson wrote: > OK, > > Maybe this does reveal something about the caching... > Which might be expected behaviour, but I am not convinced it's useful... > > Overnight monitoring has shown that the upstream server does > occasionally send back an incomplete (but

Re: [Dnsmasq-discuss] [PATCH] Improve UBus support

2019-03-29 Thread Simon Kelley
This all looks sensible, with one exception: the logging in set_ubus_listeners() and check_ubus_listeners() and associated with the calls to check_ubus_listeners can potentially massively span the logs - a long lived error will log multiple lines every time dnsmasq spins its event loop. It would

Re: [Dnsmasq-discuss] Is wrapping close() in retry_send() required ?

2019-03-29 Thread Simon Kelley
On 26/03/2019 19:33, Pali Rohár wrote: > On Wednesday 27 February 2019 17:07:21 Simon Kelley wrote: >> On 27/02/2019 15:06, Bogdan Harjoc wrote: >>> There are 50 calls to close() in dnsmasq-2.80, and 10 of them are >>> wrapped in retry_send(). >>> >>>

Re: [Dnsmasq-discuss] 'shared-network' behavior would be huge

2019-03-29 Thread Simon Kelley
On 29/03/2019 20:36, Ryan Gray wrote: > Hello other humans, > > First, Simon Kelly, thank you for dnsmasq. > > I noticed here > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2018q4/012700.html > that there was discussion of the possibility of supporting behavior like > ISC's

Re: [Dnsmasq-discuss] [PATCH] Fix cmsg(3) API usage on OpenBSD

2019-03-28 Thread Simon Kelley
Patch applied. Many thanks. There's another instance of the same problem the src/dhcp.c which I've fixed as a separate commit. Cheers, Simon. On 22/03/2019 10:36, Jeremie Courreges-Anglas wrote: > > Hi, > > an unpatched dnsmasq daemon fails on OpenBSD since 2016, since kernel > support was

Re: [Dnsmasq-discuss] Parsing limitation for big dns query responses in tcp

2019-03-22 Thread Simon Kelley
Could you give more details on exactly how you're testing this? Whereever that error is coming from, it's not from dnsmasq, which doesn't use the resolver library at all. Simon. On 20/03/2019 14:59, Philippe Lamhaut wrote: > Hello, > > I am using dnsmasq version 2.80 as dns client in an

Re: [Dnsmasq-discuss] Minimal capabilities for options

2019-03-16 Thread Simon Kelley
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=305ffb5ef0ba5ab1df32ef80f266a4c9e395ca13 is a first pass on this. I have a nasty feeling that there are configurations which need some of the capabilities and have had a free pass because they are always there, which I've missed (I only

Re: [Dnsmasq-discuss] Why is a different TTL resturned for bare and FQDN queries?

2019-03-15 Thread Simon Kelley
Sorry for lack of reply to this, I hope you're still there, Wojtek. I think this may have something to do with your other post about authoritative mode - one of the answers has the "aa" flag set, and the other one doesn't. It would be useful, for both of the situations you describe, to set

Re: [Dnsmasq-discuss] Use dnsmasq to assign static /32 addresses via DHCP

2019-03-15 Thread Simon Kelley
On 15/03/2019 12:44, Peter Lieven wrote: > Hi Simon, > > Am 14.03.19 um 18:41 schrieb Simon Kelley: >> Is this a use for something like the ISC dhcpd shared-network configuration. >> >> >> In the dnsmasq case, we could have something like >> >> s

Re: [Dnsmasq-discuss] Use dnsmasq to assign static /32 addresses via DHCP

2019-03-14 Thread Simon Kelley
Is this a use for something like the ISC dhcpd shared-network configuration. In the dnsmasq case, we could have something like shared-network=, or shared-network=, In the first case dnsmasq would behave _as_if_ the specified interface carried the address and netmask specified. In the second

Re: [Dnsmasq-discuss] Configuring DHCPv6 Vendor specific information using Option 17

2019-03-14 Thread Simon Kelley
discuss > [mailto:dnsmasq-discuss-boun...@lists.thekelleys.org.uk] On Behalf Of Simon > Kelley > Sent: Tuesday, March 5, 2019 4:04 AM > To: dnsmasq-discuss@lists.thekelleys.org.uk > Subject: Re: [Dnsmasq-discuss] Configuring DHCPv6 Vendor specific information > using Option 17 > > You ne

Re: [Dnsmasq-discuss] TCP Fast Open?

2019-03-10 Thread Simon Kelley
On 10/03/2019 02:02, Craig Andrews wrote: > TCP Fast Open eliminates a round trip for TCP connections. Since dnsmasq > is performance sensitive and uses many TCP connections, using TCP Fast > Open would be a nice improvement. See https://lwn.net/Articles/508865/ > for background. > > On the

Re: [Dnsmasq-discuss] "No IPv6 address available" for bulk request from IXIA DHCPv6 clients

2019-03-07 Thread Simon Kelley
What a strange configuration! I can sort-of explain what's happening here. DHCP is a two-phase process: The server first suggests an address, then the client accepts it and tells the server that it will be using the address. In dnsmasq, the first phase does not reserve an address. It's

Re: [Dnsmasq-discuss] Query forwarding behaviour with multiple name servers.

2019-03-07 Thread Simon Kelley
On 08/02/2019 09:49, John Robson wrote: > Hi all, > > I'm trying to understand the mechanism by which dnsmasq uses the > resolvers specified (in this case they are all specified in > /etc/resolv.conf). > Specifically I am trying to work out why dnsmasq is (erratically) > sending the same query to

Re: [Dnsmasq-discuss] [PATCH] auth-server without interface

2019-03-07 Thread Simon Kelley
On 15/02/2019 12:09, Petr Mensik wrote: > Hi! > > I was playing a bit with auth-vm and auth-server together with virtual > machine manager. I think it might be useful to omit interface in > auth-server at all, just change name reported by auth-vm zones on normal > dns port. > > Libvirt uses

Re: [Dnsmasq-discuss] Regarding dnslookup with dnsmasq 2.80 using dig command

2019-03-07 Thread Simon Kelley
There's not really enough information here to be sure, but I think this may be fixed by http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=162e5e0062ce923c494cc64282f293f0ed64fc10 Cheers, Simon. On 05/02/2019 08:18, Debananda Pal wrote: > Hi, > > I have updated dnsmasq from 2.79

Re: [Dnsmasq-discuss] Authoritative zone and no recursion replies

2019-03-07 Thread Simon Kelley
On 15/02/2019 12:54, Petr Mensik wrote: > Hi everyone. > > I think it is handy to be able to delegate some suffix from internal > domain, lets say example.com provided by BIND or any bigger server. But > recursive servers do not set recursive queries on normal delegation. > Delegation is when I

Re: [Dnsmasq-discuss] Referring the PXE GUID / UUID in dhcp script

2019-03-05 Thread Simon Kelley
On 20/02/2019 06:38, 西谷優希 wrote: > Hi, > > http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2010q1/003844.html > As mentioned in this post, a PXE request contains a GUID / UUID value. > Is there a way to refer this GUID / UUID in dhcp script? > > I'd like to implement like below: > 1.

Re: [Dnsmasq-discuss] Configuring DHCPv6 Vendor specific information using Option 17

2019-03-04 Thread Simon Kelley
You need something like --dhcp-option=vi-encap:47196,option6:100,\ "AOS-Switch:Top:Tokyo,3ffe:501::100::abcd,aruba123" Check the vendor-specific option number. I got the value of 100 from the data you provided, but I may have decoded it wrong. Cheers, Simon. On 04/03/2019 10:01, P,

Re: [Dnsmasq-discuss] DNSSEC BOGUS still replied to with IP

2019-03-01 Thread Simon Kelley
On 01/03/2019 20:33, Simon Kelley wrote: > > What's worrying is that Cloudflare and Google are both quite happy that > the answer is _not_ bogus, but dnsmasq thinks it is. I shall poke around > some more to try and understand that. > > > Answering myself, this appears t

Re: [Dnsmasq-discuss] DNSSEC BOGUS still replied to with IP

2019-03-01 Thread Simon Kelley
On 01/03/2019 18:56, Dominik DL6ER wrote: > Dear list members, > > to my understanding, dnsmasq should not return any valid records for BOGUS > domains. > However, using Cloudflare (1.1.1.1 / 1.0.0.1) as upstream, I see a domains > being > validated as BOGUS in the log, however, the A query

Re: [Dnsmasq-discuss] [PATCH] lease: prune lease as soon as expired

2019-02-27 Thread Simon Kelley
Nice catch. Patch applied. Thanks for your work with that one. Cheers, Simon. On 11/02/2019 16:04, Florent Fourcot wrote: > We detected a performance issue on a dnsmasq running many dhcp sessions > (more than 10 000). At the end of the day, the server was only releasing > old DHCP leases

Re: [Dnsmasq-discuss] Is wrapping close() in retry_send() required ?

2019-02-27 Thread Simon Kelley
On 27/02/2019 15:06, Bogdan Harjoc wrote: > There are 50 calls to close() in dnsmasq-2.80, and 10 of them are > wrapped in retry_send(). > > "man close" has this paragraph in the section "Dealing with error > returns from close": > > "Retrying the close() after a failure return is the wrong

Re: [Dnsmasq-discuss] CNAME caching issue in Dnsmasq(2.76)

2019-01-21 Thread Simon Kelley
On 21/01/2019 07:33, Yossi Boaron wrote: > > Is this dnsmasq limitation is just due to lack of support in code/bug?  > or it requires massive architectural changes of dnsmasq? > If it's the first one, I can try to fix this issue. > It's the second, unfortunately. a DNS query can be answered

Re: [Dnsmasq-discuss] 3 secs dhcp delay

2019-01-21 Thread Simon Kelley
On 21/01/2019 08:59, Harald Dunkel wrote: > On 1/18/19 10:36 AM, Harald Dunkel wrote: >> >> Do you think dnsmasq could watch/ping its IP address range while it is >> idle, caching the result? It might examine the local arp table as well: >> If there is an entry with matching MAC and IP address,

Re: [Dnsmasq-discuss] 3 secs dhcp delay

2019-01-21 Thread Simon Kelley
On 21/01/2019 11:49, Roy Marples wrote: > >> Will dnsmasq offer another IP address in case it receives a decline? > > It does with my testing, unless I hardcode the hardware address to a > fixed IP. This results in an infinite loop, but there's no real way > around that. It's supposed to

Re: [Dnsmasq-discuss] CNAME caching issue in Dnsmasq(2.76)

2019-01-20 Thread Simon Kelley
It's a known limitation. The actual limitation is that a CNAME and it's target must both either originate from an upstream server, or both originate from the dnsmasq local configuration. Mixing sources (ie CNAME from upstream and target from dnsmasq, or vice-versa) is not allowed. The commonest

Re: [Dnsmasq-discuss] [PATCH] Change read_leases() to skip invalid entries

2019-01-17 Thread Simon Kelley
Patch applied. Thanks. Simon. On 17/01/2019 20:50, Brian Haley wrote: > There's no reason to stop reading the existing lease file > when dnsmasq is started and an invalid entry is found, it > can just be ignored.  This was fallout from an Openstack > bug where the file was being written

Re: [Dnsmasq-discuss] 3 secs dhcp delay

2019-01-17 Thread Simon Kelley
On 17/01/2019 10:30, Harald Dunkel wrote: > Hi folks, > > I see a 3 to 4 secs delay for dnsmasq's dhcp protocol. Example: > > Strongswan's dhcp plugin obtains an IP address on behalf of the peer (a > road warrior laptop). The strongswan logfile on the host says > > : > Jan 14 10:48:07 18[IKE]

Re: [Dnsmasq-discuss] Fwd: [PATCH] fix entries in /etc/hosts disabling static leases

2019-01-17 Thread Simon Kelley
Patch applied, sorry for missing that in my review. Cheers, Simon. On 15/01/2019 22:45, Steven Siloti wrote: > On Tue, Jan 15, 2019 at 12:44 PM Kaas Baichtal > wrote: > > Hi, > > I tried to install this patch manually to my 2.80 and got a segfault >

Re: [Dnsmasq-discuss] Issues with CentOS 7 dnsmasq, stops resolving queries.

2019-01-17 Thread Simon Kelley
Setting log-queries in the dnsmasq config will get you some useful information. Simon. On 16/01/2019 21:26, elie...@ngtech.co.il wrote: > Hey, > > I have couple CentOS 7 hypervisors and VM's. > On the hypervisors I do not have any issue with dnsmasq as DHCP server but I > have not tried using

Re: [Dnsmasq-discuss] Solaris specific patches to fix build failures and improve performance

2019-01-17 Thread Simon Kelley
On 14/01/2019 15:56, libor.buk...@oracle.com wrote: > Hello, > > patches resolve the build failures, functionality, and performance > issues on Solaris. A brief description is included in each patch. > > Please let me know whether these patches could be merged and which > changes are

Re: [Dnsmasq-discuss] IXFR requests and how they are handled

2019-01-17 Thread Simon Kelley
Dnsmasq returns an empty answer, which may not be correct, but is at least an answer, so I'm not sure where the timeout is coming from. >From RFC 1995 If incremental zone transfer is not available, the entire zone is returned. The first and the last RR of the response is the SOA record

Re: [Dnsmasq-discuss] [PATCH] fix entries in /etc/hosts disabling static leases

2019-01-13 Thread Simon Kelley
Patch applied. Cheers, Simon. On 12/01/2019 21:55, Steven Siloti wrote: > It is possible for a config entry to have one address family specified by a > dhcp-host directive and the other added from /etc/hosts. This is especially > common on OpenWrt because it uses odhcpd for DHCPv6 and IPv6

Re: [Dnsmasq-discuss] Config Parcing Bug

2019-01-13 Thread Simon Kelley
The error is originating in the libidn2 library. Interestingly, compiling against libidn1, that library doesn't flag the error. Dnsmasq passes the input domain name to libidn[2] so that it can be translated to punycode if it contains non-ascii characters. I guess the authors of libidn2 would

Re: [Dnsmasq-discuss] Config Parcing Bug

2019-01-12 Thread Simon Kelley
Are you compiling dnsmasq with support for IDN? dnsmasq -v will tell you. Simon. On 12/01/2019 00:22, Tasnad Kernetzky wrote: > Hi all, > > I wanted to report a bug (at least we belieave it is one). We had a > short discussion over at the archlinux bugtracker >

Re: [Dnsmasq-discuss] dnsmasq 2.78 is failing to respond to dhcpv6 requests forwarded via relay agent

2019-01-11 Thread Simon Kelley
:20 > Jan 11 07:17:48 dnsmasq-dhcp[4131]: DHCPRENEW(m1s1p1) > 00:01:00:01:23:ca:f8:95:00:50:56:96:32:20 > Jan 11 07:17:48 dnsmasq-dhcp[4131]: DHCPREPLY(m1s1p1) 2020::12 > 00:01:00:01:23:ca:f8:95:00:50:56:96:32:20 > > Everything is working fine even the renew. Thanks again.

Re: [Dnsmasq-discuss] dnsmasq 2.78 is failing to respond to dhcpv6 requests forwarded via relay agent

2019-01-10 Thread Simon Kelley
e. > > I will be happy to be your tester :) > > Its fairly a simple setup with two hosts and a switch. I can create this > any time you want. > > Please provide me the instructions. I am using dnsmasq version 2.78. > > Thanks > -Sandeep > > On Wed, Jan

Re: [Dnsmasq-discuss] what do the contents of /var/lib/misc/dnsmasq.leases mean?

2019-01-09 Thread Simon Kelley
i. Then I could > uncomment the dhcp-ignore line and devices would need to be explicitly > added to the conf to get access to anything on my LAN other than the > internet. I feel like if I understood tags better I might be able to > figure out how to do this. Otherwise I might n

Re: [Dnsmasq-discuss] android client does not check ip address with DHCPREQUEST

2019-01-09 Thread Simon Kelley
RFC1531 is twice obsoleted. The current definition of DHCP is RFC2131, which says, in para 3.2. The client times out and retransmits the DHCPREQUEST message if the client receives neither a DHCPACK nor a DHCPNAK message. The client retransmits the DHCPREQUEST according to the

Re: [Dnsmasq-discuss] dnsmasq 2.78 is failing to respond to dhcpv6 requests forwarded via relay agent

2019-01-09 Thread Simon Kelley
On 04/01/2019 06:25, Sandeep K M wrote: > Hi Simon, > > Thanks a lot for your prompt reply. > > Attached are the packet captures: > > 1. Packets exchanged between client and relay (client-relay.pcap) > 2.  Packets exchanged between relay and server (relay-server.pcap) > 3. strace of dnsmasq

Re: [Dnsmasq-discuss] Patch to cache SRV records - updated version (#3)

2019-01-09 Thread Simon Kelley
to running the ulimit > command in the shell script I start dnsmasq from. > > The launch script now does this to set the core dump location: > echo '/tmp/core.%h.%e.%t' > /proc/sys/kernel/core_pattern > > -Daniel > >> On Jan 8, 2019, at 3:14 AM, Simon Kelley w

Re: [Dnsmasq-discuss] Patch to cache SRV records - updated version (#3)

2019-01-08 Thread Simon Kelley
On 08/01/2019 03:46, Mufasa wrote: > On 01/07/2019 08:32 AM, Simon Kelley wrote: >>/I've worked through the patch, and been inspired to clean up a few >>/>/long-standing nasty bits. This has the consequence that the mechanisms >>/>/which were added to enable stora

Re: [Dnsmasq-discuss] Patch to cache SRV records - updated version (#3)

2019-01-07 Thread Simon Kelley
the new dog food here. Please test away. Cheers, Simon. On 20/12/2018 23:20, Jeremy Allison wrote: > On 12/20/2018 03:11 PM, Simon Kelley wrote: >> This is worth having for the removal of the archaic 16-bit limit on the >> flags field in a cache record alone. I've been me

Re: [Dnsmasq-discuss] dnsmasq 2.78 is failing to respond to dhcpv6 requests forwarded via relay agent

2019-01-03 Thread Simon Kelley
It would be useful to get full packet dumps rather than just tcpdump output. It would also be useful to run dnsmasq under strace and see what syscalls it's making: that would tell use where the reply might be going. Cheers, Simon. On 03/01/2019 07:41, Sandeep K M wrote: > Hi All, > >   >

Re: [Dnsmasq-discuss] [PATCH] Fix typo in ra-param man page section

2019-01-03 Thread Simon Kelley
Prodding me is fine, and has done the trick here. In general, I'm way behind my inbox, and struggling to catch up. Moving house is not helping :( I will try and get to everything in the end, but I won't be offended is people remind me. Cheers, Simon. On 03/01/2019 05:49, Christian Weiske

Re: [Dnsmasq-discuss] what do the contents of /var/lib/misc/dnsmasq.leases mean?

2019-01-03 Thread Simon Kelley
The leftmost 0 means that the leases are infinite, they never expire, which might explain why you're running out of leases. There can be duplicate leases per MAC address, but there should never be duplicate leases for an IP address. So I'm interested in finding out how you've contrived this

Re: [Dnsmasq-discuss] DHCP offers are not accepted

2018-12-31 Thread Simon Kelley
every 3 seconds, overwhelming > pi-hole and slowing all responses (including DNS). Some client devices > (iPhone 7) can be observed to temporarily acquire an address, and then > drop it moments later. > > ## Debug Token: > eepv3gugqb > > ## Versions: > Dnsmasq version 2.76  

Re: [Dnsmasq-discuss] Constant DHCPOFFER and DISCOVER in logs

2018-12-31 Thread Simon Kelley
On 31/12/2018 21:39, Jon Anderson wrote: > Hello all, > > I wanted to setup a PiHole for blocking ads and for the ability to > modify DNS settings network-wide. I have just switched my ISP to AT > fiber where we are required to use a supplied modem/router (ARRIS > BGW210-700) which does not allow

Re: [Dnsmasq-discuss] DNSMASQ is offering the declined address repeatedly to the station in Sequential IP mode

2018-12-31 Thread Simon Kelley
I just pushed a fix which should solve this: http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=e7bfd556c079c8b5e7425aed44abc35925b24043 Cheers, Simon. On 21/12/2018 14:48, Jangala Anvesh wrote: > Hi, > > Problem Statement : > DNSMASQ is offering the declined address repeatedly to

Re: [Dnsmasq-discuss] dnsmasq crash - no core dump generated

2018-12-28 Thread Simon Kelley
This code is relevant, in src/dnsmasq.c if (option_bool(OPT_DEBUG)) prctl(PR_SET_DUMPABLE, 1, 0, 0, 0); Cheers, Simon. On 28/12/2018 03:40, Arvind Nagarajan wrote: > Hi All, > > When dnsmasq crashes due to segfault (SIGSEGV) I am not getting a core > file generated. > Is this

Re: [Dnsmasq-discuss] DNSMASQ is offering the declined address repeatedly to the station in Sequential IP mode

2018-12-23 Thread Simon Kelley
The best solution to this is to stop blocking ICMP. The simplest solution is not to use dhcp-sequential-ip. The normal address-allocation process in DHCP perturbs the hash function when a DECLINE reply is received, so the next allocation will be to a different address. Using ARP probing from the

Re: [Dnsmasq-discuss] Infinite(?) RTR-ADVERTs being sent out [in Ubuntu NetworkManager testuite]

2018-12-20 Thread Simon Kelley
Patch below is untested because I'm away from my test rig, but it would seem to do the right thing, ie set template->if_index _before_ calling ra_start_unsolicited() so that if we re-enter here via an async event it doesn't get called again. If you could test it in your harness, that would be

Re: [Dnsmasq-discuss] Patch to cache SRV records - updated version (#3)

2018-12-20 Thread Simon Kelley
This is worth having for the removal of the archaic 16-bit limit on the flags field in a cache record alone. I've been meaning to tackle that for some time. This time of year either frees up lots of time for coding, or yields none at all, and for me it's the later, but I will go through this and

Re: [Dnsmasq-discuss] Multiple instances of dnsmasq on Debian with systemd

2018-12-16 Thread Simon Kelley
This is obviously a large amount of work, so thanks very much for that. To make use of it, I need to be able to see as clearly as possible what is being changed, and why. To that end, I'd much rather have diff files ten replacement files, but it's fairly easy to generate those for myself. Having

Re: [Dnsmasq-discuss] Validation for malformed DHCP packets in dnsmasq

2018-12-16 Thread Simon Kelley
I can't answer your question about if this has been fixed, as there's not enough information to identify the problem or trigger the bug. Can you provide proof-concept code, or even just packet captures of the malformed packets that cause problems? I've confused by the "dhcp to be unresponsive

Re: [Dnsmasq-discuss] DHCP from dnsmasq in docker container

2018-12-16 Thread Simon Kelley
On 13/12/2018 14:10, Craig Younkins wrote: > First, thank you for dnsmasq! > > I'm among a number of people[1][2][3][4] having trouble using dnsmasq > for DHCP when it is running in a docker container. Everyone seems to get > "no address range available for DHCP request via eth0" in their log >

Re: [Dnsmasq-discuss] [PATCH] Re: dhcp-boot & dhcp-reply-delay optional tag fixes

2018-12-16 Thread Simon Kelley
Thanks both for this. Petr's more comprehensive patch is now in my tree. Cheers, Simon. On 15/12/2018 09:43, Kevin Darbyshire-Bryant wrote: > > >> On 14 Dec 2018, at 16:10, Petr Mensik wrote: >> >> Hi Kevin et al, >> >> sure, your fix is correct one. I just found one more place where

Re: [Dnsmasq-discuss] build failure on master with NO_DHCPv6 and fix....

2018-12-16 Thread Simon Kelley
Patch applied. Thanks. What we really need is a script that calls make repeatedly whilst cycling through all the possible combinations of build options. Cheers, Simon. On 10/12/2018 10:34, Kevin Darbyshire-Bryant wrote: > Hi Simon, > > master has a build error when building without

Re: [Dnsmasq-discuss] fix ipv6 ipset bug in master

2018-12-16 Thread Simon Kelley
Ooops. My hand's up for that one. Patch applied. Thanks. Cheers, Simon. On 12/12/2018 12:00, Kevin Darbyshire-Bryant wrote: > Hi Simon, > > Another one fallen out of the openwrt tree shake :-) > > ipv6 ipset addresses weren’t being set correctly. patch attached > > > > Cheers, > >

Re: [Dnsmasq-discuss] [Feature Request] Tagged server and address configuration

2018-11-22 Thread Simon Kelley
On 19/11/2018 21:07, M. Buecher wrote: > Hello Simon and dnsmasq fellows, > > I blacklist several domains via host files and wanted to skip the > blacklist for my testing client. > Unfortunately I couldn't find a solution for this in the man page, or > maybe I just didn't see the correct config

Re: [Dnsmasq-discuss] "no available addresses" with DHCPv6 stateful config

2018-11-20 Thread Simon Kelley
This does seem odd. Would it be possible to capture the DHCP packets, using wireshark or tcpdump? Send the dump directly to me if you don't want to post it in public. I'm not sure what the status of the WIDE client is - it's not common. Maybe worth trying the ISC client instead, for quick fix. I

Re: [Dnsmasq-discuss] DNS query random ports [PATCH]

2018-11-08 Thread Simon Kelley
ons. Cheers, Simon. > Cheers, > Petr > > On 8/21/18 11:24 PM, Simon Kelley wrote: >> On 10/08/18 13:37, Petr Menšík wrote: >>> Hello, >>> >>> we discovered our dnsmasq were using also privileged source ports when >>> sending queries. Interest

Re: [Dnsmasq-discuss] static lease issues?

2018-11-06 Thread Simon Kelley
On 05/11/2018 03:30, Kevin Darbyshire-Bryant wrote: > Hi Simon, Hi List, > > I’m hearing rumblings from the openwrt community that something isn’t right > with static leases. The behaviour manifests itself as the statically > assigned host being unable to renew its lease. e.g. > > -this is

Re: [Dnsmasq-discuss] [PATCH] Free config file values on parsing errors.

2018-11-02 Thread Simon Kelley
On 25/10/2018 09:36, Petr Mensik wrote: > Hi again. > > This time I have a little bit more controversal patches. But I think > still useful. They fixes memory leaks that might occur in some cases. > Most dnsmasq errors is fatal, so it does not matter. But some are not. > Some parts are reloaded

Re: [Dnsmasq-discuss] Compile-time options - taming the combinatorial explosion.

2018-11-02 Thread Simon Kelley
Kevin's analysis is spot-on, as is his patch, which I've just applied. Cheers, Simon. On 26/10/2018 00:24, Kevin Darbyshire-Bryant wrote: > > >> On 25 Oct 2018, at 21:38, Kevin Darbyshire-Bryant >> wrote: >> >> I think Openwrt is safe. There will be a loud scream from me if it isn’t >>

Re: [Dnsmasq-discuss] Stumped

2018-10-31 Thread Simon Kelley
I'm confused by the references to openssl in your description. Dnsmasq with DNSSEC does NOT depend on openSSL. You just need libnettle and libhogweed installed in the standard way, and accessible via pkg-config. version 3.4 should be fine. Cheers, Simon. On 31/10/2018 03:21, Peter Nehem

Re: [Dnsmasq-discuss] Can Dnsmasq be told not to advertise a specific prefix via RA?

2018-10-28 Thread Simon Kelley
Can you also add a dhcp-range for the ULA range, which deprecates it? Cheers, Simon. On 27/10/2018 18:17, Christopher Martin wrote: > Greetings, > > Is it possible to prevent Dnsmasq from advertising a specific prefix via > router advertisements? > > Here's my situation. My ISP provides a

Re: [Dnsmasq-discuss] DNSSEC failure for dagjeuitactie.nl

2018-10-28 Thread Simon Kelley
There's a CNAME at the root of the domain, which is not permissible, and the root cause of the validation failure. https://medium.freecodecamp.org/why-cant-a-domain-s-root-be-a-cname-8cbab38e5f5c gives some reasons why this is not a good idea. What actually happens is that dnsmasq makes a

Re: [Dnsmasq-discuss] Avoid cache clearing on SIGHUP

2018-10-28 Thread Simon Kelley
The solution may be use of --hostsdir, which avoids the need for sending SIGHUP. Cheers, Simon. On 28/10/2018 10:55, Микола Василенко wrote: > Hi all, > > Is there any method to avoid DNS cache clearing on SIGHUP? I want only > to update host info by sending SIGHUP to dnsmasq daemon. As

Re: [Dnsmasq-discuss] [PATCH] Simplify options flags

2018-10-24 Thread Simon Kelley
On 24/10/2018 16:25, Petr Mensik wrote: > Hi! > > I have not managed it until dnsmasq 2.80 were out, but anyway. I have > some proposal to simplify handling of options bits. Static analysis > complains on compiler dead-code optimization. I propose having array > instead. It adds few defines. But

[Dnsmasq-discuss] Compile-time options - taming the combinatorial explosion.

2018-10-24 Thread Simon Kelley
The dnsmasq code has a range of binary compile-time options, implemented conventionally using the C pre-processor. These options are mutually independent, so the numnber of different versions scales as 2^n. To keep this managable, I'm trying to limit the number of options. I've already removed

Re: [Dnsmasq-discuss] Cannot look up disa.mil (dnssec related)

2018-10-23 Thread Simon Kelley
On 22/10/2018 17:56, Craig Andrews wrote: > I'm unable to look up *.disa.mil when using dnsmasq - I'm hoping that we > can figure out why that is. > > I have dnsmasq configured to use Cloudflare's 1.1.1.1 as its upstream > DNS server; dnsmasq is running on 192.168.0.1. > > Here are some a couple

Re: [Dnsmasq-discuss] Cannot look up disa.mil (dnssec related)

2018-10-22 Thread Simon Kelley
oudflare's 1.1.1.1 with > dnssec works, but not with dnsmasq. > > -- > # dnsmasq --version > Dnsmasq version 2.80test3  Copyright (c) 2000-2018 Simon Kelley > Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP DHCPv6 > no-Lua TFTP conntrack ipset auth DNSSEC no-ID

Re: [Dnsmasq-discuss] WG: AW: AW: clients of DHCPv6 with constructed IPv6 address range are not notified on address range change

2018-10-19 Thread Simon Kelley
Von: Andrey Vakhitov > Gesendet: Samstag, 6. Oktober 2018 20:31 > An: 'Simon Kelley' ; > 'dnsmasq-discuss@lists.thekelleys.org.uk' > > Betreff: AW: AW: AW: [Dnsmasq-discuss] clients of DHCPv6 with constructed > IPv6 address range are not notified on address range change > > H

[Dnsmasq-discuss] Announce: dnsmasq-2.80

2018-10-18 Thread Simon Kelley
I just published dnsmasq-2.80, available at http://www.thekelleys.org.uk/dnsmasq/dnsmasq-2.80.tar.gz Changelog attached below. Cheers, Simon. version 2.80 Add support for RFC 4039 DHCP rapid commit. Thanks to Ashram Method for the initial patch and motivation. Alter

Re: [Dnsmasq-discuss] Duplicate IP detection with fixed IP

2018-10-15 Thread Simon Kelley
address is already in use; the > client may respond to ICMP Echo Request messages at this point." > > => Invalidates the fix you did in 2017: > " > > commit 5ce3e76fbf89e942e8c54ef3e3389facf0d9067a > > Author: Simon Kelley > > Date:   Fri Apr 28 22:14:20 201

[Dnsmasq-discuss] Announce: dnsmasq-2.80rc1

2018-10-15 Thread Simon Kelley
As far as I'm aware, the development tree is in a good state at the moment, and I'd like to begin the process to release 2.80. Accordingly I've tagged the first release candidate. A tarball is available here: http://www.thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.80rc1.tar.gz Please,

Re: [Dnsmasq-discuss] multiple soa

2018-10-15 Thread Simon Kelley
I have to confess I never considered this as a valid possibility, but to does make sense, maybe. The sane, backward-compatible way to do it might be to extend the syntax of auth-soa, to allow a zone name to be included, so your second auth-soa line would become

Re: [Dnsmasq-discuss] IETF RFC 5011 "Automated Updates of DNS Security (DNSSEC) Trust Anchors" supported?

2018-10-15 Thread Simon Kelley
On 11/10/18 00:28, Rene 'Renne' Bartsch, B.Sc. Informatics wrote: > Hi, > > the old root-KSK will be deleted today at 16:00 UTC and the TTLs will > run out not later than 48 hours. > > Does Dnsmasq support IETF RFC 5011 or are there any plans to implement > IETF RFC 5011? > No, and probably

Re: [Dnsmasq-discuss] Release of V2.80

2018-10-10 Thread Simon Kelley
On 10/10/18 03:35, Donald Muller wrote: > Hi Simon, >   > I believe that a while ago you mentioned that you were going to be > releasing 2.80 soon. Do you have a target date yet? >   The trite answer to this is always "when it's ready". There have been two or thee issues over the last week or

Re: [Dnsmasq-discuss] Large AXFR through dnsmasq causes dig to hang with partial results

2018-10-10 Thread Simon Kelley
On 10/10/18 11:02, Connor Bell wrote: > Hi everyone, > >   > > I’ve had a strange issue I’ve been trying to resolve over the past few > days where dnsmasq seems to only be allowing part of a zone transfer > through, causing dig to hang. > >   > > I opened a Stackoverflow post to track it

Re: [Dnsmasq-discuss] TCP DNSSEC request over IPv6 abandoned in v2.79

2018-10-05 Thread Simon Kelley
On 05/10/18 06:06, Josh Soref wrote: > Simon Kelley wrote: >> You say "When I perform DNSSEC validation over IPv6" which implies, but >> doesn't state, that the same test works when talking to usptream DNS >> servers over IPv4? Is that the case? Certainly, a qui

Re: [Dnsmasq-discuss] Authoritative and recursive service from the same interface

2018-10-05 Thread Simon Kelley
On 28/09/18 23:46, Simon Kelley wrote: > On 28/09/18 23:07, Marc Heckmann wrote: >> Very nice, I will test this. >> >> I am curious though: what will be used for the NS record if the >> auth-server configuration is omitted? > > > It appears to return an NS

Re: [Dnsmasq-discuss] Authoritative and recursive service from the same interface

2018-09-28 Thread Simon Kelley
le. This may need some more thought Simon. > > -m > > > On Fri, Sep 28, 2018 at 4:42 PM Simon Kelley <mailto:si...@thekelleys.org.uk>> wrote: > > On 28/09/18 02:33, Marc Heckmann wrote: > > Hello, > > > > I'm currently running d

Re: [Dnsmasq-discuss] Authoritative and recursive service from the same interface

2018-09-28 Thread Simon Kelley
On 28/09/18 02:33, Marc Heckmann wrote: > Hello, > > I'm currently running dnsmasq in a Docker container and have setup a > domain for which dnsmasq is to be authoritative for. This is to do > subdomain delegation to the dnsmasq server. I am using the auth-server & > auth-zone configuration

Re: [Dnsmasq-discuss] No Broadcast Dhcp Offers

2018-09-27 Thread Simon Kelley
R_BROADCAST; dest.sin_port = htons(daemon->dhcp_client_port); } else { /* unicast to unconfigured client. Inject mac address direct into ARP cache. Have fun! Cheers, Simon. > *Sent:* Thursday, September 27, 2018 at 7:43 PM > *From:* "Simon Kelley&q

  1   2   3   4   5   6   7   8   9   10   >