Re: [Dnsmasq-discuss] [PATCH] DHCPv6: Add support for more than one hardware address per IPv6 address

2017-05-22 Thread Simon Kelley
On 12/05/17 16:32, Pali Rohár wrote: > On Friday 12 May 2017 17:15:20 Simon Kelley wrote: >> There are so many layers of quotes here that I've completely lost >> track of what we were trying to achieve, and how to achieve it. My >> memory is that we'd failed to come up with an

[Dnsmasq-discuss] 2.77rc5

2017-05-21 Thread Simon Kelley
Heads up. I just pushed another release candidate. http://www.thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.77rc5.tar.gz Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk

Re: [Dnsmasq-discuss] Announce: dnsmasq-2.77rc4

2017-05-21 Thread Simon Kelley
:49, Matthias Andree wrote: > Am 20.05.2017 um 22:50 schrieb Simon Kelley: >> I've just mase the fourth, and probably final, release candidate for >> dnsmasq-27. Please download, compile and run, and report any problems >> ASAP. If all looks OK, 2.77 will happen in t

Re: [Dnsmasq-discuss] intermittent connection refused errors

2017-05-20 Thread Simon Kelley
circumstances? If it doesn't, that's your problem, you're assuming UDP is reliable, when it ain't. Cheers, Simon. On 18/05/17 23:45, Guido Pepper wrote: > Hello. > We are running dnsmasq version > > /usr/sbin/dnsmasq --version > Dnsmasq version 2.76 Copyright (c) 2000-2016 Simon K

[Dnsmasq-discuss] Announce: dnsmasq-2.77rc4

2017-05-20 Thread Simon Kelley
I've just mase the fourth, and probably final, release candidate for dnsmasq-27. Please download, compile and run, and report any problems ASAP. If all looks OK, 2.77 will happen in the next week. http://www.thekelleys.org.uk/dnsmasq/release-candidates/dnsmasq-2.77rc4.tar.gz Cheers, Simon.

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

2017-05-20 Thread Simon Kelley
On 15/05/17 11:20, Kevin Darbyshire-Bryant wrote: > > > On 15/05/17 11:06, Bastian Bittorf wrote: >> * Simon Kelley <si...@thekelleys.org.uk> [12.05.2017 08:33]: >>> Oops. "It compiles - ship it" bites back. >>> >>> 2.77rc3 fixes

Re: [Dnsmasq-discuss] dhcp entries not being removed from dnsmasq

2017-05-17 Thread Simon Kelley
Ah, didn't read this before my previous reply. dhcp_release is getting called, but dnsmasq is not getting the packet (dhcp_release works by faking up a DHCP message as if it's coming from the DHCP client, which tells the server to release the lease.) If you can't see the packet in your packet

Re: [Dnsmasq-discuss] dhcp entries not being removed from dnsmasq

2017-05-17 Thread Simon Kelley
he release packet. > > Thanks, > GP > > On 2017-05-17 14:39, Simon Kelley wrote: > >> Ah, didn't read this before my previous reply. >> >> dhcp_release is getting called, but dnsmasq is not getting the packet >> (dhcp_release works by faking up a DHCP mes

Re: [Dnsmasq-discuss] dhcp entries not being removed from dnsmasq

2017-05-17 Thread Simon Kelley
You're assuming a lot of knowledge of OpenStack which is strictly off-topic here. Given that, a couple of observations. 1) If dnsmasq is getting a DHCPELEASE packet, it will log that. Given you're not seeing that in logs, then either dhcp_release is not being invoked, or it's getting the wrong

Re: [Dnsmasq-discuss] [PATCH] DHCPv6: Add support for more than one hardware address per IPv6 address

2017-05-12 Thread Simon Kelley
On 09/05/17 10:21, Pali Rohár wrote: > On Sunday 02 October 2016 11:43:43 Pali Rohár wrote: >> On Wednesday 27 January 2016 13:37:27 Pali Rohár wrote: >>> On Wednesday 20 January 2016 20:15:23 Simon Kelley wrote: >>>> Dnsmasq identifies IPv6 clients via their MA

Re: [Dnsmasq-discuss] dhcp vendor-option and grub net_pxe_extensionspath

2017-05-12 Thread Simon Kelley
gfxpayload=800x600x16,800x600 --- auto=true url=dc10b > DEBCONF_DEBUG=5 tasks= hostname= interface=00:26:9e:03:9d:e5 > partman-auto/disk=/dev/sda > > > > On Fri, Apr 28, 2017 at 5:53 PM, Simon Kelley > <si...@thekelleys.org.uk <mailto:si...@thekelleys.or

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

2017-05-11 Thread Simon Kelley
Oops. "It compiles - ship it" bites back. 2.77rc3 fixes this, and we're currently eating the dog-food chez Kelley. Cheers, Simon. On 11/05/17 15:49, Kevin Darbyshire-Bryant wrote: > > > On 10/05/17 22:31, Simon Kelley wrote: >> Just committed a patch which sh

Re: [Dnsmasq-discuss] define IPv6 prefix for host-records

2017-05-11 Thread Simon Kelley
You're trying to invent yet another way of solving the "naming IPv6 hosts" problem, made more difficult by the fact that they change addresses as the delegated prefix changes. There are a couple of other possibilities. 1) If you're using DHCP for IPv4, look at the dnsmasq "ra-names" facility,

Re: [Dnsmasq-discuss] specifying dhcp options in proxy mode

2017-05-11 Thread Simon Kelley
The design is that dnsmasq sends the options expected by a PXE client if it's acting as a proxy (because the whole proxy thing is part of the PXE spec: a normal DHCP client doesn't know how to deal with it.) The replies to the PXE client are constructed using the information given in the

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

2017-05-10 Thread Simon Kelley
Just committed a patch which should make this work again without needing --no-ping. I've tagged it as 2.77rc2, so please could a LEDE package be built, and this behaviour tested. Cheers, Simon. On 10/05/17 14:11, Bastian Bittorf wrote: > * Simon Kelley <si...@thekelleys.org.uk> [1

Re: [Dnsmasq-discuss] [PATCH] libidn2 support

2017-05-10 Thread Simon Kelley
OK, answering my own question, Debian support for libidn2 seems to be rather behind, so at least for now, my life with Debian maintainer hat on is easier if the option to build with libidn is retained. I shall commit the patch forthwith. Cheers, Simon. On 09/05/17 23:12, Simon Kelley wrote

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

2017-05-10 Thread Simon Kelley
On 10/05/17 14:11, Bastian Bittorf wrote: > * Simon Kelley <si...@thekelleys.org.uk> [10.05.2017 15:05]: >> I wonder if this is to do with the extension of the ping-test to more >> cases. Please could you try adding >> >> no-ping >> >> to the config, an

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

2017-05-10 Thread Simon Kelley
Yes. I'll look at putting code to suppress the ARP check. on loopback. Cheers, Simon. On 10/05/17 14:11, Bastian Bittorf wrote: > * Simon Kelley <si...@thekelleys.org.uk> [10.05.2017 15:05]: >> I wonder if this is to do with the extension of the ping-test to more >> cases.

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

2017-05-10 Thread Simon Kelley
root@box:~ dnsmasq -v > Dnsmasq version 2.77test5 Copyright (c) 2000-2016 Simon Kelley > Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP > no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID > loop-detect inotify > > # kernel tested with non working

Re: [Dnsmasq-discuss] [PATCH] Logging of dhcp_script output

2017-05-09 Thread Simon Kelley
ted there is problem with lease database. I could then move old > leases file and retry with empty database from the startup script. > > What do you think? I think that just logging a warning is best. I don't want to add yet another obscure config option. Cheers, Simon. > > Dne 29.

Re: [Dnsmasq-discuss] [PATCH] libidn2 support

2017-05-09 Thread Simon Kelley
On 09/05/17 19:35, Petr Menšík wrote: > Hi Simon, hi everyone. > > Fedora wants to move from IDN 2003 to IDN 2008 support. Dnsmasq already > supports IDN, but only older version. There is really little of IDN to > support. I made a patch that allows explicit support for libidn2 along > with

Re: [Dnsmasq-discuss] Intermittent SIGSEGV crash of dnsmasq-full

2017-05-09 Thread Simon Kelley
: > > > On 09/05/17 01:39, Simon Kelley wrote: >> That was a horrible one. >> >> Fix committed, and an optimistic 2.77rc1 tag added. > > Sadly a tad optimistic. From the original reporter, and I can confirm > 'domain-needed' is the crash enabling option: > >

Re: [Dnsmasq-discuss] Intermittent SIGSEGV crash of dnsmasq-full

2017-05-08 Thread Simon Kelley
That was a horrible one. Fix committed, and an optimistic 2.77rc1 tag added. I really hope to get out a 2.77 release soon. Cheers, Simon. On 08/05/17 13:30, Kevin Darbyshire-Bryant wrote: > Hi Simon, > > Got a report in LEDE land about a SIGSEGV issue, I'm able to replicate > easily as

Re: [Dnsmasq-discuss] define IPv6 prefix for host-records

2017-05-05 Thread Simon Kelley
How do your machines get their IPv6 addresses, and specifically, their changed IPv6 addresses after the prefix changes.?If you're using DHCPv6 with dnsmasq as the server, then something like this is already available: if you have a dhcp-range line which has the constructor: keyword, then you can

Re: [Dnsmasq-discuss] Memory corruption in my_syslog (log.c), SIGABRT (double free)

2017-05-03 Thread Simon Kelley
This is actually another instance of the parse_hex bug, which caused a certain amount of confusion. Anyway, fixes for that and the hostname_isequal() one committed to git. Thanks for running these tests. (In case it's not obvious, these are not security problems, since they rely on malformed

Re: [Dnsmasq-discuss] bug: trunk DHCP offer/replies being ignored by some devices

2017-04-30 Thread Simon Kelley
h removing it completely. > > If nothing can be done, or be deemed unfeasible to be done, my opinion > is that not much harm is done, since there is a way of getting things > working (manual IP). > > So, for me (3) it is. > > Cheers. > > On Fri, Apr 7, 2017 at 11:00

Re: [Dnsmasq-discuss] [PATCH] Nack requests for unknown leases.

2017-04-29 Thread Simon Kelley
> Simon, is there any chance of a 'test5' bundling all the latest tweaks > into a tarball? It's much easier to get the LEDE guys to accept a test > release tarball than it is loads of patchesand it means the code > would get tested by a wider community. > Done. As soon as we reach a

Re: [Dnsmasq-discuss] [PATCH] Logging of dhcp_script output

2017-04-28 Thread Simon Kelley
On 24/04/17 15:42, Petr Mensik wrote: > Thank you for accepting that patches. I agree that some garbage is > far more likely to appear in dhcp-script mode. I would myself welcome > error log from wrong formatted lease file as well. If I understand it > well, that file will be overwritten after the

Re: [Dnsmasq-discuss] dhcp vendor-option and grub net_pxe_extensionspath

2017-04-28 Thread Simon Kelley
On 27/04/17 17:42, Carl Karsten wrote: > I am looking for the syntax of dhcp vendor options, and then how to > access them in grub-net. I think. maybe there is a better way. > > I pxe boot grub, which boots di (Debian Installer) and pass a preseed file. > > I am trying to work out a nice way

Re: [Dnsmasq-discuss] bug:DHCP Relay not responding with DHCP OFFER.

2017-04-28 Thread Simon Kelley
On 27/04/17 22:02, Jason Kary wrote: > Hi Folks, > > I have a basic setup for DHCP relay across VLANS in DNSMASQ. > > My configuration file looks like: > > > bogus-priv > interface=ens160 > log-dhcp > dhcp-range=10.168.102.100,10.168.102.150,255.255.255.0,12h > > > The

Re: [Dnsmasq-discuss] [PATCH] Nack requests for unknown leases.

2017-04-25 Thread Simon Kelley
> What I did to fix it was to send a NACK to the initial DHCP request, > which luckily convinced the ISC DHCP client to stop asking for the > same IP address in the following DHCP discovery. However, NACK will > not quarantee all DHCP clients will do the same, so the case where > DHCP discovery

Re: [Dnsmasq-discuss] [PATCH] Nack requests for unknown leases.

2017-04-24 Thread Simon Kelley
On 24/04/17 10:16, Alin Năstac wrote: > On Sun, Apr 23, 2017 at 5:46 PM, Simon Kelley <si...@thekelleys.org.uk> wrote: >> On 20/04/17 10:34, Alin Nastac wrote: >>> Hosts that migrate from one network to another could request their >>> old IP address which m

Re: [Dnsmasq-discuss] [PATCH] Nack requests for unknown leases.

2017-04-23 Thread Simon Kelley
On 20/04/17 10:34, Alin Nastac wrote: > Hosts that migrate from one network to another could request their > old IP address which might be already in use by another statically > configured host. Currently non-authoritative dnsmasq servers will > ignore such requests, but ISC DHCP client will send

Re: [Dnsmasq-discuss] Disabling dynamic DHCP assignment for known hosts

2017-04-23 Thread Simon Kelley
I like this. (Almost) completely backwards compatible, obvious to use, solves a problem. What do people think? I think the implementation is over-complex: calling find_config() with the context set to NULL is all that's needed to implementthe search, but that's a detail. Cheers, Simon. On

Re: [Dnsmasq-discuss] not giving name to the DHCP lease

2017-04-23 Thread Simon Kelley
On 22/04/17 07:12, Harald Dunkel wrote: > Hi folks, > > dnsmasq 2.76, as packaged for openBSD 6.1: > > dnsmasq.log contains tons of lines like > > : > : > Apr 22 04:08:46 dnsmasq-dhcp[70140]: not giving name nas1.example.com to the > DHCP lease of 10.0.0.239 because the name exists in

Re: [Dnsmasq-discuss] [PATCH] Logging of dhcp_script output

2017-04-23 Thread Simon Kelley
ter for backward > compatibility to start with empty leases as before. > > -- > Petr Menšík > Software Engineer > Red Hat, http://www.redhat.com/ > email: pemen...@redhat.com PGP: 65C6C973 > > - Original Message - > From: "Simon Kelley" <si...@thekelleys

Re: [Dnsmasq-discuss] [PATCH] Logging of dhcp_script output

2017-04-16 Thread Simon Kelley
I like this. Yes, I know you can do it with shell magic, but this is easier and what I would expect to happen. I've changed the patch quite a lot: 1) Don't go to large effort to report "never happen" errors from pipe(), just silently handle them in the same way as fork() 2) Don't do any of this

Re: [Dnsmasq-discuss] dnsmasq needs to be restarted from time to time.

2017-04-15 Thread Simon Kelley
On 15/04/17 01:39, James Feeney wrote: > It seems that, every so often, dnsmasq needs to be restarted - unless we blame > WIDE dhcpv6. Here, dnsmasq has been running for about a week, and a newly > started dhcpv6 client will show things like this in the log: > > dhcp6c[412]:

Re: [Dnsmasq-discuss] [PATCH] Do not set resolv.conf to 127.0.0.1 if port=0

2017-04-11 Thread Simon Kelley
Patch applied. Cheers, Simon. On 01/04/17 22:27, Floris Bos wrote: > dnsmasq's startup script seems to assume users always want to use > dnsmasq as local DNS resolver, and tells resolvconf to put > "nameserver 127.0.0.1" in /etc/resolv.conf > The problem with this is that if users just want

Re: [Dnsmasq-discuss] client-identifier in server reply

2017-04-11 Thread Simon Kelley
On 10/02/17 01:22, Reddeiah Raju Konduru wrote: > Hi, > > I am using dnsmasq 2.72. In dhclient after setting client identifier to > device mac address, I could see client-identifier option in DISCOVER and > REQUEST messages. But dhcp server(dnsmasq) not setting client identifier > option in OFFER

Re: [Dnsmasq-discuss] [PATCH] Add support for unique TFTP root per MAC

2017-04-11 Thread Simon Kelley
On 10/04/17 00:09, Floris Bos wrote: > On 04/09/2017 11:28 PM, Simon Kelley wrote: >> Patch accepted, with one change >> >> >>> snprintf(daemon->namebuff+oldlen, >>> sizeof(daemon->namebuff)-oldlen, "%.2x-%.2x-%.2x-%.2x-%.2x-%.2x/"

Re: [Dnsmasq-discuss] [PATCH v2] Add --dhcp-reply-delay option to delay DHCP replies

2017-04-09 Thread Simon Kelley
On 30/03/17 12:38, Floris Bos wrote: > Adds option to delay replying to DHCP packets by one or more seconds. > This provides a workaround for a PXE boot firmware implementation > that has a bug causing it to fail if it receives a (proxy) DHCP > reply instantly. > > On Linux it looks up the exact

Re: [Dnsmasq-discuss] [PATCH] Add support for unique TFTP root per MAC

2017-04-09 Thread Simon Kelley
Patch accepted, with one change > snprintf(daemon->namebuff+oldlen, sizeof(daemon->namebuff)-oldlen, > "%.2x-%.2x-%.2x-%.2x-%.2x-%.2x/", daemon->namebuff is a char *, so sizeof(daemon->namebuff) is 4 or 8 and sizeof(daemon->namebuff)-oldlen is a negative number which is a large

Re: [Dnsmasq-discuss] dnsmasq & fingerbank.org

2017-04-09 Thread Simon Kelley
The current tree already has this functionality, though the code which implements it is somewhat different. It certainly provides a DNSMASQ_REQUESTED_OPTIONS variable containing a comma-separated list of decimal numbers. Best to look at the current code, and submit a patch if it doesn't behave as

Re: [Dnsmasq-discuss] dnsmasq treats Islands of Security as bogus

2017-04-09 Thread Simon Kelley
On 08/04/17 17:33, Patryk Szczygłowski wrote: > 2017-04-04 22:24 GMT+01:00 Simon Kelley <si...@thekelleys.org.uk>: > >> Which version of dnsmasq are you using? I just tested this domain using >> the development code, and got the correct result. >> > > > dn

Re: [Dnsmasq-discuss] bug: trunk DHCP offer/replies being ignored by some devices

2017-04-09 Thread Simon Kelley
On 08/04/17 12:01, Floris Bos wrote: > On 04/08/2017 12:00 AM, Simon Kelley wrote: >> >> But RFC 6842 assures us that no clients are broken by this change :) >> >> The options here, as I see it are >> >> 1) revert the change and don't support 6842 >> 2)

Re: [Dnsmasq-discuss] bug: trunk DHCP offer/replies being ignored by some devices

2017-04-07 Thread Simon Kelley
On 06/04/17 14:01, Pedro MG Palmeiro wrote: > Dnsmasq trunk replies are being ignored by some devices, in my case, two > epson printers (AL-M200). > Dnsmasq 2.76 works fine. > > This could be related with > http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit; >

Re: [Dnsmasq-discuss] [PATCH v2] Add --dhcp-reply-delay option to delay DHCP replies

2017-04-07 Thread Simon Kelley
On 30/03/17 12:38, Floris Bos wrote: > Adds option to delay replying to DHCP packets by one or more seconds. > This provides a workaround for a PXE boot firmware implementation > that has a bug causing it to fail if it receives a (proxy) DHCP > reply instantly. > > On Linux it looks up the exact

Re: [Dnsmasq-discuss] [PATCH] Support --server syntax in resolv-file

2017-04-07 Thread Simon Kelley
The overriding objection to this is that it adds to the syntax and semantics of the resolv-file format, but dnsmasq doesn't "own" that format: it's actually a libc configuration file, and dnsmasq takes advantage of the fact that the format is "well known" to extract useful information from it. If

Re: [Dnsmasq-discuss] dnsmasq treats Islands of Security as bogus

2017-04-04 Thread Simon Kelley
Which version of dnsmasq are you using? I just tested this domain using the development code, and got the correct result. dnsmasq: query[A] patryk.one.pl from 127.0.0.1 dnsmasq: forwarded patryk.one.pl to 8.8.4.4 dnsmasq: forwarded patryk.one.pl to 8.8.8.8 dnsmasq: dnssec-query[DS] pl to 8.8.8.8

Re: [Dnsmasq-discuss] dnsmasq treats Islands of Security as bogus

2017-03-27 Thread Simon Kelley
This is a real problem, and I plan to look at it (and all the other stuff I've been ignoring.) ASAP. I'm moving house just now, so very short of time. If I don't produce something by the end of next week, please prod me again. Cheers, Simon. On 27/03/17 16:37, Patryk Szczygłowski wrote: >

Re: [Dnsmasq-discuss] No more random source port

2017-03-22 Thread Simon Kelley
On 22/03/17 16:30, Risto Suominen wrote: > Mar 20 22:12:00 risto-Macmini dnsmasq[30248]: using nameserver > 8.8.8.8#53(via eth0) This indicates that dnsmasq has been configured to force the packets to the upstream server via eth0. To do that requires an operation on the socket which can only

Re: [Dnsmasq-discuss] [PATCH v2] Add support for binding to both interface and IP

2017-03-22 Thread Simon Kelley
> v1->v2: > * Add man page description of the extended server syntax (thanks Simon Kelley) > > Signed-off-by: Kristian Evensen <kristian.even...@gmail.com> signature.asc Description: OpenPGP digital signature ___ Dnsmasq-discu

Re: [Dnsmasq-discuss] [RFC] Add --dhcp-reply-delay option to delay DHCP replies

2017-03-22 Thread Simon Kelley
As a patch, it looks pretty good. The main problem I have is that the new option becomes one of the those annoying things that have to be set to make things work, but have no other value. There are already quite a few dnsmasq options which are essentially "--dont-break" and if I can avoid

Re: [Dnsmasq-discuss] [PATCH] Add support for binding to both interface and IP

2017-03-17 Thread Simon Kelley
This slipped through, apologies. You're doing everything right, _except_ that a patch which includes the relevant changes to the man page would make my life easier. Cheers, Simon. On 17/03/17 15:28, Kristian Evensen wrote: > A gentle ping on this patch :) > > I tried to look, but couldn't

Re: [Dnsmasq-discuss] Support of labels in --interface

2017-03-17 Thread Simon Kelley
arn user about unexpected results. > > Hope that helps, > Petr > > Dne 21.2.2017 v 19:50 Simon Kelley napsal(a): >>> The first problem is, manual page is not updated. It tells you >>> cannot use labels, but you can. Also it does not tell you you can >>>

Re: [Dnsmasq-discuss] Network booting with stateful IPv6 addressing

2017-03-06 Thread Simon Kelley
On 01/03/17 15:27, Derek Higgins wrote: > On 28 February 2017 at 18:24, Simon Kelley <si...@thekelleys.org.uk> wrote: > > > On 28/02/17 17:10, Derek Higgins wrote: >>>> On 28 February 2017 at 16:43, Simon Kelley >>>> <si...@thekelleys.org.

Re: [Dnsmasq-discuss] [PATCH 2/2] rev-server: reject CIDR prefixes that are not /8 /16 /24 or /32 for IPv4

2017-03-06 Thread Simon Kelley
Both patches applied. Cheers, Simon. On 05/03/17 10:13, Olivier Gayot wrote: > The rev-server directive only handles the following CIDR prefixes > properly: /8, /16, /24, /32. > > Any other value was silently converted to /16 which could result in > unexpected behaviour. > > This patch

Re: [Dnsmasq-discuss] Network booting with stateful IPv6 addressing

2017-02-28 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 28/02/17 17:10, Derek Higgins wrote: > On 28 February 2017 at 16:43, Simon Kelley > <si...@thekelleys.org.uk> wrote: Could you post (or send to me) you > complete dnsmasq configuration. I'd > >> Here you go http://

Re: [Dnsmasq-discuss] Network booting with stateful IPv6 addressing

2017-02-28 Thread Simon Kelley
the client-id of the final OS booted, rather thna using MAC addresses? Cheers, Simon. On 28/02/17 10:07, Derek Higgins wrote: > On 27 February 2017 at 21:51, Simon Kelley > <si...@thekelleys.org.uk> wrote: I'm slightly confused as to the > problem here. The identity of a l

Re: [Dnsmasq-discuss] Network booting with stateful IPv6 addressing

2017-02-27 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I'm slightly confused as to the problem here. The identity of a lease if defined by the Client-ID and IAID, if those change then dnsmasq will allocate a new address. That means that your boot process will go through three different addresses, but

Re: [Dnsmasq-discuss] Got bad packet: bad compression pointer

2017-02-27 Thread Simon Kelley
;; SERVER: 8.8.8.8#53(8.8.8.8) ;; WHEN: Mon > Feb 27 14:05:09 UTC 2017 ;; MSG SIZE rcvd: 131 > > this is related info: > > # dnsmasq -v Dnsmasq version 2.76 Copyright (c) 2000-2016 Simon > Kelley Compile time options: IPv6 GNU-getopt no-RTC no-DBus no-i18n > no-IDN DHCP DHCPv6

Re: [Dnsmasq-discuss] DNSSEC Trust Anchor Roll for 2017

2017-02-26 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 It's nice to be ahead of the game, for once :) Simon. On 26/02/17 05:53, Eric Luehrsen wrote: > Never mind the idiot (me). It is already implemented in > V2.77TEST3. > > On 02/26/2017 12:46 AM, Eric Luehrsen wrote: >> The next release

Re: [Dnsmasq-discuss] Support of labels in --interface

2017-02-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > But you can also be notified about interface changes via a netlink > socket, so you can cache the interface information. > See my reply to Petr: there is an option for that but it's not the default for historical reasons. Cheers, Simon.

Re: [Dnsmasq-discuss] Support of labels in --interface

2017-02-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 22/02/17 21:52, Petr Menšík wrote: > I would suggest a new option then. For example > --bind-interfaces-exact. It would listen just like > --bind-interfaces, but would allow you to listen only on virbr0, > when ignoring any addresses with

Re: [Dnsmasq-discuss] can't get multiple domains to work

2017-02-22 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 You can have multiple domains, but you need to associate subnets with them, so dnsmasq can determine which one to use. Cheers, Simon. On 21/02/17 03:35, Spike wrote: > I didn't because it seemed wrong, generally speaking the last entry > for a

Re: [Dnsmasq-discuss] Support of labels in --interface

2017-02-22 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 > You can get the destination address for datagrams from the > IP_PTKINFO auxiliary data: > > man 7 ip IP_PKTINFO (since Linux 2.2) Pass an IP_PKTINFO ancillary > message that contains a pktinfo structure that supplies some > information about the

Re: [Dnsmasq-discuss] Support of labels in --interface

2017-02-21 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 15/02/17 17:38, Petr Mensik wrote: > Hi! > > I am new maintainer of dnsmasq package in RHEL. I am looking for > potential problems with upgrade from dnsmasq 2.66 to version 2.76. > And I have found something. Commit [1] changed behaviour of >

Re: [Dnsmasq-discuss] Scalability of DNS blackhole configuration?

2017-02-19 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 There are two ways to do this: one is the way you have. The second is using either a file in the same format as /etc/hosts and --addn-hosts, using --host-record. Either probably have similar memory-footprint implications, but the first does

Re: [Dnsmasq-discuss] [PATCH] Accept /32 and /0 as valid CIDR prefixes for rev-server directive

2017-02-19 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 15/02/17 22:46, Olivier Gayot wrote: > On Tue, Feb 14, 2017 at 03:17:54PM +0000, Simon Kelley wrote: >> That's an improvement, but I tend to agree that /0 doesn't make >> much sense. If we're going to patch this, it seems to mak

Re: [Dnsmasq-discuss] Support of labels in --interface

2017-02-17 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 15/02/17 17:38, Petr Mensik wrote: > Hi! > Let's say my configuration is: 4: virbr0: > mtu 1500 qdisc noqueue state UP > group default qlen 1000 link/ether 52:54:00:2b:ee:d3 brd > ff:ff:ff:ff:ff:ff inet

Re: [Dnsmasq-discuss] Reading the dhcp.leases file

2017-02-14 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Albert's suggestions are good, and you can't reliably read the leases file - in gets modified by delete-and-rewrite, so if the timing is wrong, you'll see an incomplete write. DHCP script gets all the information needed to maintain a database

Re: [Dnsmasq-discuss] client-identifier in server reply

2017-02-14 Thread Simon Kelley
he access to patch? If not possible let me know when > 2.77 will be available to public? > > Thanks, Raju > > > On Sat, Feb 11, 2017 at 9:05 AM, Simon Kelley > <si...@thekelleys.org.uk <mailto:si...@thekelleys.org.uk>> wrote: > > On 10/02/17 01:22, Redde

Re: [Dnsmasq-discuss] [PATCH] Accept /32 and /0 as valid CIDR prefixes for rev-server directive

2017-02-14 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 That's an improvement, but I tend to agree that /0 doesn't make much sense. If we're going to patch this, it seems to make more sense to reject anything other that /32 /24 /16 or /8. The ideal solution would be to accept any prefix length and

Re: [Dnsmasq-discuss] client-identifier in server reply

2017-02-11 Thread Simon Kelley
On 10/02/17 01:22, Reddeiah Raju Konduru wrote: > Hi, > > I am using dnsmasq 2.72. In dhclient after setting client identifier to > device mac address, I could see client-identifier option in DISCOVER and > REQUEST messages. But dhcp server(dnsmasq) not setting client identifier > option in OFFER

Re: [Dnsmasq-discuss] [PATCH] decrease the amount of individual sites listed in log

2017-02-11 Thread Simon Kelley
Patch applied. Many thanks. Cheers, Simon. On 07/02/17 18:03, Hannu Nyman wrote: > By default 30 first servers are listed individually to system log, and > then a count of the remaining items. With e.g. a NXDOMAIN based adblock > service, dnsmasq lists 30 unnecessary ad sites every time when

Re: [Dnsmasq-discuss] [PATCH] Stop treating SERVFAIL as a successful response from upstream servers

2017-02-06 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Patch applied. Thank you. And thank you for the comprehensive documentation. The original change was made as a part of the DNSSEC stuff, and I have a nagging feeling that there was some, theoretical, situation that could occur in conjunction with

Re: [Dnsmasq-discuss] Spelling fixes for dnsmasq

2017-02-06 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Patch applied, many thanks for that. (I'll reject the message containing the patch from the mailing list, to save all the subcribers from a 110K message. If they want to see what was in it, they can look in the git repo now.) Cheers, Simon. On

Re: [Dnsmasq-discuss] Spelling fixes for dnsmasq

2017-02-02 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 This may explain the Entire State of the World Today. Simon. On 02/02/17 17:05, Jim Alles wrote: > Careful, we could have a fatal recursion: > > quible is speeled wrong. > > (smiley face) > > .ja. > > On Thu, Fe

Re: [Dnsmasq-discuss] interface-name records vs localise-queries

2017-02-02 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=d42d4706bbcce3 b5a40ad778a5a356a997db6b34 Have fun. Cheers, Simon. On 01/02/17 13:41, Kevin Darbyshire-Bryant wrote: > > > On 17/01/17 04:05, Eric Luehrsen wrote: >> Hi Kevin, >>

Re: [Dnsmasq-discuss] why does dnsmasq reject lease request?

2017-02-02 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Some possible confusion here between DNS servers and DHCP servers. If the two _DNS_ servers the OP refers to are both also DHCP servers, then Jim's advice is good. If the OP has two DNS servers, one of which is dnsmasq which is also acting as the

Re: [Dnsmasq-discuss] interface-name records vs localise-queries

2017-02-02 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I looked at this, and the man page LIES. --interface-name returns all the addresses associated with an interface. Question: is openWRT associating the same name with more than one interface (which would be the only way that localise-queries would

Re: [Dnsmasq-discuss] Spelling fixes for dnsmasq

2017-02-02 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Wow, what a lot of typos! A couple of observations from a random sampling: 1) I don't want the code changes - if I missed vowels out of variable names, I want them to stay missed out :) 2) I found two changes to proper names, Falempin and

Re: [Dnsmasq-discuss] dnsmasq drops CNAME cache entries when CNAMEs collide

2017-02-02 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Answered here: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2017q1/011068.h tml Cheers, Simon. On 02/02/17 11:23, Aaron Jacobs wrote: > Hi all, > > I've found what seems to me an odd behavior in dnsmasq related to > CNAME caching,

Re: [Dnsmasq-discuss] IDN (internationalized domain name) support

2017-01-31 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 It's included in the Debian, (and therefore Ubuntu) packaging. Of course the only difference it makes is to the interpretation of domain names in /etc/hosts and friends and config files. - IDNs get cached and forwarded by dnsmasq fine without the

Re: [Dnsmasq-discuss] About UEFI PXE booting in proxy mode

2017-01-26 Thread Simon Kelley
capturefile". Let me know if you need more info. Thank you very > much. > > Steven > > > On 1/24/2017 AM 05:25, Simon Kelley wrote: Thanks for the reply. > Please could you repeat the tcpdump using the command > > tcpdump -s 0 -w capturefile > > and send me

Re: [Dnsmasq-discuss] Bluetooth networking issue

2017-01-26 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Make sure you're not getting confused between "connection refused" and a DNS reply with a REFUSED return code. The former means there's nothing listening on port 53 at the address you're sending the query to, which is possible if the bluetooth

Re: [Dnsmasq-discuss] Got bad packet: bad compression pointer

2017-01-23 Thread Simon Kelley
e.com. dns.cloudflare.com. 2023610183 1 2400 > 604800 3600 > > ;; Query time: 72 msec ;; SERVER: 172.26.16.1#53(172.26.16.1) ;; > WHEN: Wed Jan 18 12:42:02 PST 2017 ;; MSG SIZE rcvd: 123 > > > > On Wed, Jan 18, 2017 at 12:01 PM, Dave Taht <dave.t...@gmail.com> &

Re: [Dnsmasq-discuss] tftp: provide dbus signal for downloaded files

2017-01-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Yes. Seems sensible. Can I make a request that the patch includes updates to the documentation: at least dbus/DBus-interface, and also the man page if that's appropriate. Cheers, Simon. On 20/01/17 14:29, Yegor Yefremov wrote: > I have an

Re: [Dnsmasq-discuss] About UEFI PXE booting in proxy mode

2017-01-23 Thread Simon Kelley
: > Hi Simon, > > Thanks for your reply. I am answering you in the following. > > On 2017/01/20 06:47, Simon Kelley wrote: >> Your example 3 - I'm confused why that shouldn't work - the PXE >> client seems to be making further requests which are bring >> ignored. Wo

Re: [Dnsmasq-discuss] Making dnsmasq make OFFER faster than virtualbox NAT DHCP

2017-01-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 23/01/17 17:45, wkitt...@gmail.com wrote: > On 01/23/2017 06:49 AM, Simon Kelley wrote: >> Actually, it's permitted to have more than once DHCP server, but >> the client is entitled to wait for some time to hear from them >&g

Re: [Dnsmasq-discuss] dnsmasq always answer dhcp NAK

2017-01-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 If I've understood the problem correctly, dnsmasq is never even seeing these packets. If the destination address in the IP-level header is for a random IP address then the kernel network stack will discard the packet, even if the link-layer MAC

Re: [Dnsmasq-discuss] will there be a 2.77 release anytime soon?

2017-01-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 T'would probably be a good idea, just for accumulated bug-fixes. Would be nice to nail the DNSSEC compression pointers bug first though. Cheers, Simon. On 22/01/17 16:41, Dave Taht wrote: > just checkin > -BEGIN PGP SIGNATURE-

Re: [Dnsmasq-discuss] Making dnsmasq make OFFER faster than virtualbox NAT DHCP

2017-01-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Actually, it's permitted to have more than once DHCP server, but the client is entitled to wait for some time to hear from them all, and then pick whichever one it prefers, so trying to implement server priority by speed-of-reply is doomed to

Re: [Dnsmasq-discuss] Is there a way to disable file/directory polling for specific addn-hosts files or conf-dir changes?

2017-01-23 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Dnsmasq won't re-read /etc/hosts or files in a directory specified by - --addn-hosts automatically. It _will_ re-read files in a directory specified by --hostsdir. Armed with that information, the first thing to do might be to look at exactly what

Re: [Dnsmasq-discuss] About UEFI PXE booting in proxy mode

2017-01-19 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Below is the reply I sent to your original mail to me. The reply bounced, seemingly due to a misconfiguration of the MX record for your domain. Hopefully this will get to you via the list. Simon. -

Re: [Dnsmasq-discuss] Got bad packet: bad compression pointer

2017-01-18 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 I won't have access to a MIPS system 'till the weekend. I assume you're using the git head code? Did you manage to see a dump of the upstream reply? Simon. On 18/01/17 07:31, Dave Taht wrote: > so far I can only make it happen on mips.

Re: [Dnsmasq-discuss] Got bad packet: bad compression pointer

2017-01-16 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 Host makes A, and MX queries and it's the reply to the MX that's failing. This all works fine here (dnsmasq and host both running on the same x86_64 host. The reply to the MX query looks like this. ; (1 server found) ;; global options: +cmd

Re: [Dnsmasq-discuss] Duplicate IPs assigned to devices with similar MAC (same vendor)

2017-01-15 Thread Simon Kelley
asq --version Dnsmasq version 2.76 Copyright (c) 2000-2016 > Simon Kelley # Lease time 48 hours > > DNSMASQ server has been in our office for last 4-5 years, and > mostly no issues with assigning IPs. Except there are two recent > devices in our lab from the same vendor, and the

Re: [Dnsmasq-discuss] Cache is flushed repeated when 2 cname point to the same domain

2017-01-10 Thread Simon Kelley
-BEGIN PGP SIGNED MESSAGE- Hash: SHA256 On 09/01/17 01:43, 石磊 wrote: > Hi, > > We are running into an issue that the cache is flushed repeated > when 2 cnames are point to the same domain. For example, Domain-A > is cnamed to Domain-True Domain-B is cnamed to Domain-True, and > then

<    1   2   3   4   5   6   7   8   9   10   >