Re: [Dnsmasq-discuss] Intermittent SIGSEGV crash of dnsmasq-full
On 09/05/17 22:42, Simon Kelley wrote: Never trust a git commit which happened in the early hours :) Thanks for a second excellent bug report. This was much easier to find. Sorry for keeping you up till the wee small hours with your bug hunting outfit on :-) Guido does all the hard work with gdb, I just wave a flag, jump about and say 'lookie here!' :-) I've committed the fix to git. I'll deal with Petr's patch tomorrow and then tag 2.77rc2 Good stuff. An rc2 I can get into LEDE for more bug hunting :-) Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] problem with loopback and 2.77test5
here the relevant things with recent lede-project.org root@box:~ dnsmasq -v Dnsmasq version 2.77test5 Copyright (c) 2000-2016 Simon Kelley Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID loop-detect inotify # kernel tested with non working version: 4.4.61 # kernel tested with working version 4.4.56 # this is repeating in syslog every 3 seconds: Wed May 10 12:47:55 2017 daemon.warn dnsmasq-dhcp[21993]: not using configured address 127.0.0.2 because it is in use by another host Wed May 10 12:47:55 2017 daemon.info dnsmasq-dhcp[21993]: DHCPDISCOVER(lo) 00:00:00:00:00:00 no address available # here the exact same config which is working with 2.77test4: root@box:~ :) cat /var/etc/dnsmasq.conf.cfg02411c # auto-generated config file from /etc/config/dhcp conf-file=/etc/dnsmasq.conf dhcp-authoritative localise-queries read-ethers expand-hosts dhcp-script=/etc/dhcp-script.d/10dhcpscript cache-size=1000 domain=internet server=/internet/ server=8.8.8.8 except-interface=eth0.2 except-interface=wlan0-1 except-interface=wlan1-1 addn-hosts=/var/run/hosts_olsr addn-hosts=/etc/local.hosts dhcp-leasefile=/tmp/dhcp.leases resolv-file=/tmp/resolv.conf.auto dhcp-broadcast=tag:needs-broadcast addn-hosts=/tmp/hosts conf-dir=/tmp/dnsmasq.d user=dnsmasq group=dnsmasq dhcp-host=00:00:00:00:00:00,127.0.0.2,lo-alias bogus-priv conf-file=/usr/share/dnsmasq/rfc6761.conf dhcp-range=set:lan,10.63.22.98,10.63.22.110,255.255.255.240,48h dhcp-range=set:mastergate,100.66.19.2,100.66.19.254,255.192.0.0,12h dhcp-option=mastergate,3,100.64.0.1 dhcp-option=mastergate,6,100.64.0.1 no-dhcp-interface=eth0.2 dhcp-range=set:loopback,127.0.0.2,127.0.0.3,255.0.0.0,1h # end-of-config # on a working version i get a lease: root@box:~ :) cat /tmp/dhcp.leases 1494416311 00:00:00:00:00:00 127.0.0.2 lo-alias * we use this "strange" method, for checking if everything is working and the lease gets renewed (and some hotplug scripts are fired) thanks & bye, bastian ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Dnsmasq, multiple subnets/gateways and option 82
Hello, I recently built a DHCP server using Dnsmasq on Centos7 VM and had a question about having more than one subnet and gateway We are using Option82 for 15 devices on each subnet, at this time only one subnet is active but I expect that the other two subnets will need to be active in the very near future. Currently I have dhcp-option=3,10.192.4.1 set for the active subnet, I will need to add 10.192.5.1 and 10.192.6.1 for the others as they come online. I have seen some other posts about utilizing multiple nics, each assigned to one of the subnet, is this the best way to accomplish what I am attempting to do? There will be nothing else requesting DHCP from the server, only the 15 devices - the other two subnets will be similar to this. Thanks, Keith ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Dnsmasq, multiple subnets/gateways and option 82
On 11/05/2017 01:40, Keith Lyons wrote: > Currently I have dhcp-option=3,10.192.4.1 set for the active subnet, I > will need to add 10.192.5.1 and 10.192.6.1 for the others as they come > online. I have seen some other posts about utilizing multiple nics, each > assigned to one of the subnet, is this the best > way to accomplish what I am attempting to do? It's certainly the easiest. You'll find that the interface name can also be used as a tag, allowing for the following setup: interface=eth0,eth1,eth2 dhcp-range=tag:eth0,10.192.4.2,10.192.4.254,10m dhcp-range=tag:eth1,10.192.5.2,10.192.5.254,10m dhcp-range=tag:eth2,10.192.6.2,10.192.6.254,10m ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] problem with loopback and 2.77test5
Just committed a patch which should make this work again without needing --no-ping. I've tagged it as 2.77rc2, so please could a LEDE package be built, and this behaviour tested. Cheers, Simon. On 10/05/17 14:11, Bastian Bittorf wrote: > * Simon Kelley[10.05.2017 15:05]: >> I wonder if this is to do with the extension of the ping-test to more >> cases. Please could you try adding >> >> no-ping >> >> to the config, and see if that improves things? > > thank you - yes, that works...now the log shows: > > dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00 > dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias > dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument > > could it be, because 'loopback' is not arp-able? > > bye, bastian > signature.asc Description: OpenPGP digital signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] problem with loopback and 2.77test5
Yes. I'll look at putting code to suppress the ARP check. on loopback. Cheers, Simon. On 10/05/17 14:11, Bastian Bittorf wrote: > * Simon Kelley[10.05.2017 15:05]: >> I wonder if this is to do with the extension of the ping-test to more >> cases. Please could you try adding >> >> no-ping >> >> to the config, and see if that improves things? > > thank you - yes, that works...now the log shows: > > dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00 > dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias > dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument > > could it be, because 'loopback' is not arp-able? > > bye, bastian > signature.asc Description: OpenPGP digital signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] problem with loopback and 2.77test5
* Simon Kelley[10.05.2017 15:05]: > I wonder if this is to do with the extension of the ping-test to more > cases. Please could you try adding > > no-ping > > to the config, and see if that improves things? thank you - yes, that works...now the log shows: dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00 dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument could it be, because 'loopback' is not arp-able? bye, bastian ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] problem with loopback and 2.77test5
I wonder if this is to do with the extension of the ping-test to more cases. Please could you try adding no-ping to the config, and see if that improves things? Cheers, Simon. On 10/05/17 11:56, Bastian Bittorf wrote: > here the relevant things with recent lede-project.org > > root@box:~ dnsmasq -v > Dnsmasq version 2.77test5 Copyright (c) 2000-2016 Simon Kelley > Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP > no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID > loop-detect inotify > > # kernel tested with non working version: 4.4.61 > # kernel tested with working version 4.4.56 > > # this is repeating in syslog every 3 seconds: > Wed May 10 12:47:55 2017 daemon.warn dnsmasq-dhcp[21993]: > not using configured address 127.0.0.2 because it is in use by another host > Wed May 10 12:47:55 2017 daemon.info dnsmasq-dhcp[21993]: > DHCPDISCOVER(lo) 00:00:00:00:00:00 no address available > > # here the exact same config which is working with 2.77test4: > root@box:~ :) cat /var/etc/dnsmasq.conf.cfg02411c > # auto-generated config file from /etc/config/dhcp > conf-file=/etc/dnsmasq.conf > dhcp-authoritative > localise-queries > read-ethers > expand-hosts > dhcp-script=/etc/dhcp-script.d/10dhcpscript > cache-size=1000 > domain=internet > server=/internet/ > server=8.8.8.8 > except-interface=eth0.2 > except-interface=wlan0-1 > except-interface=wlan1-1 > addn-hosts=/var/run/hosts_olsr > addn-hosts=/etc/local.hosts > dhcp-leasefile=/tmp/dhcp.leases > resolv-file=/tmp/resolv.conf.auto > dhcp-broadcast=tag:needs-broadcast > addn-hosts=/tmp/hosts > conf-dir=/tmp/dnsmasq.d > user=dnsmasq > group=dnsmasq > > dhcp-host=00:00:00:00:00:00,127.0.0.2,lo-alias > > bogus-priv > conf-file=/usr/share/dnsmasq/rfc6761.conf > dhcp-range=set:lan,10.63.22.98,10.63.22.110,255.255.255.240,48h > dhcp-range=set:mastergate,100.66.19.2,100.66.19.254,255.192.0.0,12h > dhcp-option=mastergate,3,100.64.0.1 > dhcp-option=mastergate,6,100.64.0.1 > no-dhcp-interface=eth0.2 > dhcp-range=set:loopback,127.0.0.2,127.0.0.3,255.0.0.0,1h > # end-of-config > > > # on a working version i get a lease: > root@box:~ :) cat /tmp/dhcp.leases > 1494416311 00:00:00:00:00:00 127.0.0.2 lo-alias * > > we use this "strange" method, for checking if everything is > working and the lease gets renewed (and some hotplug scripts are > fired) > > thanks & bye, bastian > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > signature.asc Description: OpenPGP digital signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] Logging of dhcp_script output
Dne 10.5.2017 v 00:14 Simon Kelley napsal(a): > On 09/05/17 18:49, Petr Menšík wrote: >> Hi Simon, >> >> sorry for a delay. We concluded that we do not like die on parse error >> even for dhcp script. It does always start up now unless script returns >> nonzero exit status. With this change, it would never start, until you >> were able to figure out what is wrong with your script. Then fix the >> cause. Until that, no-one will receive any lease as they did before. >> >> When assigning addresses to dhclient that had his address before, >> dnsmasq will offer requested address if it is not leased. If you start >> with clear leases, many machines will receive correct addresses again. >> Dnsmasq is used as small server for containers or virtual hosts on the >> local machine. I think it is quite useful they will always (try to) start. >> >> I think it should be possible to disable dying on parse errors. I think >> change from totally ignoring parsing errors to being not able to skip >> them is problematic for real world administrators. >> >> I would prefer current behavior as default, but with possible >> configuration override. I think it would be useful if return code >> suggested there is problem with lease database. I could then move old >> leases file and retry with empty database from the startup script. >> >> What do you think? > > I think that just logging a warning is best. I don't want to add yet > another obscure config option. > > Cheers, > > Simon. > Thanks. Would be sufficient to only remove condition with die (patch included)? I think it is configurable by script anyway. If you have well written script, you should know when something is not as it should be. If you return nonzero code from script, dnsmasq will die. If you don't, it will log an error but start. I think it is simple yet powerful. >> >> Dne 29.4.2017 v 00:03 Simon Kelley napsal(a): >>> On 24/04/17 15:42, Petr Mensik wrote: Thank you for accepting that patches. I agree that some garbage is far more likely to appear in dhcp-script mode. I would myself welcome error log from wrong formatted lease file as well. If I understand it well, that file will be overwritten after the first lease created. If it contains wrong data, just log an error, but do not terminate. >>> >>> That seems sensible. Change committed. It should not surprise administrator that just disabled IPv6 support. Error message would be logged once at startup until the first lease is created. Then file will be rewritten without any IPv6 leases, because they were skipped during the reading. I would accept one error message as notification some leases are gone forever. >>> Agreed. >>> I will have to ask whether failure to start on database corruption is considered a problem. It was silently ignoring all problems before. Now it fails to start the service completely if any error occurs. I think it relied on auto recovery with empty leases in the same way as with plain file. I think there should be a way to override default behavior. I will check for more opinions and get back with results. >>> >>> Any news on this? >>> >>> >>> Cheers, >>> >>> Simon. >>> Thank you Simon. Cheers, Petr >>> >>> >> > > From 4194ffba65a38e76f473d34d3b68d5b6a459a30b Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?=Date: Wed, 10 May 2017 16:13:07 +0200 Subject: [PATCH] Do not die on parse error but require nonzero exit status for it. --- src/lease.c | 6 -- 1 file changed, 6 deletions(-) diff --git a/src/lease.c b/src/lease.c index 5afb99b..56881b4 100644 --- a/src/lease.c +++ b/src/lease.c @@ -202,12 +202,6 @@ void lease_init(time_t now) sprintf(daemon->dhcp_buff, "%d", WEXITSTATUS(rc)); die(_("lease-init script returned exit code %s"), daemon->dhcp_buff, WEXITSTATUS(rc) + EC_INIT_OFFSET); } - - /* Only die if we stopped reading due to a non-parsed line when running script, - this is expected behaviour when reading from a file, if the file was written with IPv6 data - and we are not compiled to understand that. */ - if (!readok) - die(_("failed to read lease-init script output"), NULL, EC_FILE); } #endif -- 2.9.3 signature.asc Description: OpenPGP digital signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] problem with loopback and 2.77test5
On 10/05/17 14:11, Bastian Bittorf wrote: > * Simon Kelley[10.05.2017 15:05]: >> I wonder if this is to do with the extension of the ping-test to more >> cases. Please could you try adding >> >> no-ping >> >> to the config, and see if that improves things? > > thank you - yes, that works...now the log shows: > > dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00 > dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias > dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument > > could it be, because 'loopback' is not arp-able? Actually, its the sort-of opposite. loopback seems to respond to any address in 127.0.0.0/8 so you get a reply to an ICMP echo request from any 127.0.0.0/8 address, even if the loopback interface doesn't explicitly have that address srk@holly:~/dnsmasq/dnsmasq$ ifconfig lo loLink encap:Local Loopback inet addr:127.0.0.1 Mask:255.0.0.0 inet6 addr: ::1/128 Scope:Host UP LOOPBACK RUNNING MTU:65536 Metric:1 RX packets:2194 errors:0 dropped:0 overruns:0 frame:0 TX packets:2194 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1 RX bytes:164612 (164.6 KB) TX bytes:164612 (164.6 KB) srk@holly:~/dnsmasq/dnsmasq$ ping 127.0.0.2 PING 127.0.0.2 (127.0.0.2) 56(84) bytes of data. 64 bytes from 127.0.0.2: icmp_seq=1 ttl=64 time=0.068 ms 64 bytes from 127.0.0.2: icmp_seq=2 ttl=64 time=0.065 ms ^C --- 127.0.0.2 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 999ms I'll patch it to suppress ping-checks for the loopback interface. Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] libidn2 support
OK, answering my own question, Debian support for libidn2 seems to be rather behind, so at least for now, my life with Debian maintainer hat on is easier if the option to build with libidn is retained. I shall commit the patch forthwith. Cheers, Simon. On 09/05/17 23:12, Simon Kelley wrote: > On 09/05/17 19:35, Petr Menšík wrote: >> Hi Simon, hi everyone. >> >> Fedora wants to move from IDN 2003 to IDN 2008 support. Dnsmasq already >> supports IDN, but only older version. There is really little of IDN to >> support. I made a patch that allows explicit support for libidn2 along >> with original libidn. Because simple packaging, I could not use >> HAVE_IDN2. I chose HAVE_LIBIDN2 as a replacement. >> >> A link to Fedora bug, if you want to try difference: >> https://bugzilla.redhat.com/show_bug.cgi?id=1449150 >> >> Could it be merged? >> > > Is there any point in supporting both libraries? I'm not sure what the > point is. Any build which includes the IDN support (which is, broadly > distribution packages) will change to libidn2 so the libidn support just > becomes support overhead moving forward. It won't give people the old > behaviour unless they recompile. > > I could see slightly more point to an option which allowed the user to > specify IDN2003 rather than IDN2008 behaviour. It looks like that could > be done by forcing the IDN2_TRANSITIONAL flag to the idn2_to_ascii_lz() > call. > > Cheers, > > Simon. > > > signature.asc Description: OpenPGP digital signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss