Re: [Dnsmasq-discuss] Intermittent SIGSEGV crash of dnsmasq-full

[Kevin Darbyshire-Bryant]

On 09/05/17 22:42, Simon Kelley wrote:

Never trust a git commit which happened in the early hours :)

Thanks for a second excellent bug report. This was much easier to find.


Sorry for keeping you up till the wee small hours with your bug hunting 
outfit on :-)


Guido does all the hard work with gdb, I just wave a flag, jump about 
and say 'lookie here!' :-)




I've committed the fix to git.

I'll deal with Petr's patch tomorrow and then tag 2.77rc2


Good stuff.  An rc2 I can get into LEDE for more bug hunting :-)



Cheers,

Simon.


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] problem with loopback and 2.77test5

[Bastian Bittorf]

here the relevant things with recent lede-project.org

root@box:~ dnsmasq -v
Dnsmasq version 2.77test5  Copyright (c) 2000-2016 Simon Kelley
Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP
no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID
loop-detect inotify

# kernel tested with non working version: 4.4.61
# kernel tested with working version 4.4.56

# this is repeating in syslog every 3 seconds:
Wed May 10 12:47:55 2017 daemon.warn dnsmasq-dhcp[21993]:
 not using configured address 127.0.0.2 because it is in use by another host
Wed May 10 12:47:55 2017 daemon.info dnsmasq-dhcp[21993]:
 DHCPDISCOVER(lo) 00:00:00:00:00:00 no address available

# here the exact same config which is working with 2.77test4:
root@box:~ :) cat /var/etc/dnsmasq.conf.cfg02411c
# auto-generated config file from /etc/config/dhcp
conf-file=/etc/dnsmasq.conf
dhcp-authoritative
localise-queries
read-ethers
expand-hosts
dhcp-script=/etc/dhcp-script.d/10dhcpscript
cache-size=1000
domain=internet
server=/internet/
server=8.8.8.8
except-interface=eth0.2
except-interface=wlan0-1
except-interface=wlan1-1
addn-hosts=/var/run/hosts_olsr
addn-hosts=/etc/local.hosts
dhcp-leasefile=/tmp/dhcp.leases
resolv-file=/tmp/resolv.conf.auto
dhcp-broadcast=tag:needs-broadcast
addn-hosts=/tmp/hosts
conf-dir=/tmp/dnsmasq.d
user=dnsmasq
group=dnsmasq

dhcp-host=00:00:00:00:00:00,127.0.0.2,lo-alias

bogus-priv
conf-file=/usr/share/dnsmasq/rfc6761.conf
dhcp-range=set:lan,10.63.22.98,10.63.22.110,255.255.255.240,48h
dhcp-range=set:mastergate,100.66.19.2,100.66.19.254,255.192.0.0,12h
dhcp-option=mastergate,3,100.64.0.1
dhcp-option=mastergate,6,100.64.0.1
no-dhcp-interface=eth0.2
dhcp-range=set:loopback,127.0.0.2,127.0.0.3,255.0.0.0,1h
# end-of-config


# on a working version i get a lease:
root@box:~ :) cat /tmp/dhcp.leases 
1494416311 00:00:00:00:00:00 127.0.0.2 lo-alias *

we use this "strange" method, for checking if everything is
working and the lease gets renewed (and some hotplug scripts are
fired)

thanks & bye, bastian

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Dnsmasq, multiple subnets/gateways and option 82

[Keith Lyons]

Hello,

I recently built a DHCP server using Dnsmasq on Centos7 VM and had a
question about having more than one subnet and gateway

We are using Option82 for 15 devices on each subnet, at this time only one
subnet is active but I expect that the other two subnets will need to be
active in the very near future.

Currently I have  dhcp-option=3,10.192.4.1 set for the active subnet, I
will need to add 10.192.5.1 and 10.192.6.1 for the others as they come
online. I have seen some other posts about utilizing multiple nics, each
assigned to one of the subnet, is this the best
way to accomplish what I am attempting to do?

There will be nothing else requesting DHCP from the server, only the 15
devices - the other two subnets will be similar to this.

Thanks,

Keith
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Dnsmasq, multiple subnets/gateways and option 82

[Chris Novakovic]

On 11/05/2017 01:40, Keith Lyons wrote:
> Currently I have  dhcp-option=3,10.192.4.1 set for the active subnet, I
> will need to add 10.192.5.1 and 10.192.6.1 for the others as they come
> online. I have seen some other posts about utilizing multiple nics, each
> assigned to one of the subnet, is this the best
> way to accomplish what I am attempting to do?

It's certainly the easiest. You'll find that the interface name can also
be used as a tag, allowing for the following setup:

interface=eth0,eth1,eth2
dhcp-range=tag:eth0,10.192.4.2,10.192.4.254,10m
dhcp-range=tag:eth1,10.192.5.2,10.192.5.254,10m
dhcp-range=tag:eth2,10.192.6.2,10.192.6.254,10m

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

[Simon Kelley]

Just committed a patch which should make this work again without needing
--no-ping.

I've tagged it as 2.77rc2, so please could a LEDE package be built, and
this behaviour tested.


Cheers,


Simon.

On 10/05/17 14:11, Bastian Bittorf wrote:
> * Simon Kelley  [10.05.2017 15:05]:
>> I wonder if this is to do with the extension of the ping-test to more
>> cases. Please could you try adding
>>
>> no-ping
>>
>> to the config, and see if that improves things?
> 
> thank you - yes, that works...now the log shows:
> 
> dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00
> dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias
> dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument
> 
> could it be, because 'loopback' is not arp-able?
> 
> bye, bastian
> 




signature.asc
Description: OpenPGP digital signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

[Simon Kelley]

Yes. I'll look at putting code to suppress the ARP check. on loopback.

Cheers,

Simon.


On 10/05/17 14:11, Bastian Bittorf wrote:
> * Simon Kelley  [10.05.2017 15:05]:
>> I wonder if this is to do with the extension of the ping-test to more
>> cases. Please could you try adding
>>
>> no-ping
>>
>> to the config, and see if that improves things?
> 
> thank you - yes, that works...now the log shows:
> 
> dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00
> dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias
> dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument
> 
> could it be, because 'loopback' is not arp-able?
> 
> bye, bastian
> 



signature.asc
Description: OpenPGP digital signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

[Bastian Bittorf]

* Simon Kelley  [10.05.2017 15:05]:
> I wonder if this is to do with the extension of the ping-test to more
> cases. Please could you try adding
> 
> no-ping
> 
> to the config, and see if that improves things?

thank you - yes, that works...now the log shows:

dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00
dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias
dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument

could it be, because 'loopback' is not arp-able?

bye, bastian

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

[Simon Kelley]

I wonder if this is to do with the extension of the ping-test to more
cases. Please could you try adding

no-ping

to the config, and see if that improves things?


Cheers,

Simon.


On 10/05/17 11:56, Bastian Bittorf wrote:
> here the relevant things with recent lede-project.org
> 
> root@box:~ dnsmasq -v
> Dnsmasq version 2.77test5  Copyright (c) 2000-2016 Simon Kelley
> Compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN DHCP
> no-DHCPv6 no-Lua TFTP no-conntrack no-ipset no-auth no-DNSSEC no-ID
> loop-detect inotify
> 
> # kernel tested with non working version: 4.4.61
> # kernel tested with working version 4.4.56
> 
> # this is repeating in syslog every 3 seconds:
> Wed May 10 12:47:55 2017 daemon.warn dnsmasq-dhcp[21993]:
>  not using configured address 127.0.0.2 because it is in use by another host
> Wed May 10 12:47:55 2017 daemon.info dnsmasq-dhcp[21993]:
>  DHCPDISCOVER(lo) 00:00:00:00:00:00 no address available
> 
> # here the exact same config which is working with 2.77test4:
> root@box:~ :) cat /var/etc/dnsmasq.conf.cfg02411c
> # auto-generated config file from /etc/config/dhcp
> conf-file=/etc/dnsmasq.conf
> dhcp-authoritative
> localise-queries
> read-ethers
> expand-hosts
> dhcp-script=/etc/dhcp-script.d/10dhcpscript
> cache-size=1000
> domain=internet
> server=/internet/
> server=8.8.8.8
> except-interface=eth0.2
> except-interface=wlan0-1
> except-interface=wlan1-1
> addn-hosts=/var/run/hosts_olsr
> addn-hosts=/etc/local.hosts
> dhcp-leasefile=/tmp/dhcp.leases
> resolv-file=/tmp/resolv.conf.auto
> dhcp-broadcast=tag:needs-broadcast
> addn-hosts=/tmp/hosts
> conf-dir=/tmp/dnsmasq.d
> user=dnsmasq
> group=dnsmasq
> 
> dhcp-host=00:00:00:00:00:00,127.0.0.2,lo-alias
> 
> bogus-priv
> conf-file=/usr/share/dnsmasq/rfc6761.conf
> dhcp-range=set:lan,10.63.22.98,10.63.22.110,255.255.255.240,48h
> dhcp-range=set:mastergate,100.66.19.2,100.66.19.254,255.192.0.0,12h
> dhcp-option=mastergate,3,100.64.0.1
> dhcp-option=mastergate,6,100.64.0.1
> no-dhcp-interface=eth0.2
> dhcp-range=set:loopback,127.0.0.2,127.0.0.3,255.0.0.0,1h
> # end-of-config
> 
> 
> # on a working version i get a lease:
> root@box:~ :) cat /tmp/dhcp.leases 
> 1494416311 00:00:00:00:00:00 127.0.0.2 lo-alias *
> 
> we use this "strange" method, for checking if everything is
> working and the lease gets renewed (and some hotplug scripts are
> fired)
> 
> thanks & bye, bastian
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 



signature.asc
Description: OpenPGP digital signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH] Logging of dhcp_script output

[Petr Menšík]

Dne 10.5.2017 v 00:14 Simon Kelley napsal(a):
> On 09/05/17 18:49, Petr Menšík wrote:
>> Hi Simon,
>>
>> sorry for a delay. We concluded that we do not like die on parse error
>> even for dhcp script. It does always start up now unless script returns
>> nonzero exit status. With this change, it would never start, until you
>> were able to figure out what is wrong with your script. Then fix the
>> cause. Until that, no-one will receive any lease as they did before.
>>
>> When assigning addresses to dhclient that had his address before,
>> dnsmasq will offer requested address if it is not leased. If you start
>> with clear leases, many machines will receive correct addresses again.
>> Dnsmasq is used as small server for containers or virtual hosts on the
>> local machine. I think it is quite useful they will always (try to) start.
>>
>> I think it should be possible to disable dying on parse errors. I think
>> change from totally ignoring parsing errors to being not able to skip
>> them is problematic for real world administrators.
>>
>> I would prefer current behavior as default, but with possible
>> configuration override. I think it would be useful if return code
>> suggested there is problem with lease database. I could then move old
>> leases file and retry with empty database from the startup script.
>>
>> What do you think?
> 
> I think that just logging a warning is best. I don't want to add yet
> another obscure config option.
> 
> Cheers,
> 
> Simon.
> 
Thanks. Would be sufficient to only remove condition with die (patch
included)?
I think it is configurable by script anyway. If you have well written
script, you should know when something is not as it should be. If you
return nonzero code from script, dnsmasq will die. If you don't, it will
log an error but start. I think it is simple yet powerful.
>>
>> Dne 29.4.2017 v 00:03 Simon Kelley napsal(a):
>>> On 24/04/17 15:42, Petr Mensik wrote:
 Thank you for accepting that patches. I agree that some garbage is
 far more likely to appear in dhcp-script mode. I would myself welcome
 error log from wrong formatted lease file as well. If I understand it
 well, that file will be overwritten after the first lease created. If
 it contains wrong data, just log an error, but do not terminate.
>>>
>>> That seems sensible. Change committed.

 It should not surprise administrator that just disabled IPv6 support.
 Error message would be logged once at startup until the first lease
 is created. Then file will be rewritten without any IPv6 leases,
 because they were skipped during the reading. I would accept one
 error message as notification some leases are gone forever.

>>> Agreed.
>>>
 I will have to ask whether failure to start on database corruption is
 considered a problem. It was silently ignoring all problems before.
 Now it fails to start the service completely if any error occurs. I
 think it relied on auto recovery with empty leases in the same way as
 with plain file. I think there should be a way to override default
 behavior. I will check for more opinions and get back with results.

>>>
>>> Any news on this?
>>>
>>>
>>> Cheers,
>>>
>>> Simon.
>>>
 Thank you Simon.

 Cheers, Petr


>>>
>>>
>>
> 
> 
From 4194ffba65a38e76f473d34d3b68d5b6a459a30b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= 
Date: Wed, 10 May 2017 16:13:07 +0200
Subject: [PATCH] Do not die on parse error but require nonzero exit status for
 it.

---
 src/lease.c | 6 --
 1 file changed, 6 deletions(-)

diff --git a/src/lease.c b/src/lease.c
index 5afb99b..56881b4 100644
--- a/src/lease.c
+++ b/src/lease.c
@@ -202,12 +202,6 @@ void lease_init(time_t now)
 	  sprintf(daemon->dhcp_buff, "%d", WEXITSTATUS(rc));
 	  die(_("lease-init script returned exit code %s"), daemon->dhcp_buff, WEXITSTATUS(rc) + EC_INIT_OFFSET);
 	}
-
-  /* Only die if we stopped reading due to a non-parsed line when running script,
-	 this is expected behaviour when reading from a file, if the file was written with IPv6 data
-	 and we are not compiled to understand that. */
-  if (!readok)
-	die(_("failed to read lease-init script output"), NULL, EC_FILE);
 }
 #endif
 
-- 
2.9.3



signature.asc
Description: OpenPGP digital signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] problem with loopback and 2.77test5

[Simon Kelley]

On 10/05/17 14:11, Bastian Bittorf wrote:
> * Simon Kelley  [10.05.2017 15:05]:
>> I wonder if this is to do with the extension of the ping-test to more
>> cases. Please could you try adding
>>
>> no-ping
>>
>> to the config, and see if that improves things?
> 
> thank you - yes, that works...now the log shows:
> 
> dnsmasq-dhcp[28815]: DHCPREQUEST(lo) 127.0.0.2 00:00:00:00:00:00
> dnsmasq-dhcp[28815]: DHCPACK(lo) 127.0.0.2 00:00:00:00:00:00 lo-alias
> dnsmasq-dhcp[28815]: ARP-cache injection failed: Invalid argument
> 
> could it be, because 'loopback' is not arp-able?

Actually, its the sort-of opposite. loopback seems to respond to any
address in 127.0.0.0/8 so you get a reply to an ICMP echo request from
any 127.0.0.0/8 address, even if the loopback interface doesn't
explicitly have that address

srk@holly:~/dnsmasq/dnsmasq$ ifconfig lo
loLink encap:Local Loopback
  inet addr:127.0.0.1  Mask:255.0.0.0
  inet6 addr: ::1/128 Scope:Host
  UP LOOPBACK RUNNING  MTU:65536  Metric:1
  RX packets:2194 errors:0 dropped:0 overruns:0 frame:0
  TX packets:2194 errors:0 dropped:0 overruns:0 carrier:0
  collisions:0 txqueuelen:1
  RX bytes:164612 (164.6 KB)  TX bytes:164612 (164.6 KB)

srk@holly:~/dnsmasq/dnsmasq$ ping 127.0.0.2
PING 127.0.0.2 (127.0.0.2) 56(84) bytes of data.
64 bytes from 127.0.0.2: icmp_seq=1 ttl=64 time=0.068 ms
64 bytes from 127.0.0.2: icmp_seq=2 ttl=64 time=0.065 ms
^C
--- 127.0.0.2 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 999ms

I'll patch it to suppress ping-checks for the loopback interface.

Cheers,

Simon.



___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH] libidn2 support

[Simon Kelley]

OK, answering my own question, Debian support for libidn2 seems to be
rather behind, so at least for now, my life with Debian maintainer hat
on is easier if the option to build with libidn is retained. I shall
commit the patch forthwith.


Cheers,

Simon.


On 09/05/17 23:12, Simon Kelley wrote:
> On 09/05/17 19:35, Petr Menšík wrote:
>> Hi Simon, hi everyone.
>>
>> Fedora wants to move from IDN 2003 to IDN 2008 support. Dnsmasq already
>> supports IDN, but only older version. There is really little of IDN to
>> support. I made a patch that allows explicit support for libidn2 along
>> with original libidn. Because simple packaging, I could not use
>> HAVE_IDN2. I chose HAVE_LIBIDN2 as a replacement.
>>
>> A link to Fedora bug, if you want to try difference:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1449150
>>
>> Could it be merged?
>>
> 
> Is there any point in supporting both libraries? I'm not sure what the
> point is. Any build which includes the IDN support (which is, broadly
> distribution packages) will change to libidn2 so the libidn support just
> becomes support overhead moving forward. It won't give people the old
> behaviour unless they recompile.
> 
> I could see slightly more point to an option which allowed the user to
> specify IDN2003 rather than IDN2008 behaviour. It looks like that could
> be done by forcing the IDN2_TRANSITIONAL flag to the  idn2_to_ascii_lz()
> call.
> 
> Cheers,
> 
> Simon.
> 
> 
> 




signature.asc
Description: OpenPGP digital signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss