Re: [Dnsmasq-discuss] DHCP, how to ignore the client MAC address?
On 1/11/2019 8:48 PM, Michael Schleicher wrote: > Hi Geert, > > thanks for you mail. > > On 1/11/19 6:50 PM, Geert Stappers wrote: >> On Fri, Jan 11, 2019 at 11:29:13AM +0100, MIchael Schleicher (smicha) wrote: >>> On 11.01.19 10:53, john doe wrote: On 1/11/2019 9:49 AM, MIchael Schleicher (smicha) wrote: > > I have just checked on my environment what's in the dnsmasq.leases file: > > 1547246444 00:50:56:85:23:ea 10.198.10.223 win-vm 01:00:50:56:85:23:ea > 1547276503 00:50:56:85:f1:86 10.198.10.37 linux-vm 01:00:50:56:85:f1:86 > > As you see the Client-ID (5th field) is the MAC + "01:" as prefix. > You previously said that the hostname is always the same, as ilustrated by the above they are not (win-vm vs linux-vm)? >>> >>> That are 2 different systems. (1 Windows and 1 Linux VM). It's just a >>> example >>> >> >> Thing I would like to known is the name of the virtualisation platform. >> Mostly because all those I seen did allow me to define MAC address. >> > > The virtual landscapes (VM's) are running on VMware ESX Cluster. > The ESX Hosts are "controlled" by a software which called > "eCloud-Manager". That are deploying the different clones of landscapes. > > We have a bunch of master VM's and the software deploy that VM's in > different isolated landscapes. (each landscape is isolated with vlans > and includes a copy of the Masters (but with different MAC as the Master > VM's have!). > > So, when a cloned VM in one of the virtual landscapes are crash or have > some other problems, the software destorys the VM and deploy a copy of > the Master-VM, with a different MAC to that landscapes. > > And that is exactly the problem, during the deployment of that cloned VM > from the Master, the MAC will changed from the eCloud-Manager during the > VMWare deployment. > > I hope I gave you a understandable description. > If the maintaner of dnsmasq has not chimed in that leav us with to options: - To much on his plate, something could be done to answer this question. - The issue lies elsewhere (predicting way for MAC addressing). -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Config Parcing Bug
On 1/11/19 7:22 PM, Tasnad Kernetzky wrote: Hi all, I wanted to report a bug (at least we belieave it is one). We had a short discussion over at the archlinux bugtracker (https://bugs.archlinux.org/task/60366). In short: echo 'address=/ab--c.example.com/#' | dnsmasq --test -C - dnsmasq: error at line 1 of stdin Althoug the URL is "forbidden": host 'ab--c.example.com' host: 'ab--c.example.com' is not a legal IDNA2008 name (string contains forbidden two hyphens pattern), use +noidnin is that a punycode domain name? all the one's i've seen are written as xn--codehere.invalid firefox has a specific option we set so we don't get taken in by look-alike homographs... specifically the links with unicode characters in them are displayed in their punycode form, xn--blahblah... these links explain more if some folks don't know about this aspect of the DNS system... https://en.wikipedia.org/wiki/Internationalized_domain_name#ASCII_spoofing_concerns https://en.wikipedia.org/wiki/IDN_homograph_attack https://en.wikipedia.org/wiki/Punycode#Internationalized_domain_names -- NOTE: No off-list assistance is given without prior approval. *Please keep mailing list traffic on the list unless* *a signed and pre-paid contract is in effect with us.* ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Config Parcing Bug
Hi all, I wanted to report a bug (at least we belieave it is one). We had a short discussion over at the archlinux bugtracker (https://bugs.archlinux.org/task/60366). In short: > echo 'address=/ab--c.example.com/#' | dnsmasq --test -C - > dnsmasq: error at line 1 of stdin Althoug the URL is "forbidden": > host 'ab--c.example.com' > host: 'ab--c.example.com' is not a legal IDNA2008 name (string contains forbidden two hyphens pattern), use +noidnin it would be nice to be able to block it. We ended up there, since the filter list from https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts started to include these kinds of URLs. My feeling is, that parsing the two dashes somehow fails. Interestingly, adding one more character before the dashes does not trigger the bug: > echo 'address=/abb--c.example.com/#' | dnsmasq --test -C - > dnsmasq: syntax check OK. Escaping (ab\-\-c.example.com) allows dnsmasq to start, but renders the line ineffective. Do you know about this and is it intended behaviour? Regards, Tasnad signature.asc Description: OpenPGP digital signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Determine wireless SSID
This is probably not possible but I thought I would ask. Is it possible for DNSMASQ to determine the SSID for a DHCP request? I would like to be able to assign different values for devices using the guest network. DNSMASQ is running on my QNAP NAS while I have a Netgear wireless router providing the wireless connectivity. Thanks - "Everyone is entitled to his own opinion, but not to his own facts." - Daniel Patrick Moynihan ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCP, how to ignore the client MAC address?
Hi Geert, thanks for you mail. On 1/11/19 6:50 PM, Geert Stappers wrote: > On Fri, Jan 11, 2019 at 11:29:13AM +0100, MIchael Schleicher (smicha) wrote: >> On 11.01.19 10:53, john doe wrote: >>> On 1/11/2019 9:49 AM, MIchael Schleicher (smicha) wrote: I have just checked on my environment what's in the dnsmasq.leases file: 1547246444 00:50:56:85:23:ea 10.198.10.223 win-vm 01:00:50:56:85:23:ea 1547276503 00:50:56:85:f1:86 10.198.10.37 linux-vm 01:00:50:56:85:f1:86 As you see the Client-ID (5th field) is the MAC + "01:" as prefix. >>> >>> You previously said that the hostname is always the same, as ilustrated >>> by the above they are not (win-vm vs linux-vm)? >>> >> >> That are 2 different systems. (1 Windows and 1 Linux VM). It's just a >> example >> > > Thing I would like to known is the name of the virtualisation platform. > Mostly because all those I seen did allow me to define MAC address. > The virtual landscapes (VM's) are running on VMware ESX Cluster. The ESX Hosts are "controlled" by a software which called "eCloud-Manager". That are deploying the different clones of landscapes. We have a bunch of master VM's and the software deploy that VM's in different isolated landscapes. (each landscape is isolated with vlans and includes a copy of the Masters (but with different MAC as the Master VM's have!). So, when a cloned VM in one of the virtual landscapes are crash or have some other problems, the software destorys the VM and deploy a copy of the Master-VM, with a different MAC to that landscapes. And that is exactly the problem, during the deployment of that cloned VM from the Master, the MAC will changed from the eCloud-Manager during the VMWare deployment. I hope I gave you a understandable description. Many Thanks Michael ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCP, how to ignore the client MAC address?
On Fri, Jan 11, 2019 at 11:29:13AM +0100, MIchael Schleicher (smicha) wrote: > On 11.01.19 10:53, john doe wrote: > > On 1/11/2019 9:49 AM, MIchael Schleicher (smicha) wrote: > > > > > > I have just checked on my environment what's in the dnsmasq.leases file: > > > > > > 1547246444 00:50:56:85:23:ea 10.198.10.223 win-vm 01:00:50:56:85:23:ea > > > 1547276503 00:50:56:85:f1:86 10.198.10.37 linux-vm 01:00:50:56:85:f1:86 > > > > > > As you see the Client-ID (5th field) is the MAC + "01:" as prefix. > > > > > > > You previously said that the hostname is always the same, as ilustrated > > by the above they are not (win-vm vs linux-vm)? > > > > That are 2 different systems. (1 Windows and 1 Linux VM). It's just a > example > Thing I would like to known is the name of the virtualisation platform. Mostly because all those I seen did allow me to define MAC address. Cheers Geert Stappers DevOps Engineer ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] DHCPv6: Honor assigning IPv6 address based on MAC address
Hello, can somebody look at this patch? I remember that more people asked for ability to assign IPv6 address based on MAC address specified in config file, rather then IAID/DUID. On Monday 17 December 2018 18:41:09 Pali Rohár wrote: > Currently IPv6 addresses are assigned to tuple (IAID, DUID). When system > changes IAID/DUID then old assigned IPv6 address cannot be reused, even > when in config file was DHCPv6 assignment based on MAC address (and not on > DUID). > > IAID/DUID is changed when rebooting from one operating system to another; > or after reinstalling system. In reality it is normal that DUID of some > machine is changed, so people rather assign also IPv6 addresses based on > MAC address. > > So assigning IPv6 based on MAC address in dnsmasq is currently semi-broken. > > This patch tries to fix it and honors IPv6 config rules with MAC address, > to always assign particular IPv6 address to specific MAC address (when > configured). And ignores the fact if IAID/DUID was changed. > > Normally IPv6 address should be assigned by IAID/DUID (which also state > DHCPv6 RFCs), but dnsmasq has already some support for assigning IPv6 > address based on MAC address, when users configured in config file. > > So this patch just tries to fix above problem for user configuration with > MAC addresses. It does not change assignment based on DUID. > > Also this patch adds support for allowing IPv6 address to be associated > with multiple hardware addresses, and gives dnsmasq permission to abandon a > lease. This is similar functionality as already supported for IPv4 address. > --- > man/dnsmasq.8 | 9 ++--- > src/rfc3315.c | 62 > ++- > 2 files changed, 59 insertions(+), 12 deletions(-) > > diff --git a/man/dnsmasq.8 b/man/dnsmasq.8 > index f01a5ba..8614f08 100644 > --- a/man/dnsmasq.8 > +++ b/man/dnsmasq.8 > @@ -1068,10 +1068,13 @@ will only match a > Token-Ring hardware address, since the ARP-address type for token ring > is 6. > > -As a special case, in DHCPv4, it is possible to include more than one > -hardware address. eg: > +It is possible to include more than one hardware address. eg for IPv4: > .B --dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.2 > -This allows an IP address to be associated with > +or for IPv6: > +.B --dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,[::2] > +or for both: > +.B --dhcp-host=11:22:33:44:55:66,12:34:56:78:90:12,192.168.0.2,[::2] > +This allows an IPv4 and/or IPv6 address to be associated with > multiple hardware addresses, and gives dnsmasq permission to abandon a > DHCP lease to one of the hardware addresses when another one asks for > a lease. Beware that this is a dangerous thing to do, it will only > diff --git a/src/rfc3315.c b/src/rfc3315.c > index a20776d..c83cf2d 100644 > --- a/src/rfc3315.c > +++ b/src/rfc3315.c > @@ -54,7 +54,7 @@ static struct prefix_class > *prefix_class_from_context(struct dhcp_context *conte > #endif > static void mark_context_used(struct state *state, struct in6_addr *addr); > static void mark_config_used(struct dhcp_context *context, struct in6_addr > *addr); > -static int check_address(struct state *state, struct in6_addr *addr); > +static int check_address(struct state *state, struct dhcp_config *config, > struct in6_addr *addr); > static void add_address(struct state *state, struct dhcp_context *context, > unsigned int lease_time, void *ia_option, > unsigned int *min_time, struct in6_addr *addr, time_t > now); > static void update_leases(struct state *state, struct dhcp_context *context, > struct in6_addr *addr, unsigned int lease_time, time_t now); > @@ -746,7 +746,7 @@ static int dhcp6_no_relay(struct state *state, int > msg_type, void *inbuff, size_ > /* If the client asks for an address on the same network as > a configured address, > offer the configured address instead, to make moving to > newly-configured > addresses automatic. */ > - if (!(c->flags & CONTEXT_CONF_USED) && config_valid(config, > c, ) && check_address(state, )) > + if (!(c->flags & CONTEXT_CONF_USED) && config_valid(config, > c, ) && check_address(state, config, )) > { > req_addr = addr; > mark_config_used(c, ); > @@ -755,8 +755,14 @@ static int dhcp6_no_relay(struct state *state, int > msg_type, void *inbuff, size_ > } > else if (!(c = address6_available(state->context, > _addr, solicit_tags, plain_range))) > continue; /* not an address we're allowed */ > - else if (!check_address(state, _addr)) > + else if (!check_address(state, config, _addr)) > continue; /* address leased elsewhere */ > + else if (state->mac_len && config && > +
Re: [Dnsmasq-discuss] DHCP, how to ignore the client MAC address?
On 1/11/2019 9:49 AM, MIchael Schleicher (smicha) wrote: > Hi, > > thanks for your reply. > > On 10.01.19 22:25, wkitt...@gmail.com wrote: >> On 1/10/19 3:26 PM, Michael Schleicher wrote: >>> As I said, for Linux VM's, I can set a uniq Client-ID that helps, but on >>> Windows you can not set define a Client-ID (as far as I know). >> >> isn't this the machine name? when i was supporting winwhatever, the >> install generated a machine name... that is the name i saw used in >> DHCP requests... it is the name that was added to the DNS so queries >> on it would return its current IP... >> >> > > I have just checked on my environment what's in the dnsmasq.leases file: > > 1547246444 00:50:56:85:23:ea 10.198.10.223 win-vm 01:00:50:56:85:23:ea > 1547276503 00:50:56:85:f1:86 10.198.10.37 linux-vm 01:00:50:56:85:f1:86 > > As you see the Client-ID (5th field) is the MAC + "01:" as prefix. > You previously said that the hostname is always the same, as ilustrated by the above they are not (win-vm vs linux-vm)? -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCP, how to ignore the client MAC address?
Hi, thanks for your reply. On 10.01.19 22:25, wkitt...@gmail.com wrote: On 1/10/19 3:26 PM, Michael Schleicher wrote: As I said, for Linux VM's, I can set a uniq Client-ID that helps, but on Windows you can not set define a Client-ID (as far as I know). isn't this the machine name? when i was supporting winwhatever, the install generated a machine name... that is the name i saw used in DHCP requests... it is the name that was added to the DNS so queries on it would return its current IP... I have just checked on my environment what's in the dnsmasq.leases file: 1547246444 00:50:56:85:23:ea 10.198.10.223 win-vm 01:00:50:56:85:23:ea 1547276503 00:50:56:85:f1:86 10.198.10.37 linux-vm 01:00:50:56:85:f1:86 As you see the Client-ID (5th field) is the MAC + "01:" as prefix. Many Thanks Michael ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss