[Dnsmasq-discuss] DHCPv6 and MAC
Hello Simon Kelley Referring to http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2013q1/006818.html The thread mainly focuses on Operating System side of a IPv6 dhclient functions. But here are other aspects of the issue, more difficult to figure out: The World of UEFI IPv6 network boot agents residing on a system's FW (a.k.a UNDI) Host Management (BMC's) that support IPv6 For those two dhclients, an administrator's nightmare begins in trying to understand what DUID approach was chosen by the original manufacturer ( the vendor ) And that would only go down the hill if more than one NIC exist in the system Can you please comment on that, knowing what you know on DUID approach How can a network administrator have control of the IP address assignment for specific clients, in a DHCP server/dnsmasq config, to clients of the types I described above This is just food for thought ... Shai Venter, NIC FW QA engineer Mellanox Technologies LTD ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Always Ignore Client Identifier
We have a pretty tightly-controlled private network environment which we've configured to have a 1-to-1-to-1 relationship between client MAC address, hostnames and IP addresses. Apart from guest IP ranges, we have control over when clients get added to the network. Thus, we can detect duplicate MAC addresses before it becomes an issue. In this setup, we can't need or want to use the client identifier option of DHCP. In fact, it becomes a problem when we start doing PXELinux installs, where a different client id gets sets during a remote install session, then when the install is complete and the new OS boots up, it gets a different IP address (because dnsmasq still knows about the lease it gave that same machine only 10 minutes ago!). To get rid of this issue, we now supply a dhcp-host option to dnsmasq each time we want to do a remote reinstall. The option looks something like this: dhcp-host=MAC addr,id:*,hostname,IP addr,set:install This works, since the id:* part tells dnsmasq to ignore the client ID in favor of the MAC address. But now to my question. Can this be done for ALL DHCP requests? Is there a global identify-by-mac-only option? If not, would you be willing to entertain the idea. I know many others have done this for some time now, using other DHCP server software, so I know it's possible and there doesn't seem to be any ill effects of this. Maybe this is not a good idea? Like I said, we have a fairly controlled environment, so it would work for us. I could see how this would be unnecessary for common setups, though. Or environments that have many VMs running on a single host and simply bridge their network interface may want to use the client identifier option so each VM gets a unique IP even if they're running on the same machine. But it would be nice to have a greater level of control over this. Thanks for your time. And GREAT piece of software, by the way. dnsmasq is a HUGE time saver and makes changing configurations straight-forward. Do you accept donations? :) -- daV.e ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] coping with ipv6 source routing and dns
I have been (mostly) happily fiddling with my new comcast ipv6 connection, trying to route all dns queries over ipv6 in particular, by disabling requesting the ipv4 dns addrs and relying on the dhcpv6 request to succeed. config interface eth0 option 'ifname' 'eth0' option 'proto' 'dhcp' option 'peerdns' '0' config interface wan6 option ifname @eth0 option protodhcpv6 option 'broadcast' '1' option 'metric' '2048' works. yea! no more nat holes for ipv4 dns. Problem is, I also have a hurricane electric tunnel. When I try to use both, addresses from one get used on the other and dns forward lookups fail. I think the right answer is to abandon resolv.conf.auto and instead explicitly assign ipv6 source addrs in dnsmasq... server=2001:558:feed::1@:comcast:assigned:ipv6:address server=2001:558:feed::2@:comcast.assigned:ipv6:address server=2001:470:20::2@my:hurricane:assigned:ipv6:address yes? (I'll be trying this in a bit) One thing of possible useful note is that (yea!) we can just select some arbitrary new ipv6 address within the assigned range, add it to the local dnsmasq server box, and source dns lookups from that, using up just that port space. then my own /etc/resolv.conf just points to localhost for hm.armory.com, so I fix that with server=/hm.armory.com/172.26.3.1/ server=/wifi.armory.com/172.26.2.1/ But this doesn't help in terms of reverse lookups (I think), where I might or might not have my own delegated subdomain. from someoption= comcast.assigned.ipv6.address.range/60 lookup via 2001:558:feed::1 or ::2 someoption= he.assigned.ipv6.address.range/48 lookup via 2001:470:20::2 ? and then there's splitting dns... where I might want nuc.hm.armory.com s available to the outside universe. somehow. ? My brain hurts. -- Dave Täht Fixing bufferbloat with cerowrt: http://www.teklibre.com/cerowrt/subscribe.html ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
