Re: [Dnsmasq-discuss] Two routers, two dnsmasq instances, can they sync?
I was going to implement this a year ago, but unfortunately stuck in establishing IP connectivity between the subnets. Providing you have IP connectivity (VPN I assume), you can pull lease file from one router to another, convert it to 'hosts' file (don't forget to compare lease times in case if one of the clients can fly from one router to another quickly :) ) and send SIGHUP to dnsmasq instance for it to reread new 'hosts'. Path to the file may be passed as --addn-hosts. If you wish, I can help with setting things up. Maybe I'll be able to finish changes in my subnets after. Either way, would like to see your success (or fail) story here. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Slow DNSMasq with > 100, 000 entries in additional addresses file
Using DNSMasq 2.76 on the Openwrt platform with a raspberry pi 3 like device for home networking 1GB RAM, dual core 1 GHZ processor). Additionally I'm using the the adblock set of scripts found @ (https://github.com/openwrt/packages/tree/master/net/adblock/files) to block malware and porn sites. The porn sites list is about 800,000 entries, about 10x the number of sites adblock normally uses. With the full list of malware and porn domains loaded, dnsmasq takes 115M of memory and normally sits around 50% CPU usage with moderate browsing usage. CPU and RAM usage isn't really a problem other than lookups are slow now. Platform is cc 15.05.1 r49389. The adblock script takes downloads different lists, creates a file for each list in the format: local=/40def14.codns.com/ local=/944413269.3322.org local=/domainnottogoto.com/ ... With one entry per line. The goal is to return NXDOMAIN when the local clients use the dnsmasq as the its primary dns server. Lists are sorted and with unique entries, so duplicates are limited. In an effort to address the performance issues I've tried increasing the dnsmasq cachesize to 10,000 but that made no change in performance. Also tried neg-ttl=3600 with default negative caching enabled with no change - thinking that if dnsmasq would cache the no response queries performance would go up. This didn't have any noticeable improvement in performance. Are there dnsmasq setting that will improve the performance? or should it be configured differently to achieve this goal? Perhaps unbound would be better suited? Cheers Derek ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Sequential IP doesn't look for unused IPs
Hi Alec, A bit disagree on that, at up-to-time Asus routers use hashed mac allocations, not sequential. Older ones – did sequential allocation with reuse of expired IP from the very start (original udhcpd behavior), and in my practice, it rose issues when the same ip was allocated to different interfaces of one particular host, first time – as a first lease, second – after a hibernate/sleep. Same code was merged into udhcpd@busybox and was fixed into sdbm hash several years ago. In my opinion, sequential reuse of ip pool does more harm than helps to keep the “things” in order. Best Regards, Vladislav Grishenko From: Dnsmasq-discuss [mailto:dnsmasq-discuss-boun...@lists.thekelleys.org.uk] On Behalf Of Alec Robertson Sent: Sunday, December 25, 2016 4:14 AM To: dnsmasq-discuss@lists.thekelleys.org.uk Subject: Re: [Dnsmasq-discuss] Sequential IP doesn't look for unused IPs I understand what you’re saying but I was suggesting this should be a feature enhancement. All the other routers I have used work the way I have described, be it NETGEAR, Asus, Huawei, etc. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] IPv6 on OpenWRT
Hi all, I am using dnsmasq on OpenWRT and I have configured the DHCPv6 server and it is working well with the clients connected to the router. However, the DNS is not working; IPv6 requests are not successful. The clients are given the router’s IP for DNS, like they are with IPv4 but the DNS is not working. How do I configure the DNS servers on dnsmasq correctly? I am using a 6in4 tunnel via Hurricane Electric. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Sequential IP doesn't look for unused IPs
Thank you for your reply. It was just really to make it like every other router I’ve used. It’s not a “problem” as such. — Alec Robertson On 25 December 2016 at 11:03:35, Albert ARIBAUD (albert.arib...@free.fr) wrote: (TL;DR: skip to last paragraph of my reply) Hi Alec, Le Sat, 24 Dec 2016 18:13:46 -0500 Alec Robertsona écrit: > I understand what you’re saying but I was suggesting this should be a > feature enhancement. All the other routers I have used work the way I > have described, be it NETGEAR, Asus, Huawei, etc. Oh, ok. I was misled by the negative form in your message subject, which I read as pointing a perceived misbehavior as opposed to suggesting a new one. So, have I got it right that your point can be summed up as follows: "1. Right now, dnsmasq's DHCP server feature allocates IP based on either one of the two following (summarized) strategies: a) Select the IP based on a hash of the MAC, or b) Select the oldest free IP available. 2. It is suggested to add a strategy which would be summarized as: c) Select the lowest free IP." If so, then I'm sorry about the misunderstanding: while I could have helped on a perceived or real misbehavior diagnosis, I am not involved in any part of developing dnsmasq so my feedback on a feature request would be worthless. However, I do have a question about this feature request; please bear with me for a minute there. I do understand that strategy c above is easily implemented (it's basically a context-insensitive loop) as opposed to the other two, so it makes sense to implement that when developing a DHCP server from scratch, I do not see what benefit it brings to a DHCP server which already has two allocation options in place. IOW, what does option c bring that options a or b don't? Obviously, option c reduces the number of different IPs allocated over time with respect to option b, as option b goes through the whole range while option does not. But then, option a also keeps the number of allocated IPs to a minimum. There is a difference, though, between options c and a: option c keeps that minimum set of IPs tight, whereas option a (possibly) spreads the set over the whole range. So, the real distinguishing feature of option c is "keep the allocated IPs as grouped near the range base as possible". But that's a /characteristic/, not a /benefit/ -- at least, I cannot see the benefit yet. So I suspect there is something in the currently available options a and b which causes an issue in your use of dnsmasq to the point of making you want to see option c implemented. Now, this something may actually be solved by implementing option c, or it may be a symptom of another problem for which there is a better solution than option c. As I don't remember having seen a similar request (I might have missed it, though), I suspect that it is not widely seen as a solution, which makes me lean toward the "there is a better solution" side, but that's only a hunch; hence my questioning, to either get rid of a false hunch, or see it confirm and get to a better solution to your problem. And for that, we need the problem laid out (as opposed to laying out the perceived solution) So the question becomes in fact why is a 'tight low range' IP allocation strategy needed exactly, or more precisely, what is the problem that you have which dnsmasq's existing IP allocation strategies cause, or at least do not solve? Amicalement, -- Albert. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Two routers, two dnsmasq instances, can they sync?
I have two OpenWRT routers which are physically far apart. One serves 192.168.2, the other serves 192.168.1 and they route between each other. I'd prefer it if rt1 and rt2 could each manage dhcp on their respective subnets but I'd like them to have a common view of the internal DNS. Is this possible? Is this what server=/192.168.1.1/local.domain/ could be used for? Kevin signature.asc Description: PGP signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Windows ipv6 hostname
On Monday 26 December 2016 14:50:41 Markus Hartung wrote: > >For dhcpv6 I have own dnsmasq patches which assign ipv6 address > >bases on > >mac address... > > That could be interesting with such patch. Is there any reason it > haven't been accepted? See discussion: http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q1/010135.html http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q1/thread.html#10135 Simon did not response about it for 11 months... so I do not know. http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2016q4/010885.html > What I need is just a way for a given mac-address dnsmasq should be > informed of the hostname. Anyway, dnsmasq has already some support for mac-address in DHCPv6... -- Pali Rohár pali.ro...@gmail.com signature.asc Description: This is a digitally signed message part. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Windows ipv6 hostname
Hello, On 26 December 2016 10:29:26 GMT+01:00, "Pali Rohár"wrote: >On Friday 23 December 2016 10:39:20 Markus Hartung wrote: >> Is there a way to flush the lease database in dnsmasq? I have tried >> removing the line in /var/lib/misc/dnsmasq.leases and restart dnsmasq >> but my laptop still gets the same IP-address. Or is it that dnsmasq >> uses the mac-address to generate same IP-address every time? > >Removing lease database file when dnsmasq is not running should be >enough. > >But dhcp client can try to "renew" already assigned IP address and dhcp > >client (dnsmasq) can extend this lease if nobody is using requested ip >address. > >So you should remove both *client* and *server* databases to prevent >such situation. > >I think it is possible to configure dnsmasq to assign only configured >ipv4 address for mac address. > >For dhcpv6 I have own dnsmasq patches which assign ipv6 address bases >on >mac address... That could be interesting with such patch. Is there any reason it haven't been accepted? What I need is just a way for a given mac-address dnsmasq should be informed of the hostname. BR, Markus -- Sent from my Android device with K-9 Mail. Please excuse my brevity. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Windows ipv6 hostname
On Friday 23 December 2016 10:39:20 Markus Hartung wrote: > Is there a way to flush the lease database in dnsmasq? I have tried > removing the line in /var/lib/misc/dnsmasq.leases and restart dnsmasq > but my laptop still gets the same IP-address. Or is it that dnsmasq > uses the mac-address to generate same IP-address every time? Removing lease database file when dnsmasq is not running should be enough. But dhcp client can try to "renew" already assigned IP address and dhcp client (dnsmasq) can extend this lease if nobody is using requested ip address. So you should remove both *client* and *server* databases to prevent such situation. I think it is possible to configure dnsmasq to assign only configured ipv4 address for mac address. For dhcpv6 I have own dnsmasq patches which assign ipv6 address bases on mac address... -- Pali Rohár pali.ro...@gmail.com signature.asc Description: This is a digitally signed message part. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss