Re: [Dnsmasq-discuss] Discovering the proxyDHCP server IP from initrds
I forgot to mention that I also use the "no-ping" option in the second
dnsmasq instance, to avoid delays, since the client won't use the
DHCPOFFER IP anyway.
On 2/2/19 9:25 p.m., Alkis Georgopoulos wrote:
Hi, I have the following use case, and I'm thinking that a workaround
might be to abuse the DHCP server concept a bit, and I'd like to ask if
someone can see any bad side effects, or can come up with a better
solution.
* Small computer lab. An LTSP server netboots e.g. 20 clients.
* The DHCP server is a cheap, non-configurable router.
There are no static IPs, not even for the server.
* Dnsmasq is configured as a proxyDHCP server.
The problem is, "how can the initramfs find out the dnsmasq=proxyDHCP
server IP, to load the NBD root file system from there?"
1) Ideally, the DHCP client in the initramfs would understand proxyDHCP
offers and get the address from there.
==> QUESTION 1: Does anyone know of such a client?
2) When using iPXE/undionly, we pass the proxyDHCP server IP in the
kernel cmdline using its ${proxydhcp/dhcp-server} variable.
3) When using PXELinux, we pass the proxyDHCP server IP by using its
"IPAPPEND 3" option.
4) But there are some cases (e.g. no UEFI/BIOS/iPXE support for the NIC)
where we put the kernel/initrd locally, so the initramfs needs to
discover the proxyDHCP server with no help from /proc/cmdline.
My hacky workaround there is to:
Server side:
As I said, dnsmasq already runs in proxyDHCP mode.
But I also run a SECOND instance of dnsmasq with the following
configuration:
dhcp-alternate-port
dhcp-range=192.168.0.1,192.168.0.254,2m
port=0
dhcp-leasefile=/tmp/dnsmasq.leases
This is using the REAL dhcp-range, where the router is responsible!
So dnsmasq might offer an IP that is actually in use!
But the client will discard the DHCPOFFER IP (see below).
Client side:
The client normally runs `ipconfig` in the initramfs and gets its IP
from the router.
Then I tell it to run a SECOND, "fake" `ipconfig -n -p 1068 enp0s17`.
Using the alternate ports, it manages to contact dnsmasq.
It gets the DHCPOFFER, keeps the server IP, and completely discards the
received IP.
I.e. my workaround is to abuse the DHCP protocol just for server
discovery, not IP leasing, due to DHCP clients not supporting the
proxyDHCP protocol.
==> QUESTION 2: since the client will discard the DHCPOFFER IP, and only
use the server IP, will this abuse have any bad side effects?
Thank you!
Alkis Georgopoulos
LTSP developer
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Determine wireless SSID
On 2/1/2019 5:34 PM, Donald Muller wrote: > Router is Netgear R7800 running the Netgear firmware. > > Yeah I was thinking of maybe putting in an AP or another wireless router in > bridge mode as I can set a VLAN by port on the R7800. > If you're willing to flash the FW to OpenWrt (1), there's no need to buy an extra access point. All could be done with in OpenWrt. If for any reasons you can't change the OEM FW buying an extra AP sounds reasonable, being a router in bridge mode or a an AP. If you go the router in bridge mode way, I would strongly consider the ability to change the stock FW to something else (OpenWrt, DD-WRT ...). 1) https://openwrt.org/toh/netgear/r7800 -- John Doe ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Determine wireless SSID
If you are thinking of adding an access point then just get an access point that can handle VLAN per SSID. Several vendors sell them including Cisco, Avaya, and Ubiquiti. The Ubiquiti is probably least expensive option and supports up to four SSIDs per radio (so four on 2.4 GHz and another four on 5 GHz). Their controller software also supports a captive guest portal with a separate guest network. On 2019-02-01 08:35, Donald Muller wrote: > Correct. I cannot set a VLAN for a specific SSID. > >> -Original Message- >> From: Dnsmasq-discuss >> On Behalf Of Daniel Huhardeaux >> Sent: Friday, February 1, 2019 4:51 AM >> To: dnsmasq-discuss@lists.thekelleys.org.uk >> Subject: Re: [Dnsmasq-discuss] Determine wireless SSID >> >> Le 31/01/2019 à 21:52, Donald Muller a écrit : >>> Petr, Daniel >>> >>> Thanks for the suggestions. I checked on my router and I can set a VLAN for >> 2.4Ghz and 5Ghz networks but not for guest vs non guest. >> >> You mean that you can't set VLAN for a specific SSID ? ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Determine wireless SSID
Correct. I cannot set a VLAN for a specific SSID. > -Original Message- > From: Dnsmasq-discuss > On Behalf Of Daniel Huhardeaux > Sent: Friday, February 1, 2019 4:51 AM > To: dnsmasq-discuss@lists.thekelleys.org.uk > Subject: Re: [Dnsmasq-discuss] Determine wireless SSID > > Le 31/01/2019 à 21:52, Donald Muller a écrit : > > Petr, Daniel > > > > Thanks for the suggestions. I checked on my router and I can set a VLAN for > 2.4Ghz and 5Ghz networks but not for guest vs non guest. > > You mean that you can't set VLAN for a specific SSID ? > > > > >> -Original Message- > >> From: Dnsmasq-discuss boun...@lists.thekelleys.org.uk> > >> On Behalf Of Daniel Huhardeaux > >> Sent: Tuesday, January 29, 2019 8:08 AM > >> To: dnsmasq-discuss@lists.thekelleys.org.uk > >> Subject: Re: [Dnsmasq-discuss] Determine wireless SSID > >> > >> Hello, > >> > >> I did it like Petr say, setting up 2 SSID in wireless router, each of > >> them in a different VLAN (my wireless router has this possibility). With > >> Tags you can also set different GW or DNS or ... > >> > >> Le 28/01/2019 à 20:47, Petr Mensik a écrit : > >>> Hi Donald, > >>> > >>> it is kind of possible. But usually there is another way to solve your > >>> situation. > >>> > >>> First of all, you want to assign guests different addresses. Why would > >>> you want that? I think you want to separate them from internal > network. > >>> Good design. However, that means they should be coming from > different > >>> network device. Just need to map device request is coming from to > >>> different range and tag. > >>> > >>> Or maybe better, have separate instances listening just on given > >>> interface. For example have guest network have VLAN 1, internal VLAN > 2. > >>> Run dnsmasq with bind-interfaces, interface=eth0.1 and so on. > >>> Another instance with interface=eth0.2, etc. It would separate > >>> physically guests from home users, would allow firewall separation as > >>> well. Possibly just one direction. > >>> > >>> It would not be simple setup I am afraid. Requires a lot of > >>> configuration outside dnsmasq. I guess you are looking for some simple > >>> configuration. I am afraid I do not know simpler setup. > >>> > >>> Is this somehow simplified in OpenWRT for example? > >>> > >>> Cheers, > >>> Petr > >>> > >>> On 1/11/19 10:58 PM, Donald Muller wrote: > This is probably not possible but I thought I would ask. > > Is it possible for DNSMASQ to determine the SSID for a DHCP request? I > >> would like to be able to assign different values for devices using the > >> guest > >> network. DNSMASQ is running on my QNAP NAS while I have a Netgear > >> wireless router providing the wireless connectivity. > > Thanks > >> > >> -- > >> Daniel > >> > >> ___ > >> Dnsmasq-discuss mailing list > >> Dnsmasq-discuss@lists.thekelleys.org.uk > >> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > ___ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > > > > -- > TOOTAi Networks > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Error build dnsmasq 2.79 at Centos 7 (nettle mismatch)
On Fri, Feb 01, 2019 at 03:47:29PM +, Roman Dmitriev wrote: > Hello, > > When trying to build dnsmasq version 2.79 falls out with an error: > > cc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions > -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches > -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic > -DHAVE_DBUS -DHAVE_LIBIDN2 -DHAVE_DNSSEC -DVERSION='"2.79"' > -I/usr/include/dbus-1.0 -I/usr/lib64/dbus-1.0/include -c crypto.c > crypto.c:25:26: fatal error: nettle/eddsa.h: No such file or directory Repeating the 'No such file or directory' > #include > ^ > compilation terminated. > make[1]: *** [crypto.o] Error 1 > make[1]: Leaving directory `/home/roman/BUILD_ROOT/BUILD/dnsmasq-2.79/src' > make: *** [all] Error 2 > > In Centos 7 last version of nettle: > > $ rpm -qi nettle > Name : nettle > Version : 2.7.1 > Release : 8.el7 > > Dnsmasq required nettle >=3. > > But the build of this version nettle for Centos 7 breaks the > dependencies of the rest of the distribution packages, making it > impossible to update them. > Is it possible to build a package with the old library? (here a .deb system, what follows is _not_ tested) Try `rpm -qi nettle\*`, it should show "nettle-devel". If not `sudo yum install nettle-devel` Please, let us know how it went. Groeten Geert Stappers -- Leven en laten leven ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Determine wireless SSID
Router is Netgear R7800 running the Netgear firmware. Yeah I was thinking of maybe putting in an AP or another wireless router in bridge mode as I can set a VLAN by port on the R7800. > -Original Message- > From: Dnsmasq-discuss > On Behalf Of john doe > Sent: Friday, February 1, 2019 12:58 AM > To: dnsmasq-discuss@lists.thekelleys.org.uk > Subject: Re: [Dnsmasq-discuss] Determine wireless SSID > > On 1/31/2019 9:52 PM, Donald Muller wrote: > > Petr, Daniel > > > > Thanks for the suggestions. I checked on my router and I can set a VLAN for > 2.4Ghz and 5Ghz networks but not for guest vs non guest. > > > > Can you afford an other wireless device on your network? > Do you mind sharing the model of your Netgear router? > > -- > John Doe > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] Error build dnsmasq 2.79 at Centos 7 (nettle mismatch)
Hello, When trying to build dnsmasq version 2.79 falls out with an error: cc -O2 -g -pipe -Wall -Wp,-D_FORTIFY_SOURCE=2 -fexceptions -fstack-protector-strong --param=ssp-buffer-size=4 -grecord-gcc-switches -specs=/usr/lib/rpm/redhat/redhat-hardened-cc1 -m64 -mtune=generic -DHAVE_DBUS -DHAVE_LIBIDN2 -DHAVE_DNSSEC -DVERSION='"2.79"' -I/usr/include/dbus-1.0 -I/usr/lib64/dbus-1.0/include -c crypto.c crypto.c:25:26: fatal error: nettle/eddsa.h: No such file or directory #include ^ compilation terminated. make[1]: *** [crypto.o] Error 1 make[1]: Leaving directory `/home/roman/BUILD_ROOT/BUILD/dnsmasq-2.79/src' make: *** [all] Error 2 In Centos 7 last version of nettle: $ rpm -qi nettle Name : nettle Version : 2.7.1 Release : 8.el7 Dnsmasq required nettle >=3. But the build of this version nettle for Centos 7 breaks the dependencies of the rest of the distribution packages, making it impossible to update them. Is it possible to build a package with the old library? - Roman Dmitriev mailto: r...@rajven.ru (mailto:r...@rajven.ru) ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Determine wireless SSID
Le 31/01/2019 à 21:52, Donald Muller a écrit : Petr, Daniel Thanks for the suggestions. I checked on my router and I can set a VLAN for 2.4Ghz and 5Ghz networks but not for guest vs non guest. You mean that you can't set VLAN for a specific SSID ? -Original Message- From: Dnsmasq-discuss On Behalf Of Daniel Huhardeaux Sent: Tuesday, January 29, 2019 8:08 AM To: dnsmasq-discuss@lists.thekelleys.org.uk Subject: Re: [Dnsmasq-discuss] Determine wireless SSID Hello, I did it like Petr say, setting up 2 SSID in wireless router, each of them in a different VLAN (my wireless router has this possibility). With Tags you can also set different GW or DNS or ... Le 28/01/2019 à 20:47, Petr Mensik a écrit : Hi Donald, it is kind of possible. But usually there is another way to solve your situation. First of all, you want to assign guests different addresses. Why would you want that? I think you want to separate them from internal network. Good design. However, that means they should be coming from different network device. Just need to map device request is coming from to different range and tag. Or maybe better, have separate instances listening just on given interface. For example have guest network have VLAN 1, internal VLAN 2. Run dnsmasq with bind-interfaces, interface=eth0.1 and so on. Another instance with interface=eth0.2, etc. It would separate physically guests from home users, would allow firewall separation as well. Possibly just one direction. It would not be simple setup I am afraid. Requires a lot of configuration outside dnsmasq. I guess you are looking for some simple configuration. I am afraid I do not know simpler setup. Is this somehow simplified in OpenWRT for example? Cheers, Petr On 1/11/19 10:58 PM, Donald Muller wrote: This is probably not possible but I thought I would ask. Is it possible for DNSMASQ to determine the SSID for a DHCP request? I would like to be able to assign different values for devices using the guest network. DNSMASQ is running on my QNAP NAS while I have a Netgear wireless router providing the wireless connectivity. Thanks -- Daniel ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss -- TOOTAi Networks ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
