Re: [Dnsmasq-discuss] Why is a different TTL resturned for bare and FQDN queries?

[Simon Kelley]

Sorry for lack of reply to this, I hope you're still there, Wojtek.


I think this may have something to do with your other post about
authoritative mode - one of the answers has the "aa" flag set, and the
other one doesn't.


It would be useful, for both of the situations you describe, to set
--log-queries in dnsmasq and post what it actually logs during these tests.



Cheers,

Simon.


On 02/02/2019 21:56, Wojtek Swiatek wrote:
> 
> switch-3 is a device which gets its IP via DHCP from dnsmasq. When
> trying to resolve it on dnsmasq (which expands hosts):
> 
> 
> root@rpi1 ~# dig @10.200.0.40  switch-3
> 
> ; <<>> DiG 9.11.4-4-Raspbian <<>> @10.200.0.40  switch-3
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 57399
> ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;switch-3.                      IN      A
> 
> ;; ANSWER SECTION:
> switch-3.               0       IN      A       10.200.0.123
> 
> ;; Query time: 0 msec
> ;; SERVER: 10.200.0.40#53(10.200.0.40)
> ;; WHEN: Sat Feb 02 22:52:01 CET 2019
> ;; MSG SIZE  rcvd: 53
> 
> 
> 
> root@rpi1 ~# dig @10.200.0.40  switch-3.swtk.info
> 
> 
> ; <<>> DiG 9.11.4-4-Raspbian <<>> @10.200.0.40 
> switch-3.swtk.info 
> ; (1 server found)
> ;; global options: +cmd
> ;; Got answer:
> ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 39739
> ;; flags: qr rd ra ad; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
> 
> ;; OPT PSEUDOSECTION:
> ; EDNS: version: 0, flags:; udp: 4096
> ;; QUESTION SECTION:
> ;switch-3.swtk.info .            IN      A
> 
> ;; ANSWER SECTION:
> switch-3.swtk.info .     600     IN      A   
>    10.200.0.123
> 
> ;; Query time: 0 msec
> ;; SERVER: 10.200.0.40#53(10.200.0.40)
> ;; WHEN: Sat Feb 02 22:52:06 CET 2019
> ;; MSG SIZE  rcvd: 63
> 
> 
> 
> 
> So one response (to the bare query provides a TTL of 0, and the other
> one (FQDN) - 600.
> 
> I do not know whether this normal/expected or not, and whether this is a
> problem or not?
> 
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Use dnsmasq to assign static /32 addresses via DHCP

[Peter Lieven]

Am 15.03.19 um 16:02 schrieb Simon Kelley:
> On 15/03/2019 12:44, Peter Lieven wrote:
>> Hi Simon,
>>
>> Am 14.03.19 um 18:41 schrieb Simon Kelley:
>>> Is this a use for something like the ISC dhcpd shared-network configuration.
>>>
>>>
>>> In the dnsmasq case, we could have something like
>>>
>>> shared-network=,
>>>
>>> or
>>>
>>> shared-network=,
>>>
>>> In the first case dnsmasq would behave _as_if_ the specified interface
>>> carried the address and netmask specified.
>>>
>>> In the second case, it would behave as if the interface which carries
>>> interface-address also carried the address and netmask specified.
>>>
>>> If I've understood correctly, you'd just need a shared-network
>>> declaration for each of your /24s.
>>
>> What you describe is exactly what I would need. However, as far
>>
>> as I understand the documentation of the shared network feature in ISC dhcpd
>>
>> they still require that the network is configured on the DHCP interface (as 
>> alias, secondary etc.).
>>
>> This already works in dnsmasqd. I would need the feature that does not
>>
>> require the addresses to be actually configured on the interface as you
>>
>> describe it.
>>
>
> I may have miss-understood the dhcpd case - what it does or doesn't do
> is probably irrelevant to what dnsmasq can  do in this case.
>
>
> As far as I can see, there's no reason why it shouldn't work, with the
> following caveats.
>
> 1) The DHCP server interface must have at least one address configured,
> and that address needs to be reachable from configured clients. This
> address gets used as the "server identifier" field in unicast
> transmissions from the client to the server for things like lease
> renewal. The case that the server-id is not on the same network as the
> client is not new, it's the case when using a DHCP relay.


Thats totally fine and its already the case today. The GW is a virtual

address on the DHCP Interface.


>
> 2) Dnsmasq currently guesses at the default router to send to a client,
> unless it's overridden by configuration. This is either its own address
> on the network where the client is given an address, or, if the DHCP
> came via relay, then it's the address of the relay on the network where
> the client is given an address. In the case that a client is being given
> an address on a network where neither the DHCP server or the DHCP relay
> have an address, there's no sensible guess for what the client's default
> router should be set to, so explicit configuration will have to be
> mandatory.


Thats also okay. The Router is reachable via a classless static route as

the virtual GW is not part of the network. Most modern DHCP clients

support this even without the classless static route option if the netmask

is 255.255.255.255. Thats the common scenario e.g. in cable networks

where each client gets a /32 IPv4 address as well.


Best,

Peter



___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Use dnsmasq to assign static /32 addresses via DHCP

[Simon Kelley]

On 15/03/2019 12:44, Peter Lieven wrote:
> Hi Simon,
> 
> Am 14.03.19 um 18:41 schrieb Simon Kelley:
>> Is this a use for something like the ISC dhcpd shared-network configuration.
>>
>>
>> In the dnsmasq case, we could have something like
>>
>> shared-network=,
>>
>> or
>>
>> shared-network=,
>>
>> In the first case dnsmasq would behave _as_if_ the specified interface
>> carried the address and netmask specified.
>>
>> In the second case, it would behave as if the interface which carries
>> interface-address also carried the address and netmask specified.
>>
>> If I've understood correctly, you'd just need a shared-network
>> declaration for each of your /24s.
> 
> 
> What you describe is exactly what I would need. However, as far
> 
> as I understand the documentation of the shared network feature in ISC dhcpd
> 
> they still require that the network is configured on the DHCP interface (as 
> alias, secondary etc.).
> 
> This already works in dnsmasqd. I would need the feature that does not
> 
> require the addresses to be actually configured on the interface as you
> 
> describe it.
> 


I may have miss-understood the dhcpd case - what it does or doesn't do
is probably irrelevant to what dnsmasq can  do in this case.


As far as I can see, there's no reason why it shouldn't work, with the
following caveats.

1) The DHCP server interface must have at least one address configured,
and that address needs to be reachable from configured clients. This
address gets used as the "server identifier" field in unicast
transmissions from the client to the server for things like lease
renewal. The case that the server-id is not on the same network as the
client is not new, it's the case when using a DHCP relay.

2) Dnsmasq currently guesses at the default router to send to a client,
unless it's overridden by configuration. This is either its own address
on the network where the client is given an address, or, if the DHCP
came via relay, then it's the address of the relay on the network where
the client is given an address. In the case that a client is being given
an address on a network where neither the DHCP server or the DHCP relay
have an address, there's no sensible guess for what the client's default
router should be set to, so explicit configuration will have to be
mandatory.

Cheers,

Simon.


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Use dnsmasq to assign static /32 addresses via DHCP

[Peter Lieven]

Hi Simon,

Am 14.03.19 um 18:41 schrieb Simon Kelley:
> Is this a use for something like the ISC dhcpd shared-network configuration.
>
>
> In the dnsmasq case, we could have something like
>
> shared-network=,
>
> or
>
> shared-network=,
>
> In the first case dnsmasq would behave _as_if_ the specified interface
> carried the address and netmask specified.
>
> In the second case, it would behave as if the interface which carries
> interface-address also carried the address and netmask specified.
>
> If I've understood correctly, you'd just need a shared-network
> declaration for each of your /24s.


What you describe is exactly what I would need. However, as far

as I understand the documentation of the shared network feature in ISC dhcpd

they still require that the network is configured on the DHCP interface (as 
alias, secondary etc.).

This already works in dnsmasqd. I would need the feature that does not

require the addresses to be actually configured on the interface as you

describe it.


>
>
>
> For the avoidance of doubt, this is NOT currently implemented on
> dnsmasq, but it has been on the "desirable" list in my head for some time.


I would like to help you implementing this, but unfortunately I am not at all

familiar with the dnsmasq code (yet). I do not know how complicated it is

to implement this, but I can at least help testing.


Best,

Peter




___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss