Re: [Dnsmasq-discuss] VLANs and multiple IP addresses for one mac address
> > Ok, pulling back a level or two in the discussion tree since I'd > gonethe wrong path, I have now tried the following: > > dhcp-range=,... > dhcp-range=tag:,,... > dhcp-host=,,, > dhcp-host=,,, > > I deleted the dnsmasq lease file in /var, ran dnsmasq -d, and from the > host with given eth (or wlan) addr, did a dhclient on the main interface > and on the VLAN-ed one. Each interface got its own IP as specified in > the dhcp-host for the IP range corresponding to the interface, and both > names got registered in DNS with the right IP address. > > It appears no tag is needed, and the right dhcp-option is found based > on the subnet where the static IP belongs. > > Does this fulfill your requirements? > > I did not try with IPv6 and especially with auto-addition of SLAAC > IPv6 addresses to the DNS zone, though. > Bonjour Albert. Well what do you know! It works! I had assumed that some sort of tag matching was needed to get the right address for the right VLAN/interface. But I followed what you suggested and included multiple dhcp-host lines, all with the same mac address, but with different IPs from the different subnets and the right addresses got allocated. It must be a bit of dhcp magic in Simon's code! Thanks for all your help. David > > > Thanks for your help. > > > > David > > Amicalement, > -- > Albert. > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] VLANs and multiple IP addresses for one mac address
On 26 June 2014 12:45, Albert ARIBAUD wrote: > Bonjour David, > > > > > Here's the configuration for the DHCP range used on one VLAN (on > interface > > br1). > > interface=br1 > > dhcp-range=tag:br1,10.10.20.101,10.10.20.200,255.255.255.0,1440m > > dhcp-option=tag:br1,3,10.10.20.1 > > > > Here's the configuration for a couple of hosts on that VLAN. > > dhcp-host=60:03:08:9D:3D:08,10.10.20.99 > > dhcp-host=F0:CB:A1:86:D1:6E,10.10.20.100 > > You're using 'tag:' in both dhcp-range and dhcp-host; I believe you > should use 'set:' in dhcp-range with a different tag for each vlan, and > 'tag:' in dhcp-host. > Thanks Albert. According to the man page, dnsmasq only allows you to 'set' tags on dhcp-host lines. It doesn't allow you to match tags like you can on dhcp-range lines. This is what's confusing me. I know the tag matching option works when I use it with 'dhcp-range' but it doesn't appear it can be used with 'dhcp-host'. If it could I think my problem would be solved. Maybe I'm still missing something! David > > > What I thought Simon was suggesting was to allocate specific static > > addresses to the access points that are outside the ranges that are > > allocated to other clients. This would avoid the problem of dnsmasq > > allocating addresses to other clients that had already been allocated to > > the access points. What I'm missing here is how to reserve several > > addresses for a particular access point when all the requests use the > same > > mac address. The requests will arrive on different interfaces (br0, br1, > > br2 etc) but I can't see how to use that in the dhcp-host configuration. > > That's why I think I'm missing something! > > > > Thanks for your help. > > > > David > > Amicalement, > -- > Albert. > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] VLANs and multiple IP addresses for one mac address
On 25 June 2014 06:24, Albert ARIBAUD wrote: > Hi David, > > Le Tue, 24 Jun 2014 23:50:54 +0100, David Joslin a > écrit : > > > Thanks for the reply, Simon. > > > > How would I do that? > > > > I already use the --dhcp-host option to allocate IP addresses by MAC > > address for certain clients but these are all machines with just one IP > > address on one VLAN. How would I allocate static IP addresses to these > > access points when they require a different IP address per VLAN but all > > with the same MAC address? Each VLAN is associated with a LAN bridge on > the > > machine running dnsmasq and I allocate DHCP addresses to the different > > VLANs using the tag option in the --dhcp-range statements - for > > example: > dhcp-range=tag:br3,10.10.70.101,10.10.70.200,255.255.255.0,1440m. > > This works fine. But I can't see how to allocate static IP addresses > based > > on VLAN membership. > > > > Am I missing something obvious? > > I don't know about missing anything obvious, but i) can you also show > the dhcp-host options you use for one host? Also, just in case, try > with a tag that does not match the name of an interface (and make sure > that you change it in the VLANs' dhcp-range options as well as in the > hosts' dhcp-host options). > Here's the configuration for the DHCP range used on one VLAN (on interface br1). interface=br1 dhcp-range=tag:br1,10.10.20.101,10.10.20.200,255.255.255.0,1440m dhcp-option=tag:br1,3,10.10.20.1 Here's the configuration for a couple of hosts on that VLAN. dhcp-host=60:03:08:9D:3D:08,10.10.20.99 dhcp-host=F0:CB:A1:86:D1:6E,10.10.20.100 What I thought Simon was suggesting was to allocate specific static addresses to the access points that are outside the ranges that are allocated to other clients. This would avoid the problem of dnsmasq allocating addresses to other clients that had already been allocated to the access points. What I'm missing here is how to reserve several addresses for a particular access point when all the requests use the same mac address. The requests will arrive on different interfaces (br0, br1, br2 etc) but I can't see how to use that in the dhcp-host configuration. That's why I think I'm missing something! Thanks for your help. David -- > Albert. > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] VLANs and multiple IP addresses for one mac address
Thanks for the reply, Simon. How would I do that? I already use the --dhcp-host option to allocate IP addresses by MAC address for certain clients but these are all machines with just one IP address on one VLAN. How would I allocate static IP addresses to these access points when they require a different IP address per VLAN but all with the same MAC address? Each VLAN is associated with a LAN bridge on the machine running dnsmasq and I allocate DHCP addresses to the different VLANs using the tag option in the --dhcp-range statements - for example: dhcp-range=tag:br3,10.10.70.101,10.10.70.200,255.255.255.0,1440m. This works fine. But I can't see how to allocate static IP addresses based on VLAN membership. Am I missing something obvious? Cheers David On 24 June 2014 22:30, Simon Kelley wrote: > On 24/06/14 10:08, David Joslin wrote: > > I have a wireless network split into several vlans, each with its own > > subnet, with dnsmasq serving all vlans. The wireless network is a Ubiquti > > Unifi system and the access points all have static IP addresses on the > > management vlan. Additionally, the access points each request IP > addresses > > via DHCP for the other vlans and dnsmasq correctly allocates the IP > > addresses for the relevant vlans. > > > > I noticed in dnsmasq's logs recently a bunch of 'lease not found' > messages > > whenever the access points attempted to renew the leases for these > > addresses. The cause seems to be this: an access point's IP addresses are > > all used on the same interface on the access point so when it renews > these > > addresses, the requests all come from the same mac address. Dnsmasq > > services these requests but only the last address allocated is stored in > > the lease file (I'm assuming the other addresses allocated are briefly > > stored but then overwritten by subsequent allocations). So the access > > points are happy enough - they have the addresses they need correctly > > allocated by dnsmasq - but dnsmasq's lease file only records the last > > address allocated. When the access points renew the leases, dnsmasq > > generates the 'lease not found' error because there's no record of the > > allocation in the lease file. > > > > The error messages themselves are no big deal and the access points do > get > > the correct addresses. The problem I can foresee is that dnsmasq might > > allocate addresses to other clients that it has already allocated to the > > access points because it has no record of those allocations in its lease > > file. > > > > Is there any way dnsmasq can record more than 1 IP address against a mac > > address? Or is there any other way round this problem? The access points > > don't give any options for IP configuration apart from the address on the > > management vlan; there aren't any configuration options for these DHCP > > requested addresses. > > The obvious way to fix this would be to have the access points supply a > different client-id for each VLAN. Client-ids trump MAC addresses as > unique identifiers for leases. The lack of configuration options would > seem to preclude that, however. > > You could at least solve the worry about having access point addresses > re-allocated by giving them static addresses on each VLAN, associated > with the MAC address. > > Cheers, > > > Simon. > > > > > > > > Any help would be greatly appreciated. > > > > David > > > > > > > > ___ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] VLANs and multiple IP addresses for one mac address
I have a wireless network split into several vlans, each with its own subnet, with dnsmasq serving all vlans. The wireless network is a Ubiquti Unifi system and the access points all have static IP addresses on the management vlan. Additionally, the access points each request IP addresses via DHCP for the other vlans and dnsmasq correctly allocates the IP addresses for the relevant vlans. I noticed in dnsmasq's logs recently a bunch of 'lease not found' messages whenever the access points attempted to renew the leases for these addresses. The cause seems to be this: an access point's IP addresses are all used on the same interface on the access point so when it renews these addresses, the requests all come from the same mac address. Dnsmasq services these requests but only the last address allocated is stored in the lease file (I'm assuming the other addresses allocated are briefly stored but then overwritten by subsequent allocations). So the access points are happy enough - they have the addresses they need correctly allocated by dnsmasq - but dnsmasq's lease file only records the last address allocated. When the access points renew the leases, dnsmasq generates the 'lease not found' error because there's no record of the allocation in the lease file. The error messages themselves are no big deal and the access points do get the correct addresses. The problem I can foresee is that dnsmasq might allocate addresses to other clients that it has already allocated to the access points because it has no record of those allocations in its lease file. Is there any way dnsmasq can record more than 1 IP address against a mac address? Or is there any other way round this problem? The access points don't give any options for IP configuration apart from the address on the management vlan; there aren't any configuration options for these DHCP requested addresses. Any help would be greatly appreciated. David ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router
Thanks Simon. In your earlier message you said you thought this is probably dhcp related. I did manage to retrieve some logs from the time of the problem and there was a great deal of dhcp happening on the network at the time. I haven't had time to go over them yet but I can see repeated dhcp requests from the same clients over and over again and often only a few minutes (or less) apart. Our network is only lightly loaded at the moment and I can't reproduce the problem on any client. Does this sound like the same bug? Would the logs be useful to you? Cheers David On 28 April 2014 18:36, Simon Kelley wrote: > Note that this bug appears to be a hard lockup. > > https://bugs.launchpad.net/ubuntu/+source/dnsmasq/+bug/1313393 > > investigations are continuing. > > > Simon. > > > > > On 28/04/14 12:18, Kevin Darbyshire-Bryant wrote: > > On 25/04/2014 09:37, David Joslin wrote: > >> Hi Kevin and thanks for the help. > >> > > Apologies for delay in reply. > >> Is it possible to upgrade the dnsmasq version on the router without > >> waiting for the author of the tomato firmware to include a later > >> version in a release of his firmware (and you mentioned that dnsmasq > >> in tomato isn't a clean pull of Simon's release)? > > Probably, but as you'd have to cross compile it to MIPS and 'Tomato' > > environment you might as well try to rebuild the entire firmware. I > > loosely 'maintain' a shadow of Simon's git repo of dnsmasq with the > > Tomato/Asuswrt tweaks here > > https://github.com/kdarbyshirebryant/dnsmasq - No guarantees etc etc, > > but I personally try to keep up to date with both 'Merlin's > > Asuswrt/rmerlin and put current dnsmasq in there too. > >> > >> Why would changing the location of the leasefile to a usb stick make a > >> difference? If the issue, as Simon suggests, is caused by the constant > >> rewriting of the lease database, then wouldn't its current location > >> (which on a router would be RAM) be a faster/better option than a usb > >> stick? Or is there another possible issue here that I've missed? > > Agree, RAM should be faster but there is a finite amount of it and it's > > volatile...I quite like to store the database on something that survives > > reboots. Also, as tomato is compiled with 'no rtc', the code tries to > > minimise the number of writes to the leasefile on the basis it thinks it > > likely that flash memory is involved, so better to reduce the wear. > >> > >> The only recent change I've made to the router was the addition of a > >> usb stick as the location for the writing of system logs and bandwidth > >> and IP traffic usage logs (so that they weren't lost on a reboot). I > >> had wondered if the cause of the problem was related to the speed of > >> writing this stuff (which obviously includes dnsmasq logging) to the > >> usb stick rather than RAM. That's why I turned off dnsmasq logging at > >> one point but it didn't seem to make any difference. > >> > >> Thanks again for your help and I'll wait for your comments on the above. > > I'm not sure I've helped really. > > > > Kevin > > > > > > > > ___ > > Dnsmasq-discuss mailing list > > Dnsmasq-discuss@lists.thekelleys.org.uk > > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > > > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router
Hi Kevin and thanks for the help. Is it possible to upgrade the dnsmasq version on the router without waiting for the author of the tomato firmware to include a later version in a release of his firmware (and you mentioned that dnsmasq in tomato isn't a clean pull of Simon's release)? Why would changing the location of the leasefile to a usb stick make a difference? If the issue, as Simon suggests, is caused by the constant rewriting of the lease database, then wouldn't its current location (which on a router would be RAM) be a faster/better option than a usb stick? Or is there another possible issue here that I've missed? The only recent change I've made to the router was the addition of a usb stick as the location for the writing of system logs and bandwidth and IP traffic usage logs (so that they weren't lost on a reboot). I had wondered if the cause of the problem was related to the speed of writing this stuff (which obviously includes dnsmasq logging) to the usb stick rather than RAM. That's why I turned off dnsmasq logging at one point but it didn't seem to make any difference. Thanks again for your help and I'll wait for your comments on the above. Cheers David On 24 April 2014 21:13, Kevin Darbyshire-Bryant < ke...@darbyshire-bryant.me.uk> wrote: > On 24/04/2014 20:49, Simon Kelley wrote: > > On 24/04/14 20:41, David Joslin wrote: > >> Thanks for the reply, Simon. > >> > >> DNSSEC isn't enabled. > >> > >> I wonder if the pattern of the problem gives any clues... > >> > >> As I said, on a normal day with around 40-50 clients on the network > there > >> is no problem at all with dnsmasq managing to use barely 0 - 2% of the > CPU. > >> When the problem occurred there were a little over 100 clients. Running > top > >> showed dnsmasq using 100% cpu so I restarted dnsmasq and kept an eye on > >> top. For maybe 5 or 10 minutes there was no problem, with dnsmasq using > >> very little cpu. Then dnsmasq would start to peak at maybe 20-30% for a > >> couple of seconds before dropping back. Then it would start peaking at > >> higher and higher levels before dropping back. Eventually, after running > >> for maybe half an hour it would start peaking at over 90% and staying > there > >> for longer before dropping back. At this point dns requests would become > >> very slow (and maybe time out). And then dnsmasq would hit 100% cpu and > >> would stay there. Dns requests would time out and only restarting > dnsmasq > >> would fix the problem. The pattern would then start over again. > >> > >> I may be wrong but it doesn't seem that dnsmasq is hitting a bug that > >> suddenly causes it to loop and hog the cpu until it's killed. It seems > to > >> gradually show more and more of the problem before it eventually hogs > 100% > >> cpu and has to be killed. > >> > >> If the problem was caused by dnsmasq being overloaded with requests, is > it > >> likely or possible that 50 clients could put very little load on it but > 100 > >> clients could swamp it? Also, would the problem not show itself as soon > as > >> dnsmasq was restarted rather than showing the gradual increase in peak > >> usage until it hits 100%? > > > > Logs would help. The pattern doesn't look familiar, but if I had to > > guess, I'd say that the problem is DHCP, not DNS. Every change to the > > DHCP lease database causes the file storing it to be re-written, and I > > suspect that's what's eating CPU, in disk wait. > > > > Version of dnsmasq in use would be useful, and a copy of your config (to > > me privately, if you prefer.) > > > > When dnsmasq is running at 100%, try running > > > > strace -p > > > > that will run forever, printing what syscalls are being made, you can > > ctrl-c it after a show while, which will stop strace, but not dnsmasq. > > > > > > Cheers, > > > > > > Simon > > > > > > Chaps, > > Please be aware that the dnsmasq included in tomato is not a clean > 'pull' out of Simon's release but includes some tweaks, mainly to the > lease writing code (where it outputs 'remaining leasetime' rather than > expiry time) There's also a 'helper' function that upon receipt of > SIGUSR1 (or it may be 2 I can't remember) dumps the leasefile in a > tomato specific format so that it may be read & parsed into the 'dhcp > status' page. > > Those changes were 'formalised' by me into IFDEF conditional compilation &
Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router
Thanks for the reply, Simon. DNSSEC isn't enabled. I wonder if the pattern of the problem gives any clues... As I said, on a normal day with around 40-50 clients on the network there is no problem at all with dnsmasq managing to use barely 0 - 2% of the CPU. When the problem occurred there were a little over 100 clients. Running top showed dnsmasq using 100% cpu so I restarted dnsmasq and kept an eye on top. For maybe 5 or 10 minutes there was no problem, with dnsmasq using very little cpu. Then dnsmasq would start to peak at maybe 20-30% for a couple of seconds before dropping back. Then it would start peaking at higher and higher levels before dropping back. Eventually, after running for maybe half an hour it would start peaking at over 90% and staying there for longer before dropping back. At this point dns requests would become very slow (and maybe time out). And then dnsmasq would hit 100% cpu and would stay there. Dns requests would time out and only restarting dnsmasq would fix the problem. The pattern would then start over again. I may be wrong but it doesn't seem that dnsmasq is hitting a bug that suddenly causes it to loop and hog the cpu until it's killed. It seems to gradually show more and more of the problem before it eventually hogs 100% cpu and has to be killed. If the problem was caused by dnsmasq being overloaded with requests, is it likely or possible that 50 clients could put very little load on it but 100 clients could swamp it? Also, would the problem not show itself as soon as dnsmasq was restarted rather than showing the gradual increase in peak usage until it hits 100%? I hope this helps. Any thoughts on this pattern? Cheers David On 24 April 2014 12:41, Simon Kelley wrote: > On 22/04/14 20:04, David Joslin wrote: > > Hi > > > > I have an Asus rt-n16 router running the Shibby version of the Tomato > > firmware which includes dnsmasq version 2.69test3. It's in use in a > > building that frequently has 50+ users on a wireless network and dnsmasq > > has performed extremely well with very little load on the router. > > > > However, we've recently run a couple of conferences in the building and > the > > number of people using the wireless network has been just over 100. > Several > > times there have been problems resolving addresses and when I've looked > at > > the router dnsmasq has been using 100% cpu. Restarting dnsmasq > temporarily > > fixes the problem but it occurs again maybe 20 minutes later. > > > > I've turned off logging, increased the cache-size and the maximum number > of > > dhcp leases (anything I could see that might be a problem with more > users) > > but this hasn't fixed the problem. > > > > I wondered if anyone has come across anything similar or has any > > suggestions? > > > > The first thing is to try and decide which of two possible scenarios ar > happening. The first is that you've triggered a bug in the code and > dnsmasq is looping somewhere without ever getting back to the select() > loop and doing actual work. The second is that it's getting so much work > that it's running out of CPU to do it. > > In the first case, dnsmasq will stop working entirely. Is that > consistent with "problems resolving addresses" or does it still > partially work? Turning off logging is probably counter-productive here, > the logs may have valuable clues. > > > In the second case, DNSSEC is something to worry about. Do you have that > turned on? > > Also, it's possible to arrive at configurations with DNS forwarding > loops where once DNS query gets sent upstream, but somehow ends up back > at the dnsmasq instance that originally forwarded it and then goes round > in circles. It's quite difficult to do this without at least two dnsmasq > instances, but it is possible. > > Finally, logging to a syslog daemon which does its own DNS lookups (to > label logs from remote hosts) can create a collapse: dnsmasq will log > several lines for each DNS query, if each of those lines generates a new > DNS query which has to handled by dnsmasq, it all goes wrong very quickly. > > > Cheers, > > > Simon. > > > > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq using 100% cpu on router
The router isn't being used for wi-fi. We have a Ubiquiti Unifi wi-fi system throughout the building. The router is just routing (and providing dns, dhcp etc). David On 23 April 2014 02:43, Weedy wrote: > > On 22 Apr 2014 15:10, "David Joslin" wrote: > > > > Hi > > > > I have an Asus rt-n16 router running the Shibby version of the Tomato > firmware which includes dnsmasq version 2.69test3. It's in use in a > building that frequently has 50+ users on a wireless network and dnsmasq > has performed extremely well with very little load on the router. > > > > However, we've recently run a couple of conferences in the building and > the number of people using the wireless network has been just over 100. > > Even if you fix this you should look into better hardware. > > 480mhz and broadcom radios at your loads worries the hell out of me. > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] dnsmasq using 100% cpu on router
Hi I have an Asus rt-n16 router running the Shibby version of the Tomato firmware which includes dnsmasq version 2.69test3. It's in use in a building that frequently has 50+ users on a wireless network and dnsmasq has performed extremely well with very little load on the router. However, we've recently run a couple of conferences in the building and the number of people using the wireless network has been just over 100. Several times there have been problems resolving addresses and when I've looked at the router dnsmasq has been using 100% cpu. Restarting dnsmasq temporarily fixes the problem but it occurs again maybe 20 minutes later. I've turned off logging, increased the cache-size and the maximum number of dhcp leases (anything I could see that might be a problem with more users) but this hasn't fixed the problem. I wondered if anyone has come across anything similar or has any suggestions? Thanks David ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DHCP errors with vlans and multiple subnets
Thanks, Simon. The access points are all on vlan 9 (the management vlan). They serve wireless clients on vlans 3, 4 and 5 but they don't have interfaces on these vlans. What's really baffling me is that nothing has changed with the network configuration. I've been through the configuration of the router (with it's dnsmasq dhcp server) and the switches on the network over and over again and I can't find anything that's changed. Each subnet is defined on the router (with dhcp enabled for each subnet) and each vlan is associated with a particular subnet. The way it used to work was this: I simply reserved the IP addresses for the access points on the router (and I can see that these reservations have gone into dnsmasq's dhcp-hosts file) and the access points were given these addresses (on vlan9) when they asked for them - simple! Now, when they request addresses, they are being offered addresses from every vlan apart from vlan 9! And when they request the offered address, dnsmasq pumps out the warning messages that the requested address conflicts with the address in the hosts file. I even disabled the dhcp server on all the subnets apart from that assigned to vlan9 to see if that would force the dhcp server to assign the correct 10.10.99... address but when I did this dnsmasq logged the following messages over and over again: no address range available for DHCP request via br0 no address range available for DHCP request via br1 no address range available for DHCP request via br2 It wouldn't offer a vlan9 address. There appeared to be a simple solution to this which was to assign static IPs to all vlan9 devices (switches, access points). But when I did, DHCP requests from the access points still appeared at the router! This would seem to be a fairly major bug (in the Ubiquti UniFi Wi-Fi system) but I'm wondering if this is in some way related to this problem (I can't think how, though). The access points have only one network interface and don't seem to offer any way to configure client-IDs so I still can't see a solution (apart from reverting everything to factory settings and building it all from scratch again - not something I want to do). If you've got any advice I'd be grateful. Cheers David On 4 March 2014 17:59, Simon Kelley wrote: > So, the same machine, with the same MAC address, seems to be talking to > the dnsmasq DHCP server from (at least) three different subnets > more-or-less simultaneously. This is not good, as the DHCP protocol (for > IPv4, at least) assumes each interface will get _one_ address. Dnsmasq > is chasing its tail, giving the machine one address, then abandoning > that and giving it another, and so on. > > The APs have interfaces on multiple VLANS? If so you need to do one of > two things > > 1) Get them to use different MAC addresses on each distinct VLAN, > 2) Get them to use DHCP client-IDs and ensure that _those_ are distinct. > > As a unique identifier, client-ids override MAC addresses, so you should > be OK leaving the interfaces with a single MAC address if you take the > client-id route. > > Most DHCP clients have a way to configure which client-id they should use. > > > > Cheers, > > Simon. > ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] DHCP errors with vlans and multiple subnets
I have dnsmasq (version 2.69test8-78-g6e0290a) on a router running the tomato firmware (and I hope it's OK to post questions about such a router here). My network is split into several vlans, each with its own subnet, and one of the vlans has several wi-fi access points which obtain their IP addresses from the router using DHCP. The access points all have entries in the dhcp-hosts file reserving certain IP addresses for them. Up till recently everything was working fine - the access points always picked up the correct addresses. However, something weird is now happening. When the access points now request addresses, dnsmasq is offering addresses from the other subnets and isn't offering the addresses reserved in dhcp-hosts. Dnsmasq then logs an error saying that the offered address conflicts with the address recorded in the hosts file. The messages from the log are shown below. I've checked over and over again and I can't find anything that's changed in the configuration of the network or router and I can't work out what's causing this. Any help would be gratefully received. Thanks. David DHCPDISCOVER(br0) dc:9f:db:e8:98:b8 DHCPOFFER(br0) 10.10.10.153 dc:9f:db:e8:98:b8 DHCPDISCOVER(br1) dc:9f:db:e8:98:b8 DHCPOFFER(br1) 10.10.20.154 dc:9f:db:e8:98:b8 DHCPDISCOVER(br2) dc:9f:db:e8:98:b8 DHCPOFFER(br2) 10.10.30.153 dc:9f:db:e8:98:b8 DHCPREQUEST(br0) 10.10.10.153 dc:9f:db:e8:98:b8 DHCPACK(br0) 10.10.10.153 dc:9f:db:e8:98:b8 Room4UAP not giving name Room4UAP to the DHCP lease of 10.10.10.153 because the name exists in /etc/dnsmasq/hosts/hosts with address 10.10.99.22 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
