Re: [Dnsmasq-discuss] DHCPv6 with IPv4 address in last 32 bits of IPv6 address: ideas?
Am Tue, 21 Apr 2020 15:58:25 +0200 schrieb "William Edwards" : > Ideas are welcome. You did not say how hosts are identified, nor did you say why exactly addresses matter in your setup. If it is done based on their MAC addresses, just give each host a name. host-record=hostname,hostname.${dns_domain},${ipv4},${ipv6_prefix}::0323:45ff:feab:cdef dhcp-host=01:23:45:ab:cd:ef,set:hostname,hostname,216000 After all this project is called DNSmasq, not DHCPmasq... Olaf pgpzJJQmKL2eN.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] lease time affects ipv6 prefix life time
I have this in dnsmas.conf to advertise the current ipv6 prefix: dhcp-range=::,constructor:${interface},slaac,ra-names,64,${lease_time} enable-ra If the prefix gets changed, dnsmasq starts to announce the new prefix, but it keeps announcing the old one (as deprecated) as well for a while. I wonder why the value of ${lease_time} is not used verbatim? It is forced to be at least 120, which might be fine for real DHCP. In practice this means a stale and unusable prefix is announced as "valid = 120, preferred = 0" for about two minutes. It seems clients can cope with it. Still, I would like to zap the old prefix "instantly" with lease_time=1. Olaf pgpyWw4ZnebZr.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] lease time affects ipv6 prefix life time
Am Thu, 21 May 2020 15:16:49 +0200 schrieb Geert Stappers : > On Mon, May 04, 2020 at 03:51:58PM +0200, Olaf Hering wrote: > > dhcp-range=::,constructor:${interface},slaac,ra-names,64,${lease_time} > > I wonder why the value of ${lease_time} is not used verbatim? > I don't understand that question. What is unclear about it? I think to fix this issue, this test in src/option.c must be skipped for certain IPv6 configurations: 3231 if (new->lease_time < 120) 3232 new->lease_time = 120; Olaf pgpRVrLYtkcm1.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Static leases issues
Am Mon, 8 Jun 2020 18:18:16 +0200 schrieb Bruno BEAUFILS : > am I struggling with some kind of bug? The behavior you are seen is caused by the fact that DHCP is an overly complicated crap protocol. To get this fixed quickly, remove the lease both from the client file-system and from the dnsmasq lease database. One would think that an assignment of an IP to a MAC in the configuration file must be the authoritative source of knowledge about the local network, and the server must just serve that knowledge no matter what. But both ISC dhcpd and dnsmasq rather do what the client is asking for, instead of following the rules of the network admin. dnsmasq has the "dhcp-authoritative" option, which at a first glance sounds like the right knob to override such weird behavior. But reading the description, it may also not do what you are asking for. Good luck. Olaf pgphw1hbRjo94.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Static leases issues
Am Mon, 29 Jun 2020 15:45:16 +0100 schrieb Simon Kelley : > the DHCP server has to comply I think this is the question: comply to what? Clearly the DHCP admin is the _only_ authority to decide which MAC gets what IP address, the DHCP client is only allowed to make suggestions. As such every DHCP server has to follow the source of authority, it should rather not follow what is written in some silly RFC. (I assume the implemented behavior comes from some RFC, not from real life expectations) It might well be that the IP for the DHCP client will change in the future, once the lease expires. Why would it matter if the client gets the expected IP address "now" rather than "later"? Olaf pgpwjJzlRxHAs.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address
Am Thu, 23 Jul 2020 10:35:45 +0200 schrieb Pali Rohár : > If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF > must be assigned IPv6 address FD::1 then user would expect that host > with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1. In a world where a DHCP client has more power than the network admin, this is all wishful thinking. Clearly dnsmasq could serve real life instead of following some weird RFCs... Olaf pgpVal0R8hUvn.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq keepalive or RasberryPi?
Am Wed, 19 Aug 2020 07:06:31 -0600 schrieb Michael Walter : > service dnsmasq restart See systemd.service(5) "Restart=" for details. Olaf pgpawE8qRQKah.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] syntax for cname= unclear
The dnsmasq man page has no specific example for cname=, it is unclear what target really has to be. A more specific example exists for host-record=. With the config snippet below the cnames are not known. Commands like 'host cname1 $ip_of_dnsmasq_host' work, but 'host cname1.dnsdomain $ip_of_dnsmasq_host' returns NXDOMAIN. Is the used syntax for "cname=" correct? This happens with dnsmasq 2.78, which can not be easily upgraded. Thanks, Olaf log-facility=/var/log/dnsmasq.log interface=LAN cache-size=150 domain=dnsdomain,172.16.0.0/16,local resolv-file=/etc/resolv.conf.dhclient-UPLINK conf-file=/path-to/host-records.conf host-record=hostname,hostname.dnsdomain,172.16.0.2,fd00:172:16::0323:45ff:feab:cdef dhcp-host=01:23:45:ab:cd:ef,set:hostname,hostname,216000 cname=cname1,hostname cname=cname1.dnsdomain,hostname.dnsdomain cname=cname2,hostname cname=cname2.dnsdomain,hostname.dnsdomain pgpPAMXBW5oF0.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Is there a way to run dnsmasq in safe mode (no-fail)?
Am Sun, 23 May 2021 22:25:28 +0200 schrieb Geert Stappers via Dnsmasq-discuss : > I learnt it is already implemented It is not. What they implemented, probably by doing copy&paste from sysv, does not help at all. There is zero need to run dnsmasq --test in this context, dnsmasq will fail either way. It might be that --test shows more helpful diagnostic, but according to dnsmasq(8) this is apparently not the case. A 'systemctl restart dnsmasq.service' will stop the daemon, then try to run ExecStartPre, which may fail. As a result the service will not run, and the service will not be provided anymore. What the OP was likely asking for is a way to have a verification prior the service is stopped. If that verification fails, the service must remain active in its current state. This is certainly offtopic for this list. Instead it should be suggested as a new feature to the systemd developers - because it affects every service that can verify the configuration. I'm sure this idea came up before, not sure why systemd does not offer such a reliability feature already. Olaf pgp3Vuv9aye8T.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] Add nftables set support
On Sun, Aug 22, Chen Zhenge via Dnsmasq-discuss wrote: > +++ b/Makefile > +nft_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_NFTSET > $(PKG_CONFIG) --libs libnftables` This change lacks pkg-config --cflags, like all the other existing pkg-config calls already have. Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] [PATCH v1] remove stale contrib/Suse
dnsmasq is included in SUSE Linux since 2004. Signed-off-by: Olaf Hering --- contrib/Suse/README | 6 -- contrib/Suse/README.susefirewall | 27 contrib/Suse/dnsmasq-SuSE.patch | 23 --- contrib/Suse/dnsmasq-suse.spec | 111 --- contrib/Suse/rc.dnsmasq-suse | 79 -- 5 files changed, 246 deletions(-) delete mode 100644 contrib/Suse/README delete mode 100644 contrib/Suse/README.susefirewall delete mode 100644 contrib/Suse/dnsmasq-SuSE.patch delete mode 100644 contrib/Suse/dnsmasq-suse.spec delete mode 100644 contrib/Suse/rc.dnsmasq-suse diff --git a/contrib/Suse/README b/contrib/Suse/README deleted file mode 100644 index 3fdc186..000 --- a/contrib/Suse/README +++ /dev/null @@ -1,6 +0,0 @@ -This packaging is now unmaintained in the dnsmasq source: dnsmasq is -included in Suse proper, and up-to-date packages are now available -from - -ftp://ftp.suse.com/pub/people/ug/ - diff --git a/contrib/Suse/README.susefirewall b/contrib/Suse/README.susefirewall deleted file mode 100644 index 0b94108..000 --- a/contrib/Suse/README.susefirewall +++ /dev/null @@ -1,27 +0,0 @@ -This is a patch against SuSEfirewall2-3.1-206 (SuSE 9.x and older) -It fixes the dependency from the dns daemon name 'named' -After appending the patch, the SuSEfirewall is again able to autodetect -the dnsmasq named service. -This is a very old bug in the SuSEfirewall script. -The SuSE people think the name of the dns server will always 'named' - - /sbin/SuSEfirewall2.orig 2004-01-23 13:30:09.0 +0100 -+++ /sbin/SuSEfirewall22004-01-23 13:31:56.0 +0100 -@@ -764,7 +764,7 @@ - echo 'FW_ALLOW_INCOMING_HIGHPORTS_UDP should be set to yes, if you are running a DNS server!' - - test "$FW_SERVICE_AUTODETECT" = yes -o "$FW_SERVICE_AUTODETECT" = dmz -o "$FW_SERVICE_AUTODETECT" = ext && { --test "$FW_SERVICE_DNS" = no -a '!' "$START_NAMED" = no && check_srv named && { -+test "$FW_SERVICE_DNS" = no -a '!' "$START_NAMED" = no && check_srv dnsmasq && { - echo -e 'Warning: detected activated named, enabling FW_SERVICE_DNS! - You still have to allow tcp/udp port 53 on internal, dmz and/or external.' - FW_SERVICE_DNS=$FW_SERVICE_AUTODETECT -@@ -878,7 +878,7 @@ - test -e /etc/resolv.conf || echo "Warning: /etc/resolv.conf not found" - # Get ports/IP bindings of NAMED/SQUID - test "$FW_SERVICE_DNS" = yes -o "$FW_SERVICE_DNS" = dmz -o "$FW_SERVICE_DNS" = ext -o "$START_NAMED" = yes && DNS_PORT=`$LSOF -i -n -P | \ --$AWK -F: '/^named .* UDP / {print $2}'| $GREP -vw 53 | $SORT -un` -+$AWK -F: '/^dnsmasq .* UDP / {print $2}'| $GREP -vw 53 | $SORT -un` - test "$FW_SERVICE_SQUID" = yes -o "$FW_SERVICE_SQUID" = dmz -o "$FW_SERVICE_SQUID" = ext -o "$START_SQUID" = yes && SQUID_PORT=`$LSOF -i -n -P | \ - $AWK -F: '/^squid .* UDP/ {print $2}'| $SORT -un` diff --git a/contrib/Suse/dnsmasq-SuSE.patch b/contrib/Suse/dnsmasq-SuSE.patch deleted file mode 100644 index 626245f..000 --- a/contrib/Suse/dnsmasq-SuSE.patch +++ /dev/null @@ -1,23 +0,0 @@ man/dnsmasq.8 2004-08-08 20:57:56.0 +0200 -+++ man/dnsmasq.8 2004-08-12 00:40:01.0 +0200 -@@ -69,7 +69,7 @@ - .TP - .B \-g, --group= - Specify the group which dnsmasq will run --as. The defaults to "dip", if available, to facilitate access to -+as. The defaults to "dialout", if available, to facilitate access to - /etc/ppp/resolv.conf which is not normally world readable. - .TP - .B \-v, --version src/config.h 2004-08-11 11:39:18.0 +0200 -+++ src/config.h 2004-08-12 00:40:01.0 +0200 -@@ -44,7 +44,7 @@ - #endif - #define DEFLEASE 3600 /* default lease time, 1 hour */ - #define CHUSER "nobody" --#define CHGRP "dip" -+#define CHGRP "dialout" - #define DHCP_SERVER_PORT 67 - #define DHCP_CLIENT_PORT 68 - - diff --git a/contrib/Suse/dnsmasq-suse.spec b/contrib/Suse/dnsmasq-suse.spec deleted file mode 100644 index ff8ba8f..000 --- a/contrib/Suse/dnsmasq-suse.spec +++ /dev/null @@ -1,111 +0,0 @@ -### -# -# General -# -### - -Name: dnsmasq -Version: 2.33 -Release: 1 -Copyright: GPL -Group: Productivity/Networking/DNS/Servers -Vendor: Simon Kelley -Packager: Simon Kelley -URL: http://www.thekelleys.org.uk/dnsmasq -Provides: dns_daemon -Conflicts: bind bind8 bind9 -PreReq: %fillup_prereq %insserv_prereq -Autoreqprov: on -Source0: %{name}-%{version}.tar.bz2 -BuildRoot: /var/tmp/%{name}-%{version} -Summ
Re: [Dnsmasq-discuss] DNS from dhcp-host while client is offline
On Sun, Oct 03, Alkis Georgopoulos wrote: > Is there any way for dnsmasq to put all the dhcp-hosts into its DNS view > even when these clients are offline? Maybe you asking for this: dnsdomain=home.arpa hostname=esprimo MAC=00:a0:d1:c8:8e:cb ipv4=172.16.0.6 ipv6=fd00:172:16::02a0:d1ff:fec8:8ecb tee -a dnsmasq.conf <<_EOF_ host-record=${hostname}.${dnsdomain},${ipv4},${ipv6},123 dhcp-host=${MAC},id:*,set:${hostname},${ipv4},${hostname},216000 _EOF_ Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Bug while using address=//::
On Thu, Oct 07, Simon Kelley wrote: > --filter-A and --filter- options, these drop IPv4 and IPv6 ANSWERS, Did you consider an option to filter them per interface or server? Like server=/${dnsdomain}/${ip}/no-{A,} Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] DNS from dhcp-host while client is offline
Am Fri, 8 Oct 2021 19:02:31 +0300 schrieb Alkis Georgopoulos : > yeah I too settled for a sed command Sorry, I do not use sed or anything. If the MAC/ip/hostname triple is know in advance, create a static config file with host-record= and dhcp-host=. Sorry if that was unclear. But if you have a solution that you understand and that appears to work for you, go for it. Olaf pgpCglnakvYTG.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] extend filter-A to filter specific domains
Hello, currently a large email provider broke his configuration and is unusable with IPv6 since a week. Capable users quickly discovered the required workarounds, like entirely disabling IPv6 on the clients for the time being. One client application has an interesting feature, which allows to ignore responses for a specific domain during DNS lookup. This allows it to continue with IPv6 for other connections, and use IPv4 only for such DNS domains. Unfortunately dnsmasq apparently lacks such feature. Since 2.87 the option 'filter-A' and 'filter-' exist, but this affects all queries. What are the chances to implement something like 'filter-[=dom.tld]', to remove records for the specified domain? There seems to be such concept already for other options, such as 'server='. Thanks, Olaf pgp__TFAcXlxk.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] [PATCH v1] Fix dependency in make install target
The make target 'install-common' expects results from the target 'all'. A 'make -j install' may fail because both targets are brought up-to-todate in parallel. As a result the final binary will not exist at the time 'install-common' runs, because 'all' is not yet done. Adjust the dependencies to update 'all' before processing 'install-common'. Signed-off-by: Olaf Hering --- Makefile | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Makefile b/Makefile index 48e8d3b..f279339 100644 --- a/Makefile +++ b/Makefile @@ -105,9 +105,9 @@ clean : mostly_clean rm -f core */core rm -f *~ contrib/*/*~ */*~ -install : all install-common +install : install-common -install-common : +install-common : all $(INSTALL) -d $(DESTDIR)$(BINDIR) $(INSTALL) -d $(DESTDIR)$(MANDIR)/man8 $(INSTALL) -m 644 $(MAN)/dnsmasq.8 $(DESTDIR)$(MANDIR)/man8 ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] serving EFI and traditional BIOS at the same time
In my network a Fritzbox is serving DHCP to clients, and my workstation runs dnsmasq as a proxy. This is working for the traditional PC BIOS: dhcp-range=192.168.2.0,proxy dhcp-boot=pxelinux.0 pxe-service=x86PC,"x86PC: Automatic Network boot from ProBook",pxelinux enable-tftp tftp-root=/tftpboot One of the hosts is Windows Server 2012R2 which provides, in addtion to Generation1 VMs, also Generation2 VMs with an EFI firmware. How should the config look like to offer PXE to old and new VM types at the same time? I cant figure out how to boot EFI at all. I tried this in the config, but that does not work: dhcp-boot=syslinux.efi pxe-service=BC_EFI,"PXE BC_EFI",syslinux.efi This is the request from a Gen2 VM, looks like it does not like the response: Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 available DHCP subnet: 192.168.2.0/255.255.255.0 Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 vendor class: PXEClient:Arch:7::?? Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 PXE(en0) 00:15:5d:63:45:22 proxy Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 tags: en0 Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 bootfile name: syslinux.efi Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 broadcast response Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 1 option: 53 message-type 2 Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 4 option: 54 server-identifier 192.168.2.100 Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 9 option: 60 vendor-class 50:58:45:43:6c:69:65:6e:74 Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 17 option: 97 client-machine-id 00:86:3b:f4:dc:16:44:3c:4b:a1:33:e3:dc:16... Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 34 option: 43 vendor-encap 06:01:03:0a:04:00:50:58:45:08:07:80:01:01... Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 available DHCP subnet: 192.168.2.0/255.255.255.0 Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 vendor class: PXEClient:Arch:7::?? Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 PXE(en0) 00:15:5d:63:45:22 proxy Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 tags: en0 Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 bootfile name: syslinux.efi Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 broadcast response Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 1 option: 53 message-type 2 Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 4 option: 54 server-identifier 192.168.2.100 Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 9 option: 60 vendor-class 50:58:45:43:6c:69:65:6e:74 Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 17 option: 97 client-machine-id 00:86:3b:f4:dc:16:44:3c:4b:a1:33:e3:dc:16... Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 34 option: 43 vendor-encap 06:01:03:0a:04:00:50:58:45:08:07:80:01:01... Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] serving EFI and traditional BIOS at the same time
On Tue, Feb 18, Olaf Hering wrote: > How should the config look like to offer PXE to old and new VM types at > the same time? At least the separation appears to work like that: dhcp-match=x86PC, option:client-arch, 0 dhcp-match=BC_EFI, option:client-arch, 7 dhcp-boot=tag:x86PC,pxelinux.0 dhcp-boot=tag:BC_EFI,syslinux.efi pxe-service=tag:x86PC,x86PC,"x86PC boot msg",pxelinux pxe-service=tag:BC_EFI,BC_EFI,"BC_EFI boot msg",syslinux.efi But that does not fix EFI boot, yet. Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] serving EFI and traditional BIOS at the same time
On Tue, Feb 18, Olaf Hering wrote: > On Tue, Feb 18, Olaf Hering wrote: > > > How should the config look like to offer PXE to old and new VM types at > > the same time? > > At least the separation appears to work like that: > > dhcp-match=x86PC, option:client-arch, 0 > dhcp-match=BC_EFI, option:client-arch, 7 > dhcp-boot=tag:x86PC,pxelinux.0 > dhcp-boot=tag:BC_EFI,syslinux.efi > pxe-service=tag:x86PC,x86PC,"x86PC boot msg",pxelinux > pxe-service=tag:BC_EFI,BC_EFI,"BC_EFI boot msg",syslinux.efi > > But that does not fix EFI boot, yet. Actually the above works if dnsmasq does not act as a DHCP proxy. For some reason the EFI firmware does not handle that well. In an isolated environment the EFI files are handed out properly to the client. One thing remains: how should the mixed environment be documented? Its not clear by reading the docs or the example config file. Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] how to track changes for a given hostname
My dnsmasq sometimes forgets the hostname of one of my boxes. I wonder how to track that without tweaking the source? My reconnect script reports: ... ssh: connect to host optiplex port 22: Connection refused rc '255'. root@optiplex @ Fr 30. Mai 11:27:43 CEST 2014 ssh: connect to host optiplex port 22: Connection refused rc '255'. root@optiplex @ Fr 30. Mai 11:29:01 CEST 2014 ssh: Could not resolve hostname optiplex: Name or service not known rc '255'. root@optiplex @ Fr 30. Mai 11:30:20 CEST 2014 ssh: Could not resolve hostname optiplex: Name or service not known rc '255'. root@optiplex @ Fr 30. Mai 11:31:40 CEST 2014 ... My setup is like this: * A FritzBox 7360, which acts as DHCP and DNS server. * My Workststation running openSUSE 11.4, with dnsmasq-2.70, it acts as DNS for localhost and as DHCP proxy to provide TFTP to other hosts. Compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC * A Testhost named optiplex. It is reachable with IPv4 and IPv6. When the failure above happens, my workstation fails to resolve optiplex. Restarting dnsmasq helps. olaf@probook:~ $ host optiplex olaf@probook:~ $ host optiplex fritz.box Using domain server: Name: fritz.box Address: fd00::a96:d7ff:feb1:1e3d#53 Aliases: optiplex.fritz.box has address 192.168.2.102 optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a olaf@probook:~ $ host optiplex 192.168.2.1 Using domain server: Name: 192.168.2.1 Address: 192.168.2.1#53 Aliases: optiplex.fritz.box has address 192.168.2.102 optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a olaf@probook:~ $ olaf@probook:~ $ sudo su - root's password: root@probook:~ # rcdnsmasq restart Shutting name service masq caching server done Starting name service masq caching server done root@probook:~ # logout olaf@probook:~ $ host optiplex optiplex.fritz.box has address 192.168.2.102 optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a olaf@probook:~ $ host optiplex fritz.box Using domain server: Name: fritz.box Address: fd00::a96:d7ff:feb1:1e3d#53 Aliases: optiplex.fritz.box has address 192.168.2.102 optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397 optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a olaf@probook:~ $ How can I find out why optiplex fails to resolve? Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] how to track changes for a given hostname
On Sun, Jun 01, Simon Kelley wrote: > > How can I find out why optiplex fails to resolve? > Look at --dhcp-script in the man page. A very simple script which logs > argv and the environment to a file should provide you with information > about the comings and going of DHCP leases. localhost does not serve DHCP, it just acts as proxy. In my testing the script does not seem to provide a hint why optiplex fails to resolve. The script is only called for tftp. I can poke at this some more end of next week. Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] question about the host-record= example
I have several host-record=$name,$name.$domain,$ip4,$ip6 lines in my dnsmasq 2.62 conf file. Today I realized that "host $ip4" resolves to just "${name}.", but I was expecting "${name}.${domain}.". So I removed the "$name," part and get now the full name. I wonder why the example in the host-record= lists both? When is laptop used, and when is laptop.thekellys.org used? Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] question about the host-record= example
On Wed, Nov 18, Olaf Hering wrote: > I wonder why the example in the host-record= lists both? Any answer to that question? Olaf ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Extension to hosts-dir and dhcohosts-dir
On Thu, Feb 08, Kurt H Maier wrote: > You should fix the editor; that behavior is dangerous for other reasons, > similar to the ones outlined here: > http://openwall.com/lists/oss-security/2017/11/27/2 This talks about apples, while Andy talks about oranges. Fix "$dnsmasq" to process only files intended for "$dnsmasq". Olaf signature.asc Description: PGP signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] DHCP option 121, handling of interface address
I had to add DHCP option 121 to server an extra network to the clients in case one of the clients has to use USB tethering via the mobile phone. Therefore I added this line, and all is (almost) fine: dhcp-option=option:classless-static-route,$other_local_net/24,$interface_IP But it is not possible to set $interface_IP to 0.0.0.0 to indicate that dnsmasq should put in the IPv4 address of the interface from which it serves the DHCP requests. This is done for a few other DHCP options like default-router, TFTP server and the like. Is this just an oversight, or would there be any downside in handling the "wildcard" in "classless-static-route"? Olaf pgp6fgDXz7HHd.pgp Description: Digitale Signatur von OpenPGP ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss