Re: [Dnsmasq-discuss] DHCPv6 with IPv4 address in last 32 bits of IPv6 address: ideas?

2020-04-22 Thread Olaf Hering 
Am Tue, 21 Apr 2020 15:58:25 +0200
schrieb "William Edwards" :

> Ideas are welcome.

You did not say how hosts are identified, nor did you say why exactly addresses 
matter in your setup.
If it is done based on their MAC addresses, just give each host a name.

host-record=hostname,hostname.${dns_domain},${ipv4},${ipv6_prefix}::0323:45ff:feab:cdef
dhcp-host=01:23:45:ab:cd:ef,set:hostname,hostname,216000

After all this project is called DNSmasq, not DHCPmasq...

Olaf


pgpzJJQmKL2eN.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] lease time affects ipv6 prefix life time

2020-05-04 Thread Olaf Hering 
I have this in dnsmas.conf to advertise the current ipv6 prefix:

dhcp-range=::,constructor:${interface},slaac,ra-names,64,${lease_time}
enable-ra

If the prefix gets changed, dnsmasq starts to announce the new prefix, but it 
keeps announcing the old one (as deprecated) as well for a while.

I wonder why the value of ${lease_time} is not used verbatim? It is forced to 
be at least 120, which might be fine for real DHCP. In practice this means a 
stale and unusable prefix is announced as "valid = 120, preferred = 0" for 
about two minutes. It seems clients can cope with it. Still, I would like to 
zap the old prefix "instantly" with lease_time=1.

Olaf


pgpyWw4ZnebZr.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] lease time affects ipv6 prefix life time

2020-05-21 Thread Olaf Hering 
Am Thu, 21 May 2020 15:16:49 +0200
schrieb Geert Stappers :

> On Mon, May 04, 2020 at 03:51:58PM +0200, Olaf Hering wrote:
> > dhcp-range=::,constructor:${interface},slaac,ra-names,64,${lease_time}
> > I wonder why the value of ${lease_time} is not used verbatim?  
> I don't understand that question.

What is unclear about it?

I think to fix this issue, this test in src/option.c must be skipped for 
certain IPv6 configurations:

3231 if (new->lease_time < 120)
3232   new->lease_time = 120;


Olaf


pgpRVrLYtkcm1.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Static leases issues

2020-06-10 Thread Olaf Hering 
Am Mon, 8 Jun 2020 18:18:16 +0200
schrieb Bruno BEAUFILS :

> am I struggling with some kind of bug?

The behavior you are seen is caused by the fact that DHCP is an overly 
complicated crap protocol. To get this fixed quickly, remove the lease both 
from the client file-system and from the dnsmasq lease database.

One would think that an assignment of an IP to a MAC in the configuration file 
must be the authoritative source of knowledge about the local network, and the 
server must just serve that knowledge no matter what. But both ISC dhcpd and 
dnsmasq rather do what the client is asking for, instead of following the rules 
of the network admin.

dnsmasq has the "dhcp-authoritative" option, which at a first glance sounds 
like the right knob to override such weird behavior. But reading the 
description, it may also not do what you are asking for.

Good luck.

Olaf


pgphw1hbRjo94.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Static leases issues

2020-06-30 Thread Olaf Hering 
Am Mon, 29 Jun 2020 15:45:16 +0100
schrieb Simon Kelley :

> the DHCP server has to comply

I think this is the question: comply to what?

Clearly the DHCP admin is the _only_ authority to decide which MAC gets what IP 
address, the DHCP client is only allowed to make suggestions. As such every 
DHCP server has to follow the source of authority, it should rather not follow 
what is written in some silly RFC. (I assume the implemented behavior comes 
from some RFC, not from real life expectations)

It might well be that the IP for the DHCP client will change in the future, 
once the lease expires. Why would it matter if the client gets the expected IP 
address "now" rather than "later"?


Olaf


pgpwjJzlRxHAs.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH v2] DHCPv6: Honor assigning IPv6 address based on MAC address

2020-07-23 Thread Olaf Hering 
Am Thu, 23 Jul 2020 10:35:45 +0200
schrieb Pali Rohár :

> If user set in configure file that for MAC address AB:CD:EF:AB:CD:EF
> must be assigned IPv6 address FD::1 then user would expect that host
> with address AB:CD:EF:AB:CD:EF would get IPv6 address FD::1.

In a world where a DHCP client has more power than the network admin,
this is all wishful thinking. Clearly dnsmasq could serve real life
instead of following some weird RFCs...


Olaf


pgpVal0R8hUvn.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] dnsmasq keepalive or RasberryPi?

2020-08-19 Thread Olaf Hering 
Am Wed, 19 Aug 2020 07:06:31 -0600
schrieb Michael Walter :

> service dnsmasq restart

See systemd.service(5) "Restart=" for details.

Olaf


pgpawE8qRQKah.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] syntax for cname= unclear

2020-09-17 Thread Olaf Hering 
The dnsmasq man page has no specific example for cname=, it is unclear what 
target really has to be. A more specific example exists for host-record=.

With the config snippet below the cnames are not known. Commands like 'host 
cname1 $ip_of_dnsmasq_host' work, but 'host cname1.dnsdomain 
$ip_of_dnsmasq_host' returns NXDOMAIN. Is the used syntax for "cname=" correct?

This happens with dnsmasq 2.78, which can not be easily upgraded.

Thanks,
Olaf

log-facility=/var/log/dnsmasq.log
interface=LAN
cache-size=150
domain=dnsdomain,172.16.0.0/16,local
resolv-file=/etc/resolv.conf.dhclient-UPLINK
conf-file=/path-to/host-records.conf

host-record=hostname,hostname.dnsdomain,172.16.0.2,fd00:172:16::0323:45ff:feab:cdef
dhcp-host=01:23:45:ab:cd:ef,set:hostname,hostname,216000
cname=cname1,hostname
cname=cname1.dnsdomain,hostname.dnsdomain
cname=cname2,hostname
cname=cname2.dnsdomain,hostname.dnsdomain


pgpPAMXBW5oF0.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Is there a way to run dnsmasq in safe mode (no-fail)?

2021-05-27 Thread Olaf Hering 
Am Sun, 23 May 2021 22:25:28 +0200
schrieb Geert Stappers via Dnsmasq-discuss 
:

>  I learnt it is already implemented

It is not. What they implemented, probably by doing copy&paste from sysv, does 
not help at all. There is zero need to run dnsmasq --test in this context, 
dnsmasq will fail either way. It might be that --test shows more helpful 
diagnostic, but according to dnsmasq(8) this is apparently not the case.

A 'systemctl restart dnsmasq.service' will stop the daemon, then try to run 
ExecStartPre, which may fail. As a result the service will not run, and the 
service will not be provided anymore.


What the OP was likely asking for is a way to have a verification prior the 
service is stopped. If that verification fails, the service must remain active 
in its current state.

This is certainly offtopic for this list. Instead it should be suggested as a 
new feature to the systemd developers - because it affects every service that 
can verify the configuration. I'm sure this idea came up before, not sure why 
systemd does not offer such a reliability feature already.


Olaf


pgp3Vuv9aye8T.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] [PATCH] Add nftables set support

2021-09-29 Thread Olaf Hering 
On Sun, Aug 22, Chen Zhenge via Dnsmasq-discuss wrote:

> +++ b/Makefile
> +nft_libs = `echo $(COPTS) | $(top)/bld/pkg-wrapper HAVE_NFTSET 
> $(PKG_CONFIG) --libs libnftables` 

This change lacks pkg-config --cflags, like all the other existing pkg-config 
calls already have.

Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] [PATCH v1] remove stale contrib/Suse

2021-09-29 Thread Olaf Hering 
dnsmasq is included in SUSE Linux since 2004.

Signed-off-by: Olaf Hering 
---
 contrib/Suse/README  |   6 --
 contrib/Suse/README.susefirewall |  27 
 contrib/Suse/dnsmasq-SuSE.patch  |  23 ---
 contrib/Suse/dnsmasq-suse.spec   | 111 ---
 contrib/Suse/rc.dnsmasq-suse |  79 --
 5 files changed, 246 deletions(-)
 delete mode 100644 contrib/Suse/README
 delete mode 100644 contrib/Suse/README.susefirewall
 delete mode 100644 contrib/Suse/dnsmasq-SuSE.patch
 delete mode 100644 contrib/Suse/dnsmasq-suse.spec
 delete mode 100644 contrib/Suse/rc.dnsmasq-suse

diff --git a/contrib/Suse/README b/contrib/Suse/README
deleted file mode 100644
index 3fdc186..000
--- a/contrib/Suse/README
+++ /dev/null
@@ -1,6 +0,0 @@
-This packaging is now unmaintained in the dnsmasq source: dnsmasq is
-included in Suse proper, and up-to-date packages are now available
-from 
-
-ftp://ftp.suse.com/pub/people/ug/
-
diff --git a/contrib/Suse/README.susefirewall b/contrib/Suse/README.susefirewall
deleted file mode 100644
index 0b94108..000
--- a/contrib/Suse/README.susefirewall
+++ /dev/null
@@ -1,27 +0,0 @@
-This is a patch against SuSEfirewall2-3.1-206 (SuSE 9.x and older)
-It fixes the dependency from the dns daemon name 'named'
-After appending the patch, the SuSEfirewall is again able to autodetect 
-the dnsmasq named service.
-This is a very old bug in the SuSEfirewall script.
-The SuSE people think the name of the dns server will always 'named'
-
-
 /sbin/SuSEfirewall2.orig   2004-01-23 13:30:09.0 +0100
-+++ /sbin/SuSEfirewall22004-01-23 13:31:56.0 +0100
-@@ -764,7 +764,7 @@
- echo 'FW_ALLOW_INCOMING_HIGHPORTS_UDP should be set to yes, if you are 
running a DNS server!'
- 
- test "$FW_SERVICE_AUTODETECT" = yes -o "$FW_SERVICE_AUTODETECT" = dmz -o 
"$FW_SERVICE_AUTODETECT" = ext && {
--test "$FW_SERVICE_DNS" = no -a '!' "$START_NAMED" = no && check_srv named 
&& {
-+test "$FW_SERVICE_DNS" = no -a '!' "$START_NAMED" = no && check_srv 
dnsmasq && {
-   echo -e 'Warning: detected activated named, enabling FW_SERVICE_DNS!
- You still have to allow tcp/udp port 53 on internal, dmz and/or external.'
-   FW_SERVICE_DNS=$FW_SERVICE_AUTODETECT
-@@ -878,7 +878,7 @@
- test -e /etc/resolv.conf || echo "Warning: /etc/resolv.conf not found"
- # Get ports/IP bindings of NAMED/SQUID
- test "$FW_SERVICE_DNS" = yes -o "$FW_SERVICE_DNS" = dmz -o "$FW_SERVICE_DNS" 
= ext -o "$START_NAMED" = yes && DNS_PORT=`$LSOF -i -n -P | \
--$AWK -F: '/^named .* UDP / {print $2}'| $GREP -vw 53 | $SORT -un`
-+$AWK -F: '/^dnsmasq .* UDP / {print $2}'| $GREP -vw 53 | $SORT -un`
- test "$FW_SERVICE_SQUID" = yes -o "$FW_SERVICE_SQUID" = dmz -o 
"$FW_SERVICE_SQUID" = ext -o "$START_SQUID" = yes && SQUID_PORT=`$LSOF -i -n -P 
| \
- $AWK -F: '/^squid .* UDP/ {print $2}'| $SORT -un`
diff --git a/contrib/Suse/dnsmasq-SuSE.patch b/contrib/Suse/dnsmasq-SuSE.patch
deleted file mode 100644
index 626245f..000
--- a/contrib/Suse/dnsmasq-SuSE.patch
+++ /dev/null
@@ -1,23 +0,0 @@
 man/dnsmasq.8  2004-08-08 20:57:56.0 +0200
-+++ man/dnsmasq.8  2004-08-12 00:40:01.0 +0200
-@@ -69,7 +69,7 @@
- .TP
- .B \-g, --group= 
- Specify the group which dnsmasq will run
--as. The defaults to "dip", if available, to facilitate access to
-+as. The defaults to "dialout", if available, to facilitate access to
- /etc/ppp/resolv.conf which is not normally world readable.
- .TP
- .B \-v, --version
 src/config.h   2004-08-11 11:39:18.0 +0200
-+++ src/config.h   2004-08-12 00:40:01.0 +0200
-@@ -44,7 +44,7 @@
- #endif
- #define DEFLEASE 3600 /* default lease time, 1 hour */
- #define CHUSER "nobody"
--#define CHGRP "dip"
-+#define CHGRP "dialout"
- #define DHCP_SERVER_PORT 67
- #define DHCP_CLIENT_PORT 68
- 
-
diff --git a/contrib/Suse/dnsmasq-suse.spec b/contrib/Suse/dnsmasq-suse.spec
deleted file mode 100644
index ff8ba8f..000
--- a/contrib/Suse/dnsmasq-suse.spec
+++ /dev/null
@@ -1,111 +0,0 @@
-###
-#
-# General
-#
-###
-
-Name: dnsmasq
-Version: 2.33
-Release: 1
-Copyright: GPL
-Group: Productivity/Networking/DNS/Servers
-Vendor: Simon Kelley
-Packager: Simon Kelley
-URL: http://www.thekelleys.org.uk/dnsmasq
-Provides: dns_daemon
-Conflicts: bind bind8 bind9
-PreReq: %fillup_prereq %insserv_prereq
-Autoreqprov: on
-Source0: %{name}-%{version}.tar.bz2
-BuildRoot: /var/tmp/%{name}-%{version}
-Summ

Re: [Dnsmasq-discuss] DNS from dhcp-host while client is offline

2021-10-08 Thread Olaf Hering 
On Sun, Oct 03, Alkis Georgopoulos wrote:

> Is there any way for dnsmasq to put all the dhcp-hosts into its DNS view
> even when these clients are offline?

Maybe you asking for this:

  dnsdomain=home.arpa
  hostname=esprimo
  MAC=00:a0:d1:c8:8e:cb
  ipv4=172.16.0.6
  ipv6=fd00:172:16::02a0:d1ff:fec8:8ecb

  tee -a dnsmasq.conf <<_EOF_
  host-record=${hostname}.${dnsdomain},${ipv4},${ipv6},123
  dhcp-host=${MAC},id:*,set:${hostname},${ipv4},${hostname},216000
  _EOF_

Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Bug while using address=//::

2021-10-08 Thread Olaf Hering 
On Thu, Oct 07, Simon Kelley wrote:

> --filter-A and --filter- options, these drop IPv4 and IPv6 ANSWERS,

Did you consider an option to filter them per interface or server?
Like server=/${dnsdomain}/${ip}/no-{A,}


Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] DNS from dhcp-host while client is offline

2021-10-08 Thread Olaf Hering 
Am Fri, 8 Oct 2021 19:02:31 +0300
schrieb Alkis Georgopoulos :

> yeah I too settled for a sed command

Sorry, I do not use sed or anything.

If the MAC/ip/hostname triple is know in advance, create a static config file 
with host-record= and dhcp-host=. Sorry if that was unclear.

But if you have a solution that you understand and that appears to work for 
you, go for it.


Olaf


pgpCglnakvYTG.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] extend filter-A to filter specific domains

2023-01-04 Thread Olaf Hering 
Hello,

currently a large email provider broke his configuration and is unusable with 
IPv6 since a week.

Capable users quickly discovered the required workarounds, like entirely 
disabling IPv6 on the clients for the time being.

One client application has an interesting feature, which allows to ignore  
responses for a specific domain during DNS lookup. This allows it to continue 
with IPv6 for other connections, and use IPv4 only for such DNS domains.


Unfortunately dnsmasq apparently lacks such feature. Since 2.87 the option 
'filter-A' and 'filter-' exist, but this affects all queries. What are the 
chances to implement something like 'filter-[=dom.tld]', to remove  
records for the specified domain? There seems to be such concept already for 
other options, such as 'server='.


Thanks,
Olaf


pgp__TFAcXlxk.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] [PATCH v1] Fix dependency in make install target

2023-10-16 Thread Olaf Hering 
The make target 'install-common' expects results from the target 'all'.
A 'make -j install' may fail because both targets are brought
up-to-todate in parallel. As a result the final binary will not exist at
the time 'install-common' runs, because 'all' is not yet done.

Adjust the dependencies to update 'all' before processing 'install-common'.

Signed-off-by: Olaf Hering 
---
 Makefile | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/Makefile b/Makefile
index 48e8d3b..f279339 100644
--- a/Makefile
+++ b/Makefile
@@ -105,9 +105,9 @@ clean : mostly_clean
rm -f core */core
rm -f *~ contrib/*/*~ */*~
 
-install : all install-common
+install : install-common
 
-install-common :
+install-common : all
$(INSTALL) -d $(DESTDIR)$(BINDIR)
$(INSTALL) -d $(DESTDIR)$(MANDIR)/man8
$(INSTALL) -m 644 $(MAN)/dnsmasq.8 $(DESTDIR)$(MANDIR)/man8 

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] serving EFI and traditional BIOS at the same time

2014-02-18 Thread Olaf Hering 

In my network a Fritzbox is serving DHCP to clients, and my workstation
runs dnsmasq as a proxy. This is working for the traditional PC BIOS:

dhcp-range=192.168.2.0,proxy
dhcp-boot=pxelinux.0
pxe-service=x86PC,"x86PC: Automatic Network boot from ProBook",pxelinux
enable-tftp
tftp-root=/tftpboot


One of the hosts is Windows Server 2012R2 which provides, in addtion to
Generation1 VMs, also Generation2 VMs with an EFI firmware.
How should the config look like to offer PXE to old and new VM types at
the same time?

I cant figure out how to boot EFI at all. I tried this in the config,
but that does not work:

dhcp-boot=syslinux.efi
pxe-service=BC_EFI,"PXE BC_EFI",syslinux.efi


This is the request from a Gen2 VM, looks like it does not like the response:

Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 available DHCP subnet: 
192.168.2.0/255.255.255.0
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 vendor class: 
PXEClient:Arch:7::??
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 PXE(en0) 
00:15:5d:63:45:22 proxy
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 tags: en0
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 bootfile name: 
syslinux.efi
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 broadcast response
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size:  1 option: 
53 message-type  2
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size:  4 option: 
54 server-identifier  192.168.2.100
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size:  9 option: 
60 vendor-class  50:58:45:43:6c:69:65:6e:74
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 17 option: 
97 client-machine-id  00:86:3b:f4:dc:16:44:3c:4b:a1:33:e3:dc:16...
Feb 18 16:26:32 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 34 option: 
43 vendor-encap  06:01:03:0a:04:00:50:58:45:08:07:80:01:01...
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 available DHCP subnet: 
192.168.2.0/255.255.255.0
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 vendor class: 
PXEClient:Arch:7::??
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 PXE(en0) 
00:15:5d:63:45:22 proxy
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 tags: en0
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 bootfile name: 
syslinux.efi
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 broadcast response
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size:  1 option: 
53 message-type  2
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size:  4 option: 
54 server-identifier  192.168.2.100
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size:  9 option: 
60 vendor-class  50:58:45:43:6c:69:65:6e:74
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 17 option: 
97 client-machine-id  00:86:3b:f4:dc:16:44:3c:4b:a1:33:e3:dc:16...
Feb 18 16:26:36 probook dnsmasq-dhcp[18054]: 3401145686 sent size: 34 option: 
43 vendor-encap  06:01:03:0a:04:00:50:58:45:08:07:80:01:01...


Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] serving EFI and traditional BIOS at the same time

2014-02-18 Thread Olaf Hering 
On Tue, Feb 18, Olaf Hering wrote:

> How should the config look like to offer PXE to old and new VM types at
> the same time?

At least the separation appears to work like that:

dhcp-match=x86PC, option:client-arch, 0
dhcp-match=BC_EFI, option:client-arch, 7
dhcp-boot=tag:x86PC,pxelinux.0
dhcp-boot=tag:BC_EFI,syslinux.efi
pxe-service=tag:x86PC,x86PC,"x86PC boot msg",pxelinux
pxe-service=tag:BC_EFI,BC_EFI,"BC_EFI boot msg",syslinux.efi

But that does not fix EFI boot, yet.

Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] serving EFI and traditional BIOS at the same time

2014-02-19 Thread Olaf Hering 
On Tue, Feb 18, Olaf Hering wrote:

> On Tue, Feb 18, Olaf Hering wrote:
> 
> > How should the config look like to offer PXE to old and new VM types at
> > the same time?
> 
> At least the separation appears to work like that:
> 
> dhcp-match=x86PC, option:client-arch, 0
> dhcp-match=BC_EFI, option:client-arch, 7
> dhcp-boot=tag:x86PC,pxelinux.0
> dhcp-boot=tag:BC_EFI,syslinux.efi
> pxe-service=tag:x86PC,x86PC,"x86PC boot msg",pxelinux
> pxe-service=tag:BC_EFI,BC_EFI,"BC_EFI boot msg",syslinux.efi
> 
> But that does not fix EFI boot, yet.

Actually the above works if dnsmasq does not act as a DHCP proxy.
For some reason the EFI firmware does not handle that well. In an
isolated environment the EFI files are handed out properly to the
client. 


One thing remains: how should the mixed environment be documented?
Its not clear by reading the docs or the example config file.


Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] how to track changes for a given hostname

2014-05-30 Thread Olaf Hering 

My dnsmasq sometimes forgets the hostname of one of my boxes. I wonder
how to track that without tweaking the source?

My reconnect script reports:
...
ssh: connect to host optiplex port 22: Connection refused
rc '255'. root@optiplex @ Fr 30. Mai 11:27:43 CEST 2014
ssh: connect to host optiplex port 22: Connection refused
rc '255'. root@optiplex @ Fr 30. Mai 11:29:01 CEST 2014
ssh: Could not resolve hostname optiplex: Name or service not known
rc '255'. root@optiplex @ Fr 30. Mai 11:30:20 CEST 2014
ssh: Could not resolve hostname optiplex: Name or service not known
rc '255'. root@optiplex @ Fr 30. Mai 11:31:40 CEST 2014
...


My setup is like this:

 * A FritzBox 7360, which acts as DHCP and DNS server.
 * My Workststation running openSUSE 11.4, with dnsmasq-2.70, it acts as DNS
   for localhost and as DHCP proxy to provide TFTP to other hosts.
   Compile time options: IPv6 GNU-getopt no-DBus i18n IDN DHCP DHCPv6
   no-Lua TFTP no-conntrack ipset auth no-DNSSEC

 * A Testhost named optiplex. It is reachable with IPv4 and IPv6.

When the failure above happens, my workstation fails to resolve
optiplex. Restarting dnsmasq helps.

olaf@probook:~ $ host optiplex
olaf@probook:~ $ host optiplex fritz.box
Using domain server:
Name: fritz.box
Address: fd00::a96:d7ff:feb1:1e3d#53
Aliases: 

optiplex.fritz.box has address 192.168.2.102
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a
olaf@probook:~ $ host optiplex 192.168.2.1
Using domain server:
Name: 192.168.2.1
Address: 192.168.2.1#53
Aliases: 

optiplex.fritz.box has address 192.168.2.102
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a
olaf@probook:~ $ 

olaf@probook:~ $ sudo su -
root's password:
root@probook:~ # rcdnsmasq restart
Shutting name service masq caching server done
Starting name service masq caching server done
root@probook:~ # logout
olaf@probook:~ $ host optiplex
optiplex.fritz.box has address 192.168.2.102
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a
olaf@probook:~ $ host optiplex fritz.box
Using domain server:
Name: fritz.box
Address: fd00::a96:d7ff:feb1:1e3d#53
Aliases: 

optiplex.fritz.box has address 192.168.2.102
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:baac:6fff:fea3:7d0a
optiplex.fritz.box has IPv6 address 2001:a60:1011:601:30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::30e6:8090:5088:397
optiplex.fritz.box has IPv6 address fd00::baac:6fff:fea3:7d0a
olaf@probook:~ $ 


How can I find out why optiplex fails to resolve?


Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] how to track changes for a given hostname

2014-06-04 Thread Olaf Hering 
On Sun, Jun 01, Simon Kelley wrote:

> > How can I find out why optiplex fails to resolve?
> Look at --dhcp-script in the man page. A very simple script which logs
> argv and the environment to a file should provide you with information
> about the comings and going of DHCP leases.

localhost does not serve DHCP, it just acts as proxy. In my testing the
script does not seem to provide a hint why optiplex fails to resolve.
The script is only called for tftp.

I can poke at this some more end of next week.

Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] question about the host-record= example

2015-11-18 Thread Olaf Hering 
I have several host-record=$name,$name.$domain,$ip4,$ip6 lines in my
dnsmasq 2.62 conf file. Today I realized that "host $ip4" resolves to
just "${name}.", but I was expecting "${name}.${domain}.". So I removed
the "$name," part and get now the full name.

I wonder why the example in the host-record= lists both?
When is laptop used, and when is laptop.thekellys.org used?


Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] question about the host-record= example

2015-12-07 Thread Olaf Hering 
On Wed, Nov 18, Olaf Hering wrote:

> I wonder why the example in the host-record= lists both?

Any answer to that question?

Olaf

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Extension to hosts-dir and dhcohosts-dir

2018-02-09 Thread Olaf Hering 
On Thu, Feb 08, Kurt H Maier wrote:

> You should fix the editor; that behavior is dangerous for other reasons,
> similar to the ones outlined here:
> http://openwall.com/lists/oss-security/2017/11/27/2

This talks about apples, while Andy talks about oranges.
Fix "$dnsmasq" to process only files intended for "$dnsmasq".

Olaf


signature.asc
Description: PGP signature
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] DHCP option 121, handling of interface address

2018-04-27 Thread Olaf Hering 
I had to add DHCP option 121 to server an extra network to the clients in case 
one of the clients has to use USB tethering via the mobile phone.
Therefore I added this line, and all is (almost) fine:

dhcp-option=option:classless-static-route,$other_local_net/24,$interface_IP

But it is not possible to set $interface_IP to 0.0.0.0 to indicate that dnsmasq 
should put in the IPv4 address of the interface from which it serves the DHCP 
requests. This is done for a few other DHCP options like default-router, TFTP 
server and the like.

Is this just an oversight, or would there be any downside in handling the 
"wildcard" in "classless-static-route"?

Olaf


pgp6fgDXz7HHd.pgp
Description: Digitale Signatur von OpenPGP
___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss