Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[Conrad Kostecki]

Hi Simon,

Am 04.04.2019 22:10:19, "Simon Kelley"  
schrieb:



Sorry, I wasn't clear.

A DHCP client can set a bit in the DHCP DISCOVER message that asks the
DHCP server to broadcast the reply to it. The packet captures you posted
showed exactly that. It's quite possible that the ThinkPad X260,
_doesn't_ do this, so the reply is not broadcast.

thank you! Now I see, what you mean. And you are absolutley right. My X260 
haven't set the broadcast flag, when looking into that packets.


A source of problems in the past has been firewall (iptables) rules that
block packets sent to the 255.255.255.255 broadcast address. Such a rule
on the machine running dnsmasq would  break DHCP but only for clients
which set the broadcast bit in the DHCPDISCOVER. I don't know if the
packet capture happens before or after iptables, for the packet to be
blocked, but still appear (as it did) in the packet capture, it would
have to be before iptables.


I've run now several tests and found the cause. First, it's not iptables, they 
allow here broadcast, as it should be.
It's my switch, who is not fowarding those broadcast pakets. It's an Netgear 
GS116Ev2.
I am speechless, why this switch doesn't forward them. According to the WebUI, 
Broadcast Forwarding is enabled and not filtered.

Conrad___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[Conrad Kostecki]

Hi Simon,

Am 04.04.2019 16:10:32, "Simon Kelley"  
schrieb:



How are you producing the dnsmasq captures? on the host running dnsmasq,
or elsewhere on the network?


Both captures were produced on that machine, which runs the DHCP server.
This means, on the non working setup, this is my linux router.
The fritzbox also does offer a capture on its interfaces itself.

Captures where done with tcpdump on port 67+68.


The DHCP is asking for, and getting, broadcast replies (ie to
255.255.255.255) It's just possible that : 1) no other DHCP clients
you've used ask for this

What do you mean by this? Sorry, but I didn't understand this.


 2) the firewall configuration on the host
running dnsmasq blocks packets with destination 255.255.255.255.
I can rule this out. If I take the same network cable, which I used for 
Netboot, but instead, connect my modern ThinkPad X260, DHCP works just 
perfectly fine.
I did also give now a try and connected directly the Netboot machine to 
an interface directly on the machine, which hosts DNSMasq.

So I think, I can rule out at least the hardware side here.

Conrad


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[Conrad Kostecki]

Hi Geert,

Am 04.04.2019 14:55:47, "Geert Stappers"  
schrieb:




The fritzbox is 192.168.178.1,  dnsmasq machine is 192.168.32.1.
This is fine. My current setup with an linux router uses 
192.168.32.0/24.
The test with the FritzBox was completly standalone and not connected in 
any way to my current subnet.
I was just testing, if DHCP itself would succssed, when an other router 
acts as server.





Both hand out subnet mask 255.255.255.0, none provides a client IP address.
So /24 is correct here. What what do you mean by none provied client ip 
address?


Conrad


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[Simon Kelley]

On 03/04/2019 19:47, Conrad Kostecki wrote:
> Hi,
> in order to make PXE possible with older notebooks, I've compiled for
> myself Netboot.
> This is a piece of software, which starts from floppy, where you can
> load your dos paket driver and start PXE.
> Basically, it makes possible to boot with PXE by using PCMCIA networks
> cards from floppy, when nothing else is possible to boot from.
> 
> Netboot itself is working so far fine, it initializes itself fine, loads
> my dos packet driver and starts DHCP.
> I can clearly see, that a DHCP broadcast comes into my DNSMasq, which
> replies with a DHCP offer.
> And here it stops. It seems, Netboot can't correctly handle that offer
> by DNSMasq, as it silently drops it and tries again.
> So I see multiple broadcast searches and DHCP offers.
> 
> BUT: If I use DHCP from an ordinary AVM Fritz!Box 7490 (Router), Netboot
> succeeds and can handle the reply from it.
> So the question is, what could go wrong? Can I debug this somehow? Any
> solutions to make this possible work with Netboot?
> 
> Note: Netboot is pretty old, latest release is from 2007. I suspect,
> that maybe DNSMasq does some RFC correct, which is "too new" for those
> old clients.
> Any help would be appreciated.
> 
> Conrad
> 

The packet captures are pretty much identical.

How are you producing the dnsmasq captures? on the host running dnsmasq,
or elsewhere on the network?

The DHCP is asking for, and getting, broadcast replies (ie to
255.255.255.255) It's just possible that : 1) no other DHCP clients
you've used ask for this 2) the firewall configuration on the host
running dnsmasq blocks packets with destination 255.255.255.255.


That's the only theory I can think if at the moment.

Simon.


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[Geert Stappers]

On 04-04-2019 11:58, Conrad Kostecki wrote:

>> John Robson hat am 4. April 2019 um 10:40 geschrieben:
>>
>>
>> A couple of packet captures might help you (and us) see what is being sent
>> differently.
> good idea. Here are the captures. To be honest, I don't see anything, which 
> it shouldn't work.
>
> https://www.bl4ckb0x.de/files/dnsmasq.pcap (works not)
> https://www.bl4ckb0x.de/files/fritzbox.pcap (works)

The fritzbox is 192.168.178.1,  dnsmasq machine is 192.168.32.1.

Both hand out subnet mask 255.255.255.0, none provides a client IP address.


Regards

Geert Stappers

Devops Engineer @ Hendrikx ITC



___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[Conrad Kostecki]

Hi John,

> John Robson  hat am 4. April 2019 um 10:40 geschrieben:
> 
> 
> A couple of packet captures might help you (and us) see what is being sent
> differently.

good idea. Here are the captures. To be honest, I don't see anything, which it 
shouldn't work.

https://www.bl4ckb0x.de/files/dnsmasq.pcap (works not)
https://www.bl4ckb0x.de/files/fritzbox.pcap (works)

Conrad

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Re: [Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[John Robson]

A couple of packet captures might help you (and us) see what is being sent
differently.

On Wed, 3 Apr 2019 at 20:32, Conrad Kostecki  wrote:

> Hi,
> in order to make PXE possible with older notebooks, I've compiled for
> myself Netboot.
> This is a piece of software, which starts from floppy, where you can load
> your dos paket driver and start PXE.
> Basically, it makes possible to boot with PXE by using PCMCIA networks
> cards from floppy, when nothing else is possible to boot from.
>
> Netboot itself is working so far fine, it initializes itself fine, loads
> my dos packet driver and starts DHCP.
> I can clearly see, that a DHCP broadcast comes into my DNSMasq, which
> replies with a DHCP offer.
> And here it stops. It seems, Netboot can't correctly handle that offer by
> DNSMasq, as it silently drops it and tries again.
> So I see multiple broadcast searches and DHCP offers.
>
> BUT: If I use DHCP from an ordinary AVM Fritz!Box 7490 (Router), Netboot
> succeeds and can handle the reply from it.
> So the question is, what could go wrong? Can I debug this somehow? Any
> solutions to make this possible work with Netboot?
>
> Note: Netboot is pretty old, latest release is from 2007. I suspect, that
> maybe DNSMasq does some RFC correct, which is "too new" for those old
> clients.
> Any help would be appreciated.
>
> Conrad
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>


-- 

*John Robson Sr. Customer Support Engineer**, Zenoss
*
jrob...@zenoss.com | *O:*


___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

[Dnsmasq-discuss] Netboot drops DNSMasq DHCP offer

[Conrad Kostecki]

Hi,
in order to make PXE possible with older notebooks, I've compiled for 
myself Netboot.
This is a piece of software, which starts from floppy, where you can 
load your dos paket driver and start PXE.
Basically, it makes possible to boot with PXE by using PCMCIA networks 
cards from floppy, when nothing else is possible to boot from.


Netboot itself is working so far fine, it initializes itself fine, loads 
my dos packet driver and starts DHCP.
I can clearly see, that a DHCP broadcast comes into my DNSMasq, which 
replies with a DHCP offer.
And here it stops. It seems, Netboot can't correctly handle that offer 
by DNSMasq, as it silently drops it and tries again.

So I see multiple broadcast searches and DHCP offers.

BUT: If I use DHCP from an ordinary AVM Fritz!Box 7490 (Router), Netboot 
succeeds and can handle the reply from it.
So the question is, what could go wrong? Can I debug this somehow? Any 
solutions to make this possible work with Netboot?


Note: Netboot is pretty old, latest release is from 2007. I suspect, 
that maybe DNSMasq does some RFC correct, which is "too new" for those 
old clients.

Any help would be appreciated.

Conrad___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss