Re: [Dnsmasq-discuss] what do the contents of /var/lib/misc/dnsmasq.leases mean?

2019-01-09 Thread Simon Kelley

My guess is that the two copies of dnsmasq that are configured to do
DHCP are using the same leases file, which is an all-bets-are-off
situation. Using the --dhcp-leasefile option to give them separate files
will at least give you a chance of making your config work.


Cheers,

Simon.

On 04/01/2019 04:48, Sean Kelly wrote:
> Sure! It's a long story, but perhaps interesting. I got a quad core 2.42
> GHz, 8GB ram 128GB SSD WIFI, dual nic, Thin Mini PC
>  off Amazon that I had
> intended to use as my home router running pfsense. I have really crappy
> DSL at home with an average speed of 1.5Mbps. I have a tablet with 5G
> and "unlimited" data that I can tether through USB that occasionally
> gets deprioritized. (TMobile aint great but it beats everything else) So
> my plan was a router that could switch between DSL and tethered tablet
> and provide a hopefully better home internet environment.
> 
> The device has USB, two nics and wifi. When I went to install pfsense I
> discovered that the wifi and tethered tablet drivers were missing and
> not being a linux kernel guy it sounded like a daunting task to get that
> working. I had a ubuntu desktop live usb stick that I was using to get
> hardware info for the pfsense installation and it seemed to work great.
> So I just installed that. I've only ever used linux in vms as servers so
> this was also an opportunity to learn a new desktop environment. Aside
> from the router, I also have several smart switches
>  and 
> three wireless
> access points
> .
> The router's wifi didn't cover the whole house and amazon echo's
> intercom feature was too cool not to utilize. Long term, I'd like to
> isolate the access points on their own vlan (practice good security etc)
> but that is in the backlog for after I get the basic configuration working.
> 
> So this is where things get interesting. All my linux friends told me I
> should start ripping parts out of my ubuntu distro and just use
> iptables, shorewall, dhcd, etc. I used to work on Windows at Microsoft
> and it didn't make sense to me that Ubuntu developers would not make the
> best choices of technologies when building Ubuntu and all ripping out
> services and swimming upstream would buy me is that opportunity to
> relearn why the Ubuntu developers made the choices they made. So instead
> of fighting the system I would embrace it and learn to use it as best as
> I could. I acknowledge this is cathedral thinking in the bazaar but I
> feel like I'm really close to getting it all working.
> 
> Anyway, when I configure network manager to share my wifi and one of my
> nics, it runs three copies of dnsmasq like so.
> 
> /usr/sbin/dnsmasq
>   --no-resolv
>   --keep-in-foreground
>   --no-hosts
>   --bind-interfaces
>   --pid-file=/var/run/NetworkManager/dnsmasq.pid
>   --listen-address=127.0.1.1
>   --cache-size=0
>   --conf-file=/dev/null
>   --proxy-dnssec
>   --enable-dbus=org.freedesktop.NetworkManager.dnsmasq
>   --conf-dir=/etc/NetworkManager/dnsmasq.d
> 
> /usr/sbin/dnsmasq
>   --conf-file
>   --no-hosts
>   --keep-in-foreground
>   --bind-interfaces
>   --except-interface=lo
>   --clear-on-reload
>   --strict-order
>   --listen-address=192.168.69.1
>   --dhcp-range=192.168.69.10,192.168.69.254,60m
>   --dhcp-option=option:router,192.168.69.1
>   --dhcp-lease-max=50
>   --pid-file=/var/run/nm-dnsmasq-wlp2s0b1.pid
>   --conf-dir=/etc/NetworkManager/dnsmasq-shared.d
> 
> /usr/sbin/dnsmasq
>   --conf-file
>   --no-hosts
>   --keep-in-foreground
>   --bind-interfaces
>   --except-interface=lo
>   --clear-on-reload
>   --strict-order
>   --listen-address=192.168.0.254
>   --dhcp-range=192.168.0.1,192.168.0.245,60m
>   --dhcp-option=option:router,192.168.0.254
>   --dhcp-lease-max=50
>   --pid-file=/var/run/nm-dnsmasq-enp3s0.pid
>   --conf-dir=/etc/NetworkManager/dnsmasq-shared.d
> 
> The first one is for dns and I have a conf file in
> /etc/NetworkManager/dnsmasq.d with the single line
> 
> cache-size=1000
> 
> The next one is for dhcp on my wifi and the last one is for dhcp on my
> nic. Unfortunately they use the same conf-dir
> (/etc/NetworkManager/dnsmasq-shared.d). I currently have one file there
> that looks like this
> 
> #
> # HUBS
> dhcp-host=,192.168.0.10,den-hub
> dhcp-host=,192.168.0.11,master-hub
> dhcp-host=,192.168.0.12,utility-hub
> dhcp-host=,192.168.0.13,gaming-hub
> dhcp-host=,192.168.0.14,pantry-hub
> #
> # WAPS
> dhcp-host=,192.168.0.20,sunroom-wap
> dhcp-host=,192.168.0.21,master-wap
> dhcp-host=,192.168.0.22,gaming-wap
> #
> # SUNROOM DEVICES
> dhcp-host=,192.168.0.30,printer
> dhcp-host=,192.168.0.31,laser
> #
> # DEN DEVICES
> dhcp-host=,192.168.0.253,watchdog
> #
> # MASTER DEVICES
> dhcp-host=,192.168.0.252,keeper,infinite
> dhcp-host=,192.168.0.40,wdtv,infinite
> dhcp-host=,192.168.0.148,kodi,infinite
> #
> # 

Re: [Dnsmasq-discuss] what do the contents of /var/lib/misc/dnsmasq.leases mean?

2019-01-03 Thread Sean Kelly
Sure! It's a long story, but perhaps interesting. I got a quad core 2.42
GHz, 8GB ram 128GB SSD WIFI, dual nic, Thin Mini PC
 off Amazon that I had
intended to use as my home router running pfsense. I have really crappy DSL
at home with an average speed of 1.5Mbps. I have a tablet with 5G and
"unlimited" data that I can tether through USB that occasionally gets
deprioritized. (TMobile aint great but it beats everything else) So my plan
was a router that could switch between DSL and tethered tablet and provide
a hopefully better home internet environment.

The device has USB, two nics and wifi. When I went to install pfsense I
discovered that the wifi and tethered tablet drivers were missing and not
being a linux kernel guy it sounded like a daunting task to get that
working. I had a ubuntu desktop live usb stick that I was using to get
hardware info for the pfsense installation and it seemed to work great. So
I just installed that. I've only ever used linux in vms as servers so this
was also an opportunity to learn a new desktop environment. Aside from the
router, I also have several smart switches
 and
three wireless access points
. The
router's wifi didn't cover the whole house and amazon echo's intercom
feature was too cool not to utilize. Long term, I'd like to isolate the
access points on their own vlan (practice good security etc) but that is in
the backlog for after I get the basic configuration working.

So this is where things get interesting. All my linux friends told me I
should start ripping parts out of my ubuntu distro and just use iptables,
shorewall, dhcd, etc. I used to work on Windows at Microsoft and it didn't
make sense to me that Ubuntu developers would not make the best choices of
technologies when building Ubuntu and all ripping out services and swimming
upstream would buy me is that opportunity to relearn why the Ubuntu
developers made the choices they made. So instead of fighting the system I
would embrace it and learn to use it as best as I could. I acknowledge this
is cathedral thinking in the bazaar but I feel like I'm really close to
getting it all working.

Anyway, when I configure network manager to share my wifi and one of my
nics, it runs three copies of dnsmasq like so.

/usr/sbin/dnsmasq
  --no-resolv
  --keep-in-foreground
  --no-hosts
  --bind-interfaces
  --pid-file=/var/run/NetworkManager/dnsmasq.pid
  --listen-address=127.0.1.1
  --cache-size=0
  --conf-file=/dev/null
  --proxy-dnssec
  --enable-dbus=org.freedesktop.NetworkManager.dnsmasq
  --conf-dir=/etc/NetworkManager/dnsmasq.d

/usr/sbin/dnsmasq
  --conf-file
  --no-hosts
  --keep-in-foreground
  --bind-interfaces
  --except-interface=lo
  --clear-on-reload
  --strict-order
  --listen-address=192.168.69.1
  --dhcp-range=192.168.69.10,192.168.69.254,60m
  --dhcp-option=option:router,192.168.69.1
  --dhcp-lease-max=50
  --pid-file=/var/run/nm-dnsmasq-wlp2s0b1.pid
  --conf-dir=/etc/NetworkManager/dnsmasq-shared.d

/usr/sbin/dnsmasq
  --conf-file
  --no-hosts
  --keep-in-foreground
  --bind-interfaces
  --except-interface=lo
  --clear-on-reload
  --strict-order
  --listen-address=192.168.0.254
  --dhcp-range=192.168.0.1,192.168.0.245,60m
  --dhcp-option=option:router,192.168.0.254
  --dhcp-lease-max=50
  --pid-file=/var/run/nm-dnsmasq-enp3s0.pid
  --conf-dir=/etc/NetworkManager/dnsmasq-shared.d

The first one is for dns and I have a conf file in
/etc/NetworkManager/dnsmasq.d with the single line

cache-size=1000

The next one is for dhcp on my wifi and the last one is for dhcp on my nic.
Unfortunately they use the same conf-dir
(/etc/NetworkManager/dnsmasq-shared.d). I currently have one file there
that looks like this

#
# HUBS
dhcp-host=,192.168.0.10,den-hub
dhcp-host=,192.168.0.11,master-hub
dhcp-host=,192.168.0.12,utility-hub
dhcp-host=,192.168.0.13,gaming-hub
dhcp-host=,192.168.0.14,pantry-hub
#
# WAPS
dhcp-host=,192.168.0.20,sunroom-wap
dhcp-host=,192.168.0.21,master-wap
dhcp-host=,192.168.0.22,gaming-wap
#
# SUNROOM DEVICES
dhcp-host=,192.168.0.30,printer
dhcp-host=,192.168.0.31,laser
#
# DEN DEVICES
dhcp-host=,192.168.0.253,watchdog
#
# MASTER DEVICES
dhcp-host=,192.168.0.252,keeper,infinite
dhcp-host=,192.168.0.40,wdtv,infinite
dhcp-host=,192.168.0.148,kodi,infinite
#
# UTILITY DEVICES
#
# REC ROOM DEVICES
#
# WIRELESS DEVICES

#
# OTHER SETTINGS
#dhcp-ignore=tag:!known
dhcp-lease-max=1000

long term, I'd like to static configure all devices on my home nic and my
wireless and only to do dhcp on the vlan for guest wifi. Then I could
uncomment the dhcp-ignore line and devices would need to be explicitly
added to the conf to get access to anything on my LAN other than the
internet. I feel like if I understood tags better I might be able to figure
out how to do this. Otherwise I might need to see if I can get a PR into

Re: [Dnsmasq-discuss] what do the contents of /var/lib/misc/dnsmasq.leases mean?

2019-01-03 Thread Simon Kelley
The leftmost 0 means that the leases are infinite, they never expire,
which might explain why you're running out of leases.

There can be duplicate leases per MAC address, but there should never be
duplicate leases for an IP address. So I'm interested in finding out how
you've contrived this situation. Please could you share as much
information as possible about network and dnsmasq configuration?


Cheers,

Simon.


On 02/01/2019 04:01, Sean Kelly wrote:
> when I cat the file I see mutiple entries for the same MAC address, what
> does this mean?
> 
> 0 98:de:d0:bb:11:0c 192.168.0.10 * 01:98:de:d0:bb:11:0c
> 0 98:de:d0:bb:11:0c 192.168.0.10 * 01:98:de:d0:bb:11:0c
> 0 98:de:d0:2c:0e:4c 192.168.0.20 * 01:98:de:d0:2c:0e:4c
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 44:80:eb:95:2a:b4 192.168.0.66 * 01:44:80:eb:95:2a:b4
> 0 44:80:eb:95:2a:b4 192.168.0.66 miri-phone 01:44:80:eb:95:2a:b4
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
>  Can I trim multiple entriesor is it safe to ignore them? I just
> recently got the dnsmasq NO LEASES LEFT error and was concerned that
> these duplicate entries contributed to the dhcp-max-leases count. Can I
> delete them safely?
> 
> Go Carefully,
> 
> SeanK
> 
> ___
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss@lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss


Re: [Dnsmasq-discuss] what do the contents of /var/lib/misc/dnsmasq.leases mean?

2019-01-02 Thread john doe
On 1/2/2019 5:01 AM, Sean Kelly wrote:
> when I cat the file I see mutiple entries for the same MAC address, what
> does this mean?
> 
> 0 98:de:d0:bb:11:0c 192.168.0.10 * 01:98:de:d0:bb:11:0c
> 0 98:de:d0:bb:11:0c 192.168.0.10 * 01:98:de:d0:bb:11:0c
> 0 98:de:d0:2c:0e:4c 192.168.0.20 * 01:98:de:d0:2c:0e:4c
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 44:80:eb:95:2a:b4 192.168.0.66 * 01:44:80:eb:95:2a:b4
> 0 44:80:eb:95:2a:b4 192.168.0.66 miri-phone 01:44:80:eb:95:2a:b4
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:90:a9:6a:0b:92 192.168.0.40 * 01:00:90:a9:6a:0b:92
> 0 00:1a:62:01:17:cf 192.168.0.252 * 01:00:1a:62:01:17:cf
>  Can I trim multiple entriesor is it safe to ignore them? I just recently
> got the dnsmasq NO LEASES LEFT error and was concerned that these duplicate
> entries contributed to the dhcp-max-leases count. Can I delete them safely?
> 

I'm assuming that the parssing of the lease file is somewhat similar to
dhcpd.leases.
Based on that assumption, only the first match is used.
New entries are added at the top of the file, I guess that the file is
read from top to bottom (oposit behavior for dhcpd.leases).
Note that the daemon needs to be stopped to modify the lease file.

The lease file is a database of known client(s) to the server, that way,
the same IP is given to the same client.

-- 
John Doe

___
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss