Jason Dixon wrote:
On Tue, Jul 29, 2008 at 07:40:52AM -0400, Jason Dixon wrote:
On Tue, Jul 29, 2008 at 07:48:32AM +0100, Simon Kelley wrote:
Jason Dixon wrote:
Thanks to the recent vulnerability, I'm upgrading an older dnsmasq
system from version 2.34 to 2.45. I've installed it and attempted to
run it, but I get the following error.
dnsmasq: illegal domain 04-06.lab.foobar.com in dhcp-config directive.
The same configuration works fine with 2.34, so I presume something has
changed in the configuration syntax or default settings. I haven't
found anything on Google or in the FAQ about this error, nor do I see
any "dhcp-config" directives in our config files or the sample config.
Here is the relevant line from our config:
dhcp-host=00:0c:29:02:1f:06,ubuntu-8.04-06.lab.foobar.com,172.16.0.105
It doesn't appear to be anything specifically with that line. We have a
couple hundred of these loaded by dnsmasq. If I comment out that one,
the next preceding one will error. I'm not experienced with dnsmasq, so
I'm putting myself at the mercy of this list. Any help will be greatly
appreciated. :)
As far as I can see, this error can only be occuring because the domain
part of the name your applying to that host doesn't match the domain
specified for dnsmasq to use by the domain=<domain> config option.
AFAIK dnsmasq has never allowed you to send a FQDN to a host unless it
matches the domain setting (this is to avoid hosts impersonating, eg
www.microsoft.com) but the check in this case has been moved from
run-time, where it will log an error, to a fatal error at start-up
The fix may be as simple as adding
domain=04-06.lab.foobar.com
(and you can remove the domain parts from all the dhcp-host lines as
well, if you wish. If they stay, they must match the domain given)
We have mixed domains in our configuration. I see the following line in
the main dnsmasq.conf, which would account for most of the dhcp-host
entries:
local=/lab.foobar.com/wifi.foobar.com/
I see no domain directives anywhere. I suspect that adding
04-06.lab.foobar.com to the local directive might be sufficient, but I'm
just guessing. And yes, this configuration works fine with
dnsmasq-2.34.
I tried various changes to our configuration but couldn't find a working
set. I'm including a subset of our configuration here so you can see
what might be causing the issue. The only bits I've left out include
redundant information (e.g. dhcp-host). Just to reiterate, this works
under 2.34 but is broken under 2.45.
# cat /etc/dnsmasq.conf | grep -v '^$' | grep -v '^\#'
filterwin2k
local=/lab.foobar.com/wifi.foobar.com/
interface=eth0
expand-hosts
dhcp-option=3,172.16.0.1
dhcp-option=42,0.0.0.0
conf-file=/etc/dnsmasq.lab.conf
conf-file=/etc/dnsmasq.wifi.conf
# cat /etc/dnsmasq.lab.conf | grep -v '^$' | grep -v '^\#'
dhcp-range=lab,172.16.0.10,172.16.0.81,12h
dhcp-option=lab,15,lab.foobar.com
dhcp-host=00:0e:0c:bc:17:70,lab01.lab.foobar.com,172.16.0.10
dhcp-host=00:0c:29:ff:96:a7,solaris.lab.foobar.com,172.16.0.6
dhcp-host=00:0c:29:ff:96:xx,windows.lab.foobar.com,172.16.0.7
dhcp-host=00:0c:29:db:8a:b3,centos.lab.foobar.com,172.16.0.5
dhcp-host=00:0c:29:3c:58:01,centos-4.4-01.lab.foobar.com,172.16.0.82
# cat /etc/dnsmasq.wifi.conf | grep -v '^$' | grep -v '^\#'
dhcp-range=wifi,172.16.0.200,172.16.0.250,3d
dhcp-option=wifi,15,wifi.foobar.com
Thanks,
Are the names in your dhcp-host entries _all_ "<name>.lab.foobar.com"?
If so, the simply adding
domain=lab.foobar.com
will fix things. I imagine that under 2.34 you will have seen lots of
complaints logged about this, 2.45 has turned soft errors into hard ones.
If there are names in more than one domain, the problem in more
complicated to fix: you may need to try the new "multi-domain" code.
Cheers,
Simon.
