Re: [Dnsmasq-discuss] Config file length / performance question
Simon, Thanks for the quick response. Using a couple quick bash for loops, I set up a config that is over 8000 lines long (64 VLANs * 128 hosts). Runs like a champ. Perfect! It literally made our lab 100x better (no more manually settings IPs!) But, I'm having difficulty getting dhcp-option 12 to work (hostname). If, in an experiment, someone deploys out 2 or more Windows boxes, all but the first one will complain that the host name already exists on the network. Sysprep is an option, but it's slow and buggy in our case. I'd like to send out the host name that are in my static lease lines. E.g. dhcp-host=00:50:56:00:01:01,vm0101,1.0.0.1 should send vm0101 as option 12. Linux VMs ignore this (by default), but Windows is more than happy to accept it, and avoid annoying host name already exists messages. I searched around and found older messages regarding this, but no real solutions. Does dnsmasq support DHCP option 12? Thanks! On Sat, Dec 6, 2008 at 12:52 PM, Simon Kelley si...@thekelleys.org.uk wrote: Johann MacDonagh wrote: Hi all, Sorry for the long e-mail. The question is towards the end, the beginning is just background. I am setting up an isolated computer lab using VMware ESX server / VirtualCenter. This enterprise level VMware product did away with NAT based networking like the consumer counterparts, and instead expects you to statically give virtual machines IP addresses, or have a DHCP server hand them out. Given the highly dynamic nature of the lifetime of these virtual machines as well as the wide range of operating systems we plan on installing, statically setting IP addresses is out of the question. That's where dnsmasq comes in. I'm building a custom Gentoo box that will act as the DHCP server. Each experiment will need to be isolated from other experiments, and I plan on accomplishing this via VLANs. Each experiment will be on the same switch (actually, a VMware Virtual Switch), and given a unique VLAN ID for all machines in that experiment. The Gentoo box will be sitting on a special VLAN port that accepts traffic from all VLANs. I just need to make sure VLAN support is build into the kernel. I've chosen dnsmasq for the DHCP server, because it looks like it can listen on multiple interfaces very easily. This is required because when want a Linux machine to accept traffic from multiple VLANs, you get separate adapters (e.g. if eth0 receives all VLAN traffic, and you want to listen to VLAN 2, you run vconfig and get an interface eth0.2). In the end, I plan on having about 100 VLANs to work with, 1-100. That part is easy, the difficult part is making sure the DHCP server gives nice IP addresses. For example, I was thinking of this format: VLANID.0.0.NUMBER So, if I start an experiment that gets assigned VLAN 4 with these VMs, you get the the following IP addresses: Windows XP 4.0.0.1 BackTrack 4.0.0.2 BackTrack 4.0.0.3 Ubuntu 4.0.0.4 I also want to make sure that the first VM they select on our little web interface is assigned x.x.x.1, the second x.x.x.2, and so on. Since all the VMs get powered on at roughly the same time, the allocations end up going to whoever requests first. Now, the (partial) solution. I have control over the MAC address of these machines just before they are powered on. VMware also has a OUI for manual MAC addresses. I was thinking of using that to generate MAC addresses in the following format: 00:50:56:00:VLANID:SUFFIX So, the MAC address that I would want the DHCP server to allocate 4.0.0.8 to would be 00:50:56:00:04:08. My question is (*finally*), which is the best way to go about making sure dnsmasq takes this into consideration? I see two solutions: 1. Modify source, edit address_allocate in dhcp.c to generate an address based on the MAC address. 2. Leave source alone, have 2560 lines in the config file, one for each possible suffix for each VLAN (100*256). So far, the second option seems cleaner, because I can upgrade to newer versions of dnsmasq and not worry about editing the source again. But, can dnsmasq handle that many configuration lines? Are the static allocations stored in some sort of a hash table? There are no hard limits on the number of configuration lines. The dhcp-host configuration options are searched linearly, not hashed. I can't see this being a significant performance bottleneck, even with 2560 options, on any sane modern machine. (It'a only O(n)). If it turns out that I'm wrong, I'll happily look at improving performance. PS. There's one algorithm which is O(n^2) on the number of dhcp-host options, but that's a check which runs at start-up. If the daemon starts in a reasonable time, there shouldn't be any problems. You should probably use the --no-ping and --dhcp-authoritative options in this application. I'm building the gentoo box as we speak, but I thought I would ask the community for some input as I try to decide which route to go. HTH
Re: [Dnsmasq-discuss] Config file length / performance question
Johann MacDonagh wrote: But, I'm having difficulty getting dhcp-option 12 to work (hostname). If, in an experiment, someone deploys out 2 or more Windows boxes, all but the first one will complain that the host name already exists on the network. Sysprep is an option, but it's slow and buggy in our case. I'd like to send out the host name that are in my static lease lines. E.g. dhcp-host=00:50:56:00:01:01,vm0101,1.0.0.1 should send vm0101 as option 12. Linux VMs ignore this (by default), but Windows is more than happy to accept it, and avoid annoying host name already exists messages. I searched around and found older messages regarding this, but no real solutions. Does dnsmasq support DHCP option 12? If windows as requesting option 12, then it will be sent as vm0101, in your example. Are you sure that windows will take the hostname via DHCP? Windows hosts normally work the other way around, ie the host tells the DHCP server what its name is. If the windows DHCP doesn't ask for the hostname, but still honours it whne sent, then --dhcp-option-force is your friend. Fot clarification, are the host name already exists messages from Windows, or dnsmasq? Cheers, Simon.
Re: [Dnsmasq-discuss] Config file length / performance question
On Sun, Dec 7, 2008 at 1:46 AM, Simon Kelley si...@thekelleys.org.uk wrote: If windows as requesting option 12, then it will be sent as vm0101, in your example. Are you sure that windows will take the hostname via DHCP? Windows hosts normally work the other way around, ie the host tells the DHCP server what its name is. If the windows DHCP doesn't ask for the hostname, but still honours it whne sent, then --dhcp-option-force is your friend. After some tests, it appears that Windows XP does not honor requests. How rude. ;) I added dhcp-option-force=12,text into the conf file, fired up Wireshark on Backtrack sniffing the traffic, and watched the DHCP ACK. It sent option 12, but Windows didn't care. Fot clarification, are the host name already exists messages from Windows, or dnsmasq? It appears in Windows in the system tray as a yellow exclamation mark. It's not a show stopper at all, but it would be nice to get around this. Does anyone know how to make windows use the option 12 it was sent? Johann
Re: [Dnsmasq-discuss] dhcp-ignore = myTag, #known was not what I thought
Simon Kelley escribió el 06/12/08 19:04: Mariano Absatz wrote: 1) does dhcp-range allow me to match more than one tag? or to match one (or more) and set another one? It allows you to match more than one, but they're combined as AND, so dhcp-range=net:tag1, net:tag2, .. means use that range if tag1 is set AND tag2 is set. If you want to OR them, just repeat the ranger statement dhcp-range=net:tag1, 192.168.0.1, 192.168.0.10 dhcp-range=net:tag2, 192.168.0.1, 192.168.0.10 will use 192.168.0.1-192.168.0.10 of tag1 is set OR tag2 is set. You can match one (or more) tags, as above, and set a tag too dhcp-range=net:tag1, net:tag2, newtag, .. newtag is set when this range is used. There can only be one tag set on a range. 2) when I write: # OUR PCs ## dhcp-host=00:22:33:44:55:01,192.168.1.101,net:tagIKnowYou,mycompany-PC-01 dhcp-host=00:22:33:44:55:02,192.168.1.101,net:tagIKnowYou,mycompany-PC-02 dhcp-host=00:22:33:44:55:03,192.168.1.101,net:tagIKnowYou,mycompany-PC-03 I am *setting* (and not trying to */match/*) the tag tagIKnowYou for these hosts, am I? You're setting it. It's probably worth enumerating all the ways that tags can be set. 1) The name of the interface on which a DHCP request is recived is set as a tag (2.46 and later only) 2) Tags can be set based on a match of circuit-id, subscriber-id and remote-id in an RFC3046 realy agent option. 3) Tags can be set based on the MAC address with --dhcp-mac 4) If a dhcp-host line is used (or an implied one derived from /etc/ethers) then known is set as a tag 5) If the used config line includes net:tag then that is set. 6) For BOOTP requests ONLY, tag bootp is set, and incoming filename field (which isn't strictly an filename in BOOTP) is used as a tag 7) Tags are set based in the vendor class and user class. At this point, if any set tags match a dhcp-ignore tag then the request is discarded. Then a dhcp-range is selected, based on the current tag set, available IP addresses etc. 8) Any tag in the DHCP range line is set. Finally, dhcp-options are added, filtered using the current tag set. Great explanation... I understood everything and re-wrote my configuration accordingly (anyway, I have to wait till Tuesday to test it since I'm remote now and tomorrow is a National Holiday here). I thank you once again for your time and patience. -- Mariano Absatz - El Baby el.b...@gmail.com www.clueless.com.ar -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- bashian roulette: [ $(($RANDOM%6)) -eq 0 ] rm -rf ~ -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- * TagZilla 0.066 * http://tagzilla.mozdev.org