Re: [Dnsmasq-discuss] IPv6 dhcp-range and static addresses
I did eventually figure it all out. dhcp-range=::0,::,constructor:br0,12h Works on everything dhcp-range=::1000,::,constructor:br0,12h Works as well, even if one of the IPs don't fall in the range, as we have the constructor to the prefixes (this was my mistake) If we don't have the constructor then we need to specify a full IP address, if we don't want this, we can do the constructor argument. fd00::1/64 on an interface needs dhcp-range=fd00::1000, fd00::,12h I also found out that dhcp-allocate ensures that there isn't a dhcp-host sitting on that IP address. Thank you! -Kristof -- Kristof Mattei ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] pxe-service line for UEFI system?
On Mon, 20 Jan 2020 at 21:38, Geert Stappers wrote: > > On Sun, Jan 19, 2020 at 10:40:28PM +0100, Michal Zatloukal wrote: > > On Sun, 19 Jan 2020 at 21:45, Geert Stappers wrote: > > > On Sun, Jan 19, 2020 at 08:33:54PM +0100, P W wrote: > > > > On Sun, Jan 19, 2020 at 07:30:44PM +0100, Michal Zatloukal wrote: > > > > > On Wed, 8 Jan 2020 at 00:16, Michal Zatloukal wrote: > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > > Patches welcome > > > > > > > > > > Longer version: > > > * Seen the postings > > > * Seen that something needs some extra configuration > > > * What is expected from the dnsmasq project is not seen > > > > > > Please do make the extra mile > > > and express how dnsmasq could be better. > > > > > > > What is expected of dnsmasq - a DHCP offer with either a populated > > menu, or a populated boot-filename option. As mentioned in the OP, > > currently dnsmasq provides broken menu (no items present) and empty > > boot-filename, unless another "phantom" boot option is also defined > > (in which case it provides the populated menu). > > > > I looked over the dnsmasq docs again and noticed this bit in pxe-prompt: > > } If --pxe-prompt is omitted the system will wait for user input if > > } there are multiple items in the menu, but boot immediately if there > > } is only one. > > As I understand it, if pxe-prompt is defined in the config, the > > services should be sent regardless of their count. So that's a bug, > > unless... > > I also looked at the changelog and found this in the 2.76 release: > > > > > Workaround problems with UEFI PXE clients. There exist > > > in the wild PXE clients which have problems with PXE > > > boot menus. To work around this, when there's a single > > > --pxe-service which applies to client, then that target > > > will be booted directly, rather then sending a > > > single-item boot menu. > > > > It seems like these 2 parts of the code are interacting incorrectly. > > 1) the pxe-service exit item is ignored, that's why the phantom option is > > needed > > 2) if pxe-prompt is explicitly defined, what _is_ supposed to happen > > for UEFI clients? > > TBH, I don't see why this UEFI issue even requires a UEFI-specific > > code workaround - shouldn't a config like this [1] avoid the problems, > > no code workaround needed? > > > > MZ > > > > [1] > > dhcp-match=set:efi-x86_64,option:client-arch,7 > > dhcp-match=set:efi-x86_64,option:client-arch,9 > > pxe-prompt=tag:!efi-x86_64,"dnsmasq PXE menu" > > pxe-service=7,... > > pxe-service=9,... > > > Seen it. I still don't understand the OP problem. The OP was asking if their configuration of pxe-prompt/pxe-service options was correct, as the UEFI client was neither booting nor showing the menu from the provided DHCPOFFER. A packet capture revealed the problem - missing PXE menu items in the provided DHCPOFFER. (DHCP option 43, suboption 9). > For some reason I do feel my wish to improve dnsmasq > is getting in the way. I'm gonna spend my energy elsewhere. > > Advise to Original Poster: Make your problem reproducable. I'm not sure I understand - are you saying your UEFI client gets a DHCPOFFER with a valid PXE boot menu when you configure the following [1]? [1] pxe-prompt="dnsmasq menu" pxe-service=7, "Boot UEFI CSA 7", efi64/syslinux.efi pxe-service=7, "Exit menu" > The idea of it is getting a "shared problem". And from > a shared problem to get to a shared solution. A shared problem: Make UEFI PXE client display 2 boot options - one for an existing boot image, and one to exit PXE (boot from disk, etc.). > Groeten > Geert Stappers > -- > Leven en laten leven > ___ > Dnsmasq-discuss mailing list > Dnsmasq-discuss@lists.thekelleys.org.uk > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss MZ ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] [PATCH] DHCPv6 - List or Range reservation for single host
On 16/01/2020 18:09, Harald Jensås wrote:
> Hi,
>
> Changing the topic and dropping the history as this is a full re-write
> of the patch based on the previous feedback and discussion. Instead of
> multiple dhcp-host entries, a single dhcp-host entry can be defined
> with either a list: or range: of addresses, this should eliminate the
> issue with ordering of entries in the configuration file.
>
>
I have an alternative suggestion for the syntax of dhcp-host.
It's less flexible, but simpler and easier to understand and to explain,
and uses existing semantics rather than adding new keywords.
The idea is just to add a prefix-length to the address. That allows you
to define (eg) 1,2,4,8, or 16 addresses for use by a host simply and
easily in a way which makes it difficult to accidentally overlap address
ranges, and is fairly obvious to anyone who has done done any IPv6
network configuration.
for instance to reserve four addresses for each host we cold do:
dhcp-host=00:11:22:33:44:55,[fd12:3456::aa00/62]
dhcp-host=00:11:22:33:44:56,[fd12:3456::aa04/62]
dhcp-host=00:11:22:33:44:57,[fd12:3456::aa08/62]
As a sanity check, if the "host part" of the address isn't zero,
ie [fd12:3456::aa01/62]
that could be rejected with an error.
Happy to be shot down in flames, but that seems to be a simple to
implement and to explain way of doing what you want to achieve.
Cheers,
Simon.
>
> --
> Harald
>
>
>
>>From cfd8881d57ba9e0e26c183318f0118a5ca65c705 Mon Sep 17 00:00:00 2001
> From: Harald Jensås
> Date: Mon, 13 Jan 2020 19:44:43 +0100
> Subject: [PATCH] DHCPv6 - List or Range reservation for single host
>
> Add the possibility to provide either a list or a range
> of ipv6 addresses for a dhcp-host reservation. When a
> request matching the clid or mac address is recieved the
> server will iterate over the available addresses until it
> find's one that is not already leased to a different
> clid/iaid and advertise this address.
>
> Using multiple reservations for a single host makes it
> possible to maintain a static leases only configuration
> which support network booting systems with UEFI firmware
> that request a new address (a new SOLICIT with a new IA_NA
> option using a new IAID) for different boot modes, for
> instance 'PXE over IPv6', and 'HTTP-Boot over IPv6'. Open
> Virtual Machine Firmware (OVMF) and most UEFI firmware
> build on the EDK2 code base exhibit this behaviour.
> ---
> man/dnsmasq.8 | 11 +
> src/dnsmasq.h | 13 +-
> src/option.c | 67 ++-
> src/rfc3315.c | 60 +
> 4 files changed, 149 insertions(+), 2 deletions(-)
>
> diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
> index cb5cc73..454fca3 100644
> --- a/man/dnsmasq.8
> +++ b/man/dnsmasq.8
> @@ -1079,6 +1079,17 @@ work reliably if only one of the hardware addresses is
> active at any
> time and there is no way for dnsmasq to enforce this. It is, for instance,
> useful to allocate a stable IP address to a laptop which
> has both wired and wireless interfaces.
> +
> +For DHCPv6 it is possible to provide a list or a range of IPv6 addresses.
> +\fB--dhcp-host=52:54:00:3f:5c:c0,list:[fd12:3456::aa02][fd12:3456::aa04],host1\fP
> +will make the two addresses \fBfd12:3456::aa02\fP and \fBfd12:3456::aa04\fP
> +available to the host with hardware address 52:54:00:3f:5c:c0.
> +\fB--dhcp-host=52:54:00:3f:5c:c0,range:fd12:3456::aa01-fd12:3456::aa63,host1\fP
> +will make the range of addresses between the start address (fd12:3456::aa01)
> and
> +the end address (fd12:3456::aa63) available to the host with hardware address
> +52:54:00:3f:5c:c0. Providing a range or list of addresses is useful for
> network
> +booting where individual boot stages will request addresses with different
> IAID's.
> +
> .TP
> .B --dhcp-hostsfile=
> Read DHCP host information from the specified file. If a directory
> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
> index 7fb440c..a77955b 100644
> --- a/src/dnsmasq.h
> +++ b/src/dnsmasq.h
> @@ -759,14 +759,23 @@ struct hwaddr_config {
>struct hwaddr_config *next;
> };
>
> +#ifdef HAVE_DHCP6
> +struct in6_addr_list {
> + struct in6_addr addr6;
> + struct in6_addr_list *next;
> +};
> +#endif
> +
> struct dhcp_config {
> - unsigned int flags;
> + unsigned long flags;
>int clid_len; /* length of client identifier */
>unsigned char *clid; /* clientid */
>char *hostname, *domain;
>struct dhcp_netid_list *netid;
> #ifdef HAVE_DHCP6
>struct in6_addr addr6;
> + struct in6_addr start6, end6; /* range of addresses */
> + struct in6_addr_list *addr6_list;
> #endif
>struct in_addr addr;
>time_t decline_time;
> @@ -790,6 +799,8 @@ struct dhcp_config {
> #define CONFIG_ADDR6 4096
> #define CONFIG_WILDCARD 8192
> #define CONFIG_ADDR6_HOSTS 16384/* address added by from /etc/hosts */
> +#define CONFIG_ADDR6_RANGE 32768
> +#define
[Dnsmasq-discuss] IPv6 dhcp-range and static addresses
Hello all, With dhcp6c.conf my internal interface gets a GUA/64. This means that in order for dnsmasq to correctly distribute addresses in that range my dhcp-range needs to be as follows: dhcp-range=::0,::,constructor:br0,12h as it can be basically ANY address in between, this is great, as I don't need to know my IPv6 address! Now let's combine that with an ULA that I set on the interface, say fd00:1234:5678:9abc:ef00::/64 That same dhcp-range still works, but now it's starts to get more limited. Ideally I want to distribute starting at ::1000 ending in :: for the ULA. But then I cannot combine my 2 ranges anymore, as I risk that my outside IPV6 address falls out of that range and that dnsmasq stops distributing in that range, because with dhcp-range the range must include the address of the interface. (http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/2013q2/007261.html) So this means that I really need 2 ranges, one my ULA, and one for my GUA. No problem, we can script that. Let's look at how the IPv4 range was done: Gateway: 1, static 2->50, DHCP 51->200. Doing that in IPv6 gives the following range: dhcp-range=fd00:1234:5678:9abc:ef00::1000, fd00:1234:5678:9abc:ef00::,12h as I want to reserve the bottom 1000 address to be static. But this doesn't work because of the above-mentioned dhcp-range issue. I could do the following: 1) Change the ULA address to ::1000, and allocate static IPs below 2) Start at ::0, exclude the static ones with dhcp-host 3) Start at ::0, end at ::1000, allocate static IPs above 4) Add the start ip as a second ip on the interface (dirty) My questions are: 1) am I missing something / is this correct? 2) does dhcp-host ensure that no-one gets that IP except for THAT host? Because dnsmasq calculates IPs based on MAC addresses 3) what are other suggestions combining dhcpv6 and static IPs in the same range? 4) How does FreshTomato do it? They set ::1 on their internal interface (https://bitbucket.org/pedro311/freshtomato-arm/src/94481a556b875ba4ac1aea5a32a0653ac22591c7/release/src-rt-6.x.4708/router/rc/dhcp.c#lines-615) and start their range at ::2, ending in ::: (https://bitbucket.org/pedro311/freshtomato-arm/src/94481a556b875ba4ac1aea5a32a0653ac22591c7/release/src-rt-6.x.4708/router/rc/services.c#lines-510) 5) what does it mean to start your range at ::2 and end in ::: (in case the answer to 4 doesn't cover this) Thanks, -Kristof -- Kristof Mattei ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] SRV record caching
On 14/01/2020 04:17, Abhishek Patti wrote: > Hi > > I see there is a recent (2019-01) patch enabling SRV record caching in > dnsmasq,. However there seems to be no new version which contains this > feature. I wanted to ask how people are working around this problem of > not having SRV caching ? We are currently having major issues since we > use SIP alot. Any help would be appreciated > From my point-of-view, the best solution would be for you to run the current bleeding edge code from git. That at least has all the known problems with the SRV caching code fixed, and it provides testing for the code which we hope to release as a new stable version Real Soon Now. Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] Empty domain causes crash
On 18/01/2020 13:42, Dominik wrote: > Dear list, > > the following config line causes dnsmasq to crash: > >> server=//local.domain/192.168.0.16 > > The attached patch fixes this issue. > > Best regards, > Dominik > Many thanks for that. Patch applied. Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] pxe-service line for UEFI system?
On Sun, Jan 19, 2020 at 10:40:28PM +0100, Michal Zatloukal wrote: > On Sun, 19 Jan 2020 at 21:45, Geert Stappers wrote: > > On Sun, Jan 19, 2020 at 08:33:54PM +0100, P W wrote: > > > On Sun, Jan 19, 2020 at 07:30:44PM +0100, Michal Zatloukal wrote: > > > > On Wed, 8 Jan 2020 at 00:16, Michal Zatloukal wrote: > > > > > > > > > > > > > > > > > > > > > > > > > Patches welcome > > > > > > > Longer version: > > * Seen the postings > > * Seen that something needs some extra configuration > > * What is expected from the dnsmasq project is not seen > > > > Please do make the extra mile > > and express how dnsmasq could be better. > > > > What is expected of dnsmasq - a DHCP offer with either a populated > menu, or a populated boot-filename option. As mentioned in the OP, > currently dnsmasq provides broken menu (no items present) and empty > boot-filename, unless another "phantom" boot option is also defined > (in which case it provides the populated menu). > > I looked over the dnsmasq docs again and noticed this bit in pxe-prompt: > } If --pxe-prompt is omitted the system will wait for user input if > } there are multiple items in the menu, but boot immediately if there > } is only one. > As I understand it, if pxe-prompt is defined in the config, the > services should be sent regardless of their count. So that's a bug, > unless... > I also looked at the changelog and found this in the 2.76 release: > > > Workaround problems with UEFI PXE clients. There exist > > in the wild PXE clients which have problems with PXE > > boot menus. To work around this, when there's a single > > --pxe-service which applies to client, then that target > > will be booted directly, rather then sending a > > single-item boot menu. > > It seems like these 2 parts of the code are interacting incorrectly. > 1) the pxe-service exit item is ignored, that's why the phantom option is > needed > 2) if pxe-prompt is explicitly defined, what _is_ supposed to happen > for UEFI clients? > TBH, I don't see why this UEFI issue even requires a UEFI-specific > code workaround - shouldn't a config like this [1] avoid the problems, > no code workaround needed? > > MZ > > [1] > dhcp-match=set:efi-x86_64,option:client-arch,7 > dhcp-match=set:efi-x86_64,option:client-arch,9 > pxe-prompt=tag:!efi-x86_64,"dnsmasq PXE menu" > pxe-service=7,... > pxe-service=9,... Seen it. I still don't understand the OP problem. For some reason I do feel my wish to improve dnsmasq is getting in the way. I'm gonna spend my energy elsewhere. Advise to Original Poster: Make your problem reproducable. The idea of it is getting a "shared problem". And from a shared problem to get to a shared solution. Groeten Geert Stappers -- Leven en laten leven signature.asc Description: PGP signature ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
