Re: [Dnsmasq-discuss] illegal domain in dhcp-config directive
On Mon, Aug 04, 2008 at 04:16:41PM +0100, Simon Kelley wrote: > Jason Dixon wrote: >> >> I tried various changes to our configuration but couldn't find a working >> set. I'm including a subset of our configuration here so you can see >> what might be causing the issue. The only bits I've left out include >> redundant information (e.g. dhcp-host). Just to reiterate, this works >> under 2.34 but is broken under 2.45. >> >> >> # cat /etc/dnsmasq.conf | grep -v '^$' | grep -v '^\#' >> filterwin2k >> local=/lab.foobar.com/wifi.foobar.com/ >> interface=eth0 >> expand-hosts >> dhcp-option=3,172.16.0.1 >> dhcp-option=42,0.0.0.0 >> conf-file=/etc/dnsmasq.lab.conf >> conf-file=/etc/dnsmasq.wifi.conf >> >> # cat /etc/dnsmasq.lab.conf | grep -v '^$' | grep -v '^\#' >> dhcp-range=lab,172.16.0.10,172.16.0.81,12h >> dhcp-option=lab,15,lab.foobar.com >> dhcp-host=00:0e:0c:bc:17:70,lab01.lab.foobar.com,172.16.0.10 >> dhcp-host=00:0c:29:ff:96:a7,solaris.lab.foobar.com,172.16.0.6 >> dhcp-host=00:0c:29:ff:96:xx,windows.lab.foobar.com,172.16.0.7 >> dhcp-host=00:0c:29:db:8a:b3,centos.lab.foobar.com,172.16.0.5 >> dhcp-host=00:0c:29:3c:58:01,centos-4.4-01.lab.foobar.com,172.16.0.82 >> >> # cat /etc/dnsmasq.wifi.conf | grep -v '^$' | grep -v '^\#' >> dhcp-range=wifi,172.16.0.200,172.16.0.250,3d >> dhcp-option=wifi,15,wifi.foobar.com > > Are the names in your dhcp-host entries _all_ ".lab.foobar.com"? > If so, the simply adding > > domain=lab.foobar.com > > will fix things. I imagine that under 2.34 you will have seen lots of > complaints logged about this, 2.45 has turned soft errors into hard ones. > > If there are names in more than one domain, the problem in more > complicated to fix: you may need to try the new "multi-domain" code. Yes, adding the "domain=lab.foobar.com" and changing the last section of dhcp-host's to remove the unwanted extra subdomain ".4-0." fixes the error. Thanks for your help! -- Jason Dixon OmniTI Computer Consulting, Inc. jdi...@omniti.com 443.325.1357 x.241
Re: [Dnsmasq-discuss] illegal domain in dhcp-config directive
On Tue, Jul 29, 2008 at 07:40:52AM -0400, Jason Dixon wrote: > On Tue, Jul 29, 2008 at 07:48:32AM +0100, Simon Kelley wrote: > > Jason Dixon wrote: > >> Thanks to the recent vulnerability, I'm upgrading an older dnsmasq > >> system from version 2.34 to 2.45. I've installed it and attempted to > >> run it, but I get the following error. > >> > >> dnsmasq: illegal domain 04-06.lab.foobar.com in dhcp-config directive. > >> > >> The same configuration works fine with 2.34, so I presume something has > >> changed in the configuration syntax or default settings. I haven't > >> found anything on Google or in the FAQ about this error, nor do I see > >> any "dhcp-config" directives in our config files or the sample config. > >> Here is the relevant line from our config: > >> > >> dhcp-host=00:0c:29:02:1f:06,ubuntu-8.04-06.lab.foobar.com,172.16.0.105 > >> > >> It doesn't appear to be anything specifically with that line. We have a > >> couple hundred of these loaded by dnsmasq. If I comment out that one, > >> the next preceding one will error. I'm not experienced with dnsmasq, so > >> I'm putting myself at the mercy of this list. Any help will be greatly > >> appreciated. :) > > > > As far as I can see, this error can only be occuring because the domain > > part of the name your applying to that host doesn't match the domain > > specified for dnsmasq to use by the domain= config option. > > > > AFAIK dnsmasq has never allowed you to send a FQDN to a host unless it > > matches the domain setting (this is to avoid hosts impersonating, eg > > www.microsoft.com) but the check in this case has been moved from > > run-time, where it will log an error, to a fatal error at start-up > > > > The fix may be as simple as adding > > > > domain=04-06.lab.foobar.com > > > > (and you can remove the domain parts from all the dhcp-host lines as > > well, if you wish. If they stay, they must match the domain given) > > We have mixed domains in our configuration. I see the following line in > the main dnsmasq.conf, which would account for most of the dhcp-host > entries: > > local=/lab.foobar.com/wifi.foobar.com/ > > I see no domain directives anywhere. I suspect that adding > 04-06.lab.foobar.com to the local directive might be sufficient, but I'm > just guessing. And yes, this configuration works fine with > dnsmasq-2.34. I tried various changes to our configuration but couldn't find a working set. I'm including a subset of our configuration here so you can see what might be causing the issue. The only bits I've left out include redundant information (e.g. dhcp-host). Just to reiterate, this works under 2.34 but is broken under 2.45. # cat /etc/dnsmasq.conf | grep -v '^$' | grep -v '^\#' filterwin2k local=/lab.foobar.com/wifi.foobar.com/ interface=eth0 expand-hosts dhcp-option=3,172.16.0.1 dhcp-option=42,0.0.0.0 conf-file=/etc/dnsmasq.lab.conf conf-file=/etc/dnsmasq.wifi.conf # cat /etc/dnsmasq.lab.conf | grep -v '^$' | grep -v '^\#' dhcp-range=lab,172.16.0.10,172.16.0.81,12h dhcp-option=lab,15,lab.foobar.com dhcp-host=00:0e:0c:bc:17:70,lab01.lab.foobar.com,172.16.0.10 dhcp-host=00:0c:29:ff:96:a7,solaris.lab.foobar.com,172.16.0.6 dhcp-host=00:0c:29:ff:96:xx,windows.lab.foobar.com,172.16.0.7 dhcp-host=00:0c:29:db:8a:b3,centos.lab.foobar.com,172.16.0.5 dhcp-host=00:0c:29:3c:58:01,centos-4.4-01.lab.foobar.com,172.16.0.82 # cat /etc/dnsmasq.wifi.conf | grep -v '^$' | grep -v '^\#' dhcp-range=wifi,172.16.0.200,172.16.0.250,3d dhcp-option=wifi,15,wifi.foobar.com Thanks, -- Jason Dixon OmniTI Computer Consulting, Inc. jdi...@omniti.com 443.325.1357 x.241
Re: [Dnsmasq-discuss] illegal domain in dhcp-config directive
On Tue, Jul 29, 2008 at 07:48:32AM +0100, Simon Kelley wrote: > Jason Dixon wrote: >> Thanks to the recent vulnerability, I'm upgrading an older dnsmasq >> system from version 2.34 to 2.45. I've installed it and attempted to >> run it, but I get the following error. >> >> dnsmasq: illegal domain 04-06.lab.foobar.com in dhcp-config directive. >> >> The same configuration works fine with 2.34, so I presume something has >> changed in the configuration syntax or default settings. I haven't >> found anything on Google or in the FAQ about this error, nor do I see >> any "dhcp-config" directives in our config files or the sample config. >> Here is the relevant line from our config: >> >> dhcp-host=00:0c:29:02:1f:06,ubuntu-8.04-06.lab.foobar.com,172.16.117.105 >> >> It doesn't appear to be anything specifically with that line. We have a >> couple hundred of these loaded by dnsmasq. If I comment out that one, >> the next preceding one will error. I'm not experienced with dnsmasq, so >> I'm putting myself at the mercy of this list. Any help will be greatly >> appreciated. :) >> >> Thanks, >> > > As far as I can see, this error can only be occuring because the domain > part of the name your applying to that host doesn't match the domain > specified for dnsmasq to use by the domain= config option. > > AFAIK dnsmasq has never allowed you to send a FQDN to a host unless it > matches the domain setting (this is to avoid hosts impersonating, eg > www.microsoft.com) but the check in this case has been moved from > run-time, where it will log an error, to a fatal error at start-up > > The fix may be as simple as adding > > domain=04-06.lab.foobar.com > > (and you can remove the domain parts from all the dhcp-host lines as > well, if you wish. If they stay, they must match the domain given) We have mixed domains in our configuration. I see the following line in the main dnsmasq.conf, which would account for most of the dhcp-host entries: local=/lab.foobar.com/wifi.foobar.com/ I see no domain directives anywhere. I suspect that adding 04-06.lab.foobar.com to the local directive might be sufficient, but I'm just guessing. And yes, this configuration works fine with dnsmasq-2.34. -- Jason Dixon OmniTI Computer Consulting, Inc. jdi...@omniti.com 443.325.1357 x.241
[Dnsmasq-discuss] illegal domain in dhcp-config directive
Thanks to the recent vulnerability, I'm upgrading an older dnsmasq system from version 2.34 to 2.45. I've installed it and attempted to run it, but I get the following error. dnsmasq: illegal domain 04-06.lab.foobar.com in dhcp-config directive. The same configuration works fine with 2.34, so I presume something has changed in the configuration syntax or default settings. I haven't found anything on Google or in the FAQ about this error, nor do I see any "dhcp-config" directives in our config files or the sample config. Here is the relevant line from our config: dhcp-host=00:0c:29:02:1f:06,ubuntu-8.04-06.lab.foobar.com,172.16.117.105 It doesn't appear to be anything specifically with that line. We have a couple hundred of these loaded by dnsmasq. If I comment out that one, the next preceding one will error. I'm not experienced with dnsmasq, so I'm putting myself at the mercy of this list. Any help will be greatly appreciated. :) Thanks, -- Jason Dixon OmniTI Computer Consulting, Inc. jdi...@omniti.com 443.325.1357 x.241
[Dnsmasq-discuss] illegal domain in dhcp-config directive
Thanks to the recent vulnerability, I'm upgrading an older dnsmasq system from version 2.34 to 2.45. I've installed it and attempted to run it, but I get the following error. dnsmasq: illegal domain 04-06.lab.foobar.com in dhcp-config directive. The same configuration works fine with 2.34, so I presume something has changed in the configuration syntax or default settings. I haven't found anything on Google or in the FAQ about this error, nor do I see any "dhcp-config" directives in our config files or the sample config. Here is the relevant line from our config: dhcp-host=00:0c:29:02:1f:06,ubuntu-8.04-06.lab.foobar.com,172.16.117.105 It doesn't appear to be anything specifically with that line. We have a couple hundred of these loaded by dnsmasq. If I comment out that one, the next preceding one will error. I'm not experienced with dnsmasq, so I'm putting myself at the mercy of this list. Any help will be greatly appreciated. :) Thanks, -- Jason Dixon OmniTI Computer Consulting, Inc. jdi...@omniti.com 443.325.1357 x.241
