Re: [Dnsmasq-discuss] Can one produce a list of IP's assigned by DHCP
For all of my installations, the list of current leases is stored at: /var/lib/misc/dnsmasq.leases Thank You, Justin McAteer On Mon, Dec 20, 2010 at 3:59 PM, Santiago Zarate santi...@zarate.net.ve wrote: if im not mistaken, you can pass a SIGUSR1 signal to the dnsmasq process... it should send what's inside to the log... Check here: http://www.thekelleys.org.uk/dnsmasq/docs/setup.html under Other configuration details: Sending SIGUSR1 (killall -10 dnsmasq) to the dnsmasq process will cause to to write cache usage statisticss to the log, typically /var/log/syslog or /var/log/messages. 2010/12/20 Bernard T. Higonnet bth...@higonnet.net other than by perusing the log? I am trying to research a situation in which it appears (sic) that dnsmasq assigns an address and then when asked if it exists answers it does not. My newbie status means I could have any of this wrong... TIA Bernard Higonnet ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss -- Atentamente Santiago Zarate Consultoria de Software +(58) 416 911 3678 santi...@zarate.net.ve «Dar un nuevo paso, articular una nueva palabra, es lo que la gente mas teme.» - Fyodor Mikhaylovich Dostoyevsky ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] File System Access by Dnsmasq
You can find all opened files by dnsmasq using the fd directory in the proc filesystem ls -la /proc/pid/fd or by using the command lsof Thanks, Justin McAteer On Sat, Aug 7, 2010 at 2:40 AM, Robert Pollai rap.nosp...@gmx.net wrote: Hi, I am running dnsmasq on a NAS from Synology. The NAS puts its disks into standby if they are not needed and I want to move all files accessed by dnsmasq to a USB flash drive, so that dnsmasq won’t wake up the disks. So far I have done that for the log file and lease file by adding the following two lines to the configuration file: dhcp-leasefile=/volumeUSB1/dnsmasq/dnsmasq.lease log-facility=/volumeUSB1/dnsmasq/dnsmasq.log But still the disks seem to wake up when I switch one a device that fetches an IP via DHCP. Are there any other files that dnsmasq accesses, directly or through the operating system? Is the configuration file accessed regularly or only on startup? Thanks for your support, regards, Robert ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] TTL override for clients?
Fredrik I am interested in this and have a few questions. Is this being used with web browsers, or other DNS clients? I have heard that there is usually caching by Windows and also by the browser which may or may not pay attention to the TTL information they are given. If you are using this with web browsers, which versions. Also, have you had to make any changes related to the client OS or client browser configuration to support your custom TTL values? Thank You, Justin McAteer On Thu, May 6, 2010 at 3:15 AM, Fredrik Ringertz fredrik_ringe...@livewire-connections.com wrote: Hi Simon, Yes you are right, I did not think of that :) Thank you very much for your help on this! Best Regards Fredrik -Original Message- From: Simon Kelley [mailto:si...@thekelleys.org.uk] Sent: 05 May 2010 21:50 To: Fredrik Ringertz Cc: dnsmasq-discuss@lists.thekelleys.org.uk Subject: Re: [Dnsmasq-discuss] TTL override for clients? Fredrik Ringertz wrote: Hi Simon, Thanks again for all your help! I believe my patch seems to be working fine now after some more testing. I have attached it here in case anyone else would be interested in it. It will add a new configurable option (can be set in both command line or dnsmasq.conf) called max-ttl. The TTL (in seconds) specified after it will be a maximum ttl which will be handed out to a client. For example, if max-ttl is set to 150 and a client looks up google.com which has a TTL of 300, then dnsmasq will add google.com to its cache with a TTL of 300 still, however it will tell its clients that the TTL is 150. If the returned TTL for google.com happened to be 60, then 60 would be given to the clients since it is lower then the configured max-ttl value. This is handy if for example like me you want your clients to have a low ttl to avoid longer caching, but you don't want to override the actual TTL value (to avoid flooding the upstream DNS servers). Any feedback on the patch is highly appreciated as I am going to apply it in a working environment soon and my C++ knowledge is basic at best :) I haven't been able to add the max-ttl option to the French and Spanish man page but otherwise I think it is all in there :) That looks great. The only problem I can see is that you don't take into account that --max-ttl may not be supplied, in which can daemon-max_ttl will be zero and nothing should be done. For your deployment it's fine. I've folded the patch into http://www.thekelleys.org.uk/dnsmasq/test-releases/dnsmasq-2.53test20.tar.gz and fixed the no --max-ttl issue there. Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
[Dnsmasq-discuss] DHCP Query Rate Limiting
Simon, et al, I have a device with a DHCP client that will occasionally go insane. I have and will continue to work with the vendor, but that is another discussion altogether. What happens in the particular scenario I am addressing here is that the DHCP client begins sending DHCP Discover messages as fast as is possiblefor the device (to the tune of about 40 per second). DNSMasq seems to be behaving correctly, it is responding with a DHCP Offer to each query. However, I have dchp-logging enabled (and I'd like to keep it that way), and I have a fair number of options going out to this type of client. The symptom is that DNSMasq is flooding the system log, which seems to have buffering disabled because kjournald CPU usage is going up to about 50% and wait is going up to about 20%, so the system basically becomes useless. I wonder if it wouldn't make sense to have some kind of rate limiting option in DNSMasq to help mitigate this type of problem? It seems to me that this could be a potential avenue for a denial of service attack. As a side note, I believe this is a problem with the client dealing with the 'infinite' lease times that we are using. I haven't exactly pinpointed a repeatable scenario, but I am working on it; when I do I will file another bug report with the device vendor. Thanks, Justin McAteer
Re: [Dnsmasq-discuss] DHCP Query Rate Limiting
Thanks, I will try the 'log-async' option. Hopefully this will help mitigate the problem. Thanks, Justin On Wed, Apr 28, 2010 at 10:23 AM, Simon Kelley si...@thekelleys.org.uk wrote: Justin McAteer wrote: Simon, et al, I have a device with a DHCP client that will occasionally go insane. I have and will continue to work with the vendor, but that is another discussion altogether. What happens in the particular scenario I am addressing here is that the DHCP client begins sending DHCP Discover messages as fast as is possiblefor the device (to the tune of about 40 per second). DNSMasq seems to be behaving correctly, it is responding with a DHCP Offer to each query. However, I have dchp-logging enabled (and I'd like to keep it that way), and I have a fair number of options going out to this type of client. The symptom is that DNSMasq is flooding the system log, which seems to have buffering disabled because kjournald CPU usage is going up to about 50% and wait is going up to about 20%, so the system basically becomes useless. I wonder if it wouldn't make sense to have some kind of rate limiting option in DNSMasq to help mitigate this type of problem? It seems to me that this could be a potential avenue for a denial of service attack. Without logging, I think dnsmasq is already as hard as it could be against this sort of attack: The DISCOVER-OFFER transaction doesn't allocate any memory or other resources, so extra code to detect a flood would only be able to inhibit sending the DISCOVER packet, which probably costs less than flood-detection. This problem occurred some time ago and revealed a problem with the way dnsmasq does ping-checks on the allocated addresses. That process is now rate-limited for exactly this reason. Have you tried setting log-async in /etc/dnsmasq.conf? That should effectively rate-limit dnsmasq's logging and may provide a complete solution. As a side note, I believe this is a problem with the client dealing with the 'infinite' lease times that we are using. I haven't exactly pinpointed a repeatable scenario, but I am working on it; when I do I will file another bug report with the device vendor. The client is broken, no doubt. Cheers, Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq service script mssing on RHEL 5.2
Kurt, I believe I may have run into your problem before as well. However, now we are installing from source and we are using the following command to install the SysV Init script: cp contrib/init.d/rc.redhat.dnsmasq /etc/init.d/dnsmasq Where the 'contrib' directory is part of the DNSMasq source tree. Also you would need to setup the service to be started on the correct runlevels with the command: chkconfig dnsmasq on Even if you are not installing from source, you should be able to copy this file from the source control server and install it just the same. Thanks, Justin On Wed, Apr 14, 2010 at 10:05 AM, Kurt Simons indy...@yahoo.com wrote: Hi, I installed dnsmasq on RHEL5.2 and it appeared to install fine and runs fine if I execute dnsmasq manually, however, no script was installed in /etc/rc.d/init.d (or /etc/init.d) to start dnsmasq upon server reboot. Any ideas? ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq service script mssing on RHEL 5.2
Kurt, My mistake. It appears that the init script we are using is not part of the standard repository, but something we have added locally. As I recall, I found this in an RPM package of DNSMasq. In any case, this script very small, reliable and LSB compliant. I am using this script with Pacemaker (think next generation Heartbeat) and it passed all of the LSB compliance requirements with flying colors. I have been very happy with this Init script. Thanks, Justin On Wed, Apr 14, 2010 at 11:39 AM, Justin McAteer justin.mcat...@gmail.comwrote: Kurt, I believe I may have run into your problem before as well. However, now we are installing from source and we are using the following command to install the SysV Init script: cp contrib/init.d/rc.redhat.dnsmasq /etc/init.d/dnsmasq Where the 'contrib' directory is part of the DNSMasq source tree. Also you would need to setup the service to be started on the correct runlevels with the command: chkconfig dnsmasq on Even if you are not installing from source, you should be able to copy this file from the source control server and install it just the same. Thanks, Justin On Wed, Apr 14, 2010 at 10:05 AM, Kurt Simons indy...@yahoo.com wrote: Hi, I installed dnsmasq on RHEL5.2 and it appeared to install fine and runs fine if I execute dnsmasq manually, however, no script was installed in /etc/rc.d/init.d (or /etc/init.d) to start dnsmasq upon server reboot. Any ideas? ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dnsmasq service script mssing on RHEL 5.2
Forgot the attachment. Thanks, Justin On Wed, Apr 14, 2010 at 1:05 PM, Justin McAteer justin.mcat...@gmail.comwrote: Kurt, My mistake. It appears that the init script we are using is not part of the standard repository, but something we have added locally. As I recall, I found this in an RPM package of DNSMasq. In any case, this script very small, reliable and LSB compliant. I am using this script with Pacemaker (think next generation Heartbeat) and it passed all of the LSB compliance requirements with flying colors. I have been very happy with this Init script. Thanks, Justin On Wed, Apr 14, 2010 at 11:39 AM, Justin McAteer justin.mcat...@gmail.com wrote: Kurt, I believe I may have run into your problem before as well. However, now we are installing from source and we are using the following command to install the SysV Init script: cp contrib/init.d/rc.redhat.dnsmasq /etc/init.d/dnsmasq Where the 'contrib' directory is part of the DNSMasq source tree. Also you would need to setup the service to be started on the correct runlevels with the command: chkconfig dnsmasq on Even if you are not installing from source, you should be able to copy this file from the source control server and install it just the same. Thanks, Justin On Wed, Apr 14, 2010 at 10:05 AM, Kurt Simons indy...@yahoo.com wrote: Hi, I installed dnsmasq on RHEL5.2 and it appeared to install fine and runs fine if I execute dnsmasq manually, however, no script was installed in /etc/rc.d/init.d (or /etc/init.d) to start dnsmasq upon server reboot. Any ideas? ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss rc.redhat.dnsmasq Description: Binary data
Re: [Dnsmasq-discuss] dhcp-option 120, sip server, how?
HS, The phone will have to request option 120 from the server or DNSMasq will not send the option. Alternatively, you may use dhcp-option-force to have the server send the option whether the client requests it or not. Thank You, Justin McAteer On Fri, Nov 6, 2009 at 7:40 PM, H. S. hs.sa...@gmail.com wrote: On Fri, Nov 6, 2009 at 8:30 PM, H. S. hs.sa...@gmail.com wrote: On Sun, Nov 1, 2009 at 4:41 PM, Simon Kelley si...@thekelleys.org.uk wrote: Current version of dnsmasq know about the peculiar format of option 120, so you can just do: dhcp-option=120,192.168.5.1 dnsmasq had no problem with this. Yet to try with the Nokia phone. Despite giving that option in dnsmasq and restarting it, the phone still did not grab a DHCP offer :( ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] dhcp-option 120, sip server, how?
I believe many clients also support the setting of more than one SIP server. I seem to recall testing this and having it work, but that's been a while back. Thank You, Justin McAteer On Sun, Nov 1, 2009 at 1:41 PM, Simon Kelley si...@thekelleys.org.uk wrote: H.S. wrote: Hello, How do I specify dhcp-option 120 (for sip server) in my dnsmasq conf file? I have tried: dhcp-option: dhcp-option=120,1,192.168.5.1 but after searching the web have not verified if this is the correct method (there are reports of specifying it in hex as well). Suggestions, please? Thanks. Current version of dnsmasq know about the peculiar format of option 120, so you can just do: dhcp-option=120,192.168.5.1 or taking advantage of the fact that dnsmasq now knows the names of most options dhcp-option=option:sip,192.168.5.1 finally, the name version of the SIP option is supported too: dhcp-option=option:sip,sipserver.mydomain.com HTH Simon. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Re: [Dnsmasq-discuss] patch proposal: getent support for ethers
Gents, We are wanting to do some database integration with dnsmasq here as well. I saw there was a patch that provided MySQL support for 2.20, but it has not been maintained. Also, there was another patch mentioned elsewhere (I believe against a newer version), but it is not available. I have considered doing some type of FIFO with the text files and a script as well, but I am afraid that type of solution may be too fragile for my deployment environment. Does anyone have any insight into what the issues with the previous MySQL patch was, or if there are any good shortcuts to getting basic database integration into dnsmasq? Cheers, Justin McAteer On Thu, Jun 25, 2009 at 7:10 PM, richardvo...@gmail.comrichardvo...@gmail.com wrote: Many people have asked for a DHCP server with LDAP support, but nobody make that happen (at least, not with dynamic updates). I've implemented dynamic update of static IP assignments from an SQL server with no changes needed to the dnsmasq code. While your method should work, it definitely won't be efficient. Since DHCP is a polling protocol, requests have to be more frequent than updates almost by definition (the lease-time must be set short in case of dynamic updates, or the client won't see the new settings). I accomplished this by making /etc/ethers a pipe connected to a perl script which reads all assignments from the database. Happily I am using postgresql which allows clients to be notified of table updates, so I have another perl script which waits for an update and signals the dnsmasq process to re-read /etc/ethers. I think you could set up something similar for your environment. I guess if the number of assignments in the database is far larger than the number of simultaneously connected clients then querying the database per-request might be better than transferring the entire database after each change. I don't know if the dbus interface would allow updating individual assignments. ___ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss