[Dnsmasq-discuss] Problem with multihomed interface]

Simon Kelley simon at thekelleys.org.uk
Fri Dec 30 10:39:28 GMT 2005


> I tried to use this feature now that 2.24 release is out and in gentoo
> portage.
> We had a problem some time ago in the 2.23 version.... Then I used two
> NICs to test and they worked fine. (No bridge)
> Now I have 12 subnetworks on br0 (eth1+eth2).
> If I set the static parameter replacing the upper limit of the
> dhcp-range I get:
> Dec 30 03:01:02 zefir dnsmasq[14099]: DHCPDISCOVER(br0) 02:d0:b7:7e:23:25
> Dec 30 03:01:02 zefir dnsmasq[14099]: DHCPOFFER(br0) 192.168.0.10
> 02:d0:b7:7e:23:25
> Dec 30 03:01:05 zefir dnsmasq[14099]: DHCPREQUEST(br0) 192.168.0.10
> 02:d0:b7:7e:23:25
> Dec 30 03:01:05 zefir dnsmasq[14099]: DHCPNAK(br0) 192.168.0.10
> 02:d0:b7:7e:23:25 wrong network
> If I state a dynamic range, I get:
> Dec 30 03:03:47 zefir dnsmasq[14099]: DHCPDISCOVER(br0) 02:d0:b7:7e:23:25
> Dec 30 03:03:47 zefir dnsmasq[14099]: DHCPOFFER(br0) 192.168.0.10
> 02:d0:b7:7e:23:25
> .... and no response.
> iptables-save -t filter output:
> # Generated by iptables-save v1.3.4 on Fri Dec 30 03:04:39 2005
> *filter
> :INPUT DROP [161:33053]
> :FORWARD DROP [0:0]
> :OUTPUT ACCEPT [221:21231]
> -A INPUT -m state --state RELATED,ESTABLISHED -j ACCEPT
> -A INPUT -i lo -j ACCEPT
> -A INPUT -i br0 -j ACCEPT
> -A INPUT -s 213.157.167.7 -i eth0 -p tcp -m tcp --dport 10000 -j ACCEPT
> -A INPUT -p icmp -m limit --limit 3/sec --limit-burst 1000 -m icmp
> --icmp-type 8 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 20 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 21 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 22 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 80 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 139 -j ACCEPT
> -A INPUT -p tcp -m tcp --dport 443 -j ACCEPT
> in nat I have this for 192.168.0.10
> -A POSTROUTING -s 192.168.0.10 -o eth0 -j SNAT --to-source 82.79.24.73
> and in mangle:
> -A FORWARD -i br0 -o br0 -j MARK --set-mark 0x2
> -A POSTROUTING -m mark --mark 0x2 -j CLASSIFY --set-class 0001:000a
> -A POSTROUTING -s 192.168.0.10 -m mark --mark 0x1 -j CLASSIFY
> --set-class 0001:00ba
> -A POSTROUTING -d 192.168.0.10 -m mark --mark 0x1 -j CLASSIFY
> --set-class 0001:00ba
> -A POSTROUTING -s 192.168.0.10 -j CLASSIFY --set-class 0001:00ca
> -A POSTROUTING -d 192.168.0.10 -j CLASSIFY --set-class 0001:00ca
>
> I don't think the iptables' rules are a problem.
>
> All this problems are common to all the stations in my network.
>
Sorin,

This looks very much like the bug fixed in 2.25test3, available at
http://www.thekelleys.org.uk/dnsmasq-test. Could you try that?

Cheers,

Simon.





More information about the Dnsmasq-discuss mailing list