[Dnsmasq-discuss] dnsmasq integration

richardvoigt at gmail.com richardvoigt at gmail.com
Wed Jan 17 04:14:41 GMT 2007


I'm looking to run dnsmasq on a transparent packet filter, and I'd
like to know how to do a couple things not directly described in the
manual page.  I'm willing to modify the code myself if these features
currently aren't available, so I'd appreciate either pointers toward
existing options or else directions to where in the code such a
feature would be implemented.

(1) DHCP reservations from external database.  Can the "--dhcp-script"
program supply these?  Would it be only at startup, or it is possible
to do after each request?  If only at startup, can I send the dnsmasq
process a signal to cause it to re-request the database?

(2) Managing the kernel ARP table to prevent IP spoofing.  I'd like
static entries added to the ARP table for each active DHCP lease.  I
suppose this would also be possible via "--dhcp-script" program.  I
intend to have ebtables filter traffic against these mappings as well
(after permitting dhcp requests of course).

(3) Possibility to immediately expire a lease, if say a MAC address
gets shifted to static addressing, the next DHCP renew should receive
the reserved address.

(4) At some point I'll want a high-availability solution using
heartbeat.  I assume as long as the lease database is stored
externally, then the standby server can start its instance of dnsmasq
after the first fails, which combined with the --leasefile-ro option
would cause the entire lease table to be migrated.  Being unavailable
for a few minutes wouldn't be a problem as long as recovery is
automatic.  Even giving different pools to each server is a definite
option.

Thanks for any guidance you can offer.  I'm supposing that dnsmasq has
no trouble managing several hundred simultaneous leases.



More information about the Dnsmasq-discuss mailing list