[Dnsmasq-discuss] Re: DCHP server not assign IP addresses

Troy Piggins troy at piggo.com
Tue Nov 18 03:05:13 GMT 2008


* Rune Kock wrote :
>* Troy Piggins wrote:
> 
>> My dnsmasq 2.41 doesn't seem to be assigning DHCP IP addresses.
>> Been running the server for some time, but mainly for the DNS
>> side of things.  The IP addresses for most machines on my network
>> are static, so hasn't been a problem.  But I'm trying to connect
>> to a NAS (WD My Book World Edition) which I believe needs a DHCP
>> server to get an IP address, and I can't interface with it to set
>> it up without one.
>>
>> [...]
>>
>> Any ideas?
> 
> 1) Check dnsmasq's entries in syslog: does it show any DHCP activity?

Changed some of the settings[1] in dnsmasq.conf and restarted it.
This was the activity from syslog:

Nov 18 12:50:27 netserv dnsmasq[20468]: reading /var/run/dnsmasq/resolv.conf
Nov 18 12:50:27 netserv dnsmasq[20468]: using nameserver 61.9.211.33#53
Nov 18 12:50:27 netserv dnsmasq[20468]: using nameserver 61.9.211.1#53
Nov 18 12:50:27 netserv dnsmasq[20468]: exiting on receipt of SIGTERM
Nov 18 12:50:27 netserv dnsmasq[21087]: started, version 2.41 cachesize 150
Nov 18 12:50:27 netserv dnsmasq[21087]: compile time options: IPv6 GNU-getopt no-ISC-leasefile DBus I18N TFTP
Nov 18 12:50:27 netserv dnsmasq[21087]: DHCP, IP range 192.168.0.50 -- 192.168.0.150, lease time 1h
Nov 18 12:50:27 netserv dnsmasq[21087]: reading /var/run/dnsmasq/resolv.conf
Nov 18 12:50:27 netserv dnsmasq[21087]: using nameserver 61.9.211.33#53
Nov 18 12:50:27 netserv dnsmasq[21087]: using nameserver 61.9.211.1#53
Nov 18 12:50:27 netserv dnsmasq[21087]: read /etc/hosts - 27 addresses
Nov 18 12:50:27 netserv dnsmasq[21087]: read /etc/hosts.mvps - 17947 addresses
Nov 18 12:50:28 netserv postfix/master[4697]: reload configuration /etc/postfix
Nov 18 12:50:30 netserv dnsmasq[21087]: reading /var/run/dnsmasq/resolv.conf
Nov 18 12:50:30 netserv dnsmasq[21087]: using nameserver 61.9.211.33#53
Nov 18 12:50:30 netserv dnsmasq[21087]: using nameserver 61.9.211.1#53

Nothing shows up as clients try to get an address.  Nothing.

> 2) Check your firewall settings.  The following is from dnsmasq's FAQ:
> 
>    The first thing to check is the broadcast address set for the
>    ethernet interface. This is normally the adddress on the connected
>    network with all ones in the host part. For instance if the
>    address of the ethernet interface is 192.168.55.7 and the netmask
>    is 255.255.255.0 then the broadcast address should be
>    192.168.55.255. Having a broadcast address which is not on the
>    network to which the interface is connected kills things stone
>    dead.

Not sure where this is set in dnsmasq.conf?  The only things I
have set are shown below[1].  Everything else, I assume, is the
default.  I searched the excellently commented dnsmasq.conf file
for "broadcast", and thought I'd try the "dhcp-authoritative"
command to see if that helped.  It didn't.

The only other thing I could find was:

# Send options to hosts which ask for a DHCP lease.
# See RFC 2132 for details of available options.
# Note that all the common settings, such as netmask and
# broadcast address, DNS server and default route, are given
# sane defaults by dnsmasq. You very likely will not need any
# any dhcp-options. If you use Windows clients and Samba, there
# are some options which are recommended, they are detailed at
# the
# end of this section.
# For reference, the common options are:
# subnet mask - 1
# default router - 3
# DNS server - 6
# broadcast address - 28

But couldn't find what the 28 signified.  Shed any light?

Any other ideas?

>    The second potential problem relates to firewall rules: since the ISC
>    daemon in some configurations bypasses the kernel firewall rules
>    entirely, the ability to run the ISC daemon does not indicate
>    that the current configuration is OK for the dnsmasq daemon.
>    For the dnsmasq daemon to operate it's vital that UDP packets to
>    and from ports 67 and 68 and broadcast packets with source
>    address 0.0.0.0 and destination address 255.255.255.255 are not
>    dropped by iptables/ipchains.

Both ports allow UDP:

$ sudo iptables-save | grep 67
-A udpincoming_packets -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT


[1]  dnsmasq.conf setting stripped back a little:

domain-needed
bogus-priv
strict-order
interface=eth1
no-dhcp-interface=eth0
addn-hosts=/etc/hosts.mvps
expand-hosts
domain=lowstump.local
dhcp-range=192.168.0.50,192.168.0.150
dhcp-authoritative

-- 
Troy Piggins | http://piggo.com/~troy
Peter Anspach's Top 100 Thing's I'd Do If I Ever Became An Evil Overlord:
93. If I decide to hold a double execution of the hero and an underling who
failed or betrayed me, I will see to it that the hero is scheduled to go first.



More information about the Dnsmasq-discuss mailing list