[Dnsmasq-discuss] Re: DCHP server not assign IP addresses
Troy Piggins
troy at piggo.com
Tue Nov 18 03:05:13 GMT 2008
* Rune Kock wrote :
>* Troy Piggins wrote:
>
>> My dnsmasq 2.41 doesn't seem to be assigning DHCP IP addresses.
>> Been running the server for some time, but mainly for the DNS
>> side of things. The IP addresses for most machines on my network
>> are static, so hasn't been a problem. But I'm trying to connect
>> to a NAS (WD My Book World Edition) which I believe needs a DHCP
>> server to get an IP address, and I can't interface with it to set
>> it up without one.
>>
>> [...]
>>
>> Any ideas?
>
> 1) Check dnsmasq's entries in syslog: does it show any DHCP activity?
Changed some of the settings[1] in dnsmasq.conf and restarted it.
This was the activity from syslog:
Nov 18 12:50:27 netserv dnsmasq[20468]: reading /var/run/dnsmasq/resolv.conf
Nov 18 12:50:27 netserv dnsmasq[20468]: using nameserver 61.9.211.33#53
Nov 18 12:50:27 netserv dnsmasq[20468]: using nameserver 61.9.211.1#53
Nov 18 12:50:27 netserv dnsmasq[20468]: exiting on receipt of SIGTERM
Nov 18 12:50:27 netserv dnsmasq[21087]: started, version 2.41 cachesize 150
Nov 18 12:50:27 netserv dnsmasq[21087]: compile time options: IPv6 GNU-getopt no-ISC-leasefile DBus I18N TFTP
Nov 18 12:50:27 netserv dnsmasq[21087]: DHCP, IP range 192.168.0.50 -- 192.168.0.150, lease time 1h
Nov 18 12:50:27 netserv dnsmasq[21087]: reading /var/run/dnsmasq/resolv.conf
Nov 18 12:50:27 netserv dnsmasq[21087]: using nameserver 61.9.211.33#53
Nov 18 12:50:27 netserv dnsmasq[21087]: using nameserver 61.9.211.1#53
Nov 18 12:50:27 netserv dnsmasq[21087]: read /etc/hosts - 27 addresses
Nov 18 12:50:27 netserv dnsmasq[21087]: read /etc/hosts.mvps - 17947 addresses
Nov 18 12:50:28 netserv postfix/master[4697]: reload configuration /etc/postfix
Nov 18 12:50:30 netserv dnsmasq[21087]: reading /var/run/dnsmasq/resolv.conf
Nov 18 12:50:30 netserv dnsmasq[21087]: using nameserver 61.9.211.33#53
Nov 18 12:50:30 netserv dnsmasq[21087]: using nameserver 61.9.211.1#53
Nothing shows up as clients try to get an address. Nothing.
> 2) Check your firewall settings. The following is from dnsmasq's FAQ:
>
> The first thing to check is the broadcast address set for the
> ethernet interface. This is normally the adddress on the connected
> network with all ones in the host part. For instance if the
> address of the ethernet interface is 192.168.55.7 and the netmask
> is 255.255.255.0 then the broadcast address should be
> 192.168.55.255. Having a broadcast address which is not on the
> network to which the interface is connected kills things stone
> dead.
Not sure where this is set in dnsmasq.conf? The only things I
have set are shown below[1]. Everything else, I assume, is the
default. I searched the excellently commented dnsmasq.conf file
for "broadcast", and thought I'd try the "dhcp-authoritative"
command to see if that helped. It didn't.
The only other thing I could find was:
# Send options to hosts which ask for a DHCP lease.
# See RFC 2132 for details of available options.
# Note that all the common settings, such as netmask and
# broadcast address, DNS server and default route, are given
# sane defaults by dnsmasq. You very likely will not need any
# any dhcp-options. If you use Windows clients and Samba, there
# are some options which are recommended, they are detailed at
# the
# end of this section.
# For reference, the common options are:
# subnet mask - 1
# default router - 3
# DNS server - 6
# broadcast address - 28
But couldn't find what the 28 signified. Shed any light?
Any other ideas?
> The second potential problem relates to firewall rules: since the ISC
> daemon in some configurations bypasses the kernel firewall rules
> entirely, the ability to run the ISC daemon does not indicate
> that the current configuration is OK for the dnsmasq daemon.
> For the dnsmasq daemon to operate it's vital that UDP packets to
> and from ports 67 and 68 and broadcast packets with source
> address 0.0.0.0 and destination address 255.255.255.255 are not
> dropped by iptables/ipchains.
Both ports allow UDP:
$ sudo iptables-save | grep 67
-A udpincoming_packets -p udp -m udp --sport 67:68 --dport 67:68 -j ACCEPT
[1] dnsmasq.conf setting stripped back a little:
domain-needed
bogus-priv
strict-order
interface=eth1
no-dhcp-interface=eth0
addn-hosts=/etc/hosts.mvps
expand-hosts
domain=lowstump.local
dhcp-range=192.168.0.50,192.168.0.150
dhcp-authoritative
--
Troy Piggins | http://piggo.com/~troy
Peter Anspach's Top 100 Thing's I'd Do If I Ever Became An Evil Overlord:
93. If I decide to hold a double execution of the hero and an underling who
failed or betrayed me, I will see to it that the hero is scheduled to go first.
More information about the Dnsmasq-discuss
mailing list