[Dnsmasq-discuss] dnsmasq host being dhcp server to itself
[WAS: Web hang ups after repeated access to one site - dnsmasq
related?]
Chris G
cl at isbd.net
Thu Feb 19 14:41:44 GMT 2009
On Thu, Feb 19, 2009 at 01:53:46AM +0000, richardvoigt at gmail.com wrote:
> Please keep replies on the list.
>
> On Wed, Feb 18, 2009 at 10:15 AM, Chris Green <chris at isbd.co.uk> wrote:
> > On Wed, Feb 18, 2009 at 01:50:08AM +0000, richardvoigt at gmail.com wrote:
> > [snip]
> >> >
> >> > No other configuration files needed -- on any host -- just let
> >> > everybody use dhcp. Super easy. But will this work?
> >>
> >> No. dnsmasq determines which dhcp-range to use when giving out
> >> addresses from the IP address configured on the interface where the
> >> DHCP-REQUEST packet is received (or the interface address passed along
> >> by a dhcp-relay agent). As you can see this cannot possibly work to
> >> assign addresses to the dnsmasq box. There's no way around this
> >> because in general dnsmasq runs on your gateway which by definition
> >> has multiple interfaces.
> >>
> > While I'm not sure about having a 'server' assign an IP to itself it's
> > surely not true that "in general dnsmasq runs on your gateway which by
> > definition has multiple interfaces" - in fact it's very often *not*
> > true.
>
> I didn't say running on the gateway was an absolute necessity, I said
> it's the general (i.e. usual, common) case. Actually it is probably
> only the common case for configurations using dnsmasq for DHCP.
>
I'm unconvinced! :-)
It would be interesting to know how people here on the list use
dnsmasq, is it on a Linux box that is the router (hence the default
route) for the rest of the LAN or do they have a hardware ADSL
(usually) router that does that.
I'm quite willing to be wrong but I'd be surprised as I would expect a
lot of people come to use dnsmasq the same way as me.
> I'd venture to guess that multiple dhcp-ranges (including dhcp-relay)
> is actually more common that your scenario.
>
> >
> > My situation is fairly typical I would have thought:-
> >
> > 192.168.1.1 - Draytek Vigor 2820n router, statically assigned IP
> > 192.168.1.4 - Linux 'server' running dnsmasq, currently static
> > 192.168.1.xxx - other systems/devices, DHCP from 192.16.1.4
> >
> > The system running dnsmasq (192.168.1.4) has only one interface, on
> > the local subnet, default route is set to 192.168.1.1 and it's *that*
> > which has the multiple interfaces (two more going to the outside world
> > in my case).
> >
> > Surely this is pretty common, a proprietary router which doesn't do
> > DHCP as one wants it to, so put dnsmasq on an always on Linux box on
> > the local LAN.
>
> I think more people use the "always on Linux box" as the router in
> that scenario, since if you want better DHCP than comes in the router
> you probably also want netfilter instead of what firewall comes in the
> router.
>
As I said I'm quite happy to be wrong, but surprised. :-)
> >
> >
> > In my case it's certainly true that there are "No other configuration
> > files needed", I just have /etc/hosts on 192.168.1.4 with the static
> > addresses in it, /etc/resolv.conf with:-
> >
> > nameserver 127.0.0.1
> > nameserver 195.74.113.58
> > nameserver 195.74.113.62
> >
> > ... and a pretty straightforward dsnmasq.conf file.
>
> Yes and now you have the additional problems of how to get dnsmasq to
> know its own host needs an address (broadcast packets usually aren't
> delivered to processes on the sender). Assigning the address directly
> via the kernel interfaces isn't feasible because (a) dnsmasq runs on
> many different OSes (b) dnsmasq drops root privilege that would be
> necessary to make an address assignment and (b2) interfaces can come
> up and down as media events are processed, tunnels are created, etc.
>
> In addition, allowing the IP address of the DHCP server to change is
> extremely bad because it breaks the renewal process.
>
> At some point Simon, the author, is going to wade into this discussion
> with about a dozen more reasons I haven't thought of.
>
I wasn't suggesting that having dnsmasq assign the IP address to the
system it's running on was either sensible or feasible, I certainly
haven't attempted it and can't really see any good reason for doing so.
As it is dnsmasq provides me with an easy to configure system (nearly
everything is done in the 'server' system) and that's what I wanted.
--
Chris Green
More information about the Dnsmasq-discuss
mailing list