[Dnsmasq-discuss] Answering DHCPINFORM from other interfaces

Sergei Zhirikov sfzhi at yahoo.com
Sat Oct 17 19:18:39 BST 2009


Michael Rack wrote:
> You have to setup a bridge on your linux-router and assign every dynamic 
> created ppp-interface to that.
> 
> 	brctl addif br0 pppx
> 
> Configure DNSMASQ to listen on the bridges interface.
> 
> 	interface=br0
> 	bind-interfaces
> 
> And well, you're done.
> 
> Cheers,
> Michael.

Thanks for the suggestion, Michael.

I have tried it, but unfortunately it doesn't work :(.
The command "brctl addif br0 ppp0" fails with "can't add ppp0 to bridge br0: Invalid argument". It looks like point-to-point interfaces can not be added to a bridge (I tried also with a TUN device, just to see if it could be added, and got the same error message).
--
Kind regards,
Sergei.


> Am 17.10.2009 14:04, schrieb Sergei Zhirikov:
>> Hi,
>>
>> I'm using dnsmasq as a DHCP and DNS server on my Linux home gateway, which is also a IPSec/L2TP VPN server. For IP address allocation for the VPN PPP tunnels I use ppp-dhcpc plugin, which pretends to be a DHCP relay and requests IP addresses from dnsmasq. That part works fine.
>>
>> However, when the PPP link has been established the VPN client (a Windows PC in my case, but I don't think it's relevant) send DHCPINFORM request to the broadcast address 255.255.255.255. That request reaches the Linux gateway via the PPP link, but dnsmasq does not reply, because it can see that the request is coming from an interface it is not configured to serve.
>>
>> I would really like dnsmasq to reply to those DHCPINFORM requests coming in through the PPP links, but I haven't been able to configure dnsmasq for that. I can't tell it to serve the PPP interface, because the interface name is assigned dynamically (thus not known in advance). I can not tell dnsmasq to serve all interfaces with some exceptions either, because then the list of the exceptions would have to contain dynamically assigned names.
>>
>> I have tried some tricks with iptables. Tried to use "-j ROUTE --iif ifname" to make the packets appear coming form another interface with a fixed name that dnsmasq is configured to serve, but dnsmasq still does not reply as if it somehow can see the original interface name.
>>
>> I have tried to use a pair of VETH interfaces to route the incoming packets to one end of the virtual tunnel so that they would appear to dnsmasq coming out of the other end, but that didn't work, because I didn't manage to get the routing work the way I wanted (perhaps, because I lack necessary knowledge about advanced routing).
>>
>> I would appreciate any kind of help with this problem.
>>
>> Thank you,
>> Kind regards,
>>
>> Sergei.
>>
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




More information about the Dnsmasq-discuss mailing list