[Dnsmasq-discuss] Answering DHCPINFORM from other interfaces
sfzhi at yahoo.com
Sun Oct 18 17:02:53 BST 2009
Michael Rack wrote:
> correct. ppp is a point to point interface and can not assigned to a
> But ppp-server have to serve ip-adresses without a dhcp-server?!? you
> have to manage the dynamic ip-adresses by your ppp-server.
The whole point of what I'm trying to do is *not* doing that. I want all IP addresses to be managed in a single place, which is dnsmasq. The reason is that it also provides DNS service. If pppd were assigning IP addresses itself, the DNS server would be unaware of that. Moreover, the auto-configuration possibilities of PPP are inferior compared to DHCP.
> What server is running on your machine?
What kind of server do you mean? If you are asking about the PPP server, it's the classic pppd from http://ppp.samba.org/.
> You use a dhcpc-plugin, this plugin have to relay all broadcast messages
> to dnsmasq. I think the problem is located on your dhcpc-plugin.
The plugin can't relay anything. It seems you misunderstood the purpose of it. The plugin is not involved in the communication with the PPP peers in any way at all. When pppd needs an IP address to assign to a peer it asks the plugin. The plugin performes DHCP negotiation with dnsmasq while the rest of pppd is waiting (completely unaware of that fact). When the plugin gets an IP address it returns it to pppd and the configuration of the PPP link continues. After that the plugin remains idle, since its job has been done. The subsequent DHCPINFORM messages come from the peer via the PPP link, so as far as pppd is concerned, those are just normal traffic.
> Am 17.10.2009 20:18, schrieb Sergei Zhirikov:
>> Michael Rack wrote:
>>> You have to setup a bridge on your linux-router and assign every dynamic
>>> created ppp-interface to that.
>>> brctl addif br0 pppx
>>> Configure DNSMASQ to listen on the bridges interface.
>>> And well, you're done.
>> Thanks for the suggestion, Michael.
>> I have tried it, but unfortunately it doesn't work :(.
>> The command "brctl addif br0 ppp0" fails with "can't add ppp0 to bridge br0: Invalid argument". It looks like point-to-point interfaces can not be added to a bridge (I tried also with a TUN device, just to see if it could be added, and got the same error message).
>> Kind regards,
>>> Am 17.10.2009 14:04, schrieb Sergei Zhirikov:
>>>> I'm using dnsmasq as a DHCP and DNS server on my Linux home gateway, which is also a IPSec/L2TP VPN server. For IP address allocation for the VPN PPP tunnels I use ppp-dhcpc plugin, which pretends to be a DHCP relay and requests IP addresses from dnsmasq. That part works fine.
>>>> However, when the PPP link has been established the VPN client (a Windows PC in my case, but I don't think it's relevant) send DHCPINFORM request to the broadcast address 255.255.255.255. That request reaches the Linux gateway via the PPP link, but dnsmasq does not reply, because it can see that the request is coming from an interface it is not configured to serve.
>>>> I would really like dnsmasq to reply to those DHCPINFORM requests coming in through the PPP links, but I haven't been able to configure dnsmasq for that. I can't tell it to serve the PPP interface, because the interface name is assigned dynamically (thus not known in advance). I can not tell dnsmasq to serve all interfaces with some exceptions either, because then the list of the exceptions would have to contain dynamically assigned names.
>>>> I have tried some tricks with iptables. Tried to use "-j ROUTE --iif ifname" to make the packets appear coming form another interface with a fixed name that dnsmasq is configured to serve, but dnsmasq still does not reply as if it somehow can see the original interface name.
>>>> I have tried to use a pair of VETH interfaces to route the incoming packets to one end of the virtual tunnel so that they would appear to dnsmasq coming out of the other end, but that didn't work, because I didn't manage to get the routing work the way I wanted (perhaps, because I lack necessary knowledge about advanced routing).
>>>> I would appreciate any kind of help with this problem.
>>>> Thank you,
>>>> Kind regards,
>>>> Dnsmasq-discuss mailing list
>>>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
More information about the Dnsmasq-discuss