[Dnsmasq-discuss] lease timeouts: uses and abuses

Simon Kelley simon at thekelleys.org.uk
Tue Apr 13 21:37:10 BST 2010


Paul Smith wrote:
> Hi all; now that I've been thinking about my dnsmasq implementation
> again I have a question.  I alluded to it in passing in my previous
> thread but I wanted to bring it out for some advice.
> 
> On my system I have a lot of embedded (running from ramdisk) blades.
> They do not have a DHCP client daemon, so they never send RENEW packets.
> And, they live a long time (hopefully!) between reboots.
> 
> Suppose I had run out of available leases and, because no RENEW requests
> are being sent, all my leases had been marked as expired even though
> they're still used.
> 
> Now if a new MAC does a DHCPDISCOVER, would dnsmasq simply hand out the
> first expired lease it finds, or does it look through expired leases to
> determine if they're still active (via ping I suppose) and try to hand
> out an unused lease, regardless of RENEW? 

A lease is either not-expired or non-existent. Once a lease gets to the
end of the leased time, it evaporates and it is as if it has never been:
the address becomes available for allocation via the mechanism which
we've discussed previously.

> I see in the RFC that a ping
> is a SHOULD requirement... does dnsmasq implement this?

Dnsmasq does implement this, so if there's a client still using an
address even after the lease has expired dnsmasq will notice that and
avoid the address, provided that client replies to the ping.
> 
> How does dnsmasq choose between expired leases?  Is it random?  Or is
> the list ordered on when that MAC was last heard from, for example?
> Seems unlikely but I thought I'd ask.
> 

See above, leases go when they expire and the addresses thus freed are
allocated in the same way is virgin addresses.

> Currently I've been assuming that because I didn't RENEW, my lease might
> be taken, and so to counteract that I've been setting my lease time to
> "infinite".
> 
> But, I foresee problems here, too.  If I have infinite lease timeouts
> and I run out of leases, will they ever be reassigned?  It seems like in
> this case I just get an error saying that I'm out of leases and no new
> leases can be assigned; in this case I'd need to have some way of
> cleaning out the leases database of "old" stuff... but that's not so
> easy (especially in light of the MAC hashing problem we've been
> discussing, which makes simply deleting the leases database
> problematic).
> 
> 
> Anyone have any thoughts about a "best practice" implementation of this
> sort of thing?  I'd really like to find something that "just works",
> even if lots of blades are replaced eventually, causing cruft buildup in
> the leases database, which might eventually cause me to reach the
> maximum leases assignable.

How many addresses do you have to play with? If you use NAT routing and
the class-A RFC1918 range (10.x.x.x) you will have 2^24 addresses to go
at. That's effectively infinite, so you can use infinite-length leases
and never run out.

Don't forget that there's an explicit limit in dnsmasq on the number of
leases, independent of the available IP addresses. You have to increase
this by setting dhcp-lease-max. On a real server (rather than, say a
linksys router) you can make this a big number without problem.


Cheers,

Simon.

> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 




More information about the Dnsmasq-discuss mailing list