[Dnsmasq-discuss] Dnsmasq-discuss Digest, Vol 88, Issue 5
Michael Rack
michael.rack at rsm-freilassing.de
Wed Sep 5 14:32:37 BST 2012
Hi Dwivedi,
your kernel is not able to find the right interface for packets that
addressed to one of your 172.16.48.0 / 255.255.252.0 hosts!
> 172.16.48.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1
> 172.16.48.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2
Or are the both interfaces eth1 and eth2 connected to the same physical
network?
Same on
> 192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 dummy0
> 192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 utun
If that is not the same physical network, how should your kernel know,
which interface should be used to answer packets or send new packets to?
If that are the same physical network and you like to load balance some
hosts, you have to insert a new route.
So lets say, you split them in half, so you have to insert these routes:
ip route add 172.16.48.0/23 dev eth1
ip route add 172.16.50.0/23 dev eth2
So upstream (traffic from your host to the client) is divided. Any
IP-Packet that is addressed to 172.16.48.5 exists eth1 and IP-Packets
that are addressed to 172.16.50.5 exits via eth2.
To split also the incoming traffic, you should set the defaultgateway
for Network1 to 172.16.48.1 and for Network2 to 172.16.50.1 ... your
interfaces have to be configured likewise. Also DNSMASQ have to carry
out the right DHCP-OFFERS.
Liebe Grüße aus Freilassing,
Michael Rack
RSM Freilassing
--
RSM Freilassing Tel.: +49 8654 607110
Nocksteinstr. 13 Fax.: +49 8654 670438
D-83395 Freilassing www.rsm-freilassing.de
Am 05.09.2012 15:16, schrieb subhranshu dwivedi:
> Hi Helmut,
>
> i had the DMZ on eth2 which had wrong subnet set on routing,
>
> Actually this was by default set for DMZ and i think it was
> interfering with the eth1 route.
>
> which i just fixed and every things seems to be working fine now
>
> now
> ~ # route -n
> [root @ untangle]
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref
> Use Iface
> 192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 dummy0
> 192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 utun
> 172.16.57.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
> 172.16.56.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4
> 172.16.52.0 0.0.0.0 255.255.254.0 U 0 0 0 eth3
> 172.16.48.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1
> 172.16.48.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2
>
> Now i am testing it and will let you know the final results,
>
>
> On Wed, Sep 5, 2012 at 4:30 PM,
> <dnsmasq-discuss-request at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss-request at lists.thekelleys.org.uk>> wrote:
>
> Send Dnsmasq-discuss mailing list submissions to
> dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
>
> To subscribe or unsubscribe via the World Wide Web, visit
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> or, via email, send a message with subject or body 'help' to
> dnsmasq-discuss-request at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss-request at lists.thekelleys.org.uk>
>
> You can reach the person managing the list at
> dnsmasq-discuss-owner at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss-owner at lists.thekelleys.org.uk>
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of Dnsmasq-discuss digest..."
>
>
> Today's Topics:
>
> 1. dnsmasq forwarding unknown ip addresses queries (Gene
> Czarcinski)
> 2. Re: Problem getting dnsmasq to send a different default
> gateway to a host (Simon Kelley)
> 3. Re: Issues with multiple subnets on dnsmasq (Simon Kelley)
> 4. Re: Issues with multiple subnets on dnsmasq (Helmut Hullen)
> 5. Re: dnsmasq forwarding unknown ip addresses queries
> (Gene Czarcinski)
> 6. Re: dhcp logging and dhcp-range static configuration
> (richardvoigt at gmail.com <mailto:richardvoigt at gmail.com>)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 04 Sep 2012 11:02:37 -0400
> From: Gene Czarcinski <gene at czarc.net <mailto:gene at czarc.net>>
> To: dnsmasq-discuss at thekelleys.org.uk
> <mailto:dnsmasq-discuss at thekelleys.org.uk>
> Subject: [Dnsmasq-discuss] dnsmasq forwarding unknown ip addresses
> queries
> Message-ID: <5046180D.9080307 at czarc.net
> <mailto:5046180D.9080307 at czarc.net>>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> OK, this is similar to my previous questions/issues involving dnsmasq
> forwarding queries for unknown names for the "name domain" that it is
> managing (even if that domain name is null).
>
> Now the second part. Whether an instance of dnsmasq is providing
> a dhcp
> service or not, is there a way to specify what IP addresses (e.g.,
> 192.168.1.0/24 <http://192.168.1.0/24>) is should answer and, if
> dnsmasq does not find that
> queried ip address in the specified range, then the query should
> NOT be
> forwarded?
>
> In looking at documentation (but not the code) and not doing any
> testing
> yet, I wonder if the following would accomplish what I need:
> domain=virt,192.168.100.0/24 <http://192.168.100.0/24>
>
> If that would do the trick, then is there a way to specify that IP
> address range when the domain name is null (local=//)?
>
> Gene
>
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 04 Sep 2012 16:58:17 +0100
> From: Simon Kelley <simon at thekelleys.org.uk
> <mailto:simon at thekelleys.org.uk>>
> To: dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> Subject: Re: [Dnsmasq-discuss] Problem getting dnsmasq to send a
> different default gateway to a host
> Message-ID: <50462519.9050401 at thekelleys.org.uk
> <mailto:50462519.9050401 at thekelleys.org.uk>>
> Content-Type: text/plain; charset=ISO-8859-1
>
> On 03/09/12 22:17, Fadi wrote:
> > Hello,
> >
> > Please be kind this is my first posting to this list.
> >
> > I have spent hours trying to get this to work, but I seem to be
> missing
> > something.
> >
> > I'm using the latest shibby build of TomatoUSB, and I want
> dnsmasq to send
> > the default gateway and dns server address of 192.168.0.55 to
> the host
> > whose
> > MAC address is xx:xx:xx:xx:xx.
> >
> > So I added this to the DNSmasq custom config:
> >
> >
> > dhcp-mac=red,xx:xx:xx:xx:xx:xx
> > dhcp-option=red,3,192.168.0.55
> > dhcp-option=red,6,192.168.0.55
> >
> >
> > This almost works. When I look at the DHCP OFFER packet in
> Wireshark,
> > dnsmasq is sending TWO default gateway (option 3) addresses, the
> > 192.168.0.55 I specified above PLUS the router's 192.168.0.1
> address.
> >
> > How can I prevent it from sending the router's IP as well? Some
> hosts on
> > the
> > network (tagged red) are using the 192.168.0.1 address as their
> default
> > gateway and some are using the 192.168.0.55.
> >
> > I have tried different permutations of using "tag:" and "set:"
> and "net:"
> > always with the same result.
> >
> > What am I doing wrong?
> >
> > Thanks in advance.
> >
>
> What version of dnsmasq are you using?
>
> Have you tried setting --log-dhcp that will give you more information
> about what exactly is happening.
>
>
> Cheers,
>
> Simon.
>
>
>
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 04 Sep 2012 17:00:43 +0100
> From: Simon Kelley <simon at thekelleys.org.uk
> <mailto:simon at thekelleys.org.uk>>
> To: dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> Subject: Re: [Dnsmasq-discuss] Issues with multiple subnets on dnsmasq
> Message-ID: <504625AB.6090409 at thekelleys.org.uk
> <mailto:504625AB.6090409 at thekelleys.org.uk>>
> Content-Type: text/plain; charset=windows-1252
>
> On 03/09/12 18:02, Ryan Chapman wrote:
> > On the host that pulls a 172.16.48 address, try a ping of
> 172.16.48.4
> > and then check the arp table to make sure it resolved to a hardware
> > address. If not, tcpdump arp traffic.
> >
> > It might be interesting to see what an ifconfig, "route -n" and
> "arp -a"
> > look like on the 172.16.48 host?
> >
> >
> > On Sep 3, 2012, at 7:29 AM, subhranshu dwivedi
> > <subhranshu.dwivedi at erminsystems.com
> <mailto:subhranshu.dwivedi at erminsystems.com>
> > <mailto:subhranshu.dwivedi at erminsystems.com
> <mailto:subhranshu.dwivedi at erminsystems.com>>> wrote:
> >
> >> Hi All,
> >>
> >> I have Untangle with DNS masq setup at my end,
> >>
> >> With interface:
> >>
> >> External
> >> eth0 Link encap:Ethernet HWaddr 00:04:23:c7:52:63
> >> inet addr:172.16.57.10 Bcast:172.16.57.255
> Mask:255.255.255.0
> >>
> >> INTERNAL
> >> eth1 Link encap:Ethernet HWaddr 00:04:23:c7:52:62
> >> inet addr:172.16.48.4 Bcast:172.16.51.255
> Mask:255.255.252.0
> >> DMZ
> >> eth2 Link encap:Ethernet HWaddr 00:1b:21:0e:1f:46
> >> inet addr:172.16.48.110 Bcast:172.16.49.255
> Mask:255.255.254.0
>
> Don't these two subnets overlap? That would be enough to cause strange
> effects.
>
>
> Simon.
>
>
>
>
>
>
> ------------------------------
>
> Message: 4
> Date: 04 Sep 2012 18:40:00 +0200
> From: Hullen at t-online.de <mailto:Hullen at t-online.de> (Helmut Hullen)
> To: dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> Subject: Re: [Dnsmasq-discuss] Issues with multiple subnets on dnsmasq
> Message-ID: <CGFEVOxPCXB at helmut.hullen.de
> <mailto:CGFEVOxPCXB at helmut.hullen.de>>
> Content-Type: text/plain; charset=US-ASCII
>
> Hallo, subhranshu,
>
> Du meintest am 03.09.12:
>
> > INTERNAL
> > eth1 Link encap:Ethernet HWaddr 00:04:23:c7:52:62
> > inet addr:172.16.48.4 Bcast:172.16.51.255
> > Mask:255.255.252.0 DMZ
>
> That mask describes 172.16.48.0 ... 172.16.51.255
> It includes eth2
>
> > eth2 Link encap:Ethernet HWaddr 00:1b:21:0e:1f:46
> > inet addr:172.16.48.110 Bcast:172.16.49.255
> > Mask:255.255.254.0
>
> That mask describes 172.16.48.0 ... 172.16.49.255
> It's part of eth1
>
> Viele Gruesse!
> Helmut
>
>
>
> ------------------------------
>
> Message: 5
> Date: Tue, 04 Sep 2012 14:41:27 -0400
> From: Gene Czarcinski <gene at czarc.net <mailto:gene at czarc.net>>
> To: dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> Subject: Re: [Dnsmasq-discuss] dnsmasq forwarding unknown ip addresses
> queries
> Message-ID: <50464B57.80805 at czarc.net
> <mailto:50464B57.80805 at czarc.net>>
> Content-Type: text/plain; charset=ISO-8859-1; format=flowed
>
> On 09/04/2012 11:02 AM, Gene Czarcinski wrote:
> > OK, this is similar to my previous questions/issues involving
> dnsmasq
> > forwarding queries for unknown names for the "name domain" that
> it is
> > managing (even if that domain name is null).
> >
> > Now the second part. Whether an instance of dnsmasq is providing a
> > dhcp service or not, is there a way to specify what IP addresses
> > (e.g., 192.168.1.0/24 <http://192.168.1.0/24>) is should answer
> and, if dnsmasq does not find
> > that queried ip address in the specified range, then the query
> should
> > NOT be forwarded?
> >
> > In looking at documentation (but not the code) and not doing any
> > testing yet, I wonder if the following would accomplish what I need:
> > domain=virt,192.168.100.0/24 <http://192.168.100.0/24>
> >
> > If that would do the trick, then is there a way to specify that IP
> > address range when the domain name is null (local=//)?
> >
> OK, I believe that I have come up with the answer to my questions.
>
> Rather than using "--domain virt --local=/virt/", I need to use
> something like:
> "--domain=virt,192.168.122.0/24,local
> <http://192.168.122.0/24,local>" or
> "--domain virt --local=/virt/
> --local=/122.168.192.in-addr.arpa/"
>
> For the case of no domain name, I am not sure that
> "domain=,192.168.122.0/24,local <http://192.168.122.0/24,local>"
> would work but
> "--local=// --local=/122.168.192.in-addr.arpa/" should work.
>
> Comments?
>
> Gene
>
>
>
> ------------------------------
>
> Message: 6
> Date: Tue, 4 Sep 2012 17:11:20 -0500
> From: "richardvoigt at gmail.com <mailto:richardvoigt at gmail.com>"
> <richardvoigt at gmail.com <mailto:richardvoigt at gmail.com>>
> To: helmut at hullen.de <mailto:helmut at hullen.de>
> Cc: dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:dnsmasq-discuss at lists.thekelleys.org.uk>
> Subject: Re: [Dnsmasq-discuss] dhcp logging and dhcp-range static
> configuration
> Message-ID:
>
> <CAO_2OxW_yX=MJNLhPAE+_bA=5-A7gK9z8GK2W5bYS81C3u9-eA at mail.gmail.com <mailto:5-A7gK9z8GK2W5bYS81C3u9-eA at mail.gmail.com>>
> Content-Type: text/plain; charset=UTF-8
>
> On Tue, Sep 4, 2012 at 4:45 AM, Helmut Hullen <Hullen at t-online.de
> <mailto:Hullen at t-online.de>> wrote:
> > Hallo, Simon,
> >
> > Du meintest am 03.09.12:
> >
> >>> Is there a way to prevent logging the DHCPDISCOVER request for
> >>> unconfigured hardware address in dhcp-range static mode ?
> >
> >> Try
> >
> >> dhcp-ignore=!known
> >
> >> or possibly the old syntax
> >
> >> dhcp-ignore=#known
> >
> >
> > Additional question:
> > When I have 2 NICs, and one of them uses "dhcp-host=...", how
> can I tell
> > "dnsmasq" that all unlisted clients (which have no "dhcp-host"-line)
> > must use the other NIC?
>
> You'll have two dhcp-range lines, one for the addresses in each
> subnet. Have one dhcp-range match the "known" tag, and one match the
> "!known" tag.
>
>
> >
> > Viele Gruesse!
> > Helmut
> >
> > _______________________________________________
> > Dnsmasq-discuss mailing list
> > Dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
>
>
> ------------------------------
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
>
> End of Dnsmasq-discuss Digest, Vol 88, Issue 5
> **********************************************
>
>
>
>
> --
> Best Regards,
>
> **
>
> *Subhranshu Dwivedi***
>
> Director IT
>
> Technology Support
>
> *Ermin Systems*
>
>
> subhranshu.dwivedi at erminsystems.com
> <mailto:subhranshu.dwivedi at erminsystems.com>
>
>
> ------------------------------------------------------------------------
>
> *Our Expertise: **Consulting Services | Data Centre Solutions |
> Storage Solutions | Network Integration | IT Infrastructure
> Optimization | Managed Services | Software Licensing | Audio-Visual
> Integration| Database Migration | ERP Solutions| IVR Services |
> Virtualization |***
>
> This email and any attachments are sent in confidence, subject to
> applicable legal privilege and upon the basis that the recipient will
> conduct appropriate virus checks. If you receive this email in error,
> please telephone us upon receipt: you are strictly prohibited from
> using, copying or disseminating it or any information contained in it,
> save to the intended recipient. Internet communications are not secure
> and Ermin Systems Pvt. Ltd. is not responsible for their abuse by
> third parties, nor for any alteration or corruption in transmission,
> nor for any damage or loss caused by any virus or other defects.
>
> *P****Please consider the environment before printing this e-mail.*
>
>
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20120905/f6eba6f0/attachment-0001.html>
More information about the Dnsmasq-discuss
mailing list