[Dnsmasq-discuss] New setup. DNS OK, DHCP is silent

Simon Kelley simon at thekelleys.org.uk
Sat Nov 24 18:31:14 GMT 2012 

On 24/11/12 14:30, Lovelady, Dennis E. wrote:
> Hi, Folks.  I’m trying to set up a new dhcp server using dnsmasq.  I
> have the following configuration
>
>  >>>
>
> domain-needed
>
> bogus-priv
>
> expand-hosts
>
> domain=***.com # Yeah, I know.  It’s masked for internet
>
> dhcp-range=192.168.158.64,192.168.158.191,24h
>
> dhcp-host=90:2b:34:36:ae:bc,papa,192.168.158.3,infinite
>
> dhcp-option=option:router,192.168.158.1
>
> log-queries
>
> log-dhcp
>
> <<<
>
> ifconfig on the server shows:
>
>  >>>
>
> eth0      Link encap:Ethernet  HWaddr C0:3F:0E:BC:43:B9
>
>            inet addr:192.168.158.2  Bcast:192.168.158.255
> Mask:255.255.255.0
>
>            UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>
>            RX packets:20353 errors:0 dropped:0 overruns:0 frame:0
>
>            TX packets:3409 errors:0 dropped:0 overruns:0 carrier:0
>
>            collisions:0 txqueuelen:532
>
>            RX bytes:2725952 (2.5 MiB)  TX bytes:692256 (676.0 KiB)
>
>            Interrupt:11
>
> <<<
>
> dnsmasq is  serving DNS just fine, but DHCP seems unresponsive.  The log
> (/var/log/messages) shows:
>
> delovelady at stora-2 /home/log> tail -100 /home/log/messages|grep dnsmasq
>
>  >>>
>
> Nov 24 00:15:40 stora-2 dnsmasq[5952]: exiting on receipt of SIGTERM
>
> --- config change and restart ---
>
> Nov 24 00:15:40 stora-2 dnsmasq[6189]: started, version 2.62 cachesize 150
>
> Nov 24 00:15:40 stora-2 dnsmasq[6189]: compile time options: IPv6
> GNU-getopt no-DBus no-i18n no-IDN
>
> DHCP DHCPv6 no-Lua TFTP no-conntrack
>
> Nov 24 00:15:40 stora-2 dnsmasq[6189]: reading /etc/resolv.conf
>
> Nov 24 00:15:40 stora-2 dnsmasq[6189]: using nameserver 192.168.158.1#53
>
> Nov 24 00:15:40 stora-2 dnsmasq[6189]: ignoring nameserver 127.0.0.1 -
> local interface
>
> Nov 24 00:15:40 stora-2 dnsmasq[6189]: read /etc/hosts - 22 addresses
>
> Nov 24 00:20:27 stora-2 dnsmasq[6189]: exiting on receipt of SIGTERM
>
> --- config change and restart ---
>
> Nov 24 00:20:27 stora-2 dnsmasq[6508]: started, version 2.62 cachesize 150
>
> Nov 24 00:20:27 stora-2 dnsmasq[6508]: compile time options: IPv6
> GNU-getopt no-DBus no-i18n no-IDN
>
> DHCP DHCPv6 no-Lua TFTP no-conntrack
>
> Nov 24 00:20:27 stora-2 dnsmasq[6508]: reading /etc/resolv.conf
>
> Nov 24 00:20:27 stora-2 dnsmasq[6508]: using nameserver 192.168.158.1#53
>
> Nov 24 00:20:27 stora-2 dnsmasq[6508]: ignoring nameserver 127.0.0.1 -
> local interface
>
> Nov 24 00:20:27 stora-2 dnsmasq[6508]: read /etc/hosts - 22 addresses
>
> <<<
>
> This is on a new network. When I attach a server or PC that is set up
> for DHCP, no connection gets established.  But if I set up for fixed
> addresses on the 192.168.158 net, all is well, worldwide.  All systems
> can access this system via ssh.  The output from iptables –L is very
> slow (about half a minute), and results in:
>
> sudo iptables –L
>
>  >>>
>
> audit_log_user_command(): Connection refused
>
> Chain INPUT (policy ACCEPT)
>
> target     prot opt source               destination
>
> INPUT-INTERNAL  all  --  169.254.0.0/16       anywhere
>
> ACCEPT     all  --  anywhere             anywhere
>
> REJECT     tcp  --  anywhere             anywhere            tcp
> dpt:printer reject-with icmp-port-unreachable
>
> INPUT-INTERNAL  all  --  192.168.158.0/24     anywhere
>
> ACCEPT     all  --  anywhere             anywhere            state
> RELATED,ESTABLISHED
>
> ACCEPT     icmp --  anywhere             anywhere            icmp
> echo-request
>
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:http
>
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https
>
> ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ssh
>
> REJECT     tcp  --  anywhere             anywhere            tcp
> dpt:auth reject-with icmp-admin-prohibited
>
> DROP       all  --  anywhere             anywhere
>
> Chain FORWARD (policy ACCEPT)
>
> target     prot opt source               destination
>
> Chain OUTPUT (policy ACCEPT)
>
> target     prot opt source               destination
>
> Chain INPUT-INTERNAL (2 references)
>
> target     prot opt source               destination
>
> ACCEPT     all  --  anywhere             anywhere
>
> <<<<
>
> I have no idea why iptables woulod be so slow to list… (?)  I also don’t
> know why 169.254 is so prominent in that list!  (I’m even less of an
> itables expert than I am dnsmasq.  But I tried this also after “sudo
> service iptables stop” to no benefit.)
>
> What else might I provide, and what am I missing?  This looks to me like
> it should be working, and should be logging its success.  But it’s
> always/usually something I missed, so go ahead; hit me with your best
> shot.  Please. J
>
> Dennis Lovelady
>

You're not using the configuration you think you are. If dnsmasq was 
reading a configuration with dhcp-range in it, it would log that fact at 
start-up. This is also consistent with dnsmasq not listening on port 67. 
  Maybe a command-line option is sending dnsmasq to a different config-file?


Cheers,

Simon,

More information about the Dnsmasq-discuss mailing list