[Dnsmasq-discuss] Always Ignore Client Identifier

Simon Kelley simon at thekelleys.org.uk
Fri Jan 31 21:48:17 GMT 2014


On 31/01/14 16:25, Linux Luser wrote:
> dhcp-ignore-names is concerned about the hostname, correct? I am
> interested in the client identifier option sent in the DHCPREQUEST.
> Ignoring this field would break RCF2131 (and probably some people's
> networks!) but in my particular case, it may spare me some problems.

I understand, I'm proposing a new option, dhcp-ignore-clid, analogous to 
the existing dhcp-ignore-names.

>
> Maybe if I could selectively revoke leases, that would work. Could I do
> this? I'm sure that dnsmasq keeps an internal cache, so that would have
> to be flushed for a particular lease.

There is a utility in contrib/wrt in the source distribution, and a 
binary in the Debiann package of dnsmasq, for releasing a specific lease 
from the command-line.

>
> On Jan 30, 2014 2:08 AM, "Simon Kelley" <simon at thekelleys.org.uk
> <mailto:simon at thekelleys.org.uk>> wrote:
>
>     On 29/01/14 18:04, Linux Luser wrote:
>
>         We have a pretty tightly-controlled private network environment
>         which
>         we've configured to have a 1-to-1-to-1 relationship between
>         client MAC
>         address, hostnames and IP addresses. Apart from "guest" IP
>         ranges, we
>         have control over when clients get added to the network. Thus,
>         we can
>         detect duplicate MAC addresses before it becomes an issue.
>
>         In this setup, we can't need or want to use the "client identifier"
>         option of DHCP. In fact, it becomes a problem when we start doing
>         PXELinux installs, where a different client id gets sets during
>         a remote
>         install session, then when the install is complete and the new
>         OS boots
>         up, it gets a different IP address (because dnsmasq still knows
>         about
>         the lease it gave that same machine only 10 minutes ago!).
>
>         To get rid of this issue, we now supply a dhcp-host option to
>         dnsmasq
>         each time we want to do a remote reinstall. The option looks
>         something
>         like this:
>         dhcp-host=<MAC addr>,id:*,<hostname>,<IP addr>,set:install
>
>         This works, since the "id:*" part tells dnsmasq to ignore the
>         client ID
>         in favor of the MAC address. But now to my question. Can this be
>         done
>         for ALL DHCP requests? Is there a global "identify-by-mac-only"
>         option?
>         If not, would you be willing to entertain the idea. I know many
>         others
>         have done this for some time now, using other DHCP server
>         software, so I
>         know it's possible and there doesn't seem to be any ill effects
>         of this.#
>
>
>     There isn't a global option to do this, but there is precedent, in
>     the form of --dhcp-ignore-names for adding it, and actually that's
>     something more useful, since the tag system allows the setting to be
>     applied to classes of clients (which could, of course, be "all clients")
>
>
>         Maybe this is not a good idea? Like I said, we have a fairly
>         controlled
>         environment, so it would work for us. I could see how this would be
>         unnecessary for common setups, though. Or environments that have
>         many
>         VMs running on a single host and simply bridge their network
>         interface
>         may want to use the "client identifier" option so each VM gets a
>         unique
>         IP even if they're running on the same machine or t But it would
>         be nice to
>         have a greater level of control over this.
>
>
>         Thanks for your time. And GREAT piece of software, by the way.
>         dnsmasq
>         is a HUGE time saver and makes changing configurations
>         straight-forward.
>         Do you accept donations? :)
>
>
>     Donations by Paypal to simon at thekelleys.org.uk
>     <mailto:simon at thekelleys.org.uk> are always welcome, or you could
>     commission me to add new features. I'm available for that on a
>     consultancy basis, cheaper for stuff which goes back into the
>     dnsmasq GPL codebase, more expensive for proprietary code.
>
>
>
>     Cheers,
>
>     Simon.
>
>
>
>         --
>         daV.e
>
>
>         _________________________________________________
>         Dnsmasq-discuss mailing list
>         Dnsmasq-discuss at lists.__thekelleys.org.uk
>         <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
>         http://lists.thekelleys.org.__uk/mailman/listinfo/dnsmasq-__discuss
>         <http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss>
>
>
>
>     _________________________________________________
>     Dnsmasq-discuss mailing list
>     Dnsmasq-discuss at lists.__thekelleys.org.uk
>     <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
>     http://lists.thekelleys.org.__uk/mailman/listinfo/dnsmasq-__discuss
>     <http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss>
>




More information about the Dnsmasq-discuss mailing list