[Dnsmasq-discuss] No new lease for Option 82 requests until old one times out

Simon Kelley simon at thekelleys.org.uk
Wed Sep 17 21:47:38 BST 2014


On 17/09/14 09:49, Joachim Nilsson wrote:
> Hi Simon,
> 
> I've found a little problem with how Option 82 circuit-id/remote-id
> works. Everything is fine in the below setup until I replace the client
> with a replacement unit that has a different MAC.
> 
>     [client]---LAN1---[dhcrelay]---LAN2---[dnsmasq]
> 
> dhcp-range=subnet0,tag:!static,192.168.2.100,192.168.2.199,255.255.255.0,864000
> 
> 
>     dhcp-circuitid=set:cid0,"Eth6"
>     tag-if=set:static,set:tag0,tag:cid0
> dhcp-range=tag:tag0,192.168.2.99,192.168.2.99,255.255.255.0,864000
> 
> When 'client' is replaced the request from the new client reaches
> dnsmasq, which responds with "no address available".  I figured this is
> because the "pool" for the static IP only has one entry, bound to the
> old client's MAC.  Indeed, it is not until the lease for the old client
> times out that the new client receives an offer. I guess this behavior
> is by design ...
> 
> I was thinking that adding 'tag:tag0' to the --dhcp-host setting would
> have been perfect for Option 82, since they're basically static leases
> anyway -- the same port on a given switch should always receive the same
> IP ... so adding tag support, in addition to the already existing mac
> and client-id, seemed at least to me useful.
> 
> What do you think?

Allowing dhcp-host matching by tag is a good idea, but it's not the
complete solution to this problem. You've spotted the catch, which is
that the address you want is already bound to a different MAC/client-id.

If you could select a dhcp-host line by tag, ie

dhcp-circuitid=set:cid0,"Eth6"
dhcp-host=tag:cid0,192.168.2.99

then when the MAC address changed, you just get a different error:

"not using configured address 192.168.2.99 because it is leased to <old
MAC address>"


To make this work, you'd need some extra semantics, either explicit or
implicit, to enable the old binding to be abandoned. Abandoning a
binding is dangerous, since when it granted the lease, the server was
promising the client exclusive use of the IP address. There is precedent
for this: the form of dhcp-host which has more than one MAC address
allows exactly then abandonment of a lease to one MAC address in favour
of the other one.

It would be possible to define the dhcp-host=tag:cid0,192.168.2.99 form
as having the same properties, or require some special keyword to enable
this behaviour.

I think this covers Neil's points as well, part from the PXE one. There
is already some logic that tries to do the right thing when the same MAC
address sometimes presents a client-id, and sometimes doesn't. It
doesn't solve the case of two different client-ids at differnet points
in the netboot, AFAIK.


Cheers,

Simon.

> 
> Regards
>  /Joachim
> 
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 




More information about the Dnsmasq-discuss mailing list