[Dnsmasq-discuss] can't take away IPv4 address
simon at thekelleys.org.uk
Wed Aug 26 22:23:03 BST 2015
On 26/08/15 08:37, Uwe Schindler wrote:
> Hi Harald,
>>> Dnsmasq does the check which the standards require, which is to
>>> send an ICMP ping (echo request) to the address it's about to
>>> allocate. The fact that the client doesn't respond would seem to
>>> indicate that the clients are NOT using IP addresses after the
>>> lease has expired.
>> I think the ping test would be pretty helpful.
>> The IPv4 address range is set to 10.10.0.0/16. Lease time is 1h.
>> There are less than 200 DHCP clients in my net. Even without ping
>> test it should be easy to avoid a conflict.
> The problem with a ping test is: Most clients using a firewall
> (especially the Windows Firewall) block pings by default (which is
> horrible, just my personal opinion). So just throwing away the
> address may not work in all cases. But what can be done: If the lease
> expires and was not renewed by the client and client cannot be pinged
> anymore, then it could be removed from the leases.
The DHCP server has to use ping (ICMP echo) as that's a routed protocol
- DHCP servers may not be on the same subnet as clients. Clients are
supposed to check an address as well, and they use ARP.
> The problem with ARP tables getting out of date is more Linux-Kernel
> specific. Dnsmasq does not really deal with ARP tables.
Not quite true. Dnsmasq directly alters the ARP table when it's giving
an address to a new client. This allows the DHCPACK to be sent to the
client, even though it doesn't yet know its address, and can't therefore
respond to an ARP request. The above is only true for Linux, on *BSD it
uses a different technique to achieve the same thing.
> _______________________________________________ Dnsmasq-discuss
> mailing list Dnsmasq-discuss at lists.thekelleys.org.uk
More information about the Dnsmasq-discuss