Hi Helmut,<br><br>i had the DMZ on eth2 which had wrong subnet set on routing, <br><br>Actually this was by default set for DMZ and i think it was interfering with the eth1 route.<br><br>which i just fixed and every things seems to be working fine now<br>
<br>now <br>~ # route -n <div id=":28"> [root @ untangle]<br>
<div class="im">Kernel IP routing table<br>
Destination Gateway Genmask Flags Metric Ref Use Iface<br>192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 dummy0<br>192.0.2.0 0.0.0.0 255.255.255.0 U 0 0 0 utun<br>
172.16.57.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0<br>172.16.56.0 0.0.0.0 255.255.255.0 U 0 0 0 eth4<br>172.16.52.0 0.0.0.0 255.255.254.0 U 0 0 0 eth3<br>
</div><div class="im">
172.16.48.0 0.0.0.0 255.255.252.0 U 0 0 0 eth1<br></div>172.16.48.0 0.0.0.0 255.255.252.0 U 0 0 0 eth2<br><br>Now i am testing it and will let you know the final results,</div>
<br><br><div class="gmail_quote">On Wed, Sep 5, 2012 at 4:30 PM, <span dir="ltr"><<a href="mailto:dnsmasq-discuss-request@lists.thekelleys.org.uk" target="_blank">dnsmasq-discuss-request@lists.thekelleys.org.uk</a>></span> wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">Send Dnsmasq-discuss mailing list submissions to<br>
<a href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" target="_blank">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br>
or, via email, send a message with subject or body 'help' to<br>
<a href="mailto:dnsmasq-discuss-request@lists.thekelleys.org.uk">dnsmasq-discuss-request@lists.thekelleys.org.uk</a><br>
<br>
You can reach the person managing the list at<br>
<a href="mailto:dnsmasq-discuss-owner@lists.thekelleys.org.uk">dnsmasq-discuss-owner@lists.thekelleys.org.uk</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of Dnsmasq-discuss digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
1. dnsmasq forwarding unknown ip addresses queries (Gene Czarcinski)<br>
2. Re: Problem getting dnsmasq to send a different default<br>
gateway to a host (Simon Kelley)<br>
3. Re: Issues with multiple subnets on dnsmasq (Simon Kelley)<br>
4. Re: Issues with multiple subnets on dnsmasq (Helmut Hullen)<br>
5. Re: dnsmasq forwarding unknown ip addresses queries<br>
(Gene Czarcinski)<br>
6. Re: dhcp logging and dhcp-range static configuration<br>
(<a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com</a>)<br>
<br>
<br>
----------------------------------------------------------------------<br>
<br>
Message: 1<br>
Date: Tue, 04 Sep 2012 11:02:37 -0400<br>
From: Gene Czarcinski <<a href="mailto:gene@czarc.net">gene@czarc.net</a>><br>
To: <a href="mailto:dnsmasq-discuss@thekelleys.org.uk">dnsmasq-discuss@thekelleys.org.uk</a><br>
Subject: [Dnsmasq-discuss] dnsmasq forwarding unknown ip addresses<br>
queries<br>
Message-ID: <<a href="mailto:5046180D.9080307@czarc.net">5046180D.9080307@czarc.net</a>><br>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed<br>
<br>
OK, this is similar to my previous questions/issues involving dnsmasq<br>
forwarding queries for unknown names for the "name domain" that it is<br>
managing (even if that domain name is null).<br>
<br>
Now the second part. Whether an instance of dnsmasq is providing a dhcp<br>
service or not, is there a way to specify what IP addresses (e.g.,<br>
<a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a>) is should answer and, if dnsmasq does not find that<br>
queried ip address in the specified range, then the query should NOT be<br>
forwarded?<br>
<br>
In looking at documentation (but not the code) and not doing any testing<br>
yet, I wonder if the following would accomplish what I need:<br>
domain=virt,<a href="http://192.168.100.0/24" target="_blank">192.168.100.0/24</a><br>
<br>
If that would do the trick, then is there a way to specify that IP<br>
address range when the domain name is null (local=//)?<br>
<br>
Gene<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Tue, 04 Sep 2012 16:58:17 +0100<br>
From: Simon Kelley <<a href="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</a>><br>
To: <a href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
Subject: Re: [Dnsmasq-discuss] Problem getting dnsmasq to send a<br>
different default gateway to a host<br>
Message-ID: <<a href="mailto:50462519.9050401@thekelleys.org.uk">50462519.9050401@thekelleys.org.uk</a>><br>
Content-Type: text/plain; charset=ISO-8859-1<br>
<br>
On 03/09/12 22:17, Fadi wrote:<br>
> Hello,<br>
><br>
> Please be kind this is my first posting to this list.<br>
><br>
> I have spent hours trying to get this to work, but I seem to be missing<br>
> something.<br>
><br>
> I'm using the latest shibby build of TomatoUSB, and I want dnsmasq to send<br>
> the default gateway and dns server address of 192.168.0.55 to the host<br>
> whose<br>
> MAC address is xx:xx:xx:xx:xx.<br>
><br>
> So I added this to the DNSmasq custom config:<br>
><br>
><br>
> dhcp-mac=red,xx:xx:xx:xx:xx:xx<br>
> dhcp-option=red,3,192.168.0.55<br>
> dhcp-option=red,6,192.168.0.55<br>
><br>
><br>
> This almost works. When I look at the DHCP OFFER packet in Wireshark,<br>
> dnsmasq is sending TWO default gateway (option 3) addresses, the<br>
> 192.168.0.55 I specified above PLUS the router's 192.168.0.1 address.<br>
><br>
> How can I prevent it from sending the router's IP as well? Some hosts on<br>
> the<br>
> network (tagged red) are using the 192.168.0.1 address as their default<br>
> gateway and some are using the 192.168.0.55.<br>
><br>
> I have tried different permutations of using "tag:" and "set:" and "net:"<br>
> always with the same result.<br>
><br>
> What am I doing wrong?<br>
><br>
> Thanks in advance.<br>
><br>
<br>
What version of dnsmasq are you using?<br>
<br>
Have you tried setting --log-dhcp that will give you more information<br>
about what exactly is happening.<br>
<br>
<br>
Cheers,<br>
<br>
Simon.<br>
<br>
<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 3<br>
Date: Tue, 04 Sep 2012 17:00:43 +0100<br>
From: Simon Kelley <<a href="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</a>><br>
To: <a href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
Subject: Re: [Dnsmasq-discuss] Issues with multiple subnets on dnsmasq<br>
Message-ID: <<a href="mailto:504625AB.6090409@thekelleys.org.uk">504625AB.6090409@thekelleys.org.uk</a>><br>
Content-Type: text/plain; charset=windows-1252<br>
<br>
On 03/09/12 18:02, Ryan Chapman wrote:<br>
> On the host that pulls a 172.16.48 address, try a ping of 172.16.48.4<br>
> and then check the arp table to make sure it resolved to a hardware<br>
> address. If not, tcpdump arp traffic.<br>
><br>
> It might be interesting to see what an ifconfig, "route -n" and "arp -a"<br>
> look like on the 172.16.48 host?<br>
><br>
><br>
> On Sep 3, 2012, at 7:29 AM, subhranshu dwivedi<br>
> <<a href="mailto:subhranshu.dwivedi@erminsystems.com">subhranshu.dwivedi@erminsystems.com</a><br>
> <mailto:<a href="mailto:subhranshu.dwivedi@erminsystems.com">subhranshu.dwivedi@erminsystems.com</a>>> wrote:<br>
><br>
>> Hi All,<br>
>><br>
>> I have Untangle with DNS masq setup at my end,<br>
>><br>
>> With interface:<br>
>><br>
>> External<br>
>> eth0 Link encap:Ethernet HWaddr 00:04:23:c7:52:63<br>
>> inet addr:172.16.57.10 Bcast:172.16.57.255 Mask:255.255.255.0<br>
>><br>
>> INTERNAL<br>
>> eth1 Link encap:Ethernet HWaddr 00:04:23:c7:52:62<br>
>> inet addr:172.16.48.4 Bcast:172.16.51.255 Mask:255.255.252.0<br>
>> DMZ<br>
>> eth2 Link encap:Ethernet HWaddr 00:1b:21:0e:1f:46<br>
>> inet addr:172.16.48.110 Bcast:172.16.49.255 Mask:255.255.254.0<br>
<br>
Don't these two subnets overlap? That would be enough to cause strange<br>
effects.<br>
<br>
<br>
Simon.<br>
<br>
<br>
<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 4<br>
Date: 04 Sep 2012 18:40:00 +0200<br>
From: <a href="mailto:Hullen@t-online.de">Hullen@t-online.de</a> (Helmut Hullen)<br>
To: <a href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
Subject: Re: [Dnsmasq-discuss] Issues with multiple subnets on dnsmasq<br>
Message-ID: <<a href="mailto:CGFEVOxPCXB@helmut.hullen.de">CGFEVOxPCXB@helmut.hullen.de</a>><br>
Content-Type: text/plain; charset=US-ASCII<br>
<br>
Hallo, subhranshu,<br>
<br>
Du meintest am 03.09.12:<br>
<br>
> INTERNAL<br>
> eth1 Link encap:Ethernet HWaddr 00:04:23:c7:52:62<br>
> inet addr:172.16.48.4 Bcast:172.16.51.255<br>
> Mask:255.255.252.0 DMZ<br>
<br>
That mask describes 172.16.48.0 ... 172.16.51.255<br>
It includes eth2<br>
<br>
> eth2 Link encap:Ethernet HWaddr 00:1b:21:0e:1f:46<br>
> inet addr:172.16.48.110 Bcast:172.16.49.255<br>
> Mask:255.255.254.0<br>
<br>
That mask describes 172.16.48.0 ... 172.16.49.255<br>
It's part of eth1<br>
<br>
Viele Gruesse!<br>
Helmut<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 5<br>
Date: Tue, 04 Sep 2012 14:41:27 -0400<br>
From: Gene Czarcinski <<a href="mailto:gene@czarc.net">gene@czarc.net</a>><br>
To: <a href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
Subject: Re: [Dnsmasq-discuss] dnsmasq forwarding unknown ip addresses<br>
queries<br>
Message-ID: <<a href="mailto:50464B57.80805@czarc.net">50464B57.80805@czarc.net</a>><br>
Content-Type: text/plain; charset=ISO-8859-1; format=flowed<br>
<br>
On 09/04/2012 11:02 AM, Gene Czarcinski wrote:<br>
> OK, this is similar to my previous questions/issues involving dnsmasq<br>
> forwarding queries for unknown names for the "name domain" that it is<br>
> managing (even if that domain name is null).<br>
><br>
> Now the second part. Whether an instance of dnsmasq is providing a<br>
> dhcp service or not, is there a way to specify what IP addresses<br>
> (e.g., <a href="http://192.168.1.0/24" target="_blank">192.168.1.0/24</a>) is should answer and, if dnsmasq does not find<br>
> that queried ip address in the specified range, then the query should<br>
> NOT be forwarded?<br>
><br>
> In looking at documentation (but not the code) and not doing any<br>
> testing yet, I wonder if the following would accomplish what I need:<br>
> domain=virt,<a href="http://192.168.100.0/24" target="_blank">192.168.100.0/24</a><br>
><br>
> If that would do the trick, then is there a way to specify that IP<br>
> address range when the domain name is null (local=//)?<br>
><br>
OK, I believe that I have come up with the answer to my questions.<br>
<br>
Rather than using "--domain virt --local=/virt/", I need to use<br>
something like:<br>
"--domain=virt,<a href="http://192.168.122.0/24,local" target="_blank">192.168.122.0/24,local</a>" or<br>
"--domain virt --local=/virt/ --local=/122.168.192.in-addr.arpa/"<br>
<br>
For the case of no domain name, I am not sure that<br>
"domain=,<a href="http://192.168.122.0/24,local" target="_blank">192.168.122.0/24,local</a>" would work but<br>
"--local=// --local=/122.168.192.in-addr.arpa/" should work.<br>
<br>
Comments?<br>
<br>
Gene<br>
<br>
<br>
<br>
------------------------------<br>
<br>
Message: 6<br>
Date: Tue, 4 Sep 2012 17:11:20 -0500<br>
From: "<a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com</a>" <<a href="mailto:richardvoigt@gmail.com">richardvoigt@gmail.com</a>><br>
To: <a href="mailto:helmut@hullen.de">helmut@hullen.de</a><br>
Cc: <a href="mailto:dnsmasq-discuss@lists.thekelleys.org.uk">dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
Subject: Re: [Dnsmasq-discuss] dhcp logging and dhcp-range static<br>
configuration<br>
Message-ID:<br>
<CAO_2OxW_yX=MJNLhPAE+_bA=<a href="mailto:5-A7gK9z8GK2W5bYS81C3u9-eA@mail.gmail.com">5-A7gK9z8GK2W5bYS81C3u9-eA@mail.gmail.com</a>><br>
Content-Type: text/plain; charset=UTF-8<br>
<br>
On Tue, Sep 4, 2012 at 4:45 AM, Helmut Hullen <<a href="mailto:Hullen@t-online.de">Hullen@t-online.de</a>> wrote:<br>
> Hallo, Simon,<br>
><br>
> Du meintest am 03.09.12:<br>
><br>
>>> Is there a way to prevent logging the DHCPDISCOVER request for<br>
>>> unconfigured hardware address in dhcp-range static mode ?<br>
><br>
>> Try<br>
><br>
>> dhcp-ignore=!known<br>
><br>
>> or possibly the old syntax<br>
><br>
>> dhcp-ignore=#known<br>
><br>
><br>
> Additional question:<br>
> When I have 2 NICs, and one of them uses "dhcp-host=...", how can I tell<br>
> "dnsmasq" that all unlisted clients (which have no "dhcp-host"-line)<br>
> must use the other NIC?<br>
<br>
You'll have two dhcp-range lines, one for the addresses in each<br>
subnet. Have one dhcp-range match the "known" tag, and one match the<br>
"!known" tag.<br>
<br>
<br>
><br>
> Viele Gruesse!<br>
> Helmut<br>
><br>
> _______________________________________________<br>
> Dnsmasq-discuss mailing list<br>
> <a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
> <a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" target="_blank">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br>
<br>
<br>
<br>
------------------------------<br>
<br>
_______________________________________________<br>
Dnsmasq-discuss mailing list<br>
<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" target="_blank">http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss</a><br>
<br>
<br>
End of Dnsmasq-discuss Digest, Vol 88, Issue 5<br>
**********************************************<br>
</blockquote></div><br><br clear="all"><br>-- <br><span style="font-family:arial,helvetica,sans-serif;background-color:rgb(255,255,255);color:rgb(31,73,125);font-size:9pt">Best Regards,</span><br style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:13px;background-color:rgb(255,255,255)">
<div style="color:rgb(34,34,34);font-family:arial,helvetica,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><span style="font-size:9pt"><p style="margin:0in 0in 0pt"><b><span style="color:rgb(31,73,125);font-size:11pt"> </span></b></p>
<p style="margin:0in 0in 0pt"><b><span style="color:rgb(31,73,125);font-size:11pt">Subhranshu Dwivedi</span></b><b><span style="color:rgb(31,73,125)"></span></b></p><p style="margin:0in 0in 0pt"><span style="font-size:8pt"><font face="arial, helvetica, sans-serif">Director IT</font></span></p>
<p style="margin:0in 0in 0pt"><span style="font-size:8pt"><font face="arial, helvetica, sans-serif">Technology Support</font></span></p><p style="margin:0in 0in 0pt"><span style="font-size:8pt"><font face="arial, helvetica, sans-serif"><b>Ermin Systems</b></font></span></p>
<p style="margin:0in 0in 0pt"><span style="font-size:8pt"><font face="arial, helvetica, sans-serif">0120.437.6161 (Main)</font></span></p><p style="margin:0in 0in 0pt"><span style="font-size:8pt"><font face="arial, helvetica, sans-serif">741.581.0583(direct)</font></span></p>
<p style="margin:0in 0in 0pt"><span style="color:rgb(31,73,125);font-size:11pt"><a href="mailto:subhranshu.dwivedi@erminsystems.com" style="color:rgb(17,85,204)" target="_blank"><span style="color:blue;font-size:8pt">subhranshu.dwivedi@<u></u>erminsystems.com</span></a></span><span style="font-size:10pt"></span></p>
<p style="margin:0in 0in 0pt"><span style="color:rgb(31,73,125);font-size:8pt"></span></p><p style="margin:0in 0in 0pt"><span style="color:rgb(31,73,125);font-size:8pt"></span> <br></p><p style="margin:0in 0in 0pt"><span style="color:rgb(31,73,125);font-size:8pt"></span></p>
<hr></span><p style="margin:0px"><b><span style="font-family:Arial,sans-serif;color:rgb(13,13,13);font-size:8pt">Our Expertise: </span></b><b><span style="font-family:Verdana,sans-serif;color:rgb(227,108,10);font-size:8pt">Consulting Services | Data Centre Solutions | Storage Solutions | Network Integration | IT Infrastructure Optimization | Managed Services | Software Licensing | Audio-Visual Integration| Database Migration | ERP Solutions| IVR Services | Virtualization |</span></b><b><span style="font-family:Verdana,sans-serif;color:rgb(227,108,10);font-size:8pt"></span></b></p>
<p style="margin:0px"><span style="font-family:Arial,sans-serif;font-size:7pt">This email and any attachments are sent in confidence, subject to applicable legal privilege and upon the basis that the recipient will conduct appropriate virus checks. If you receive this email in error, please telephone us upon receipt: you are strictly prohibited from using, copying or disseminating it or any information contained in it, save to the intended recipient. Internet communications are not secure and Ermin Systems Pvt. Ltd. is not responsible for their abuse by third parties, nor for any alteration or corruption in transmission, nor for any damage or loss caused by any virus or other defects.</span></p>
<p style="margin:0px"><b><span style="font-family:Webdings;color:green;font-size:18pt" lang="EN-GB">P</span></b><b><span style="font-family:Arial,sans-serif;color:navy;font-size:7.5pt" lang="EN-GB"> </span></b><b><span style="font-family:Verdana,sans-serif;color:green;font-size:7.5pt" lang="EN-GB">Please consider the environment before printing this e-mail.</span></b></p>
</div><br>