<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=us-ascii">
<meta name="Generator" content="Microsoft Word 14 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Wingdings;
panose-1:5 0 0 0 0 0 0 0 0 0;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri","sans-serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:"Calibri","sans-serif";
color:windowtext;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal">Hi, Folks. I’m trying to set up a new dhcp server using dnsmasq. I have the following configuration<o:p></o:p></p>
<p class="MsoNormal">>>><o:p> </o:p></p>
<p class="MsoNormal">domain-needed<o:p></o:p></p>
<p class="MsoNormal">bogus-priv<o:p></o:p></p>
<p class="MsoNormal">expand-hosts<o:p></o:p></p>
<p class="MsoNormal">domain=***.com # Yeah, I know. It’s masked for internet<o:p></o:p></p>
<p class="MsoNormal">dhcp-range=192.168.158.64,192.168.158.191,24h<o:p></o:p></p>
<p class="MsoNormal">dhcp-host=90:2b:34:36:ae:bc,papa,192.168.158.3,infinite<o:p></o:p></p>
<p class="MsoNormal">dhcp-option=option:router,192.168.158.1<o:p></o:p></p>
<p class="MsoNormal">log-queries<o:p></o:p></p>
<p class="MsoNormal">log-dhcp<o:p></o:p></p>
<p class="MsoNormal"><<<<o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">ifconfig on the server shows:<o:p></o:p></p>
<p class="MsoNormal">>>><o:p> </o:p></p>
<p class="MsoNormal">eth0 Link encap:Ethernet HWaddr C0:3F:0E:BC:43:B9<o:p></o:p></p>
<p class="MsoNormal"> inet addr:192.168.158.2 Bcast:192.168.158.255 Mask:255.255.255.0<o:p></o:p></p>
<p class="MsoNormal"> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1<o:p></o:p></p>
<p class="MsoNormal"> RX packets:20353 errors:0 dropped:0 overruns:0 frame:0<o:p></o:p></p>
<p class="MsoNormal"> TX packets:3409 errors:0 dropped:0 overruns:0 carrier:0<o:p></o:p></p>
<p class="MsoNormal"> collisions:0 txqueuelen:532<o:p></o:p></p>
<p class="MsoNormal"> RX bytes:2725952 (2.5 MiB) TX bytes:692256 (676.0 KiB)<o:p></o:p></p>
<p class="MsoNormal"> Interrupt:11<o:p></o:p></p>
<p class="MsoNormal"><<<<o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">dnsmasq is serving DNS just fine, but DHCP seems unresponsive. The log (/var/log/messages) shows:<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">delovelady@stora-2 /home/log> tail -100 /home/log/messages|grep dnsmasq<o:p></o:p></p>
<p class="MsoNormal">>>><o:p> </o:p></p>
<p class="MsoNormal">Nov 24 00:15:40 stora-2 dnsmasq[5952]: exiting on receipt of SIGTERM<o:p></o:p></p>
<p class="MsoNormal">--- config change and restart ---<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:15:40 stora-2 dnsmasq[6189]: started, version 2.62 cachesize 150<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:15:40 stora-2 dnsmasq[6189]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN<o:p></o:p></p>
<p class="MsoNormal">DHCP DHCPv6 no-Lua TFTP no-conntrack<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:15:40 stora-2 dnsmasq[6189]: reading /etc/resolv.conf<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:15:40 stora-2 dnsmasq[6189]: using nameserver 192.168.158.1#53<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:15:40 stora-2 dnsmasq[6189]: ignoring nameserver 127.0.0.1 - local interface<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:15:40 stora-2 dnsmasq[6189]: read /etc/hosts - 22 addresses<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:20:27 stora-2 dnsmasq[6189]: exiting on receipt of SIGTERM<o:p></o:p></p>
<p class="MsoNormal">--- config change and restart ---<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:20:27 stora-2 dnsmasq[6508]: started, version 2.62 cachesize 150<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:20:27 stora-2 dnsmasq[6508]: compile time options: IPv6 GNU-getopt no-DBus no-i18n no-IDN<o:p></o:p></p>
<p class="MsoNormal">DHCP DHCPv6 no-Lua TFTP no-conntrack<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:20:27 stora-2 dnsmasq[6508]: reading /etc/resolv.conf<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:20:27 stora-2 dnsmasq[6508]: using nameserver 192.168.158.1#53<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:20:27 stora-2 dnsmasq[6508]: ignoring nameserver 127.0.0.1 - local interface<o:p></o:p></p>
<p class="MsoNormal">Nov 24 00:20:27 stora-2 dnsmasq[6508]: read /etc/hosts - 22 addresses<o:p></o:p></p>
<p class="MsoNormal"><<<<o:p> </o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">This is on a new network. When I attach a server or PC that is set up for DHCP, no connection gets established. But if I set up for fixed addresses on the 192.168.158 net, all is well, worldwide. All systems can access this system via
ssh. The output from iptables –L is very slow (about half a minute), and results in:<o:p></o:p></p>
<p class="MsoNormal">sudo iptables –L<o:p></o:p></p>
<p class="MsoNormal">>>><o:p> </o:p></p>
<p class="MsoNormal">audit_log_user_command(): Connection refused<o:p></o:p></p>
<p class="MsoNormal">Chain INPUT (policy ACCEPT)<o:p></o:p></p>
<p class="MsoNormal">target prot opt source destination<o:p></o:p></p>
<p class="MsoNormal">INPUT-INTERNAL all -- 169.254.0.0/16 anywhere<o:p></o:p></p>
<p class="MsoNormal">ACCEPT all -- anywhere anywhere<o:p></o:p></p>
<p class="MsoNormal">REJECT tcp -- anywhere anywhere tcp dpt:printer reject-with icmp-port-unreachable<o:p></o:p></p>
<p class="MsoNormal">INPUT-INTERNAL all -- 192.168.158.0/24 anywhere<o:p></o:p></p>
<p class="MsoNormal">ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED<o:p></o:p></p>
<p class="MsoNormal">ACCEPT icmp -- anywhere anywhere icmp echo-request<o:p></o:p></p>
<p class="MsoNormal">ACCEPT tcp -- anywhere anywhere tcp dpt:http<o:p></o:p></p>
<p class="MsoNormal">ACCEPT tcp -- anywhere anywhere tcp dpt:https<o:p></o:p></p>
<p class="MsoNormal">ACCEPT tcp -- anywhere anywhere tcp dpt:ssh<o:p></o:p></p>
<p class="MsoNormal">REJECT tcp -- anywhere anywhere tcp dpt:auth reject-with icmp-admin-prohibited<o:p></o:p></p>
<p class="MsoNormal">DROP all -- anywhere anywhere<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Chain FORWARD (policy ACCEPT)<o:p></o:p></p>
<p class="MsoNormal">target prot opt source destination<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Chain OUTPUT (policy ACCEPT)<o:p></o:p></p>
<p class="MsoNormal">target prot opt source destination<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Chain INPUT-INTERNAL (2 references)<o:p></o:p></p>
<p class="MsoNormal">target prot opt source destination<o:p></o:p></p>
<p class="MsoNormal">ACCEPT all -- anywhere anywhere<o:p></o:p></p>
<p class="MsoNormal"><<<<<o:p> </o:p></p>
<p class="MsoNormal">I have no idea why iptables woulod be so slow to list… (?) I also don’t know why 169.254 is so prominent in that list! (I’m even less of an itables expert than I am dnsmasq. But I tried this also after “sudo service iptables stop” to
no benefit.)<o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">What else might I provide, and what am I missing? This looks to me like it should be working, and should be logging its success. But it’s always/usually something I missed, so go ahead; hit me with your best shot. Please.
<span style="font-family:Wingdings">J</span><o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
<p class="MsoNormal">Dennis Lovelady<o:p></o:p></p>
<p class="MsoNormal">--<o:p></o:p></p>
<p class="MsoNormal">"Money is what you'd get on beautifully without if only other people weren't so crazy about it."<o:p></o:p></p>
<p class="MsoNormal"> — Margaret Case Harriman <o:p></o:p></p>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</body>
</html>
<BR>_____________________________________________________________
<FONT size=2><BR>
DTCC DISCLAIMER: This email and any files transmitted with it are confidential and intended solely for the use of the individual or entity to whom they are addressed. If you have received this email in error, please notify us immediately and delete the email and any attachments from your system. The recipient should check this email and any attachments for the presence of viruses. The company accepts no liability for any damage caused by any virus transmitted by this email.</FONT>