<div dir="ltr"><span style="font-family:arial,sans-serif;font-size:13px">dhcp-ignore-clid might just work for the long-term. But </span><span style="font-family:arial,sans-serif;font-size:13px">I ended up playing around a bit more and I've managed to isolate the part of my config that I believe triggers the problem. Maybe this can be fixed without a dhcp-ignore-clid option?</span><div>
<span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px">When I set a host's MAC address and IP association in /etc/ethers (with the read-ethers option on of course) and that same host's IP address to hostname association in /etc/hosts, I am able to get a consistent IP, whether or not that same host is using PXE boot, the Debian installer (where it send the vendor-id as "d-i", which shouldn't matter in this case) or boots to its own image on the drive. It is consistent, that is, until I implement a "trick" that I wanted to use so I could whitelist hosts for PXEboot. That's when it got inconsistent and I would end up with a brand new IP address for PXE and usually another brand new one when the host boot into it's own OS. I could only get the IP that I had set in /etc/ethers if I restarted dnsmasq on the server. Otherwise the host would receive the same WRONG IP over and over for each renewal.</span><div>
<span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><span style="font-family:arial,sans-serif;font-size:13px">Here's the config I had BEFORE implementing a "PXEboot whitelist":</span></div>
<div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div><div><div><font face="courier new, monospace" color="#0000ff">domain-needed</font></div><div><font face="courier new, monospace" color="#0000ff">bogus-priv</font></div>
<div><font face="courier new, monospace" color="#0000ff">log-dhcp</font></div><div><font face="courier new, monospace" color="#0000ff"><br></font></div><div><font face="courier new, monospace" color="#0000ff">domain=mydomain</font></div>
<div><font face="courier new, monospace" color="#0000ff">local=/mydomain/</font></div><div><font face="courier new, monospace" color="#0000ff">server=8.8.8.8</font></div><div><font face="courier new, monospace" color="#0000ff">server=8.8.4.4</font></div>
<div><font face="courier new, monospace" color="#0000ff"><br></font></div><div><font face="courier new, monospace" color="#0000ff">interface=eth0</font></div><div><font face="courier new, monospace" color="#0000ff">except-interface=eth1</font></div>
<div><font face="courier new, monospace" color="#0000ff"><br></font></div><div><font face="courier new, monospace" color="#0000ff">expand-hosts</font></div><div><font face="courier new, monospace" color="#0000ff">read-ethers</font></div>
<div><font face="courier new, monospace" color="#0000ff"><br></font></div><div><font face="courier new, monospace" color="#0000ff">dhcp-range=tag:known,set:controller,10.1.0.1,10.1.255.254,2h</font></div><div><font face="courier new, monospace" color="#0000ff">dhcp-range=tag:known,set:device,10.2.0.1,10.2.255.254,2h</font></div>
<div><font face="courier new, monospace" color="#0000ff">dhcp-option=option:router,10.0.0.1</font></div><div><font face="courier new, monospace" color="#0000ff"><br></font></div><div><font face="courier new, monospace" color="#0000ff">enable-tftp</font></div>
<div><font face="courier new, monospace" color="#0000ff">tftp-root=/tftpboot</font></div><div><font face="courier new, monospace" color="#0000ff">dhcp-boot=pxelinux.0</font></div><div><br></div></div><div><br></div><div>
<font face="arial, sans-serif">Now, I'll add the lines which allow me to use a directory of files for dhcp-host commands:</font><br>
<div style="font-family:arial,sans-serif"><br></div><div><div><font face="courier new, monospace" color="#0000ff">dhcp-vendorclass=pxe,PXEClient</font></div></div><div><font face="courier new, monospace" color="#0000ff">dhcp-ignore=tag:pxe,tag:!install</font></div>
<div><div><font face="courier new, monospace" color="#0000ff">dhcp-hostsfile=/etc/dnsmasq-hosts.d</font></div></div><div style="font-family:arial,sans-serif"><br></div></div><div><span style="font-family:arial,sans-serif;font-size:13px"><br>
</span></div><div><font face="arial, sans-serif">Inside of /etc/dnsmasq-hosts.d then I can put files that contain lines like this one:</font></div><div><br></div><div><font face="courier new, monospace" color="#0000ff">01:02:03:04:05:06,set:install</font></div>
<div><br></div><div>... and send a SIGHUP to dnsmasq process. After this, the host with that MAC address gets the tag "install" and instead of ignoring PXEboot, dnsmasq will respond for that host. Wonderful! Problem: now I'm getting wildly different MAC addresses. It's like dnsmasq is reading the files in /etc/dnsmasq-hosts.d and ignoring the /etc/ethers file. Is this expected behavior? A bug? I know that specifying a DIRECTORY instead of a file for the dhcp-hostsfile is kind of a new feature. (For my purposes, I'd prefer a directory because it's possible that several processes might want to write files at the same time. It's easy to avoid concurrency problems by putting files with unique names in a directory (named after MAC or hostname or UUIDs, etc).)</div>
<div><br></div><div><br></div><div>FYI, I'm using version 2.59 (comes with Debian wheezy). Thanks for any help!</div><div><span style="font-family:arial,sans-serif;font-size:13px"><br></span></div></div></div><div class="gmail_extra">
<br><br><div class="gmail_quote">On Fri, Jan 31, 2014 at 1:48 PM, Simon Kelley <span dir="ltr"><<a href="mailto:simon@thekelleys.org.uk" target="_blank">simon@thekelleys.org.uk</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<div class="">On 31/01/14 16:25, Linux Luser wrote:<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
dhcp-ignore-names is concerned about the hostname, correct? I am<br>
interested in the client identifier option sent in the DHCPREQUEST.<br>
Ignoring this field would break RCF2131 (and probably some people's<br>
networks!) but in my particular case, it may spare me some problems.<br>
</blockquote>
<br></div>
I understand, I'm proposing a new option, dhcp-ignore-clid, analogous to the existing dhcp-ignore-names.<div class=""><br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
<br>
Maybe if I could selectively revoke leases, that would work. Could I do<br>
this? I'm sure that dnsmasq keeps an internal cache, so that would have<br>
to be flushed for a particular lease.<br>
</blockquote>
<br></div>
There is a utility in contrib/wrt in the source distribution, and a binary in the Debiann package of dnsmasq, for releasing a specific lease from the command-line.<br>
<br>
<blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div class="">
<br>
On Jan 30, 2014 2:08 AM, "Simon Kelley" <<a href="mailto:simon@thekelleys.org.uk" target="_blank">simon@thekelleys.org.uk</a><br></div><div><div class="h5">
<mailto:<a href="mailto:simon@thekelleys.org.uk" target="_blank">simon@thekelleys.org.<u></u>uk</a>>> wrote:<br>
<br>
On 29/01/14 18:04, Linux Luser wrote:<br>
<br>
We have a pretty tightly-controlled private network environment<br>
which<br>
we've configured to have a 1-to-1-to-1 relationship between<br>
client MAC<br>
address, hostnames and IP addresses. Apart from "guest" IP<br>
ranges, we<br>
have control over when clients get added to the network. Thus,<br>
we can<br>
detect duplicate MAC addresses before it becomes an issue.<br>
<br>
In this setup, we can't need or want to use the "client identifier"<br>
option of DHCP. In fact, it becomes a problem when we start doing<br>
PXELinux installs, where a different client id gets sets during<br>
a remote<br>
install session, then when the install is complete and the new<br>
OS boots<br>
up, it gets a different IP address (because dnsmasq still knows<br>
about<br>
the lease it gave that same machine only 10 minutes ago!).<br>
<br>
To get rid of this issue, we now supply a dhcp-host option to<br>
dnsmasq<br>
each time we want to do a remote reinstall. The option looks<br>
something<br>
like this:<br>
dhcp-host=<MAC addr>,id:*,<hostname>,<IP addr>,set:install<br>
<br>
This works, since the "id:*" part tells dnsmasq to ignore the<br>
client ID<br>
in favor of the MAC address. But now to my question. Can this be<br>
done<br>
for ALL DHCP requests? Is there a global "identify-by-mac-only"<br>
option?<br>
If not, would you be willing to entertain the idea. I know many<br>
others<br>
have done this for some time now, using other DHCP server<br>
software, so I<br>
know it's possible and there doesn't seem to be any ill effects<br>
of this.#<br>
<br>
<br>
There isn't a global option to do this, but there is precedent, in<br>
the form of --dhcp-ignore-names for adding it, and actually that's<br>
something more useful, since the tag system allows the setting to be<br>
applied to classes of clients (which could, of course, be "all clients")<br>
<br>
<br>
Maybe this is not a good idea? Like I said, we have a fairly<br>
controlled<br>
environment, so it would work for us. I could see how this would be<br>
unnecessary for common setups, though. Or environments that have<br>
many<br>
VMs running on a single host and simply bridge their network<br>
interface<br>
may want to use the "client identifier" option so each VM gets a<br>
unique<br>
IP even if they're running on the same machine or t But it would<br>
be nice to<br>
have a greater level of control over this.<br>
<br>
<br>
Thanks for your time. And GREAT piece of software, by the way.<br>
dnsmasq<br>
is a HUGE time saver and makes changing configurations<br>
straight-forward.<br>
Do you accept donations? :)<br>
<br>
<br>
Donations by Paypal to <a href="mailto:simon@thekelleys.org.uk" target="_blank">simon@thekelleys.org.uk</a><br></div></div>
<mailto:<a href="mailto:simon@thekelleys.org.uk" target="_blank">simon@thekelleys.org.<u></u>uk</a>> are always welcome, or you could<div class=""><br>
commission me to add new features. I'm available for that on a<br>
consultancy basis, cheaper for stuff which goes back into the<br>
dnsmasq GPL codebase, more expensive for proprietary code.<br>
<br>
<br>
<br>
Cheers,<br>
<br>
Simon.<br>
<br>
<br>
<br>
--<br>
daV.e<br>
<br>
<br></div>
______________________________<u></u>___________________<br>
Dnsmasq-discuss mailing list<br>
Dnsmasq-discuss@lists.__<a href="http://thekelleys.org.uk" target="_blank">thekel<u></u>leys.org.uk</a><br>
<mailto:<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.<u></u>thekelleys.org.uk</a>><br>
<a href="http://lists.thekelleys.org." target="_blank">http://lists.thekelleys.org.</a>__<u></u>uk/mailman/listinfo/dnsmasq-__<u></u>discuss<br>
<<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" target="_blank">http://lists.thekelleys.org.<u></u>uk/mailman/listinfo/dnsmasq-<u></u>discuss</a>><br>
<br>
<br>
<br>
______________________________<u></u>___________________<br>
Dnsmasq-discuss mailing list<br>
Dnsmasq-discuss@lists.__<a href="http://thekelleys.org.uk" target="_blank">thekel<u></u>leys.org.uk</a><br>
<mailto:<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.<u></u>thekelleys.org.uk</a>><br>
<a href="http://lists.thekelleys.org." target="_blank">http://lists.thekelleys.org.</a>__<u></u>uk/mailman/listinfo/dnsmasq-__<u></u>discuss<br>
<<a href="http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss" target="_blank">http://lists.thekelleys.org.<u></u>uk/mailman/listinfo/dnsmasq-<u></u>discuss</a>><br>
<br>
</blockquote>
<br>
</blockquote></div><br><br clear="all"><div><br></div>-- <br>daV.e<br><br>"The reasonable man adapts himself to the conditions that surround him... The unreasonable man adapts surrounding conditions to himself... All progress depends on the unreasonable man." Bernard Shaw
</div>