<div dir="ltr"><div dir="ltr"><span style="color:rgb(0,0,0)">Thanks Simon (apologies - my first reply went to your direct email instead of back to the list which was not my intent!)</span><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">There are dhcp4 ranges defined, but none with ranges for those interface.</div><div style="color:rgb(0,0,0)">For example, the interface which should give out the RAs is br0, and the relevant lines are:</div><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">ra-param=br0,10,600<br>enable-ra<br>quiet-ra<br>dhcp-range=lan,::,constructor:br0,ra-stateless,64,600<br></div><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">But the device has other interfaces, for example br1 and br2 which have the following configuration:</div><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">interface=br1<br>dhcp-range=br1,192.168.101.2,192.168.101.254,255.255.255.0,86400s<br>dhcp-option=br1,3,192.168.101.1<br>interface=br2<br>dhcp-range=br2,192.168.102.2,192.168.102.254,255.255.255.0,86400s<br>dhcp-option=br2,3,192.168.102.1<br></div><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">My understanding is that the line "interface=X" (e.g. interface=br1) is needed to actually enable dnsmasq to listen *at all* on that interface.</div><div style="color:rgb(0,0,0)">But the use of br1 on the range/option lines is an arbitrary tag to simply associate those two options together.</div><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">IOW, a particular dhcp-range is not associated with an interface using any explicit command, rather if a dhcp-range is defined and an interface that is defined with "interface=X" is bound to that subnet it will serve requests from the defined range?</div><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">So I do have dhcp4 ranges defined, and I want those serving out those IPs on the interfaces that are on those ranges, but I don't expect any DHCPv4 traffic to be answered on br0.</div><div style="color:rgb(0,0,0)"><br></div><div style="color:rgb(0,0,0)">I'm sure I can write iptable rules to block that, but something tells me that isn't the elegant way and perhaps there is a dnsmasq configuration methodology that I am overlooking???</div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Wed, Apr 5, 2023 at 12:33 PM Simon Kelley <<a href="mailto:simon@thekelleys.org.uk">simon@thekelleys.org.uk</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><br>
<br>
On 03/04/2023 16:54, Ben Hendin wrote:<br>
> I'm running Dnsmasq version 2.85-openssl-5-g989ee98 on an embedded <br>
> device (Entware installation)<br>
> <br>
> I am seeing log entries that state the following when clients come onto <br>
> the network to request IP addresses via DHCP:<br>
> <br>
> "no address range available for DHCP request via br0"<br>
> <br>
> br0 is a bridged interface that includes the LAN and main WiFi of the <br>
> embedded device.<br>
> <br>
> The issue is that I do not use dnsmasq on this device for DHCP on this <br>
> interface.<br>
> (I do have it configured to deliver dhcp-range information to some other <br>
> wireless interfaces.)<br>
> The main function on this interface is DNS and to deliver RAs for IPv6.<br>
> <br>
> It appears, in order to deliver RAs to my clients the following lines <br>
> must be configured:<br>
> <br>
> -------------------<br>
> interface=br0<br>
> ra-param=br0,10,600<br>
> enable-ra<br>
> dhcp-range=lan,::,constructor:br0,ra-stateless,64,600<br>
> -----------------------<br>
> <br>
> In other words, dhnsmasq must be configured to deliver the "dhcp-range" <br>
> option in order to deliver RAs (enable-ra isn't enough)<br>
> Because of this you can't use the "no-dhcp-interface=br0" option or else <br>
> the dhcp-range and therefore the RA will not get delivered to clients.<br>
> <br>
> When a client joins the network, it requests an IPv4 address, which will <br>
> not be served by dnsmasq, but by another authoritative server on the <br>
> network.<br>
> However, because dnsmasq is configured to provide DHCP services, yet has <br>
> no IPv4 range defined it spits out the "no address range available"<br>
> <br>
> I have tried changing the "ra-stateless" option to "slaac" or "ra-only" <br>
> as the description of "ra-only" seems to indicate that dnsmasq will then <br>
> be made aware it is only to deliver RAs and not DHCP (though perhaps <br>
> this only registers for v6). I have also tried to use "quiet-dhcp" to <br>
> suppress these unsuccessfully. Because the message is still logged, it <br>
> would fall under "error or problem" according to "quiet-dhcp" <br>
> specifications.<br>
> <br>
> Is this behavior expected? If so, is it considered preferable or should <br>
> dnsmasq have some configuration where it should not assume that an IPv4 <br>
> range being unconfigured is an issue worth notifying about in scenarios <br>
> like this?<br>
> <br>
<br>
That's not expected behaviour. The log does indeed imply that this is a <br>
DHCPv4 request (it would say no address range available for DHCPv6) but <br>
unless there's a valid IPv4 dhcp-range defined dnsmasq should not even <br>
be listening on the DHCPv4 port. The current code doesn't, and I don't <br>
remember any fixes to this the 2.85-2.89 timeframe.<br>
<br>
What does dnsmasq log when it starts up? The most obvious explantion for <br>
this is that Entware's startup is defining a DHCPv4 range somewhere in <br>
the config that gets passed to dnsmasq.<br>
<br>
<br>
Cheers,<br>
<br>
Simon.<br>
<br>
<br>
> thank you<br>
> <br>
> _______________________________________________<br>
> Dnsmasq-discuss mailing list<br>
> <a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
> <a href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a><br>
<br>
_______________________________________________<br>
Dnsmasq-discuss mailing list<br>
<a href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" target="_blank">Dnsmasq-discuss@lists.thekelleys.org.uk</a><br>
<a href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss" rel="noreferrer" target="_blank">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a><br>
</blockquote></div></div>