[Dnsmasq-discuss] illegal domain in dhcp-config directive

Jason Dixon jdixon at omniti.com
Mon Aug 4 15:38:53 BST 2008 

On Tue, Jul 29, 2008 at 07:40:52AM -0400, Jason Dixon wrote:
> On Tue, Jul 29, 2008 at 07:48:32AM +0100, Simon Kelley wrote:
> > Jason Dixon wrote:
> >> Thanks to the recent vulnerability, I'm upgrading an older dnsmasq
> >> system from version 2.34 to 2.45.  I've installed it and attempted to
> >> run it, but I get the following error.
> >>
> >> dnsmasq: illegal domain 04-06.lab.foobar.com in dhcp-config directive.
> >>
> >> The same configuration works fine with 2.34, so I presume something has
> >> changed in the configuration syntax or default settings.  I haven't
> >> found anything on Google or in the FAQ about this error, nor do I see
> >> any "dhcp-config" directives in our config files or the sample config.
> >> Here is the relevant line from our config:
> >>
> >> dhcp-host=00:0c:29:02:1f:06,ubuntu-8.04-06.lab.foobar.com,172.16.0.105
> >>
> >> It doesn't appear to be anything specifically with that line.  We have a
> >> couple hundred of these loaded by dnsmasq.  If I comment out that one,
> >> the next preceding one will error.  I'm not experienced with dnsmasq, so
> >> I'm putting myself at the mercy of this list.  Any help will be greatly
> >> appreciated.  :)
> >
> > As far as I can see, this error can only be occuring because the domain  
> > part of the name your applying to that host doesn't match the domain  
> > specified for dnsmasq to use by the domain=<domain> config option.
> >
> > AFAIK dnsmasq has never allowed you to send a FQDN to a host unless it  
> > matches the domain setting (this is to avoid hosts impersonating, eg  
> > www.microsoft.com) but the check in this case has been moved from  
> > run-time, where it will log an error, to a fatal error at start-up
> >
> > The fix may be as simple as adding
> >
> > domain=04-06.lab.foobar.com
> >
> > (and you can remove the domain parts from all the dhcp-host lines as  
> > well, if you wish. If they stay, they must match the domain given)
> 
> We have mixed domains in our configuration.  I see the following line in
> the main dnsmasq.conf, which would account for most of the dhcp-host
> entries:
> 
> local=/lab.foobar.com/wifi.foobar.com/
> 
> I see no domain directives anywhere.  I suspect that adding
> 04-06.lab.foobar.com to the local directive might be sufficient, but I'm
> just guessing.  And yes, this configuration works fine with
> dnsmasq-2.34.

I tried various changes to our configuration but couldn't find a working
set.  I'm including a subset of our configuration here so you can see
what might be causing the issue.  The only bits I've left out include
redundant information (e.g. dhcp-host).  Just to reiterate, this works
under 2.34 but is broken under 2.45.


# cat /etc/dnsmasq.conf | grep -v '^$' | grep -v '^\#'
filterwin2k
local=/lab.foobar.com/wifi.foobar.com/
interface=eth0
expand-hosts
dhcp-option=3,172.16.0.1
dhcp-option=42,0.0.0.0
conf-file=/etc/dnsmasq.lab.conf
conf-file=/etc/dnsmasq.wifi.conf

# cat /etc/dnsmasq.lab.conf | grep -v '^$' | grep -v '^\#'
dhcp-range=lab,172.16.0.10,172.16.0.81,12h
dhcp-option=lab,15,lab.foobar.com
dhcp-host=00:0e:0c:bc:17:70,lab01.lab.foobar.com,172.16.0.10
dhcp-host=00:0c:29:ff:96:a7,solaris.lab.foobar.com,172.16.0.6
dhcp-host=00:0c:29:ff:96:xx,windows.lab.foobar.com,172.16.0.7
dhcp-host=00:0c:29:db:8a:b3,centos.lab.foobar.com,172.16.0.5
dhcp-host=00:0c:29:3c:58:01,centos-4.4-01.lab.foobar.com,172.16.0.82

# cat /etc/dnsmasq.wifi.conf | grep -v '^$' | grep -v '^\#'
dhcp-range=wifi,172.16.0.200,172.16.0.250,3d
dhcp-option=wifi,15,wifi.foobar.com


Thanks,

-- 
Jason Dixon
OmniTI Computer Consulting, Inc.
jdixon at omniti.com
443.325.1357 x.241

More information about the Dnsmasq-discuss mailing list