[Dnsmasq-discuss] Answering DHCPINFORM from other interfaces

Sergei Zhirikov sfzhi at yahoo.com
Sun Oct 18 16:41:31 BST 2009


richardvoigt at gmail.com wrote:
> On Sat, Oct 17, 2009 at 1:18 PM, Sergei Zhirikov <sfzhi at yahoo.com> wrote:
>> Michael Rack wrote:
>>> You have to setup a bridge on your linux-router and assign every dynamic
>>> created ppp-interface to that.
>>>
>>>       brctl addif br0 pppx
>>>
>>> Configure DNSMASQ to listen on the bridges interface.
>>>
>>>       interface=br0
>>>       bind-interfaces
>>>
>>> And well, you're done.
>>>
>>> Cheers,
>>> Michael.
>> Thanks for the suggestion, Michael.
>>
>> I have tried it, but unfortunately it doesn't work :(.
>> The command "brctl addif br0 ppp0" fails with "can't add ppp0 to bridge br0: Invalid argument". It looks like point-to-point interfaces can not be added to a bridge (I tried also with a TUN device, just to see if it could be added, and got the same error message).
> 
> Did you create a bridge first?
> 
> brctl addbr br0

Of course, I did :)

> 
> What is the output of
> 
> brctl show
> 

# brctl show
bridge name     bridge id               STP enabled     interfaces
br0             8000.000000000000       no

I don't think it is meant to work with PPP interfaces.

> Of course, an alternate way to deal with your problem is to let
> dnsmasq listen on all interfaces, and use iptables to block the
> traffic on the interfaces where dhcp is not wanted.
> 
> 
>> --
>> Kind regards,
>> Sergei.
>>
>>
>>> Am 17.10.2009 14:04, schrieb Sergei Zhirikov:
>>>> Hi,
>>>>
>>>> I'm using dnsmasq as a DHCP and DNS server on my Linux home gateway, which is also a IPSec/L2TP VPN server. For IP address allocation for the VPN PPP tunnels I use ppp-dhcpc plugin, which pretends to be a DHCP relay and requests IP addresses from dnsmasq. That part works fine.
>>>>
>>>> However, when the PPP link has been established the VPN client (a Windows PC in my case, but I don't think it's relevant) send DHCPINFORM request to the broadcast address 255.255.255.255. That request reaches the Linux gateway via the PPP link, but dnsmasq does not reply, because it can see that the request is coming from an interface it is not configured to serve.
>>>>
>>>> I would really like dnsmasq to reply to those DHCPINFORM requests coming in through the PPP links, but I haven't been able to configure dnsmasq for that. I can't tell it to serve the PPP interface, because the interface name is assigned dynamically (thus not known in advance). I can not tell dnsmasq to serve all interfaces with some exceptions either, because then the list of the exceptions would have to contain dynamically assigned names.
>>>>
>>>> I have tried some tricks with iptables. Tried to use "-j ROUTE --iif ifname" to make the packets appear coming form another interface with a fixed name that dnsmasq is configured to serve, but dnsmasq still does not reply as if it somehow can see the original interface name.
>>>>
>>>> I have tried to use a pair of VETH interfaces to route the incoming packets to one end of the virtual tunnel so that they would appear to dnsmasq coming out of the other end, but that didn't work, because I didn't manage to get the routing work the way I wanted (perhaps, because I lack necessary knowledge about advanced routing).
>>>>
>>>> I would appreciate any kind of help with this problem.
>>>>
>>>> Thank you,
>>>> Kind regards,
>>>>
>>>> Sergei.
>>>>
>>>>
>>>> _______________________________________________
>>>> Dnsmasq-discuss mailing list
>>>> Dnsmasq-discuss at lists.thekelleys.org.uk
>>>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>>
> 
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss




More information about the Dnsmasq-discuss mailing list