[Dnsmasq-discuss] Mac Filtering for VMWare ESX Guests

Mon Feb 16 00:13:42 GMT 2015

That makes perfect sense... So I added the tag:!vmware to the other range
and while it took several reboots and dhcp refreshes on the XP VM it did
finally take.

Thanks!

Matt

On Sun, Feb 15, 2015 at 4:59 PM, Simon Kelley <simon at thekelleys.org.uk>
wrote:

> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA256
>
> The client is asking for 10.1.10.104 since it used it at sometime in
> the past. Dnsmasq gives it what it asks for, since the unqualified
> dhcp-range allows that address. If dnsmasq was allocating an address
> from scratch, it would use the 10.1.10.50,10.1.10.59 range, as that
> has higher priority, because of the tag. Your config makes the
> 10.1.10.100,10.1.10.139 range available for vmware clients, and this
> situation, (and others, for instance if 10.1.10.50,10.1.10.59 were
> full) causes dnsmasq to use it.
>
> To ensure that VMware clients can only go in the 10.1.10.50,10.1.10.59
> range, you need to disallow the other range
>
>     dhcp-mac=set:vmware,00:0C:29:*:*:*
>     dhcp-range=tag:!vmware,10.1.10.100,10.1.10.139,255.255.255.0,6h
>     dhcp-range=tag:vmware,10.1.10.50,10.1.10.59,255.255.255.0,6h
>
>
> Cheers,
>
> Simon.
>
>
> On 15/02/15 21:18, Matt Neimeyer wrote:
> > I'm running dnsmasq 2.72 on my Gentoo box and I feel like I'm
> > missing something obvious.
> >
> > I have the following lines in my dnsmasq.conf
> >
> > dhcp-mac=set:vmware,00:0C:29:*:*:*
> > dhcp-range=10.1.10.100,10.1.10.139,255.255.255.0,6h
> > dhcp-range=tag:vmware,10.1.10.50,10.1.10.59,255.255.255.0,6h
> >
> > And yet the VM with a MAC of 00:0C:29:47:B3:0F is getting an IP of
> > 10.1.10.104
> >
> > The leases file contains this entry for that machine if it helps
> > any...
> >
> > 1424056062 00:0c:29:47:b3:0f 10.1.10.104 vxppro
> > 01:00:0c:29:47:b3:0f
> >
> > And I can see the following in my logs...
> >
> > Feb 15 16:14:24 [dnsmasq-dhcp] DHCPRELEASE(enp1s0) 10.1.10.104
> > 00:0c:29:47:b3:0f Feb 15 16:14:24 [dnsmasq-dhcp]
> > DHCPDISCOVER(enp1s0) 10.1.10.104 00:0c:29:47:b3:0f Feb 15 16:14:24
> > [dnsmasq-dhcp] DHCPOFFER(enp1s0) 10.1.10.104 00:0c:29:47:b3:0f Feb
> > 15 16:14:24 [dnsmasq-dhcp] DHCPREQUEST(enp1s0) 10.1.10.104
> > 00:0c:29:47:b3:0f Feb 15 16:14:24 [dnsmasq-dhcp] DHCPACK(enp1s0)
> > 10.1.10.104 00:0c:29:47:b3:0f vxppro
> >
> > What else should I be looking for?
> >
> > Thanks in advance!
> >
> > Matt
> >
> >
> >
> > _______________________________________________ Dnsmasq-discuss
> > mailing list Dnsmasq-discuss at lists.thekelleys.org.uk
> > http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> >
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1
>
> iQIcBAEBCAAGBQJU4RaqAAoJEBXN2mrhkTWi60gP/27R8VyfJ5xJC8u5CoYzgCJS
> JZudS0OZLSec8lI+Q5/QyMos5WugxYlC/6xQ85igRMZdAJVdmoWYQpQeTHN8b9RW
> Jx+imYe45nnVsptUlrcarTp60j0QxpI6DgTc4Qzsf5u7hPIsyH/vQMbyqpZaDC2s
> 7V+CYil64BDjBm414CbN+e9Ts4mEwOB8RMS36bAhub8TgY7pwlsZdm2GjUDZK1eu
> 1B6SvFQuxEcuQqmmsr7HUOBOpHnj9J0hFNijMtfQdWMUt62OAYQ65oc8qKCQZMsv
> ivt7xMCuZTjkXjI1imhB66jjML+EekIQOcOkOFfneeDne1dder9dxT+Qsj23q/+r
> SLIEAnBz373kf0bZlnDJOU0WbJVDVtXf3EltwX27nthorn8Ej9nKTO5NeePWKpZw
> wd5e1wRbTomD30izGPBSLkfw8BsmqnWLcQBcUZ2cqDRiyweJLS4QezMiubnTMNnj
> oI91VJUH8lJZyqh4PwDXb7mdspupANpYfKDg4DK6ulbZVkRAGsYtyBgU+/CPiU7Z
> AdWB7bJRHoANo+qKVTSmgYxvSWbAZ0psZEWRahMb8Y3KLIx3m61d4sosPLumlDZE
> YyHqS8egOJk2n41IpQPyDgi55sBFT+qFkL8bixTZqxMJwEomKmYPGNQ5WjUvNosv
> 4xNQXdlAslAVgYeD7WuI
> =C4ko
> -----END PGP SIGNATURE-----
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20150215/6660a5a9/attachment-0001.html>