[Dnsmasq-discuss] Help with dnsmasq and vlans tags

john doe johndoe65534 at mail.com
Wed Dec 5 15:40:16 GMT 2018 

On 12/5/2018 1:09 PM, jmperrote wrote:
> El 2018-12-04 12:26, john doe escribió:
>> On 12/4/2018 12:02 PM, jmperrote wrote:
>>> El 2018-12-03 13:30, john doe escribió:
>>>> On 12/3/2018 4:27 PM, jmperrote wrote:
>>>>> We need help to configure dnsmasq with vlans tagged on router.
>>>>>
>>>>> We actually have a dnsmasq server serving dns and dhcp, and 3 nics,
>>>>> one
>>>>> for each vlans:
>>>>>
>>>>> dhcp-range=interface:eth0,set:VLAN_37,10.11.37.50,10.11.37.200,6h
>>>>> dhcp-option=eth0,6,10.11.37.15 #dns primario
>>>>> dhcp-option=eth0,1,255.255.255.0 # mascara de red
>>>>> dhcp-option=eth0,option:router,10.11.37.1 # gateway
>>>>>
>>>>> dhcp-range=interface:eth0,set:VLAN_137,10.11.137.90,10.11.137.98,6h
>>>>> dhcp-option=eth0,6,10.11.37.15 #dns primario
>>>>> dhcp-option=eth0,1,255.255.255.0 # mascara de red
>>>>> dhcp-option=eth0,option:router,10.11.137.1 # gateway
>>>>>
>>>>> dhcp-range=interface:eth0,set:VLAN_237,10.11.237.50,10.11.237.200,6h
>>>>> dhcp-option=eth0,6,10.11.37.15 #dns primario
>>>>> dhcp-option=eth0,1,255.255.255.0 # mascara de red
>>>>> dhcp-option=eth0,option:router,10.11.237.1 # gateway
>>>>>
>>>>>
>>>>> Know we are migratting to a dnsmasq solution with one nic a tagged
>>>>> vlans: But the result is not that we want:
>>>>>
>>>>> We configure this:
>>>>>
>>>>> dhcp-range=tag:vlan37,set:VLAN_37,10.11.37.50,10.11.37.200,6h
>>>>> dhcp-range=tag:vlan137,set:VLAN_137,10.11.137.50,10.11.137.200,6h
>>>>> dhcp-range=tag:vlan237,set:VLAN_237,10.11.237.50,10.11.237.200,6h
>>>>> dhcp-option=tag:vlan37,option:dns-server,10.11.37.15
>>>>> dhcp-option=tag:vlan137,option:dns-server,10.11.37.15
>>>>> dhcp-option=tag:vlan237,option:dns-server,10.11.37.15
>>>>> dhcp-option=tag:vlan137,option:router,10.11.137.1
>>>>> dhcp-option=tag:vlan37,option:router,10.11.37.1
>>>>> dhcp-option=tag:vlan237,option:router,10.11.237.1
>>>>>
>>>>> But all clients recive allways the same gateway, 10.11.237.1
>>>>>
>>>>
>>>> I'm not sure to fully understand the issue(s) you are facing.
>>>> As far as dnsmasq is concerned, there is no differences between 3
>>>> physical "nicks" and 3 VLAN tagged interfaces  (802.1Q).
>>>> So for a start you could simply try:
>>>>
>>>> # Specify DHCP range with a tag
>>>> dhcp-range=set:vlan99,172.23.100.200,172.23.100.230,12h
>>>> dhcp-range=set:vlan100,172.23.101.200,172.23.101.230,12h
>>>> dhcp-range=set:vlan100,172.23.102.200,172.23.102.230,12h
>>>
>>>
>>>  John Doe, sorry for my mistake, my actual configuration of dnsmasq are:
>>>
>>>     dhcp-range=interface:eth0,set:VLAN_37,10.11.37.50,10.11.37.200,6h
>>>     dhcp-option=eth0,6,10.11.37.15 #dns primario
>>>     dhcp-option=eth0,1,255.255.255.0 # mascara de red
>>>     dhcp-option=eth0,option:router,10.11.37.1 # gateway
>>>
>>>     dhcp-range=interface:eth1,set:VLAN_137,10.11.137.90,10.11.137.98,6h
>>>     dhcp-option=eth1,6,10.11.37.15 #dns primario
>>>     dhcp-option=eth1,1,255.255.255.0 # mascara de red
>>>     dhcp-option=eth1,option:router,10.11.137.1 # gateway
>>>
>>>     dhcp-range=interface:eth2,set:VLAN_237,10.11.237.50,10.11.237.200,6h
>>>     dhcp-option=eth2,6,10.11.37.15 #dns primario
>>>     dhcp-option=eth2,1,255.255.255.0 # mascara de red
>>>     dhcp-option=eth2,option:router,10.11.237.1 # gateway
>>>
>>> We have 3 nics on the system eth0/eth1/eth2, one for each VLAN, and try
>>> to replace for one nic with VLANs tagged.
>>>
>>> We try the tag option and the dhcp assign ip on correct range for each
>>> PC on each vlan, but dnsmasq allways assign to the PC the same gateway,
>>> that is the las vlan configured.
>>>
>>> For example on this configuraton assign the correct range to the PC, but
>>> the gateway always assign 10.11.237.1 gateway, to all PC
>>>
>>> dhcp-range=interface:eth0.37,set:VLAN_37,10.11.37.90,10.11.37.98,6h
>>> dhcp-option=eth0.37,6,10.11.37.15 #dns primario
>>> dhcp-option=eth0.37,1,255.255.255.0 # mascara de red
>>> dhcp-option=eth0.37,option:router,10.11.37.1 # gateway
>>>
>>> dhcp-range=interface:eth0.137,set:VLAN_137,10.11.137.90,10.11.137.98,6h
>>> dhcp-option=eth0.137,6,10.11.37.15 #dns primario
>>> dhcp-option=eth0.137,1,255.255.255.0 # mascara de red
>>> dhcp-option=eth0.137,option:router,10.11.137.1 # gateway
>>>
>>> dhcp-range=interface:eth0.237,set:VLAN_237,10.11.237.50,10.11.237.200,6h
>>> dhcp-option=eth0.237,6,10.11.37.15 #dns primario
>>> dhcp-option=eth0.237,1,255.255.255.0 # mascara de red
>>> dhcp-option=eth0.237,option:router,10.11.237.1 # gateway
>>>
>>>
>>> It is necessary to use "vconfig" to configure virtual vlan interface on
>>> the operating system, or can use tagged vlans from the router ?
>>>
>>
>> To be able to answer your question I need to know the following:
>>
>>  - What hardware is the router (netgear, cisco ...)?
>>  - What type of distribution (name and version) are you using 'vconfig'
>> on (Linux, Oracle)?
>>
>> I can't answer your question without knowing your network topology, but
>> if the router is VLAN tagging capable I would use it and also use the
>> DHCP capability from that router.
>>
>> Also, to isolate whether it is a vlan configuration or a dnsmasq issue
>> simply try the line I have provided, obviously you can change the Ip
>> ranges to your liking.
> 
> 
> Hello john doe,
> 
> Send the data:
>  -- Router mikrotik RB1100 AH
>  -- Ubuntu 16.04
>  -- Using vconfig with 3 VLANs
> 
> Yes, the router have capabilitie to dhcp, you recommend to use that
> instead of dnsmasq for dhcp ?.
> 

The only reason why i menssioned the router is because it might be
easier to configure vlan tagging and dhcp there! :)


Here is my understanding of your network topology, is that correct?:

The router (mikrotik RB1100 AH)  is connected to the wan interface of
the Ubuntu box and the rest of your network is behind that Ubuntu box

router -- ubuntu box -- devices(switch ...) supporting IEEE 802.1q



It's been ages since I've used 'vconfig' and I won't be able to help you
configure VLAN tagging using vconfig (see (1)).
However, Ubuntu 16.0* supports Systemd which can configure VLAN tagged
interface.


When you are sure that your VLANs (1) are working properly, you can then
add dnsmasq into the mix.

Also, why is your DNS server directive pointing to "10.11.37.15"?

1)  https://wiki.ubuntu.com/vlan

-- 
John Doe

More information about the Dnsmasq-discuss mailing list