[Dnsmasq-discuss] Discovering the proxyDHCP server IP from initrds
Alkis Georgopoulos
alkisg at gmail.com
Sat Feb 2 07:39:23 GMT 2019
I forgot to mention that I also use the "no-ping" option in the second
dnsmasq instance, to avoid delays, since the client won't use the
DHCPOFFER IP anyway.
On 2/2/19 9:25 p.m., Alkis Georgopoulos wrote:
> Hi, I have the following use case, and I'm thinking that a workaround
> might be to abuse the DHCP server concept a bit, and I'd like to ask if
> someone can see any bad side effects, or can come up with a better
> solution.
>
> * Small computer lab. An LTSP server netboots e.g. 20 clients.
> * The DHCP server is a cheap, non-configurable router.
> There are no static IPs, not even for the server.
> * Dnsmasq is configured as a proxyDHCP server.
>
> The problem is, "how can the initramfs find out the dnsmasq=proxyDHCP
> server IP, to load the NBD root file system from there?"
>
> 1) Ideally, the DHCP client in the initramfs would understand proxyDHCP
> offers and get the address from there.
> ==> QUESTION 1: Does anyone know of such a client?
>
> 2) When using iPXE/undionly, we pass the proxyDHCP server IP in the
> kernel cmdline using its ${proxydhcp/dhcp-server} variable.
>
> 3) When using PXELinux, we pass the proxyDHCP server IP by using its
> "IPAPPEND 3" option.
>
> 4) But there are some cases (e.g. no UEFI/BIOS/iPXE support for the NIC)
> where we put the kernel/initrd locally, so the initramfs needs to
> discover the proxyDHCP server with no help from /proc/cmdline.
> My hacky workaround there is to:
>
> Server side:
> As I said, dnsmasq already runs in proxyDHCP mode.
> But I also run a SECOND instance of dnsmasq with the following
> configuration:
> dhcp-alternate-port
> dhcp-range=192.168.0.1,192.168.0.254,2m
> port=0
> dhcp-leasefile=/tmp/dnsmasq.leases
> This is using the REAL dhcp-range, where the router is responsible!
> So dnsmasq might offer an IP that is actually in use!
> But the client will discard the DHCPOFFER IP (see below).
>
> Client side:
> The client normally runs `ipconfig` in the initramfs and gets its IP
> from the router.
> Then I tell it to run a SECOND, "fake" `ipconfig -n -p 1068 enp0s17`.
> Using the alternate ports, it manages to contact dnsmasq.
> It gets the DHCPOFFER, keeps the server IP, and completely discards the
> received IP.
>
> I.e. my workaround is to abuse the DHCP protocol just for server
> discovery, not IP leasing, due to DHCP clients not supporting the
> proxyDHCP protocol.
>
> ==> QUESTION 2: since the client will discard the DHCPOFFER IP, and only
> use the server IP, will this abuse have any bad side effects?
>
> Thank you!
> Alkis Georgopoulos
> LTSP developer
More information about the Dnsmasq-discuss
mailing list