[Dnsmasq-discuss] Discovering the proxyDHCP server IP from initrds

Alkis Georgopoulos alkisg at gmail.com
Sat Feb 2 07:39:23 GMT 2019


I forgot to mention that I also use the "no-ping" option in the second 
dnsmasq instance, to avoid delays, since the client won't use the 
DHCPOFFER IP anyway.


On 2/2/19 9:25 p.m., Alkis Georgopoulos wrote:
> Hi, I have the following use case, and I'm thinking that a workaround 
> might be to abuse the DHCP server concept a bit, and I'd like to ask if 
> someone can see any bad side effects, or can come up with a better 
> solution.
> 
> * Small computer lab. An LTSP server netboots e.g. 20 clients.
> * The DHCP server is a cheap, non-configurable router.
> There are no static IPs, not even for the server.
> * Dnsmasq is configured as a proxyDHCP server.
> 
> The problem is, "how can the initramfs find out the dnsmasq=proxyDHCP 
> server IP, to load the NBD root file system from there?"
> 
> 1) Ideally, the DHCP client in the initramfs would understand proxyDHCP 
> offers and get the address from there.
> ==> QUESTION 1: Does anyone know of such a client?
> 
> 2) When using iPXE/undionly, we pass the proxyDHCP server IP in the 
> kernel cmdline using its ${proxydhcp/dhcp-server} variable.
> 
> 3) When using PXELinux, we pass the proxyDHCP server IP by using its 
> "IPAPPEND 3" option.
> 
> 4) But there are some cases (e.g. no UEFI/BIOS/iPXE support for the NIC) 
> where we put the kernel/initrd locally, so the initramfs needs to 
> discover the proxyDHCP server with no help from /proc/cmdline.
> My hacky workaround there is to:
> 
> Server side:
> As I said, dnsmasq already runs in proxyDHCP mode.
> But I also run a SECOND instance of dnsmasq with the following 
> configuration:
>    dhcp-alternate-port
>    dhcp-range=192.168.0.1,192.168.0.254,2m
>    port=0
>    dhcp-leasefile=/tmp/dnsmasq.leases
> This is using the REAL dhcp-range, where the router is responsible!
> So dnsmasq might offer an IP that is actually in use!
> But the client will discard the DHCPOFFER IP (see below).
> 
> Client side:
> The client normally runs `ipconfig` in the initramfs and gets its IP 
> from the router.
> Then I tell it to run a SECOND, "fake" `ipconfig -n -p 1068 enp0s17`.
> Using the alternate ports, it manages to contact dnsmasq.
> It gets the DHCPOFFER, keeps the server IP, and completely discards the 
> received IP.
> 
> I.e. my workaround is to abuse the DHCP protocol just for server 
> discovery, not IP leasing, due to DHCP clients not supporting the 
> proxyDHCP protocol.
> 
> ==> QUESTION 2: since the client will discard the DHCPOFFER IP, and only 
> use the server IP, will this abuse have any bad side effects?
> 
> Thank you!
> Alkis Georgopoulos
> LTSP developer




More information about the Dnsmasq-discuss mailing list