[Dnsmasq-discuss] [PATCH] Add dhcp-ignore-clid configuration option
Patch Pick-Up
stappers at stappers.nl
Fri Aug 9 05:50:51 BST 2019
Consider this "retransmit" a reminder ...
On Thu, Jun 20, 2019 at 10:26:40AM +0200, Florent Fourcot wrote:
> The idea of this option was already discussed years ago on the mailing
> list:
> https://dnsmasq-discuss.thekelleys.org.narkive.com/ZoFQNaGo/always-ignore-client-identifier#post4
>
> In our production environnement, we discovered that some devices are
> using 'client identifier' not unique at all, resulting on IP addresses
> conflicts between several devices (we saw up to four devices using same
> IP address).
>
> The root cause is probably a buggy operating system/configuration of
> decices, but this patch add a configuration workaround on server side
> when fixing clients is impossible.
>
> Signed-off-by: Charles Daymand <charles.daymand at wifirst.fr>
> Signed-off-by: Florent Fourcot <florent.fourcot at wifirst.fr>
> ---
> CHANGELOG | 4 ++++
> man/dnsmasq.8 | 6 ++++++
> man/fr/dnsmasq.8 | 7 +++++++
> src/dnsmasq.h | 3 ++-
> src/option.c | 3 +++
> src/rfc2131.c | 2 +-
> 6 files changed, 23 insertions(+), 2 deletions(-)
>
> diff --git a/CHANGELOG b/CHANGELOG
> index 8e83c82..a5e9366 100644
> --- a/CHANGELOG
> +++ b/CHANGELOG
> @@ -39,6 +39,10 @@ version 2.81
> have an interface on the network in that subnet. Many thanks to
> kamp.de for sponsoring this feature.
>
> + Add --dhcp-ignore-clid. This disables reading of DHCP client
> + identifier option (option 61), so clients are only identified by
> + MAC addresses.
> +
>
> version 2.80
> Add support for RFC 4039 DHCP rapid commit. Thanks to Ashram Method
> diff --git a/man/dnsmasq.8 b/man/dnsmasq.8
> index bc5ae63..9d5d4d0 100644
> --- a/man/dnsmasq.8
> +++ b/man/dnsmasq.8
> @@ -1405,6 +1405,12 @@ address, and setting this flag enables this mode. Note that in the
> sequential mode, clients which allow a lease to expire are much more
> likely to move IP address; for this reason it should not be generally used.
> .TP
> +.B --dhcp-ignore-clid
> +Dnsmasq is reading 'client identifier' (RFC 2131) option sent by clients
> +(if available) to identify clients. This allow to serve same IP address
> +for a host using several interfaces. Use this option to disable 'client identifier'
> +reading, i.e. to always identify a host using the MAC address.
> +.TP
> .B --pxe-service=[tag:<tag>,]<CSA>,<menu text>[,<basename>|<bootservicetype>][,<server address>|<server_name>]
> Most uses of PXE boot-ROMS simply allow the PXE
> system to obtain an IP address and then download the file specified by
> diff --git a/man/fr/dnsmasq.8 b/man/fr/dnsmasq.8
> index a04c776..dc2fdc0 100644
> --- a/man/fr/dnsmasq.8
> +++ b/man/fr/dnsmasq.8
> @@ -1354,6 +1354,13 @@ Veuillez noter que dans ce mode séquentiel, les clients qui laissent expirer
> leur bail ont beaucoup plus de chance de voir leur adresse IP changer, aussi
> cette option ne devrait pas être utilisée dans un cas général.
> .TP
> +.B --dhcp-ignore-clid
> +Dnsmasq lit l'option 'client identifier' (RFC 2131) envoyée par les clients
> +(si disponible) afin d'identifier les clients. Cela permet de distribuer la
> +même adresse IP à un client utilisant plusieurs interfaces. Activer cette option
> +désactive la lecture du 'client identifier', afin de toujours identifier un client
> +en utilisant l'adresse MAC.
> +.TP
> .B --pxe-service=[tag:<label>,]<CSA>,<entrée de menu>[,<nom de fichier>|<type de service de démarrage>][,<adresse de serveur>|<nom de serveur>]
> La plupart des ROMS de démarrage PXE ne permettent au système PXE que la simple
> obtention d'une adresse IP, le téléchargement du fichier spécifié dans
> diff --git a/src/dnsmasq.h b/src/dnsmasq.h
> index ff3204a..912d216 100644
> --- a/src/dnsmasq.h
> +++ b/src/dnsmasq.h
> @@ -260,7 +260,8 @@ struct event_desc {
> #define OPT_TFTP_APREF_MAC 56
> #define OPT_RAPID_COMMIT 57
> #define OPT_UBUS 58
> -#define OPT_LAST 59
> +#define OPT_IGNORE_CLID 59
> +#define OPT_LAST 60
>
> #define OPTION_BITS (sizeof(unsigned int)*8)
> #define OPTION_SIZE ( (OPT_LAST/OPTION_BITS)+((OPT_LAST%OPTION_BITS)!=0) )
> diff --git a/src/option.c b/src/option.c
> index 5debcbc..04c9ac6 100644
> --- a/src/option.c
> +++ b/src/option.c
> @@ -167,6 +167,7 @@ struct myoption {
> #define LOPT_NAME_MATCH 355
> #define LOPT_CAA 356
> #define LOPT_SHARED_NET 357
> +#define LOPT_IGNORE_CLID 358
>
> #ifdef HAVE_GETOPT_LONG
> static const struct option opts[] =
> @@ -339,6 +340,7 @@ static const struct myoption opts[] =
> { "dhcp-rapid-commit", 0, 0, LOPT_RAPID_COMMIT },
> { "dumpfile", 1, 0, LOPT_DUMPFILE },
> { "dumpmask", 1, 0, LOPT_DUMPMASK },
> + { "dhcp-ignore-clid", 0, 0, LOPT_IGNORE_CLID },
> { NULL, 0, 0, 0 }
> };
>
> @@ -481,6 +483,7 @@ static struct {
> { LOPT_CPE_ID, ARG_ONE, "<text>", gettext_noop("Add client identification to forwarded DNS queries."), NULL },
> { LOPT_DNSSEC, OPT_DNSSEC_PROXY, NULL, gettext_noop("Proxy DNSSEC validation results from upstream nameservers."), NULL },
> { LOPT_INCR_ADDR, OPT_CONSEC_ADDR, NULL, gettext_noop("Attempt to allocate sequential IP addresses to DHCP clients."), NULL },
> + { LOPT_IGNORE_CLID, OPT_IGNORE_CLID, NULL, gettext_noop("Ignore client identifier option sent by DHCP clients."), NULL },
> { LOPT_CONNTRACK, OPT_CONNTRACK, NULL, gettext_noop("Copy connection-track mark from queries to upstream connections."), NULL },
> { LOPT_FQDN, OPT_FQDN_UPDATE, NULL, gettext_noop("Allow DHCP clients to do their own DDNS updates."), NULL },
> { LOPT_RA, OPT_RA, NULL, gettext_noop("Send router-advertisements for interfaces doing DHCPv6"), NULL },
> diff --git a/src/rfc2131.c b/src/rfc2131.c
> index 74d81fb..ec2650a 100644
> --- a/src/rfc2131.c
> +++ b/src/rfc2131.c
> @@ -234,7 +234,7 @@ size_t dhcp_reply(struct dhcp_context *context, char *iface_name, int int_index,
> subnet_addr = option_addr(opt);
>
> /* If there is no client identifier option, use the hardware address */
> - if ((opt = option_find(mess, sz, OPTION_CLIENT_ID, 1)))
> + if (!option_bool(OPT_IGNORE_CLID) && (opt = option_find(mess, sz, OPTION_CLIENT_ID, 1)))
> {
> clid_len = option_len(opt);
> clid = option_ptr(opt, 0);
> --
> 2.11.0
>
More information about the Dnsmasq-discuss
mailing list