[Dnsmasq-discuss] Pushing DNS server for a specific client on EdgeRouter

Geert Stappers stappers at stappers.nl
Thu Oct 22 07:38:09 BST 2020


On Wed, Oct 21, 2020 at 01:26:27AM +0200, Daniele Riccucci wrote:
> Il 20/10/20 22:24, Geert Stappers ha scritto:
> > On Tue, Oct 20, 2020 at 09:25:01PM +0200, Daniele Riccucci wrote:
> > > Hello,
> > > I'm trying to push a different DNS server via DHCP to a specific client (a
> > > VoIP thingie from Grandstream, model HT802) from an EdgeRouter; the current
> > > firmware is running Dnsmasq version 2.79-1-2-geff17ee.
> > > 
> > > Some options are already generated by the OS unfortunately, namely:
> > > 
> > >      dhcp-range=set:home,10.0.0.20,10.0.0.254,255.255.255.0,86400
> > >      domain=home.domain.com,10.0.0.0/24,local
> > >      dhcp-option=tag:home,option:domain-name,home.domain.com
> > >      dhcp-option=tag:home,option:router,10.0.0.1
> > >      dhcp-option=tag:home,option:dns-server,10.0.0.1
> > >      dhcp-host=c0:74:ad:0c:0c:b7,set:home,10.0.0.5
> > >      host-record=voipgw.home.domain.com,10.0.0.5,86400
> > > 
> > > which are contained in /etc/dnsmasq.d/dnsmasq-dhcp-config.conf.
> > > I can only set options above this point (/etc/dnsmasq.conf), and I tried
> > > with:
> > > 
> > >      dhcp-option=tag:home,option:dns-server,10.0.0.1
> > > options dhcp-option=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> > > options dhcp-option-force=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> > > 
> > > because from tcpdump I saw that the client was sending a Vendor-Class string:
> > > 
> > > c0:74:ad:0c:0c:b7 > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 590:
> > > (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 576)
> > >      0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from
> > > c0:74:ad:0c:0c:b7, length 548, xid 0xbed7bb5e, Flags [none]
> > >        Client-Ethernet-Address c0:74:ad:0c:0c:b7
> > >        Vendor-rfc1048 Extensions
> > >          Magic Cookie 0x63825363
> > >          DHCP-Message Option 53, length 1: Discover
> > >          Client-ID Option 61, length 7: ether c0:74:ad:0c:0c:b7
> > >          Hostname Option 12, length 6: "voipgw"
> > >          Vendor-Class Option 60, length 18: "HT8XX dslforum.org"
> > >          Parameter-Request Option 55, length 17:
> > >            Subnet-Mask, Time-Zone, Default-Gateway, Domain-Name-Server
> > >            Hostname, Domain-Name, TTL, BR
> > >            Static-Route, NTP, Vendor-Option, Lease-Time
> > >            Server-ID, TFTP, Classless-Static-Route, Option 125
> > >            Option 160
> > > 
> > > However, the reply from dnsmasq is sending 10.0.0.1 as DNS server:
> > > 
> > > 20:19:01.081957 24:a4:3c:b3:c2:8d > c0:74:ad:0c:0c:b7, ethertype IPv4
> > > (0x0800), length 390: (tos 0xc0, ttl 64, id 53937, offset 0, flags [none],
> > > proto UDP (17), length 376)
> > >      10.0.0.1.67 > 10.0.0.5.68: BOOTP/DHCP, Reply, length 348, xid
> > > 0xbed7bb5e, Flags [none]
> > >        Client-IP 10.0.0.5
> > >        Server-IP 10.0.0.1
> > >        Client-Ethernet-Address c0:74:ad:0c:0c:b7
> > >        Vendor-rfc1048 Extensions
> > >          Magic Cookie 0x63825363
> > >          DHCP-Message Option 53, length 1: ACK
> > >          Server-ID Option 54, length 4: 10.0.0.1
> > >          Lease-Time Option 51, length 4: 86358
> > >          Subnet-Mask Option 1, length 4: 255.255.255.0
> > >          BR Option 28, length 4: 10.0.0.255
> > >          Hostname Option 12, length 6: "voipgw"
> > >          Domain-Name-Server Option 6, length 4: 10.0.0.1
> > 
> > Option 6
> > 
> > >          Default-Gateway Option 3, length 4: 10.0.0.1
> > >          Domain-Name Option 15, length 15: "home.domain.com"
> > >          Vendor-Option Option 43, length 21:
> > > 6.8.85.38.28.0.85.38.28.1.
> > 
> > Option 6, eight bytes, dns.ser.ver.0, dns.ser.ver.1
> > 
> > > \ 6.8.85.38.28.0.85.38.28.1.255
> > Option 6, eight bytes, dns.ser.ver.0, dns.ser.ver.1, end
> > 


I should have referenced the

> > > options dhcp-option=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1
> > > options dhcp-option-force=vendor:HT8XX,option:dns-server,85.38.28.0,85.38.28.1

in my previous email as reason for seeing
 
}}}   Vendor-Option Option 43, length 21: 6.8.85.38.28.0.85.38.28.1.6.8.85.38.28.0.85.38.28.1.255


> > >          Vendor-Class Option 60, length 18: "HT8XX dslforum.org"
> > > 
> > > Also shown from the device:
> > > 
> > > Product Model: HT802
> > > MAC Address: c0:74:ad:0c:0c:b7
> > > Network:
> > >      IPv4 Address -- 10.0.0.5
> > >      IPv6 Address --
> > >      Netmask    -- 255.255.255.0
> > >      Gateway    -- 10.0.0.1
> > >      DNS Server -- 10.0.0.1
> > > 
> > > How could I solve this? Is there a way to override the dns-server option for
> > > this device?
> > 
> > Something like changing the
> > | dhcp-host=c0:74:ad:0c:0c:b7,set:home,10.0.0.5
> > | host-record=voipgw.home.domain.com,10.0.0.5,86400
> > in
> > | dhcp-host=c0:74:ad:0c:0c:b7,set:myvoiptag,10.0.0.5,voipgw
> > | dhcp-option=tag:myvoiptag,option:dns-server,85.38.28.1
> > 
> > 
> > > I can send further tcpdumps if required.
> > > Thank you.
> > 
> > Please provide feedback.
> > 
> > 
> Unfortunately EdgeRouter generates that bit of configuration automatically
> upon edits and restarts and changing it manually would not work.
> Digging through the manual, however, I found that the following seems to
> work:
> 
>  options dhcp-option=tag:TIM_DNS,option:dns-server,85.38.28.0,85.38.28.1
>  options dhcp-mac=set:TIM_DNS,c0:74:ad:0c:0c:b7
> 
> Is there some more detail available on which option overrides which?
> It seems that in my original config the vendor option wasn't being sent but
> I'm not sure why or how to figure it out.

Yeah, the tricky part of what goes over the line AND what the other end does with it.

Network sniffing tools as tcpdump, wireshark and tshark
make it possible to see what goes over line.
Then you still have to understand what you are seeing.

Understanding the other end is the real challenge.


> Thank you.

You are welcome and thanks for reporting what does work.
Also thank you for reminding us on having libre software
as dnsmasq and tcpdump.


Regards
Geert Stappers
-- 
Silence is hard to parse



More information about the Dnsmasq-discuss mailing list