[Dnsmasq-discuss] Multiple interfaces responding to DHCP requests

Nick Howitt nick at howitts.co.uk
Thu May 13 20:31:21 UTC 2021



On 13/05/2021 19:26, Geert Stappers via Dnsmasq-discuss wrote:
> 
> On Thu, May 13, 2021 at 01:05:07PM +0100, Nick Howitt wrote:
>> I am trying to help someone who has a set up with three LAN's, all on
>> different subnets and all acting as DHCP servers. He is getting an odd
>> result that when a device on the enp2s0 LAN requests an IP, both enp2s0 and
>> enp3s0 respond with IP's. I've never seen this before and my own server does
>> not act this way.
>>
>>  From an nmap scan from a device on the enp2s0 LAN:
>> ubuntu-local at latitude-e7470:~$ sudo nmap --script=broadcast-dhcp-discover -e enp0s31f6
>> Starting Nmap 7.91 ( https://nmap.org <https://nmap.org> ) at 2021-05-08 11:23 EDT
>> Pre-scan script results:
>> | broadcast-dhcp-discover:
>> |   Response 1 of 2:
>> |     Interface: enp0s31f6
>> |     IP Offered: 192.168.1.214
>> |     DHCP Message Type: DHCPOFFER
>> |     Server Identifier: 192.168.1.1
>> |     IP Address Lease Time: 2m00s
>> |     Renewal Time Value: 1m00s
>> |     Rebinding Time Value: 1m45s
>> |     Domain Name: emdentalb.local
>> |     Domain Name Server: 192.168.1.1
>> |     Router: 192.168.1.1
>> |     Broadcast Address: 192.168.1.255
>> |     Subnet Mask: 255.255.255.0
>> |   Response 2 of 2:
>> |     Interface: enp0s31f6
>> |     IP Offered: 192.168.168.215
>> |     DHCP Message Type: DHCPOFFER
>> |     Server Identifier: 192.168.168.1
>> |     IP Address Lease Time: 2m00s
>> |     Renewal Time Value: 1m00s
>> |     Rebinding Time Value: 1m45s
>> |     Domain Name: emdentalb.local
>> |     Domain Name Server: 192.168.168.1
>> |     Router: 192.168.168.1
>> |     Broadcast Address: 192.168.168.255
>> |_    Subnet Mask: 255.255.255.0
>> WARNING: No targets were specified, so 0 hosts scanned.
>> Nmap done: 0 IP addresses (0 hosts up) scanned in 10.29 seconds
>>
>>  From the dnsmasq log:
>> May  8 11:23:39 dnsmasq-dhcp[7226]: DHCPDISCOVER(enp2s0) de:ad:c0:de:ca:fe
>> May  8 11:23:39 dnsmasq-dhcp[7226]: DHCPOFFER(enp2s0) 192.168.1.214 de:ad:c0:de:ca:fe
>> May  8 11:23:42 dnsmasq-dhcp[7226]: DHCPDISCOVER(enp3s0) de:ad:c0:de:ca:fe
>> May  8 11:23:42 dnsmasq-dhcp[7226]: DHCPOFFER(enp3s0) 192.168.168.215 de:ad:c0:de:ca:fe
>>
>> His current configs (so not at the time of the logs as they have been
>> tweaked to troubleshoot):
>> /etc/dnsmasq.conf:
>> bogus-priv
>> cache-size=5000
>> conf-dir=/etc/dnsmasq.d
>> dhcp-authoritative
>> dhcp-lease-max=1000
>> domain-needed
>> domain=######.local
>> expand-hosts
>> log-facility=/var/log/dnsmasq
>> no-negcache
>> port=53
>> read-ethers
>> resolv-file=/etc/resolv-peerdns.conf
>> strict-order
>> user=nobody
>>
>> /etc/dnsmasq.d/dhcp.conf:
>> dhcp-option=enp2s0,1,255.255.255.0
>> dhcp-option=enp2s0,28,192.168.1.255
>> dhcp-option=enp2s0,3,192.168.1.1
>> dhcp-option=enp2s0,6,192.168.1.250
>> dhcp-range=enp2s0,192.168.1.100,192.168.1.199,infinite
>>
>> dhcp-option=enp3s0,1,255.255.255.0
>> dhcp-option=enp3s0,28,192.168.168.255
>> dhcp-option=enp3s0,3,192.168.168.1
>> dhcp-option=enp3s0,6,192.168.1.1,192.168.168.1
>> dhcp-range=enp3s0,192.168.168.50,192.168.168.99,48h
>>
>> dhcp-option=enp4s0,1,255.255.255.0
>> dhcp-option=enp4s0,28,192.168.169.255
>> dhcp-option=enp4s0,3,192.168.169.1
>> dhcp-option=enp4s0,6,192.168.169.1
>> dhcp-range=enp4s0,192.168.169.100,192.168.169.254,24h
>>
>> The infinite leases was an attempt to get round the problem as the devices
>> were picking up IP's from the wrong LAN.
>>
>> Do you know what is wrong here?
> 
> 
>> How can I troubleshoot?
> 
> 
>> I have a similar dual LAN set up and it works as expected with each
>> LAN only responding with its own LAN DHCP settings.
> 
> That means the "problem" is outside dnsmasq.
> 
> 
>> Both of us are running dnsmasq-2.76-10.el7_7.1.x86_64.
>>
>> Thanks,
> 
> Feel welcome to report back.

OK, but if the problem is outside dnsmasq, why does dnsmasq log two 
DHCPDISCOVERs and DHCPOFFERs? Could he have a networking problem with 
the two LAN's bridged somewhere? I thought that would cause a routing 
loop and everything would fail anyway. Perhaps I can ask him to unplug 
the cable to enp3s0 and see if the problem goes away.



More information about the Dnsmasq-discuss mailing list