[Dnsmasq-discuss] Wildcards in tags

Simon Kelley simon at thekelleys.org.uk
Wed Aug 25 14:33:45 UTC 2021 

On 25/08/2021 13:08, Geoff Back wrote:
> Good morning,
> 
> TL;DR: I need to wildcard-match interface tags and can't see how.
> 
> I currently have dnsmasq working on a Linux VPN server to provide DHCP
> options to VPN clients by using these config elements to bind only the
> vpn interfaces:
> 
> ====8<==============8<================
> interface=ppp*
> bind-dynamic
> dhcp-range=10.99.0.254,static
> dhcp-option=option:router
> dhcp-option=6,10.99.0.254
> dhcp-option=121,<routes>
> dhcp-option=249,<routes>
> ====8<==============8<================
> 
> This works just fine.  However, I now need to also run regular DHCP on
> other interfaces with different options.  Tags seem like the perfect
> solution to this.
> 
> As I understand it, the interface on which the request is received
> becomes a tag, which would seem fine, but as far as I can tell from the
> source of version 2.85, the tag:xxx in dhcp-option etc do not support
> wildcards like the 'interface' directive, so I cannot use e.g.
> 
> dhcp-option=tag:ppp*,option:router
> 
> So I figure OK, set another tag based on the interface tag to represent
> a "group of interfaces", and I end up with this:
> 
> ====8<==============8<================
> 
> # basic binding settings for all PPP interfaces plus two ethernets.
> bind-dynamic
> interface=ppp*
> interface=lan2
> interface=lan3
> 
> # Set a tag for all requests on PPP interfaces.
> # If I understand correctly requests on ppp2 (for example) set a tag ppp2,
> # This should work according to docs but there could be dozens of ppp
> # interfaces in use making this really long and adding a lot of checks
> to every request.
> tag-if=set:ppp,tag:ppp0
> tag-if=set:ppp,tag:ppp1
> tag-if=set:ppp,tag:ppp2
> ... repeated as necessary ...
> 
> # DHCP for all ppp interfaces
> # match using tag set by tag-if above.
> dhcp-range=tag:ppp,10.99.0.254,static
> dhcp-option=tag:ppp,option:router
> dhcp-option=tag:ppp,6,10.99.0.254
> dhcp-option=tag:ppp,121,<routes>
> dhcp-option=tag:ppp,249,<routes>
> 
> # DHCP for lan2
> # match to interface tag
> dhcp-range=tag:lan2,10.0.0.1,10.0.0.99
> dhcp-option=tag:lan2,option:router,10.0.0.254
> 
> ====8<==============8<================
> 
> Instead of having to give large numbers of "tag-if=set:ppp,tag:ppp9"
> lines for all the possible ppp interfaces, I would like to do this:
> 
> # set 'ppp' tag for all PPP interfaces
> tag-if=set:ppp,tag:ppp*
> 
> Of course, allowing wildcards on all tag matches would work too, but my
> thinking is that restricting wildcards to 'tag-if' avoids the
> performance impact of potentially doing wildcard checks on every
> 'dhcp-option' etc. during DHCP packet processing and instead it gets
> done once through 'tag-if'.
> 
> Have I missed something and there is already a way to do this?
> Or if not, is it something that could be added?
> 
> If it's an acceptable add, I can knock up a patch to do it but I'll have
> to learn enough of the dnsmasq code first.
> 
> Regards,
> 
> Geoff.
> 


Your solution sounds like a good one to me. I'd certainly take a patch,
especially if it updated the man page too.

To get started, look at run_tag_if() and match_netid() in
src/dhcp-common.c match_netid() does the matching and is called all over
the place, so you either need to replace the call to match_netid() in
run_tag_if() with code that implements the wildcard matching, or extend
match_netid to do wildcard matching when the third argument is 2 or
something similar.


Cheers,

Simon.

More information about the Dnsmasq-discuss mailing list