[Dnsmasq-discuss] dhcp-lease-max is only for DHCPv4?

Petr Menšík pemensik at redhat.com
Thu May 25 23:00:50 UTC 2023 

Yes, dhclient generates DUID into its lease file. Either add -lf 
/var/lib/dhclient/dhclient-$I.leases or just remove lease file after 
each dhclient run. Parameter -D LLT might help too.

It should be visible what IPv6 address it is offering to the client in 
logs. Does it change?

Petr

On 5/23/23 10:11, Simon Kelley wrote:
> In DHCPv6, the unique identifier for a client is NOT the MAC address, 
> it's a client ID which sometimes contains the MAC address.
>
> I suspect that dhclient is using the exact same client-id for each 
> trial, and just renewing the existing lease. You will need to delete 
> all the dhclient state after killing the process.
>
> Simon.
>
>
> On 23/05/2023 08:43, Linyih Teng wrote:
>> For the test.. i'm just curious, there is no other reason.
>>
>> However, On the client side, I wrote simple scripts to run the 
>> dhclient, and this script will sequentially run 512 dhclient.(the 
>> number 512 is not a magic value, other values will happen same 
>> situation.)
>>
>> steps of the script:
>>
>>     1. create macvlan interface(It will make different MAC address for
>>     clients)
>>
>>     2. run dhclient with macvlan interface
>>
>>     3. get an IP from DHCPv6 server
>>
>>     4. kill the dhclient and remove the macvlan interface
>>
>>     5. back to step 1. and go on.
>>
>>
>> Results:
>>
>>     After scripts, if the 513th client comes, the server will serve the
>>     IP to the 513th client.  but it is not just lease max + 1 th client
>>     getting this issue, all after the 512th client can get IP from the
>>     server.
>>     At this time,  the lease entries are remaining at 512, and all after
>>     clients will not appear in the lease file.
>>
>>
>>
>> Thanks,
>> Lin
>>
>>
>>
>> Geert Stappers <stappers at stappers.nl <mailto:stappers at stappers.nl>> 於 
>> 2023年5月23日 週二 下午1:59寫道:
>>
>>     On Tue, May 23, 2023 at 12:05:08AM +0100, Simon Kelley wrote:
>>      > On 22/05/2023 12:18, Linyih Teng wrote:
>>      > > In the manual page is written:
>>      > > > -X, --dhcp-lease-max=<number>
>>      > > >        Limits  dnsmasq  to  the  specified maximum number of
>>     DHCP
>>      > > >        leases. The default is 1000. This limit is to     
>> prevent  DoS
>>      > > >        attacks from hosts which create thousands of leases
>>     and use
>>      > > >        lots of memory in the dnsmasq process.
>>      > >
>>      > > Hello,
>>      > >
>>      > > I'm using dnsmasq2.89 and testing the maximum lease count of
>>     the DHCPv6
>>      > > server with the *dhcp-lease-max* option.
>>      > >
>>      > > For the testing, I'm using below configuration:
>>      > >
>>      > >     *dhcp-lease-max* = 512
>>      > >  *dhcp-range*=tag:pool0,2022::1,2022::1f:ffff:ffff:fffe,64,120m
>>      > >     tag-if=set:pool0,tag:intfv0
>>      > >
>>      > >
>>      > > However, when the number of clients reaches the maximum 
>> number, the
>>      > > server still provides IPs to clients. Is this the expected
>>     behavior of
>>      > > DHCPv6?
>>      > >
>>      > There's a possible difference between the number of clients and
>>     the number
>>      > of DHCP leases, since leases can expire to be deleted by the 
>> client.
>>      >
>>      > Are you saying that the number of simultaneous DHCP leases
>>     increases without
>>      > bound, or that the 513th client gets a lease? Have you checked
>>     the number of
>>      > leases in the dnsmasq.leases file?
>>
>>     Original Poster has yet to say what the expected behaviour should 
>> be.
>>
>>     Thing I am saying: Why limit dhcp-range by dhcp-lease-max?
>>
>>
>>     Regards
>>     Geert Stappers
>>     --     Silence is hard to parse
>>
>>     _______________________________________________
>>     Dnsmasq-discuss mailing list
>>     Dnsmasq-discuss at lists.thekelleys.org.uk
>>     <mailto:Dnsmasq-discuss at lists.thekelleys.org.uk>
>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss 
>> <https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss> 
>>
>>
>>
>> _______________________________________________
>> Dnsmasq-discuss mailing list
>> Dnsmasq-discuss at lists.thekelleys.org.uk
>> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

-- 
Petr Menšík
Software Engineer, RHEL
Red Hat, https://www.redhat.com/
PGP: DFCF908DB7C87E8E529925BC4931CA5B6C9FC5CB

More information about the Dnsmasq-discuss mailing list