[Dnsmasq-discuss] Lease attribution on bad network when one configured interface does not exists
Simon Kelley
simon at thekelleys.org.uk
Wed Aug 20 14:01:31 UTC 2025
On 8/18/25 14:46, Florent Fourcot wrote:
> Hello,
>
> We are observing wrong IPv4 attributions by dnsmasq. We don't have (yet)
> a ready-to-use reproducer, but the scenario is this one:
>
> * Dnsmasq is configured to distribute addresses on two interfaces:
> * eth1.211 with subnet 10.188.0.1/16
> * eth1.2395 with subnet 10.191.95.0/24
>
> Configuration is this one:
>
> interface=eth1.211
> dhcp-range=eth1.211,10.188.1.1,10.188.255.254,604800
>
> interface=eth1.2395
> dhcp-range=eth1.2395,10.191.95.2,10.191.95.254,24h
>
> The bug is triggered only when eth1.2395 does not exists. dnsmasq is
> emitting a warning on startup: "warning: interface eth1.2395 does not
> currently exist".
>
> Bad network attribution does not start immediately. Dnsmasq can be
> running without any issue for several days. But at one point, IP of 2395
> are being distributed to eth1.211 client. It looks like something
> trigger a bug in network detection. Here are the log of the first user
> receiving a bad IP address:
>
> DHCPREQUEST(eth1.211) 10.228.2.57 aa:bb:cc:ed:f2:89 # this request is
> not valid
> DHCPNAK(eth1.211) 10.228.2.57 aa:bb:cc:ed:f2:89 address not available
> DHCPDISCOVER(eth1.211) aa:bb:cc:ed:f2:89
> DHCPOFFER(eth1.211) 10.191.95.64 aa:bb:cc:ed:f2:89 # IP address for
> eth1.2395 interface, not eth1.211
> DHCPREQUEST(eth1.211) 10.191.95.64 aa:bb:cc:ed:f2:89
> DHCPACK(eth1.211) 10.191.95.64 aa:bb:cc:ed:f2:89
>
>
> After this first bad lease, a lot of client a receiving this kind of not
> working IP addresses. A restart of dnsmasq fixes this issue.
>
> Our current workaround is to never run dnsmasq with a missing interface,
> but I think that something interesting can be found with this issue. We
> are running dnsmasq version 2.92.
>
> Please do not hesitate if I can provide more logs or configuration. We
> will try to generate a reproducer, but it does not look very easy.
Adding log-dhcp to you dnsmasq config will generate more logged data
that could be useful.
My first suspicion here is netmasks. If dnsmasq's idea of the netmasks
on the two interfaces is different from what you think it is, that could
explain what's going on.
Dnsmasq usually derives the netmask from interface config, so if the
netmasks on your interfaces are wrong, that could be the source of the
problem.
It's also worth explicitly configuring the netmask in the dhcp ranges
dhcp-range=eth1.211,10.188.1.1,10.188.255.254,255.255.0.0,604800
dhcp-range=eth1.2395,10.191.95.2,10.191.95.254,255.255.255.0,24h
to see if that fixes things.
Cheers,
Simon.
>
> Best regards,
>
> Florent Fourcot
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
>
More information about the Dnsmasq-discuss
mailing list