Closed Stell0 closed 5 years ago
Test case 1:
Test case 2:
does it is ready for testing, I saw the QA but not the testing flag ?
Not yet, PR isn't merged.
in 7.5.1804/testing
:
Verification
# rpm -qa | grep dnsmasq
nethserver-dnsmasq-1.6.6-1.ns7.noarch
dnsmasq-2.76-5.el7.x86_64
config setprop dnsmasq tftp-status enabled
signal-event nethserver-dnsmasq-update
# cat /etc/dnsmasq.conf
#
# 30dhcp
#
# Enable the DHCP server. Addresses will be given out from the range
# <start-addr> to <end-addr> and from statically defined addresses
# given in dhcp-host options.
# See db configuration getprop dnsmasq DhcpStatus
dhcp-range=set:eth0,192.168.56.1,192.168.56.254,255.255.255.0,86400
dhcp-option=tag:eth0,option:router,192.168.56.11
dhcp-lease-max=253
# Should be set when dnsmasq is definitely the only DHCP server on a
# network.
dhcp-authoritative
# Read dhcp reservations from dhcp-hostsfile.
# See dhcp-hosts option for more informations.
dhcp-hostsfile=/etc/dnsmasq-dhcp-hosts
#
# 40bind
#
except-interface=enp0s3
except-interface=virbr0
#
# 50sssd -- the Samba Domain controller is
# the authoritative DNS for our realm/domain
#
# server=//
#
# 80tftp
#
enable-tftp
tftp-root=/var/lib/tftpboot
dhcp-option=66,"192.168.56.11"
upgrade to testing
# rpm -qa | grep dnsmasq
dnsmasq-2.76-5.el7.x86_64
nethserver-dnsmasq-1.6.6-1.4.g3801a2f.ns7.noarch
# cat /etc/dnsmasq.conf
#
# 30dhcp
#
# Enable the DHCP server. Addresses will be given out from the range
# <start-addr> to <end-addr> and from statically defined addresses
# given in dhcp-host options.
# See db configuration getprop dnsmasq DhcpStatus
dhcp-range=set:eth0,192.168.56.1,192.168.56.254,255.255.255.0,86400
dhcp-option=tag:eth0,option:router,192.168.56.11
dhcp-option=tag:eth0,option:tftp-server,"192.168.56.11"
dhcp-lease-max=253
# Should be set when dnsmasq is definitely the only DHCP server on a
# network.
dhcp-authoritative
# Read dhcp reservations from dhcp-hostsfile.
# See dhcp-hosts option for more informations.
dhcp-hostsfile=/etc/dnsmasq-dhcp-hosts
#
# 40bind
#
except-interface=enp0s3
except-interface=virbr0
#
# 50sssd -- the Samba Domain controller is
# the authoritative DNS for our realm/domain
#
# server=//
#
# 80tftp
#
enable-tftp
tftp-root=/var/lib/tftpboot
VERIFICATION
# db dhcp show
eth0=range
DhcpDNS=
DhcpDomain=
DhcpGatewayIP=
DhcpLeaseTime=
DhcpNTP=
DhcpRangeEnd=192.168.56.254
DhcpRangeStart=192.168.56.100
DhcpTFTP=192.168.56.12
DhcpWINS=
status=enabled
# cat /etc/dnsmasq.conf
#
# 30dhcp
#
# Enable the DHCP server. Addresses will be given out from the range
# <start-addr> to <end-addr> and from statically defined addresses
# given in dhcp-host options.
# See db configuration getprop dnsmasq DhcpStatus
dhcp-range=set:eth0,192.168.56.100,192.168.56.254,255.255.255.0,86400
dhcp-option=tag:eth0,option:router,192.168.56.11
dhcp-option=tag:eth0,option:tftp-server,"192.168.56.12"
dhcp-lease-max=154
# Should be set when dnsmasq is definitely the only DHCP server on a
# network.
dhcp-authoritative
# Read dhcp reservations from dhcp-hostsfile.
# See dhcp-hosts option for more informations.
dhcp-hostsfile=/etc/dnsmasq-dhcp-hosts
#
# 40bind
#
except-interface=enp0s3
except-interface=virbr0
#
# 50sssd -- the Samba Domain controller is
# the authoritative DNS for our realm/domain
#
# server=//
#
# 80tftp
#
enable-tftp
tftp-root=/var/lib/tftpboot
the row
dhcp-option=tag:eth0,option:tftp-server,"192.168.56.12"
should send option 66 to clients. Can you try to sniff a dhcp response using wireshark to see if option 66 is actually sent to clients?
@Stell0 check the png, no 66 options
Test case 2 verified.
Test case 1 failed: if tftp-status
is set to enabled
, blue interfaces do not expose the option 66
How to test it:
tcpdump -vvv -i <interface> -s 1500 -nn port 67 and port 68
On DHCP request, the response packet must contain a string like this:
sname "192.168.56.100"[|bootp]
yum install nmap -y
wget https://svn.nmap.org/nmap/scripts/dhcp-discover.nse
nmap -sU -p 67 --script=dhcp-discover.nse <server_ip>
See also: https://nmap.org/nsedoc/scripts/dhcp-discover.html
Verification
you can see the 66 otpions in the discover and the offer transaction
in 7.5.1804/testing
:
verification 2 of https://github.com/NethServer/nethserver-dnsmasq/pull/15
# db dhcp show enp0s9
enp0s9=range
DhcpDNS=
DhcpDomain=
DhcpGatewayIP=
DhcpLeaseTime=
DhcpNTP=
DhcpRangeEnd=192.168.57.254
DhcpRangeStart=192.168.57.1
DhcpTFTP=192.168.59.1
DhcpWINS=
status=enabled
# db networks show enp0s9
enp0s9=ethernet
FwInBandwidth=
FwOutBandwidth=
bootproto=none
ipaddr=192.168.57.1
netmask=255.255.255.0
role=blue
# cat /etc/dnsmasq.conf
# Enable the DHCP server. Addresses will be given out from the range
# <start-addr> to <end-addr> and from statically defined addresses
# given in dhcp-host options.
# See db configuration getprop dnsmasq DhcpStatus
dhcp-range=set:brdef,192.168.56.100,192.168.56.254,255.255.255.0,86400
dhcp-option=tag:brdef,option:router,192.168.56.11
dhcp-option=tag:brdef,option:tftp-server,192.168.56.11
dhcp-range=set:enp0s9,192.168.57.1,192.168.57.254,255.255.255.0,86400
dhcp-option=tag:enp0s9,option:router,192.168.57.1
dhcp-option=tag:enp0s9,option:tftp-server,"192.168.59.1"
dhcp-lease-max=407
# Should be set when dnsmasq is definitely the only DHCP server on a
# network.
dhcp-authoritative
# Read dhcp reservations from dhcp-hostsfile.
# See dhcp-hosts option for more informations.
dhcp-hostsfile=/etc/dnsmasq-dhcp-hosts
#
# 40bind
#
except-interface=enp0s3
except-interface=virbr0
#
# 50sssd -- the Samba Domain controller is
# the authoritative DNS for our realm/domain
#
# server=//
#
# 80tftp
#
enable-tftp
tftp-root=/var/lib/tftpboot
set verified
in 7.5.1804/updates
:
The dnsmasq.conf template creates for each interface a tftp configuration with IP specified from the interface. But it also creates a default global configuration if TFTP is enabled. This configuration takes the first green address, which is wrong because it should create a line for each interface. Since there is routing between greens, everything works fine anyway (unless the first green is disabled)
Steps to reproduce
config setprop dnsmasq tftp-status enabled
)signal-event nethserver-dnsmasq-update
Expected behavior
I'd expect a tftp section to be like
Actual behavior
This is the current:
Components
nethserver-dnsmasq-1.6.6-1.ns7.noarch
See also
https://github.com/nethesis/dev/issues/5502