Send dhcp-users mailing list submissions to
[email protected]
Advertising
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
[email protected]
You can reach the person managing the list at
[email protected]
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Re: Question on DHCP lease expiration (David Li)
2. Re: Question on DHCP lease expiration (Patrick Trapp)
3. Re: Multiple chrooted dhcp servers for vlans on Linux?
(Simon Hobson)
4. Re: Question on DHCP lease expiration (Simon Hobson)
5. Re: dhcp-users Digest, Vol 88, Issue 31 (David Li)
----------------------------------------------------------------------
Message: 1
Date: Sat, 27 Feb 2016 09:41:57 -0800
From: David Li <[email protected]>
To: [email protected]
Subject: Re: Question on DHCP lease expiration
Message-ID:
<CAEuTsAy2eZ=ug4hcwo3ejp434swmngsy2qw7zcvzghlvgat...@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
I see!
Do you have any suggestions to get around this? I do need to remove
the assignment from the DNS
if the host failed so others won't bother to contact the failed host.
Of course I can let the application to deal with the
timeout but still prefer to resolving this at DHCP/DNS level. It just
seems logical and convenient.
Maybe another related question is if I have to use static lease to map
host MAC to a name to assign the IP. I need to assign meaningful names
to our hosts in order for others to use them. That means the name
assignment has to be based on what kind of application this host runs.
I haven't found other dynamic ways to do this yet. Any suggestions?
David
> Date: Fri, 26 Feb 2016 17:46:04 -0800
> From: Shawn Routhier <[email protected]>
> To: Users of ISC DHCP <[email protected]>
> Subject: Re: Question on DHCP lease expiration
> Message-ID: <[email protected]>
> Content-Type: text/plain; charset=utf-8
>
> The server treats dynamic and static leases differently.
>
> Dynamic leases have a lease structure that moves between
> different queues and this is how the server knows when to
> expire the lease and thence when to remove it from the DNS.
>
> Static leases don?t have a lease structure and so don?t get
> expired and don?t get removed from the DNS.
>
> regards,
> Shawn
>
>> On Feb 26, 2016, at 5:37 PM, David Li <[email protected]> wrote:
>>
>> Hi,
>>
>> This is my first post here.
>>
>> I am testing to see if an expired DHCP lease can result in the removal
>> of the corresponding DNS record on Centos 7.
>>
>> So far I am able to let DHCP server assign an static IP based on the
>> host's MAC address and add a DNS A record. The host is also able to
>> refresh its lease every time it expires.
>>
>> But when I shut down the host, I don't see the record removed after
>> the lease expired (5 min). Even more the syslog doesn't show any
>> messages from DHCP server attempting to remove the IP address and
>> update the BIND 9 (named) server. So I am thinking there might be
>> something wrong or missing in my dhcpd.conf.
>>
>> Here is a snippet of my dhcpd.conf:
>>
>>
>> # DNS options
>>
>> ddns-updates on;
>> ddns-update-style interim;
>> update-static-leases on;
>> authoritative;
>>
>> allow unknown-clients;
>> use-host-decl-names on;
>> default-lease-time 300; #5 min
>> max-lease-time 300; #5min
>> log-facility local7;
>>
>>
>>
>> # static assignment
>> #
>> host node1 {
>> hardware ethernet 08:00:27:0A:C3:1C;
>> fixed-address 10.4.1.11;
>> ddns-hostname "node1";
>> }
>>
>>
>> Can anyone help to see what's missing from my configuration?
>>
>> Thanks.
>
------------------------------
Message: 2
Date: Sat, 27 Feb 2016 19:47:56 +0000
From: Patrick Trapp <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: Question on DHCP lease expiration
Message-ID: <[email protected]>
Content-Type: text/plain; charset="us-ascii"
There was a similar thread to this on this list over the last few days. I
believe reserved addresses were suggested rather than static, but you will
probably benefit from looking at the archive from the last week to see if that
OP was truly looking at the same situation as you.
> On Feb 27, 2016, at 11:42 AM, David Li <[email protected]> wrote:
>
> I see!
> Do you have any suggestions to get around this? I do need to remove
> the assignment from the DNS
> if the host failed so others won't bother to contact the failed host.
> Of course I can let the application to deal with the
> timeout but still prefer to resolving this at DHCP/DNS level. It just
> seems logical and convenient.
>
> Maybe another related question is if I have to use static lease to map
> host MAC to a name to assign the IP. I need to assign meaningful names
> to our hosts in order for others to use them. That means the name
> assignment has to be based on what kind of application this host runs.
> I haven't found other dynamic ways to do this yet. Any suggestions?
>
>
> David
>
>> Date: Fri, 26 Feb 2016 17:46:04 -0800
>> From: Shawn Routhier <[email protected]>
>> To: Users of ISC DHCP <[email protected]>
>> Subject: Re: Question on DHCP lease expiration
>> Message-ID: <[email protected]>
>> Content-Type: text/plain; charset=utf-8
>>
>> The server treats dynamic and static leases differently.
>>
>> Dynamic leases have a lease structure that moves between
>> different queues and this is how the server knows when to
>> expire the lease and thence when to remove it from the DNS.
>>
>> Static leases don?t have a lease structure and so don?t get
>> expired and don?t get removed from the DNS.
>>
>> regards,
>> Shawn
>>
>>> On Feb 26, 2016, at 5:37 PM, David Li <[email protected]> wrote:
>>>
>>> Hi,
>>>
>>> This is my first post here.
>>>
>>> I am testing to see if an expired DHCP lease can result in the removal
>>> of the corresponding DNS record on Centos 7.
>>>
>>> So far I am able to let DHCP server assign an static IP based on the
>>> host's MAC address and add a DNS A record. The host is also able to
>>> refresh its lease every time it expires.
>>>
>>> But when I shut down the host, I don't see the record removed after
>>> the lease expired (5 min). Even more the syslog doesn't show any
>>> messages from DHCP server attempting to remove the IP address and
>>> update the BIND 9 (named) server. So I am thinking there might be
>>> something wrong or missing in my dhcpd.conf.
>>>
>>> Here is a snippet of my dhcpd.conf:
>>>
>>>
>>> # DNS options
>>>
>>> ddns-updates on;
>>> ddns-update-style interim;
>>> update-static-leases on;
>>> authoritative;
>>>
>>> allow unknown-clients;
>>> use-host-decl-names on;
>>> default-lease-time 300; #5 min
>>> max-lease-time 300; #5min
>>> log-facility local7;
>>>
>>>
>>>
>>> # static assignment
>>> #
>>> host node1 {
>>> hardware ethernet 08:00:27:0A:C3:1C;
>>> fixed-address 10.4.1.11;
>>> ddns-hostname "node1";
>>> }
>>>
>>>
>>> Can anyone help to see what's missing from my configuration?
>>>
>>> Thanks.
> _______________________________________________
> dhcp-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
Message: 3
Date: Sat, 27 Feb 2016 20:11:51 +0000
From: Simon Hobson <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: Multiple chrooted dhcp servers for vlans on Linux?
Message-ID: <[email protected]>
Content-Type: text/plain; charset=us-ascii
[email protected] wrote:
> I had high hopes since firehol has a helper for dhcp and does appear to be
> setting an accept rule for "udp spt:bootpc dpt:bootps".
>
> I've never actually checked to see if dropping the rule would still let dhcp
> function though.
dhcpd uses two routes to/from the network.
For some packets it needs to bypass the network stack because it must handle
packets to/from unconfigured clients which are done by local broadcast.
But it also deals with "ordinary" IP packets - renewals with already configured
clients, relayed requests from other networks. These definitely go through the
network stack outbound, and I think, in bound (but I'm not certain of that).
> At least I'm getting a good education on dhcp and iptables, thank you!
:-)
------------------------------
Message: 4
Date: Sat, 27 Feb 2016 20:24:18 +0000
From: Simon Hobson <[email protected]>
To: Users of ISC DHCP <[email protected]>
Subject: Re: Question on DHCP lease expiration
Message-ID: <[email protected]>
Content-Type: text/plain; charset=us-ascii
Patrick Trapp <[email protected]> wrote:
> There was a similar thread to this on this list over the last few days. I
> believe reserved addresses were suggested rather than static, but you will
> probably benefit from looking at the archive from the last week to see if
> that OP was truly looking at the same situation as you.
It was a different requirement in that thread - but it's worth reading anyway.
For the OP, it sounds like reserved leases would indeed be the right tool. The
only issue that might crop up is that while static assignments can use the MAC
address only, reserved leases will use the Client-ID if provided - in the same
way that normal leases are handled.
For all normal leases, the primary key for identifying the client is the Client
ID if provided, and the MAC address only if no Client ID is provided.
------------------------------
Message: 5
Date: Sat, 27 Feb 2016 15:17:21 -0800
From: David Li <[email protected]>
To: [email protected]
Subject: Re: dhcp-users Digest, Vol 88, Issue 31
Message-ID:
<CAEuTsAx3r70GBvbKr6PyKLdUM0MUmCtgZRpTdq5wZ=x1Lfq=d...@mail.gmail.com>
Content-Type: text/plain; charset=UTF-8
I am also very interested in this topic. My first question about
"reserved lease" is how it takes care of the client that is gone. Will
the DHCP server be able to notify DNS and remove its record?
It's confusing from the man pages saying that:
"infinite-is-reserved flag;
ISC DHCP now supports 'reserved' leases. See the section on RESERVED
LEASES below. If this flag is on, the server will automatically
reserve leases allocated to clients which requested an infinite
(0xffffffff) lease-time."
Does this mean this is actually a "forever" lease?
David
> Date: Fri, 26 Feb 2016 11:10:09 +1100
> From: "Glenn Satchell" <[email protected]>
> To: "Users of ISC DHCP" <[email protected]>
> Subject: Re: Static IP and IP management
> Message-ID:
> <[email protected]>
> Content-Type: text/plain;charset=iso-8859-1
>
> Hi Bernard,
>
> ISC dhcpd ships with a very comprehensive set of man pages, so I would
> suggest perusing these:
>
> dhcpd.conf, dhcpd, dhcp-options, dhcp-eval
>
> In this case the reserved leases are mentioned in the dhcpd.conf man page.
> I've included the section below in the hope that google will find it for
> future searches.
>
> I would also suggest that you can approximate a reserved lease by setting
> the lease time to be very long, say 1 year (31536000 seconds).
>
> regards,
> -glenn
>
> man dhcpd.conf
> ...
> RESERVED LEASES
> It's often useful to allocate a single address to a single
> client, in approximate perpetuity. Host statements with
> fixed-address clauses exist to a certain extent to serve
> this purpose, but because host statements are intended to
> approximate 'static configuration', they suffer from not
> being referenced in a littany of other Server Services, such
> as dynamic DNS, failover, 'on events' and so forth.
>
> If a standard dynamic lease, as from any range statement, is
> marked 'reserved', then the server will only allocate this
> lease to the client it is identified by (be that by client
> identifier or hardware address).
>
> In practice, this means that the lease follows the normal
> state engine, enters ACTIVE state when the client is bound
> to it, expires, or is released, and any events or services
> that would normally be supplied during these events are pro-
> cessed normally, as with any other dynamic lease. The only
> difference is that failover servers treat reserved leases as
> special when they enter the FREE or BACKUP states - each
> server applies the lease into the state it may allocate from
> - and the leases are not placed on the queue for allocation
> to other clients. Instead they may only be 'found' by
> client identity. The result is that the lease is only
> offered to the returning client.
>
> Care should probably be taken to ensure that the client only
> has one lease within a given subnet that it is identified
> by.
>
> Leases may be set 'reserved' either through OMAPI, or
> through the 'infinite-is-reserved' configuration option (if
> this is applicable to your environment and mixture of
> clients).
>
> It should also be noted that leases marked 'reserved' are
> effectively treated the same as leases marked 'bootp'.
>
> On Fri, February 26, 2016 2:26 am, Bernard Fay wrote:
>> I have to find out about this "reserved" thing. I don't understand it.
>> Google, please, help me!
>>
>>
>> On Wed, Feb 24, 2016 at 1:44 PM, Chuck Anderson <[email protected]> wrote:
>>
>>> On Wed, Feb 24, 2016 at 01:17:13PM -0500, Bernard Fay wrote:
>>> > When the dhcpd server assign a static IP to a device, it also instruct
>>> bind
>>> > to add an entry in the DNS zone file. One thing I realized is that if
>>> a
>>> > device didn't renew his lease, the entry in the DNS zone file is not
>>> > removed. I would have thought to use the zone files to know if a
>>> device
>>> is
>>> > in use or not. I had in mind that the lease time would have help to
>>> know
>>> > if a device therefore an IP is use or not. In other words, a device
>>> > requires an IP and the dhcpd server assigned it a statically defined
>>> IP
>>> > address. The dhcpd server also instruct bind to add an entry in the
>>> > appropriate zone file. Eventually the device is turned off, the lease
>>> time
>>> > reach its limit then I would have expected the dhcpd server to
>>> instruct
>>> > bind to remove the entry regarding this device but it is not the case.
>>> > Then I could have take a look at the zone files to know what is in
>>> used
>>> and
>>> > I would know what is not in use.
>>> >
>>> > Either I made something in my configuration or I was expecting too
>>> much
>>> > from dhcpd and bind.
>>>
>>> You can do that, but you have to use "reserved" leases rather than
>>> fixed-address statements. ISC dhcpd doesn't track the expiry of
>>> fixed-address leases.
>>> _______________________________________________
>>> dhcp-users mailing list
>>> [email protected]
>>> https://lists.isc.org/mailman/listinfo/dhcp-users
>>>
>> _______________________________________________
>> dhcp-users mailing list
>> [email protected]
>> https://lists.isc.org/mailman/listinfo/dhcp-users
>
>
>
>
> ------------------------------
>
> _______________________________________________
> dhcp-users mailing list
> [email protected]
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
> End of dhcp-users Digest, Vol 88, Issue 31
> ******************************************
------------------------------
_______________________________________________
dhcp-users mailing list
[email protected]
https://lists.isc.org/mailman/listinfo/dhcp-users
End of dhcp-users Digest, Vol 88, Issue 35
******************************************
