Bug#888771: dnsmasq: dhcp-option 'router' is ignored for tagged ranges

Drexl Johannes Mon, 29 Jan 2018 10:39:28 -0800

Package: dnsmasq
Version: 2.76-5+deb9u1
Severity: normal

Dear Maintainer,


when using tags for different address ranges (e. g. privilege separation) for 
IPv4, option 3 (router) is not forwarded to the client. In its stead the 
interface IP of the server is forwarded as router, which in some scenarios is 
not the case at all. 

>From the config file:
# Defining subnet
# enp31s0 has 192.168.1.8
dhcp-range=interface:enp31s0,192.168.1.128,192.168.1.254,255.255.255.0
# Setting tags
dhcp-range=set:wan,192.168.1.128,192.168.1.254
# Defining domains
domain=wan.domain.tld,192.168.1.0/24
# Defining netmask, router, dns server and ntp-server
# WAN
dhcp-option = tag:wan, option:netmask, 255.255.255.0
dhcp-option = tag:wan, option:router, 192.168.1.1
dhcp-option = tag:wan, option:dns-server, 192.168.1.8
dhcp-option = tag:wan, option:ntp-server, 192.168.1.8

>From the log file:
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size:  4 option: 51 
lease-time  1h
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size:  4 option: 58 T1  30m
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size:  4 option: 59 T2  
52m30s
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size:  4 option:  1 
netmask  255.255.255.0
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size:  4 option: 28 
broadcast  192.168.1.255
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size:  4 option:  3 router 
 192.168.1.8
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size:  4 option:  6 
dns-server  192.168.1.8
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size: 14 option: 15 
domain-name  wan.domain.tld
Jan 29 18:57:31 dnsmasq-dhcp[26530]: 1656258652 sent size: 11 option: 12 
hostname  client

Omitting the tag in the config results in proper IP being given out. I doubt 
this is intentional, although I might just forget something here.

Possible workaround atm: Enable IPv4 forwarding via "echo 1 > 
/proc/sys/net/ipv4/ip_forward"

Yours sincerely
Jo

-- System Information:
Debian Release: 9.3
  APT prefers stable-updates
  APT policy: (500, 'stable-updates'), (500, 'stable')
Architecture: amd64 (x86_64)

Kernel: Linux 4.9.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=de_DE.utf8, LC_CTYPE=de_DE.utf8 (charmap=UTF-8), 
LANGUAGE=de_DE.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages dnsmasq depends on:
ii  dnsmasq-base         2.76-5+deb9u1
ii  init-system-helpers  1.48
ii  netbase              5.4

dnsmasq recommends no packages.

Versions of packages dnsmasq suggests:
ii  resolvconf  1.79

-- Configuration Files:
/etc/dnsmasq.conf changed [not included because it just sources the conf 
directory]

-- no debconf information

Bug#888771: dnsmasq: dhcp-option 'router' is ignored for tagged ranges

Reply via email to