in dnsmasq dhcp: leases: button to delete lease

[sigma]

I used this with the old version a lot. now I have to wait days for leases to be expire, it is frustrating. I want to see if a device is still active on my network. if I reboot opnsense it will just give the active valid lease so, rebooting does not work. If I had a button like before I can just delete the lease and see if the device requests again without rebooting. Also, when I add a static ip the dhcp lease stays.

Is there a way to delete the ip lease so I may better control my network? not having it seems illogical as it is very handy and useful to have.

Thanks in advance

[pseudonym3k]

I am in similar situation and hoping for a straightforward, clean solution.

I have some devices I need a reserved DHCP address assigned. The wifi mac is not printed anywhere, I have to connect to ethernet or wifi first to get that. I set up a reserved IP assignment in DNSMasq, then reboot the device. It just gets the dynamic IP back. The devices have no options to do anything else.

If I use the magnifier glass next to the dynamic lease in DNSmasq it takes me to the static assignment record. But still the device IP doesn't change until the lease expires.

The workarounds I have used:

1. Stop DNSMasq, edit the DNSMasq active leases file and remove unwanted leases or change the lease time, then start DNSMasq again. I haven't seen any side effects but I don't like editing files as I'll never know when it might cause a problem.

2. After the static assignment is in place, do a factory reset on the device then configure it again. Doable but not really desirable. And doesn't always work; some devices STILL get the dynamic active lease back.

3. Set the default lease time to something short *before* I connect the new device for the first time. I also need to wait until some devices (that tend to behave badly during lease renewals) are not going to be renewing during this time. If I forget to alter the default lease time then it's back to #1 or #2 or have to wait for the lease to expire, before I can finish setting up the new device.


Are there any other options I can use, to get the reserved IP assigned when the device can't cause it to happen?


I did read in Github and elsewhere that adding a delete lease function is not planned, for reasons such as possible inconsistencies. Could the active lease time be edited in the GUI to some minimum time, like five minutes, so DNSMasq could expire it in a normal way and assign the reserved IP?

[knebb]

Hi,

sorry to say but I guess you two do not understand how DHCP leases are designed...

DHCP leases have a lease time configured. Usually something about 7,200 seconds. This lease time will be send to the client together with the IP information.

So in order this is what happens when a client is configured to use DHCP:
1. client boots and sends a broadcast (dst address: 255.255.255.255, src address: 0.0.0.0) to DISCOVER the DHCP server
2. The DHCP server replies as broadcast including a suggestion (!) for IP configuration (called OFFER)
3. Client receives this reply and checks the provided information
4. In case the client can not accept the IP information (for some reason) it waits and re-starts with 1.
5. If the information is fine it will send a REQUEST packet asking the DHCP to use the requested IP
6. DHCP server confirms the use of the address and provides additional information (lease time, ntp server, ...) with an ACK
7. client is working with the provided information
8. when half (!) of the lease time has been passed, the client sends a renewal request for further usage of the IP
9a. DHCP server confirms the usage- lease time starts again. Client does 8 again after half of the time has passed
9b. If client does not get reply, it waits until 3/4 of the lease time has passed and sends the renewal request- see 8.
9c. If DHCP server refuses the further usage, does not reply at all or the lease time has passed the client releases the IP (and has not IP configuration any more)

So for you request this means:
On behalf of the DHCP server (OPNSense) you can not force a client to release or re-request an IP! If the DHCP lease time has not passed the client is still allowed to use the IP. At least until half of the time has passed. IF you reboot your server it usually does not know about the already given leases and when a client re-request after half time it might get a new IP (because the server is not aware of the already existing lease). In the end, rebooting the server (or letting him "forget" the lease) causes more trouble....

However, I see your issue. My suggestion:
Configure your DHCP server (TBH unsure if this is possible with DNSmasq) to give unknown clients only a VERY short lease time (ie 60 seconds). And for the known clients (which means there is a static lease configured) the default lease time. Thus, your client re-requests the IP very frequently and you can easily move the dynamic lease to a static one and the client will pick it up after 30 seconds....
[EDIT]:
Just checked for the ISC DHCP server on OPNSense:
Configure default lease to 60 seconds. An overwrite this default setting in every static lease by setting it to 7,200.

/KNEBB


 

[pseudonym3k]

Hi Knebb,

I don't think you understand the issue, or I'm not understanding your suggestion.

Just to clarify, we are using DNSmasq not ISC. ISC already has a delete button.

The issue is the new client has *already* joined the wifi and now I am stuck dealing with that lease.
 
Yes the default lease could be very short. Refer my option #3, a temporary short lease. But that only works if I know when the client will join so I can be ahead of it.

A permanant short lease is possible but means most of my clients (dynamic) will constantly renew, maybe that works for the OP but it's not desirable for me. My default lease is intentionally long.

FWIW I have had several routers with DNSMasq in the past, though it has been some years ago.  This wasn't an issue with those implementations. I do not recall how they worked, I found my old notes and I don't have any steps written down. So it had to be something obvious like a delete button, or a device reboot caused a static assignment to replace any dynamic that existed - something along the lines of the router handling the issue, not me.

[Monviech (Cedrik)]

Dnsmasq will not get a lease delete button.

Adjust your workflow around that fact, maybe stop to micromanage DHCP leases and just turn them into reservations without changing the IP address?

For Dnsmasq it doesnt matter if the lease is inside the range, it will be reserved unlike in ISC.

Reference, we tried but decided against it ultimately: https://github.com/opnsense/core/pull/8899

DHCP is a contract between client and server that for as long as the lease time is valid, the IP is allowed to be used ONLY by the client and unique. There is no control protocol that can update the fact that the server deleted the lease to the client. Only the client can send a DHCPRELEASE to tell the server to delete the lease. Deleting leases on the server is always unexpected for clients and not a good workflow.