DHCP via DNSmasq in 25.1.6: IPv6 OK, IPv4 not working properly

[irrenarzt]

For anyone that is feeling apprehensive about doing this swap-over from ISC to DNSmasq:

I'm a complete idiot with a semi-complicated setup, and still got it working first try. The guide is dumbed down enough that I didn't have any issues, and everything is working perfectly fine. It did take me ~1 hour to do it since there were a lot more steps than the initial setup for ISC, but it wasn't difficult (just repetitive).

[bazineta]

In dnsmasq you cannot use the same fqdn for all ranges.

If you have devices that advertise the same hostname in different subnets, they would overwrite the managed dns records without having a special domain which makes it unique.

But isn't that true even within a subnet? That is, I've got a number of cheap and cheerful WiFi-enabled outlets here, all of them referring to themselves as 'HS105', and, basically, last one in wins, it seems.

[Monviech (Cedrik)]

In dnsmasq you cannot use the same fqdn for all ranges.

If you have devices that advertise the same hostname in different subnets, they would overwrite the managed dns records without having a special domain which makes it unique.

But isn't that true even within a subnet? That is, I've got a number of cheap and cheerful WiFi-enabled outlets here, all of them referring to themselves as 'HS105', and, basically, last one in wins, it seems.

Yes you are correct.

I guess essentially it should not matter then if you use e.g., lan.internal for all ranges.

[Vexz]

No success with dnsmasq DHCP - neither with IPv4 nor IPv6. I stuck with the examples from the documentation and only made a few specific tweaks, according to my setup and added a few additional DHCP options. Not sure why all of my devices refuse to get an IP address. I don't even see a request in the logs. A reboot of my OPNsense didn't help either. What a bummer. :(

[franco]

Firewall rules not set? Automatic rules only work if interfaces are selected or of the LAN pass-all is used.


Cheers,
Franco

[Vexz]

Firewall rules not set? Automatic rules only work if interfaces are selected or of the LAN pass-all is used.

Not sure which rules exactly you mean. There's an allow any inbound traffic rule on my LAN interface. For DHCP ranges I selected my LAN interface.

Edit:
Ah, you might talk about the firewall rules with port 67 and 68. Yes, they're there.

[franco]

I have to revise my statement: the Dnsmasq DHCP registers firewall rules, but the apply does not reload the filter to activate them. We discussed the code today and a possible solution.


Cheers,
Franco

[Vexz]

Even if that is the case, I restarted my OPNsense and that didn't help either.

[franco]

Ok, different problem. :)


Cheers,
Franco

[Vexz]

Strange. I just tried it again without changing anything of the dnsmasq settings and it works now (IPv4 and IPv6). Obtaining an IP address takes much longer than with ISC DHCP though.

Edit:
Anything I can do to fix these warnings in the logs? Sounds like something isn't quite right with my IP reservation for this host.

Code Select Expand

not giving name Gaming-Server.home to the DHCP lease of XXXX:XX:XXXX:7c00::3 because the name exists in /var/etc/dnsmasq-hosts with address ::3(I censored the IPv6, because it's a valid lease.)

[Monviech (Cedrik)]

There seems to be still something strange going on with partial IPv6 address reservations in dhcpv6 ranges with constructor.

The documentation on that topic is quite thin though, but Im looking into it.

[Vexz]

I'd rather not use partial IPv6 address reservations, but my ISP gives me a dynamic IPv6 prefix. Thanks for looking into it.

[franco]

Maybe we simply need to stop writing /var/etc/dnsmasq-hosts?

[Monviech (Cedrik)]

Oh right yeah thats a good guess. We have a script that write all reservations in it.

Maybe we can skip partial ipv6 addresses.

[Vexz]

Can anybody tell me what combination of RA modes in dnsmasq DHCPv6 is equivalent to "Assisted" in Services > Router Advertisement, please?