Can Dnsmasq server clients on different subnets through a single interface?

Started by oblivioncth, July 30, 2025, 06:14:33 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
July 30, 2025, 06:14:33 PM
Sorry if I'm not using the right terminology as I'm new to this use case.

I want to setup a new L3 switch to handle all VLANs, including routing between them, instead of defining the interfaces on the firewall and having it do the routing less efficiently; however, I'd prefer to keep DHCP on the firewall and of course the switch supports a DHCP relay.

As mentioned in this post, I should just be able to make a transfer network to form a point-to-point connection between the switch and OPNsense (by specifying routes on both sides), which would be the only interface in OPNsense. The issue at the time of the post was that ISC is apparently unable to handle DHCP requests for subnets for which the firewall does not have an interface on (like in this case), but Kea (which now is available) should be able to do this, presumably via it's pools and the system's static routes defined in System->Routes.

My question though is, is OPNSense's implementation of the DHCP portion of Dnsmasq capable of this scenario as well? I didn't realize that had also been added as an option until I went to start migrated to Kea. I'd prefer to use the "primary"/default DHCP server since it's more likely to maintain support if the maintainers decide to drop one, but since I'm not experienced with this use case, it's unclear to me if Dnsmasq will be able to handle requests from DHCP relays like this.
July 30, 2025, 06:37:25 PM #1
If the switch does the inter VLAN routing, the switch also needs to provide a DHCP relay. Check the vendor documention.
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)
July 30, 2025, 07:16:06 PM #2
Yeah dnsmasq can do it the exact setup was tested and confirmed here:

https://github.com/opnsense/core/issues/8924
Hardware:
DEC740
July 30, 2025, 09:12:12 PM #3
Quote from: Patrick M. Hausen on July 30, 2025, 06:37:25 PMIf the switch does the inter VLAN routing, the switch also needs to provide a DHCP relay. Check the vendor documention.

Sorry if I wasn't clear, it indeed does. GWN7822P from Grantstream. Has a DHCP server and relay option. I just wanted to make sure that Dnsmasq could handles ranges outside of the interface its on, like Kea can.

Quote from: Monviech (Cedrik) on July 30, 2025, 07:16:06 PMYeah dnsmasq can do it the exact setup was tested and confirmed here:

https://github.com/opnsense/core/issues/8924

Thanks, that's awesome that this exact setup was already documented as working, though, do you know explicitly where and in what format I am to include the subnet mask in this dialogue, since it only has fields for start and end (perhaps after a comma in the end field)?



It seems that it's recommended to also pass the netmask via option 1 so that it's also cleanly communicated to clients, but the core functionality of this setup requires it in the range.

Additionally, I'm assuming that OPNsense's "Set" type is what I want to use to do the same as
Code Select
dhcp-option=tag:my_tag_for_some_vlan,3,192.168.1.1 to set the gateway provided to the requests that match that tag, for example?
July 30, 2025, 09:45:35 PM #4
You have to be on 25.7 for all dnsmasq option as the release was finished in it.
Hardware:
DEC740
July 30, 2025, 10:08:17 PM #5
Quote from: Monviech (Cedrik) on July 30, 2025, 09:45:35 PMYou have to be on 25.7 for all dnsmasq option as the release was finished in it.

Woops, mistook the version I thought this machine was on for another machine.

I see the field now.
Print
Go Up Pages1
User actions