On 24/08/2021 08:05, Tom Yan wrote: > Hi, > > I'm trying to have both a dhcp server and a dhcp relay agent running > on the same host, which should bind to a different interface > respectively. While `bind-interfaces` appears to work for the dhcp > server, it seems to be ignored for the dhcp relay agent. > > `bind-dynamic` has a similar problem as well. If the binding *was > actually delayed* because of the option, even the dhcp server will not > bind to an interface (but simply `0.0.0.0:67`). > > Are these known limitations or bugs?
Sort of. It's complicated for DHCP. Because DHCP has to talk to no-configured hosts, it has to cope with strange packets with things like 0.0.0.0 source addresses and 255.255.255.255 destination addresses. The normal method of binding to the local address of an interface doesn't therefore work well, and is not done, even when --bind-interfaces is set. The DHCP server always uses a single socket bound to 0.0.0.0:67 This nearly always works, except when it doesn't. The main place it doesn't is when running multiple DHCP servers, and there is a mitigation for that: if the configuration states that exactly _one_ interface is all that can ever be used for DHCP then the DHCP socket gets nailed to that one, physical, interface. (not to the address, to the actual interface.) If that happens, a message something like DHCP, sockets bound exclusively to interface br-lan is logged at start-up. That doesn't help you, since you are trying to do DHCP (as a relay and as a server) on two different interfaces. Doing that would, in theory, be possible, but it would be a significant change to the existing code. The best immediate suggestion I can make is to use dnsmasq as the DHCP server, and run a stand-alone relay (I have one, called dhcp-helper) and the ISC suite included a relay too. Try both, they do low level stuff in different ways, and one may work when the other doesn't. > > P.S. Btw it's sad that there's not something like `no-dns-interface`... >From a POV of completeness, or would it actually be useful? Cheers, Simon. > > Regards, > Tom > _______________________________________________ Dnsmasq-discuss mailing list Dnsmasq-discuss@lists.thekelleys.org.uk https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
