On 06/03/2025 17:10, jean-christophe manciot wrote:
ubuntu oracular
linux 6.12.0-15-generic
dnsmasq 2.90-4 or 2.90-7
With the following specific configuration in /etc/dnsmasq.conf:
port=0
interface=eth0
bind-interfaces
dhcp-range=192.168.1.2,192.168.1.254
I get:
# /usr/bin/netstat -tunpevaW | grep dnsmasq
udp 0 0 0.0.0.0:67 0.0.0.0:* 0 19371604 3877093/dnsmasq
which contradicts your own documentation (please read until the end):
This line does not indicate that dnsmasq does not bind to an interface. It only
indicates that dnsmasq does not bind to a specific address. On Linux, the two
are separate, since it uses a weak host model. Binding to an address is useless
considering DHCP is mostly broadcast.
netstat is also deprecated. Use ss instead, which shows the bound device in the
"Local Address" column, e.g. "0.0.0.0%eth0:67".
# If you want dnsmasq to listen for DHCP and DNS requests only on
# specified interfaces (and the loopback) give the name of the
# interface (eg eth0) here.
# Repeat the line for more than one interface.
# interface=
# On systems which support it, dnsmasq binds the wildcard address,
# even when it is listening on only some interfaces. It then discards
# requests that it shouldn't reply to. This has the advantage of
# working even when interfaces come and go and change address. If you
# want dnsmasq to really bind only the interfaces it is listening on,
# uncomment this option. About the only time you may need this is when
# running another nameserver on the same machine.
# bind-interfaces
So, bind-interfaces is not applied as it takes over all interfaces.
>
> This dnsmasq issue prevents the coexistence with other DHCP server(s)
> such as kea as it binds to **all** interfaces and prevent other
> servers from listening on the interface(s) they are setup for.
The documentation is correct, dnsmasq uses SO_BINDTODEVICE when the option is
specified, as well as SO_REUSEADDR and SO_REUSEPORT.
Then kea-dhcp4-server refuses to start on any other interface with the message:
DHCPSRV_OPEN_SOCKET_FAIL failed to open socket: Failed to open socket
on interface virbr1, reason: failed to bind fallback socket to address
192.168.2.1, port 67, reason: Address already in use - is another DHCP
server running?
You need to check if they really bind to an interface and if they set
SO_REUSEADDR/SO_REUSEPORT.
The details of what combination of sockets Linux allows is a bit complicated.
The first 300 lines of net/ipv4/inet_connection_sock.c deals with this.
_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss
