How to configure DHCP Proxy?
-
Hi everyone.
I got lost in the configurations…
I have ubuntu server 14.04 with fog installed on it.
I can’t configure my DHCP server so the solution is to install DHCP Proxy.
I tried to install dnsmasq and to everything that the wiki said but I’m doing something wrong.
I want my dhcp server act as normal and only dhcp proxy request to answer by the dnsmasq (ubuntu server).
I installed fog as a normal server, didn’t [FONT=sans-serif][COLOR=#000000]setup a DHCP router address or a DNS server address, [/COLOR][/FONT][FONT=sans-serif][COLOR=#000000]also didn’t use FOG as a DHCP server.[/COLOR][/FONT]
[FONT=sans-serif][COLOR=#000000]what should I do next?[/COLOR][/FONT]
[FONT=sans-serif][COLOR=#000000]thanks in advanced…[/COLOR][/FONT] -
Please post your dnsmasq config…
[CODE]sudo netstat -antup | grep “:67”[/CODE]
And the output of this command… -
dnsmasq config is the default (for a fresh start).
the file is attached.command output:
[CODE]udp 0 0 0.0.0.0:67 0.0.0.0:* 3451/dnsmasq
[/CODE][url=“/_imported_xf_attachments/1/1864_dnsmasq.conf.txt?:”]dnsmasq.conf.txt[/url]
-
[quote=“Amit Madmoni, post: 45415, member: 29386”]dnsmasq config is the default (for a fresh start).
the file is attached.command output:
[CODE]udp 0 0 0.0.0.0:67 0.0.0.0:* 3451/dnsmasq
[/CODE][/quote]Use this
Copy the configuration to the file /etc/dnsmasq.d/ltsp.conf, edit the spaces for your ip address, symlink your boot file and restart the dnsmasq process.
-
[quote=“Jaymes Driver, post: 45416, member: 3582”]Use this
Copy the configuration to the file /etc/dnsmasq.d/ltsp.conf, edit the spaces for your ip address, symlink your boot file and restart the dnsmasq process.[/quote]
can you be more specific?
what exactly should I edit?
Let assume that my dhcp is 172.16.0.1 and my fog is 172.16.0.200.
fog is installed with default settings under ubuntu server 14.04.
the dnsmasq is on the same server (172.16.0.200). -
[quote=“Amit Madmoni, post: 45431, member: 29386”]can you be more specific?
what exactly should I edit?
Let assume that my dhcp is 172.16.0.1 and my fog is 172.16.0.200.
fog is installed with default settings under ubuntu server 14.04.
the dnsmasq is on the same server (172.16.0.200).[/quote]Read the article.
The “#” (hash tags, pound sign) are comments in the code.Read the comments (and the pertaining bits of the article).
If you have questions beyond that, come back and ask and I’ll help further. -
With “dnsmasq config” I did not mean the standard /etc/dnsmasq.conf file. We would like to see what you configured to make ProxyDHCP work…
As Jaymes said: edit /etc/dnsmasq.d/ltsp.conf (create it if it does not exist) and make changes to suit your environment.
It’s not of much help if we provide you with a config file to just put in place. We want to help people to help themselves to make FOG work. So please read through the article Jaymes posted and give it a try.
-
this is exactly the problem.
I got lost in all the options in the /etc/dnsmasq.d/ltsp.conf file.
what is the relevant options that I need to edit to make only the proxyDHCP to work? -
As far as the options that you need, the ones listed in the WiKi page are pretty much all needed.
IF you look here:[url]http://fogproject.org/wiki/index.php/Using_FOG_with_an_unmodifiable_DHCP_server/_Using_FOG_with_no_DHCP_server#Setup_and_Configuration[/url]
You’ll see the upper section (for newer FOG versions):
[CODE]# Sample configuration for dnsmasq to function as a proxyDHCP server,enabling LTSP clients to boot when an external, unmodifiable DHCP
server is present.
The main dnsmasq configuration is in /etc/dnsmasq.conf;
the contents of this script are added to the main configuration.
You may modify the file to suit your needs.
Don’t function as a DNS server:
port=0
Log lots of extra information about DHCP transactions.
log-dhcp
Dnsmasq can also function as a TFTP server. You may uninstall
tftpd-hpa if you like, and uncomment the next line:
enable-tftp
Set the root directory for files available via FTP.
tftp-root=/tftpboot
The boot filename.
dhcp-boot=pxelinux.0
rootpath option, for NFS
dhcp-option=17,/images
kill multicast
dhcp-option=vendor:PXEClient,6,2b
Disable re-use of the DHCP servername and filename fields as extra
option space. That’s to avoid confusing some old or broken DHCP clients.
dhcp-no-override
PXE menu. The first part is the text displayed to the user. The second is the timeout, in seconds.
pxe-prompt=“Press F8 for boot menu”, 3
The known types are x86PC, PC98, IA64_EFI, Alpha, Arc_x86,
Intel_Lean_Client, IA32_EFI, BC_EFI, Xscale_EFI and X86-64_EFI
This option is first and will be the default if there is no input from the user.
pxe-service=X86PC, “Boot from network”, pxelinux
A boot service type of 0 is special, and will abort the
net boot procedure and continue booting from local media.
pxe-service=X86PC, “Boot from local hard disk”, 0
If an integer boot service type, rather than a basename is given, then the
PXE client will search for a suitable boot service for that type on the
network. This search may be done by multicast or broadcast, or direct to a
server if its IP address is provided.
pxe-service=x86PC, “Install windows from RIS server”, 1
This range(s) is for the public interface, where dnsmasq functions
as a proxy DHCP server providing boot information but no IP leases.
Any ip in the subnet will do, so you may just put your server NIC ip here.
Since dnsmasq is not providing true DHCP services, you do not want it
handing out IP addresses. Just put your servers IP address for the interface
that is connected to the network on which the FOG clients exist.
If this setting is incorrect, the dnsmasq may not start, rendering
your proxyDHCP ineffective.
dhcp-range=192.168.1.10,proxy
This range(s) is for the private network on 2-NIC servers,
where dnsmasq functions as a normal DHCP server, providing IP leases.
dhcp-range=192.168.0.20,192.168.0.250,8h
For static client IPs, and only for the private subnets,
you may put entries like this:
dhcp-host=00:20:e0:3b:13:af,10.160.31.111,client111,infinite[/CODE]
the lines that have #'s are comments, and are not needed for a standard configuration…
If you take out ALL comments, you wind up with something like this:
[CODE]port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=pxelinux.0
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 3
pxe-service=X86PC, “Boot from network”, pxelinux
pxe-service=X86PC, “Boot from local hard disk”, 0
cp-range=192.168.1.10,proxy[/CODE][FONT=Tahoma]And, all that stuff is pretty necessary… this stuff is the core of ProxyDHCP using dnsmasq.[/FONT]
[FONT=Tahoma]Go through what’s in the WiKi line by line.[/FONT]
[FONT=Tahoma]All the comments for the lines that are already enabled, those tell you exactly what those are…[/FONT]
Standard setups look just like this…[FONT=Tahoma]You might check this post out for a working example, however this was wrote for someone else and you’ll have to change it as necessary: [url]http://fogproject.org/forum/threads/intel-undi-stuck-initializing.12729/#post-45331[/url][/FONT]
-
[quote=“Amit Madmoni, post: 45437, member: 29386”]this is exactly the problem.
I got lost in all the options in the /etc/dnsmasq.d/ltsp.conf file.
what is the relevant options that I need to edit to make only the proxyDHCP to work?[/quote]I understand that the config file can be a bit daunting, but we left the commented sections because they explain exactly how and why to use the option.
Wayne and uncle Frank are correct, we usually try to provide documentation on how to accomplish a task, we don’t edit files for you and hand them to you. I would be happy to help you to troubleshoot your issues, but I created and edited the articles on the wiki so that everyone could easily find the information and make use of it.
Wayne took this a step further, and I may edit the wiki article to include this, but you can remove the lines with a # in front of them, this is called a comment and DNSMASQ will gloss over the information without using it.
The portion below should help you to better understand where your information is required.
[code]
port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=undionly.kpxe,x.x.x.x
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 3
pxe-service=X86PC, “Boot from network”, pxelinux
pxe-service=X86PC, “Boot from local hard disk”, 0
dhcp-range=10.0.0.10,proxy
[/code]We need to edit the line “dhcp-boot=undionly.kpxe,x.x.x.x” and we need to replace the x.x.x.x with your FOG server ip address. according to your information the ip address is 172.16.0.200.
The correct line should read: dhcp-boot=undionly.kpxe,172.16.0.200
The next line to edit would be “dhcp-range=10.0.0.10,proxy” and we need to replace the 10.0.0.10 to an ip address you wish to use as a starting point for the proxy dhcp range.
Because this is only a Proxy and doesn’t actually have any bearing on your network, we recommend using the FOG server ip address as the starting dhcp address.
The correct line should read: dhcp-range=172.16.0.200,proxy
The only other line that should be edited in the ltsp.conf file would be the line “pxe-prompt=“Press F8 for boot menu”, 3”, You may change the number 3 to any number you would like. I usually set mine to 0, this is the screen that appears while DNSMASQ pulls up your boot information. Setting this number to 0 will allow for faster booting to the undionly.kpxe file.
So to wrap this all up you need to type the following command into a terminal
[code]
sudo gedit /etc/dnsmasq.d/ltsp.conf
[/code]paste the following into the document and save
[code]
port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=undionly.kpxe,172.16.0.200
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 0
pxe-service=X86PC, “Boot from network”, pxelinux
pxe-service=X86PC, “Boot from local hard disk”, 0
dhcp-range=172.16.0.200,proxy
[/code]Now you need to symlink the undionly file so dnsmasq can boot, issue the following commands in the terminal
[code]
cd /tftpboot
sudo ln -s undionly.kpxe undionly.0
sudo service dnsmasq restart
[/code]Now you should have a working DNSMASQ set up for your FOG Server.
Not to be mean, but please read the documentation, the wiki articles, and understand them.
We are more than willing to help you to understand what needs to be placed and where.
I do hope this helps clear up some confusion. I hope that my explanations and assistance outlined in this article helps to answer any future questions users may have.
I don’t feel like I helped you learn anything now that I have handed you the answers
When you restart dnsmasq, if you get an error reading “dnsmasq: failed to create listening socket for port 53: Address already in use failed!” You will likely need to perform the following actions since you are running Ubuntu 14.04:
-
First, thanks a lot for your answers guys.
Second, Jaymes Driver, this is exactly what I was looking for.
I don’t mean that i was looking for specific answer, but you answered all my questions. and don’t worry… i learned a lot!Now my problem is when I’m restarting the dnsmasq service, I didn’t get this error: “dnsmasq: failed to create listening socket for port 53: Address already in use failed!”. instead I’m getting " Restarting DNS forwarder and DHCP server configuration syntax check"
again, thanks for everyone!
updae 1:
so I ran " dnsmasq -d", getting “dnsmasq: failed to create listening socket for port 53: Permission denied”
next - with sudo, getting:
[CODE]dnsmasq: started, version 2.68 cachesize 150
dnsmasq: compile time options: IPv6 GNU-getopt DBus i18n IDN DHCP DHCPv6 no-Lua TFTP conntrack ipset auth
dnsmasq: reading /etc/resolv.conf
dnsmasq: using nameserver 209.222.18.218#53
dnsmasq: using nameserver 209.222.18.222#53
dnsmasq: using nameserver 10.0.0.1#53
dnsmasq: read /etc/hosts - 5 addresses[/CODE]10.0.0.1 is my router-dhcp-dns
my real FOG real ip is 10.0.0.210updae 2:
I’m trying to start dnsmasq service:
[CODE] * Starting DNS forwarder and DHCP server dnsmasq
dnsmasq: illegal repeated keyword at line 1 of /etc/dnsmasq.d/ltsp.conf
[fail]
[/CODE]/etc/dnsmasq.d/ltsp.conf:
[CODE]port=0
log-dhcp
tftp-root=/tftpboot
dhcp-boot=undionly.kpxe,10.0.0.210
dhcp-option=17,/images
dhcp-option=vendor:PXEClient,6,2b
dhcp-no-override
pxe-prompt=“Press F8 for boot menu”, 0
pxe-service=X86PC, “Boot from network”, pxelinux
pxe-service=X86PC, “Boot from local hard disk”, 0
dhcp-range=10.0.0.210,proxy
[/CODE]update 3:
I figured it out.
There was a backup files in that directory. deleting them solved the problem. -
so I have another problem:
(Attached pic)[url=“/_imported_xf_attachments/1/1872_boot error.PNG?:”]boot error.PNG[/url]
-
[quote=“Amit Madmoni, post: 45522, member: 29386”]so I have another problem:
(Attached pic)[/quote]Have a look through here, pay attention to the permissions section: [url]http://fogproject.org/wiki/index.php/Troubleshoot_TFTP[/url]
-
Oh and also,
You need to make a copy (or symbolic link) of undionly.kpxe as undionly.0
This is a known issue with dnsmasq.
-
failed at first stage.
I tried to telnet to port 69 on the server, but the port is closed.
In the server I checked that the tftpd-hpa service is running. -
Try restarting the service,
and check your firewall.
[CODE]sudo iptables -L[/CODE] -
everything is good according to the “Troubleshoot TFTP” guide.
I also changed permissions.
yet, can’t boot from ws.
what should I do next? -
What’s the output of this:
[CODE]ls -a /tftpboot[/CODE]
and, try changing /etc/dnsmasq.d/ltsp.conf:
this line:
[FONT=Consolas]dhcp-boot=undionly.kpxe,10.0.0.210 [/FONT]
[FONT=Consolas]to:[/FONT]
[FONT=Consolas]dhcp-boot=undionly.kpxe,[/FONT][FONT=Consolas]10.0.0.210[/FONT][FONT=Consolas],10.0.0.210[/FONT] -
output is attached.
I edited the /etc/dnsmasq.d/ltsp.conf file. same error.
[url=“/_imported_xf_attachments/1/1875_ls -a output.PNG?:”]ls -a output.PNG[/url]
-
What happens when you try to get undionly.kpxe through command line?
You can use Windows, or a Linux live disk for this. There are examples for testing in the “Troubleshoot TFTP” page.
Please post the output of it.If you are successful, please do a TCP dump next, and post the resulting file. Here are some general instructions:
[CODE]sudo tcpdump -w issue.pcap -i eth0[/CODE]
You might need to change the interface name in the above command, seems like I have never had an interface named eth0 in Linux… This command will list all available interfaces. Pick the right one.
[CODE]ip link show[/CODE]Run the above capture command on the FOG machine, then start the remote target host. Wait till it fails, then stop tcpdump (ctrl+c), transfer the PCAP file to your PC and examine it using wireshark. After the capture is completed, please use the MAC address of the target host as the filter for sender & receiver. This address will filter out ALL traffic that isn’t coming from or going to the target client.
Example Filter (change the MAC addresses):
[CODE]eth.dst == 00:0C:CC:76:4E:07 || eth.src==00:0C:CC:76:4E:07[/CODE]Please also post this PCAP file so we can look at it and see what’s going on. And if you don’t filter the file for us, we will need the target host’s MAC as well so we can filter it.
