Age | Commit message (Collapse) | Author |
|
set service dhcp-server shared-network-name NET01 authoritative
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 default-router '10.0.0.1'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 lease '86400'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG01 start '10.0.0.60'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG01 stop '10.0.0.70'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG02 start '10.0.0.55'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG02 stop '10.0.0.65'
Will result in a dhcpd.conf:
shared-network NET01 {
authoritative;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
default-lease-time 86400;
max-lease-time 86400;
range 10.0.0.60 10.0.0.70;
range 10.0.0.55 10.0.0.65;
}
on commit {
set shared-networkname = "NET01";
}
}
This is not allowed by ISC DHCPd:
dhcpd[3307]: /run/dhcp-server/dhcpd.conf line 25: lease 10.0.0.63 is declared twice!
dhcpd[3307]: range 10.0.0.55 10.0.0.65;
(cherry picked from commit b0e1c8a9c9ef470297bf3c9f5059ad7c720c46ff)
|
|
The problem of using the move() operation over render() is that render will
silently create the directory tree in the background and move() does not.
This means that on first boot when /run/dhcp-server does not exist, move will
fail with a FileNotFoundError.
Instead of using move() we render() the configuration two times, one for
validating it via dhcpd -t and the other time to really apply it to the service.
The performance impact should be little as the config should still be cached in
the system RAM.
(cherry picked from commit 1f68b69328c961e450ac70b12f7bf073d70355d7)
|
|
(cherry picked from commit 37f3ead353625b53cfa8953196a9c32b42a10e7f)
|
|
The current DHCP server implementation comes with options (see below) which
allow the user to pass in any arbitrary option(s) in a verbatim way which will
manifest in dhcpd.conf.
The options are:
* set service dhcp-server global-parameters
* set service dhcp-server shared-network-name foo shared-network-parameters
* set service dhcp-server shared-network-name foo subnet 192.0.2.0/25
subnet-parameters
* set service dhcp-server shared-network-name foo subnet 192.0.2.0/25
static-mapping ff static-mapping-parameters
Having an invalid configuration will yield:
vyos@vyos# commit
[ service dhcp-server ]
Configuration file errors encountered - check your options!
[[service dhcp-server]] failed
(cherry picked from commit 3c754695590b9d9e582c10e6d05c2b628e79262c)
|
|
|
|
A reference to a dictionary key obtained by a for loop can not be used to update
values inside that dictionaries key. You must use the original path to the
nested dictionaries key.
|
|
Introduced in commit e46def834483e ("dhcp: T3100: re-add range slicing support
when exclude addresses are used") by not obeying the move from list to dict
and still relying on the old list names variables.
|
|
Running ISC DHCP server as backend server for multiple pools served to relay
agents requires DHCPd to explicitly listen on give interfaces or a "transit"
subnet declaration facing the network where we receive the DHCPREQ messages on.
This implements a new "listen-address" CLI node, the given address is validated
if it is assigned to the system and upon success, a proper "subnet { }" statement
is added into dhcpd.conf
|
|
Support was not yet present after the rewrite from commit 84b7ade2 ("dhcp: T3100:
migrate server configuration to get_config_dict()")
|
|
|
|
|
|
airbag must now be explicitly installed.
the patch also allow to fully disables the installation of the logging
code at setup (and not just installing and doing nothing)
|
|
|
|
|
|
Commit bc68244 ("dhcp-server: T2185: migrate from SysVinit to systemd")
migrated the DHCP subsystem to systemd, necessary directories in the volatile
/run directory have not been created.
|
|
Commit bc68244 ("dhcp-server: T2185: migrate from SysVinit to systemd") migrated
the DHCP subsystem to systemd, but on the test-system there was still the old
configuration file present not triggering this condition.
|
|
|
|
convert all call to jinja to use template.render
|
|
os.system does print the ouput of the command, run() does not.
A new function called call() does the printing and return the error code.
|
|
As little change a possible but the function call
The behaviour should be totally unchanged.
|
|
|
|
|
|
|
|
|
|
|
|
Previous one DHCP configuration error message does not point that DHCP server work only with primary IP address on interface.
|
|
There was a bug when refactoring this with commits 5848a4d ("dhcp-server:
T1707: remove DHCP static-mappings from address pool") and 1182b44
("dhcp-server: T1707: bugfix on subsequent DHCP exclude addresses") that when
a static address assignemnt was using the last IP address from the specified
range.
This triggered the following error:
"DHCP range stop address x must be greater or equal to the range start
address y!"
|
|
Previously when static-mappings have been created the address was still within
the DHCP pool resulting in log entries as follows:
dhcpd: Dynamic and static leases present for 192.0.2.51
dhcpd: Remove host declaration DMZ_PC2 or remove 192.0.2.51
dhcpd: from the dynamic address pool for DMZ
(cherry picked from commit 6f954ab56768af9a07d8a1dc086f54ddefa58da7)
|
|
(cherry picked from commit bdf890cca40157b3f2a2386685e043e0fa220fac)
|
|
Moved the code for splicing a DHCP range into its dedicated function as this
will later be required again. Having subsequent DHCP exclude addresses
e.g. 192.0.2.70 and 192.0.2.71 did not work as the previous algorithm
created a range whose start address was after the end address.
(cherry picked from commit 0f0f9f2835cf85c1fd3652ec83368528754764cd)
|
|
when a non-unique subnet is found.
|
|
- T1435: dhcp-server: make ip-address optional in static-mapping
- remove [REQUIRED] from dhcpv6-server static-mapping identifier and ipv6-address
- verify if static-mapping ipv6-address is in subnet
- make help and error messages in conf-mode more descriptive
- remove regex ^$ anchors (implied in re.fullmatch)
|
|
|
|
|
|
WPAD url could be configured by CLI but the generated config was not
understood by ISC dhcp - caused by infalid if {} statement resulting in
a missing "option wpad-url code 252 = text;" block.
|
|
|
|
|
|
|
|
subnet-parameters were not added to the resulting configuration.
|
|
Move the on commit in a generated dhcpd.conf into the shared-network
to fix hostfile-update not working.
|
|
Commit 91c3b8bdd9 ("dhcp_server.py: cleanup") did not only cleanup parts
of the code but in addition added support for DHCP failover. That support
could lead to an empty pool {} statement if the subnet declaration only had
static address assignments but no range at all.
---<snip>---
dhcpd: /etc/dhcp/dhcpd.conf line 70: Pool declaration with no address
range.
dhcpd: }
dhcpd: ^
dhcpd: Pool declarations must always contain at least
dhcpd: one range statement.
---</snip>---
|
|
|
|
Commit 067a6b1524 ("vyos: package: extend validator by is_subnet_connected()")
added a mechanism to probe if a given IPv4/IPv6 address is connected to any
interface on the subnet - or is part of this subnet.
We now use this call instead of producing more and more biler-plate code!
|
|
|
|
verify()
|
|
|
|
If there was yet no lease file present, dhcpd refused to start. Lease
file is created if required. Ususally this is handeled by the isc-dhcp-server
init script but we use our own path (for persistance) of that file.
|
|
|
|
|
|
|