Age | Commit message (Collapse) | Author |
|
Shared network name should not be handled by tag node mangling
I.e. should not replace underscores with dashed
set service dhcp-server shared-network-name NET_01
shared-network NET_01 {
authoritative;
...
on commit {
set shared-networkname = "NET_01";
}
}
|
|
dhcp-server: T3610: Allow configuration for non-primary ip address
|
|
|
|
|
|
This option is mandatory and must be user configurable as it needs to match
on both sides.
|
|
|
|
vyos@vyos# show service dhcp-server
shared-network-name LAN {
subnet 10.0.0.0/24 {
default-router 10.0.0.1
dns-server 194.145.150.1
lease 88
range 0 {
start 10.0.0.100
stop 10.0.0.200
}
static-route 192.168.10.0/24 {
next-hop 10.0.0.2
}
static-route 192.168.20.0/24 {
router 10.0.0.2
}
}
}
|
|
set service dhcp-server shared-network-name NET01 authoritative
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 default-router '10.0.0.1'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 lease '86400'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG01 start '10.0.0.60'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG01 stop '10.0.0.70'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG02 start '10.0.0.55'
set service dhcp-server shared-network-name NET01 subnet 10.0.0.0/24 range RNG02 stop '10.0.0.65'
Will result in a dhcpd.conf:
shared-network NET01 {
authoritative;
subnet 10.0.0.0 netmask 255.255.255.0 {
option routers 10.0.0.1;
default-lease-time 86400;
max-lease-time 86400;
range 10.0.0.60 10.0.0.70;
range 10.0.0.55 10.0.0.65;
}
on commit {
set shared-networkname = "NET01";
}
}
This is not allowed by ISC DHCPd:
dhcpd[3307]: /run/dhcp-server/dhcpd.conf line 25: lease 10.0.0.63 is declared twice!
dhcpd[3307]: range 10.0.0.55 10.0.0.65;
|
|
The problem of using the move() operation over render() is that render will
silently create the directory tree in the background and move() does not.
This means that on first boot when /run/dhcp-server does not exist, move will
fail with a FileNotFoundError.
Instead of using move() we render() the configuration two times, one for
validating it via dhcpd -t and the other time to really apply it to the service.
The performance impact should be little as the config should still be cached in
the system RAM.
|
|
|
|
The current DHCP server implementation comes with options (see below) which
allow the user to pass in any arbitrary option(s) in a verbatim way which will
manifest in dhcpd.conf.
The options are:
* set service dhcp-server global-parameters
* set service dhcp-server shared-network-name foo shared-network-parameters
* set service dhcp-server shared-network-name foo subnet 192.0.2.0/25
subnet-parameters
* set service dhcp-server shared-network-name foo subnet 192.0.2.0/25
static-mapping ff static-mapping-parameters
Having an invalid configuration will yield:
vyos@vyos# commit
[ service dhcp-server ]
Configuration file errors encountered - check your options!
[[service dhcp-server]] failed
|
|
|
|
A reference to a dictionary key obtained by a for loop can not be used to update
values inside that dictionaries key. You must use the original path to the
nested dictionaries key.
|
|
Introduced in commit e46def834483e ("dhcp: T3100: re-add range slicing support
when exclude addresses are used") by not obeying the move from list to dict
and still relying on the old list names variables.
|
|
Running ISC DHCP server as backend server for multiple pools served to relay
agents requires DHCPd to explicitly listen on give interfaces or a "transit"
subnet declaration facing the network where we receive the DHCPREQ messages on.
This implements a new "listen-address" CLI node, the given address is validated
if it is assigned to the system and upon success, a proper "subnet { }" statement
is added into dhcpd.conf
|
|
Support was not yet present after the rewrite from commit 84b7ade2 ("dhcp: T3100:
migrate server configuration to get_config_dict()")
|
|
|
|
|
|
airbag must now be explicitly installed.
the patch also allow to fully disables the installation of the logging
code at setup (and not just installing and doing nothing)
|
|
|
|
|
|
Commit bc68244 ("dhcp-server: T2185: migrate from SysVinit to systemd")
migrated the DHCP subsystem to systemd, necessary directories in the volatile
/run directory have not been created.
|
|
Commit bc68244 ("dhcp-server: T2185: migrate from SysVinit to systemd") migrated
the DHCP subsystem to systemd, but on the test-system there was still the old
configuration file present not triggering this condition.
|
|
|
|
convert all call to jinja to use template.render
|
|
os.system does print the ouput of the command, run() does not.
A new function called call() does the printing and return the error code.
|
|
As little change a possible but the function call
The behaviour should be totally unchanged.
|
|
|
|
|
|
|
|
|
|
|
|
Previous one DHCP configuration error message does not point that DHCP server work only with primary IP address on interface.
|
|
There was a bug when refactoring this with commits 5848a4d ("dhcp-server:
T1707: remove DHCP static-mappings from address pool") and 1182b44
("dhcp-server: T1707: bugfix on subsequent DHCP exclude addresses") that when
a static address assignemnt was using the last IP address from the specified
range.
This triggered the following error:
"DHCP range stop address x must be greater or equal to the range start
address y!"
|
|
Previously when static-mappings have been created the address was still within
the DHCP pool resulting in log entries as follows:
dhcpd: Dynamic and static leases present for 192.0.2.51
dhcpd: Remove host declaration DMZ_PC2 or remove 192.0.2.51
dhcpd: from the dynamic address pool for DMZ
(cherry picked from commit 6f954ab56768af9a07d8a1dc086f54ddefa58da7)
|
|
(cherry picked from commit bdf890cca40157b3f2a2386685e043e0fa220fac)
|
|
Moved the code for splicing a DHCP range into its dedicated function as this
will later be required again. Having subsequent DHCP exclude addresses
e.g. 192.0.2.70 and 192.0.2.71 did not work as the previous algorithm
created a range whose start address was after the end address.
(cherry picked from commit 0f0f9f2835cf85c1fd3652ec83368528754764cd)
|
|
when a non-unique subnet is found.
|
|
- T1435: dhcp-server: make ip-address optional in static-mapping
- remove [REQUIRED] from dhcpv6-server static-mapping identifier and ipv6-address
- verify if static-mapping ipv6-address is in subnet
- make help and error messages in conf-mode more descriptive
- remove regex ^$ anchors (implied in re.fullmatch)
|
|
|
|
|
|
WPAD url could be configured by CLI but the generated config was not
understood by ISC dhcp - caused by infalid if {} statement resulting in
a missing "option wpad-url code 252 = text;" block.
|
|
|
|
|
|
|
|
subnet-parameters were not added to the resulting configuration.
|
|
Move the on commit in a generated dhcpd.conf into the shared-network
to fix hostfile-update not working.
|
|
Commit 91c3b8bdd9 ("dhcp_server.py: cleanup") did not only cleanup parts
of the code but in addition added support for DHCP failover. That support
could lead to an empty pool {} statement if the subnet declaration only had
static address assignments but no range at all.
---<snip>---
dhcpd: /etc/dhcp/dhcpd.conf line 70: Pool declaration with no address
range.
dhcpd: }
dhcpd: ^
dhcpd: Pool declarations must always contain at least
dhcpd: one range statement.
---</snip>---
|
|
|
|
Commit 067a6b1524 ("vyos: package: extend validator by is_subnet_connected()")
added a mechanism to probe if a given IPv4/IPv6 address is connected to any
interface on the subnet - or is part of this subnet.
We now use this call instead of producing more and more biler-plate code!
|