dnsmasq in openvz slackware VE

lambo69 · 01-21-2013, 07:41 AM

Hi,

i'm in trouble with running dnsmasq as dhcp server in an openvz ve under slackware 14.0. DNS runs fine, dhcp doesn't work. No packet filters running, it shows the following behaviour:

In VE, ps ax and /var/log/messages show the following:

Code:

root@dns_dhcp:~> cat /etc/dnsmasq.conf
user=vmdnsmasq
group=vmdnsmasq

interface=venet0

#dhcp-authoritative
dhcp-range=192.168.0.190,192.168.0.200,96h

root@dns_dhcp:~> ps ax
 PID TTY      STAT   TIME COMMAND
    1 ?        Ss     0:00 init [3]
   69 ?        Ss     0:00 /usr/sbin/syslogd
  178 ?        Ss     0:00 /usr/sbin/sshd
  190 ?        Ss     0:00 /usr/sbin/crond -l notice
  195 ?        S      0:00 dnsmasq
  196 ?        Ss     0:00 sshd: root@pts/0
  198 pts/0    Ss     0:00 -bash
  210 pts/0    R+     0:00 ps ax

root@dns_dhcp:~> cat /var/log/messages
  Jan 21 12:50:37 dns_dhcp dnsmasq[195]: started, version 2.57   cachesize 150
  Jan 21 12:50:37 dns_dhcp dnsmasq[195]: compile time options: IPv6  GNU-getopt no-DBus I18N DHCP TFTP IDN
  Jan 21 12:50:37 dns_dhcp dnsmasq-dhcp[195]: DHCP, IP range 192.168.0.190 -- 192.168.0.200, lease time 4d
  Jan 21 12:50:37 dns_dhcp init: no more processes left in this runlevel
  Jan 21 12:50:37 dns_dhcp dnsmasq[195]: reading /etc/resolv.conf
  Jan 21 12:50:37 dns_dhcp dnsmasq[195]: using nameserver 5.9.237.206#53
  Jan 21 12:50:37 dns_dhcp dnsmasq[195]: using nameserver 217.171.190.12#53
  Jan 21 12:50:37 dns_dhcp dnsmasq[195]: read /etc/hosts - 15 addresses

...looks good for me, or is there anything wrong? If it's important: the IP range of the leases does not intersect with the IP addresses in /etc/hosts.

Now try to get an address by a client (physically a different machine):

Code:

root@multivac:~> dhclient eth0
root@multivac:~>

let's have a look at /var/log/messages:

Code:

root@multivac:~> cat /var/log/messages

<SNIP/>

Jan 21 14:22:14 multivac kernel: [16949.417422] ADDRCONF(NETDEV_CHANGE): eth0: link becomes ready
Jan 21 14:22:18 multivac dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 15
Jan 21 14:22:33 multivac dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7
Jan 21 14:22:40 multivac dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 15
Jan 21 14:22:55 multivac dhclient: DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 16
Jan 21 14:23:11 multivac dhclient: No DHCPOFFERS received.
Jan 21 14:23:

Having a closer look with nmap to the VE running dnsmasq:

Code:

root@multivac:~> nmap 192.168.0.2

Starting Nmap 6.01 ( http://nmap.org ) at 2013-01-21 14:28 CET
Nmap scan report for dns_dhcp (192.168.0.2)
Host is up (0.00024s latency).
Not shown: 998 closed ports
PORT   STATE SERVICE
22/tcp open  ssh
53/tcp open  domain
MAC Address: xx:xx:xx:xx:xx:xx (Netronix)

Nmap done: 1 IP address (1 host up) scanned in 0.79 seconds

Shouldn't port 67 be open?

I get the same result from other machines that try to get a lease.

Has anyone an idea or a hint?

confused
lambo

hotchili · 01-22-2013, 05:26 AM

Hello,

a quick search shows that for dhcp to work you need to setup a veth network device, not the standard venet.

http://wiki.openvz.org/DHCP
http://wiki.openvz.org/Virtual_Ethernet_device

Maybe that is why it isn't working. Good luck

lambo69 · 01-25-2013, 10:25 AM

Thank you for the hint. Unfortunately, it still doesn't work after switching to a veth.
tcpdump on the openvz host shows, that it (the host) receives the DISCOVER requests from the client, but a tcpdump inside the VE on eth0 shows: nothing. The VE responds to pings and DNS requests via it's eth0 from the outside.
On the host, the following is set:

Code:

root@openvzhost:~> cat /proc/sys/net/ipv4/conf/eth0/forwarding
1
root@openvzhost:~> cat /proc/sys/net/ipv4/conf/eth0/proxy_arp
1
root@openvzhost:~> cat /proc/sys/net/ipv4/conf/veth9999.0/forwarding
1
root@openvzhost:~> cat /proc/sys/net/ipv4/conf/veth9999.0/proxy_arp
1

Bridging with bridge-utils has also failed.

lambo