Skip to content

Instantly share code, notes, and snippets.

@johnsimcall

johnsimcall/dnsmasq-dhcp-known-mac-addresses.conf

Last active September 22, 2023 13:12
Show Gist options
  • Save johnsimcall/e8137997046ea6311320a703ca01d2f4 to your computer and use it in GitHub Desktop.
Save johnsimcall/e8137997046ea6311320a703ca01d2f4 to your computer and use it in GitHub Desktop.
Download ZIP
Example DHCP (dnsmasq)
Raw
dnsmasq-dhcp-known-mac-addresses.conf
# Copy this config into a new file at /etc/dnsmasq.d/my-site.conf
# Only listen on a particular interface/ip address (avoid conflict with libvirt-managed virbr0)
interface=eno1
#listen-address=172.27.0.93
bind-interfaces
port=0 # don't answer DNS requests, we'll send them to the corporate DNS below
# Basic config for DHCP that uses existing router, DNS, and NTP devices
dhcp-range=172.27.0.90,172.27.0.100 # only give out addresses in this range
dhcp-option=option:router,172.27.0.1 # don’t use this dnsmasq server as a gateway/default route
dhcp-option=option:dns-server,10.64.0.12,10.64.0.13 # use corporate DNS servers
dhcp-option=option:ntp-server,10.64.0.11 # time is always critical
#dhcp-ignore=tag:!known # only give DHCP addresses to hosts defined below, run 'journalctl -flu dnsmasq' to see ignored requests
dhcp-host=fe:ff:f0:b1:e8:03,172.27.0.90,bootstrap # give this host a default lease duration (1 hour)
dhcp-host=fe:ff:f5:52:55:03,172.27.0.91,controlplane1,infinite # give these hosts an "infinite" lease. RHCOS will convert to static IP
dhcp-host=fe:ff:fc:8f:45:03,172.27.0.92,controlplane2,infinite
dhcp-host=fe:ff:ff:0d:5a:03,172.27.0.93,controlplane3,infinite
dhcp-host=fe:ff:f2:4e:5b:03,172.27.0.94,worker1,infinite
dhcp-host=fe:ff:fd:5a:b3:03,172.27.0.95,worker2,infinite
Raw
dnsmasq-dhcp-unknown-mac-addresses.conf
# This is a minimal config for DHCP that uses existing router, DNS, and NTP devices.
# Copy this config into a new file at /etc/dnsmasq.d/my-site.conf
# Please note! this will give "infinite" leases to clients
# RHEL CoreOS clients will automatically reconfigure to static IP addressing when the lease time is "infinite"
# Also, instead of using THIS SERVER as the DNS server & default gateway (router), tell clients to use specific DNS servers, NTP servers, and gateway/router
dhcp-range=172.27.0.90,172.27.0.100,infinite # give "infinite" leases in this range
dhcp-option=option:dns-server,10.64.0.12,10.64.0.13 # use corporate DNS servers
dhcp-option=option:ntp-server,10.64.0.11 # tell DHCP clients to sync with this time server
dhcp-option=option:router,172.27.0.1 # don’t use this dnsmasq server as a gateway/default route
@johnsimcall
Copy link
Author

johnsimcall commented Sep 28, 2022
edited
Loading

I added an alternative 4-line minimal config today. There are more comment lines than actual config lines! 😊

If you're running dnsmasq on a RHEL bastion/utility server, you can...

  # install dnsmasq
yum install dnsmasq

  # add the config above to a new file at /etc/dnsmasq.d/my-site.conf 
vi /etc/dnsmasq.d/my-site.conf

  # allow dhcp (67/udp) through the firewall 
firewall-cmd --add-service dhcp --permanent
firewall-cmd --reload

  # turn on the dhcp/dns service, and make it run after reboots
systemctl enable --now dnsmasq

  # watch the logs
journalctl -flu dnsmasq

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment