Solved Any jail friendly DHCP servers?

[abishai]

Are there any jail friendly DCHP servers? Handbook mentions net/isc-dhcp43-server (actually, the previous version), but it bind to all interfaces on a host.
/etc/rc.conf

dhcpd_enable="YES"
dhcpd_ifaces="em0"

/usr/local/etc/rc.d/isc-dhcpd start

Starting dhcpd.
Internet Systems Consortium DHCP Server 4.3.2
Copyright 2004-2015 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Config file: /usr/local/etc/dhcpd.conf
Database file: /var/db/dhcpd/dhcpd.leases
PID file: /var/run/dhcpd/dhcpd.pid
Wrote 0 leases to leases file.
Listening on BPF/em0/bc:ae:c5:91:74:2c/10.0.3.0/24
Sending on  BPF/em0/bc:ae:c5:91:74:2c/10.0.3.0/24
Sending on  Socket/fallback/fallback-net

sockstat -l |grep dhcp

dhcpd  dhcpd  1075  7  udp4  *:67  *:*
dhcpd  dhcpd  1075  20 udp4  *:63386  *:*

 

[Wozzeck]

but it binds to all interfaces on a host

What do you mean? With dhcpd_ifaces variable you ask the server to listen on em0 interface, and this is exactly what it does

I have this DHCP server setup in a jail connected through different interfaces with :

dhcpd_ifaces="LAN10123 LAN20123 LAN00123"

Where LANxxx are virtual interfaces not physical for example bridges, virtual network.
Jail is connected to these virtual interfaces not to the physical ones.

When I discard any of the interface of the list so the server will "beep" at startup as he is unable to find an interface for the specific network definition if I have forgotten to deactivate this network in the dhcpd.conf file.

 

[storvi_net]

There was exactly the same discussion some time ago:
https://forums.freebsd.org/threads/dnsmasq-server-in-jail-dns-works-dhcp-doesnt.52775/

Regards
Markus

 

[abishai]

What do you mean ? With dhcpd_ifaces variable you ask the server to listen on em0 interface, and this is exactly what it does

* on the last example shows another. 67 port is opened for all interfaces.

 

[junovitch@]

The sockstat is a bit deceiving. Remember that dhcpd(8) needs to listen for broadcasts to 255.255.255.255 and accept those to give an IP. Check netstat -B and you should find that dhcpd(8) is only listening on the interfaces you asked for using bpf(4).

# netstat -B

  Pid  Netif   Flags    Recv      Drop  Match Sblen Hblen Command
66910  bridge0 -ifs---  12076906  0     13    0     0     dhcpd
28373  wlan0   -i-s---  234707    0     35    0     0     hostapd
50316  pflog0  p--s--l  10600     0     10600 0     0     pflogd
66910  em2     -ifs---  44708     0     164   0     0     dhcpd

My associated /etc/rc.conf:

dhcpd_enable="YES"
dhcpd_ifaces="bridge0 em2"

 

[abishai]

Ah, I see now. Thank you.