Re: dhcpcd ignores netmask from server, installs /8 or /24 instead

[Roy Marples <roy%marples.name@localhost>]

On Friday 12 Dec 2014 19:03:05 John D. Baker wrote:
> On Sat, 13 Dec 2014, Roy Marples wrote:
> > On Friday 12 Dec 2014 17:40:06 John D. Baker wrote:
> > > Clever as 'dhcpcd' may be, I gave it a shot but it's just not the right
> > > tool for this situation--netmask issues aside.
> > 
> > netmask issues aside, why is dhcpcd not the right tool so they can be
> > addressed please?
> > dhclient has long be slated for removal from base.
> 
> I require an equivalent to 'dhclient's ability to install an alias
> address.  While the dynamic address should be primary, I need an alias
> so I can access the configuration/troubleshooting interface in my ADSL
> bridge.  (I have a suitable NAT rule in the firewall configuration.)
> 
> If 'dhcpcd' already posesses this ability, it is not clear how it is
> configured.

dhcpcd doesn't configure an alias address.
But, unlike dhclient, it won't remove any existing addresses on the interface 
either. So you can configure it as you would in rc.conf.

> In my early experiments, if the lease expired without renewal (upstream
> router falls over for 3-8 hours), when a new lease was acquired my
> manually-installed alias was promoted to the primary address and the
> new dynamic address was installed as an alias--this broke my NAT/filter
> as my rules (in 'pf') insist on the primary ("if_foo:0") address for
> general NAT and filtering.
> 
> While the "noalias" directive fixed that, it also removed my alias
> address, requiring manual intervention to reinstall it before I could
> access the ADSL bridge's configuration/troubleshooting interface.

Yes, noalias isn't good for this problem.
I don't have a good solution for that right now, but can suggest putting this 
in /etc/dhcpcd.exit-hook

if $if_up; then
   # Add our alias
    ifconfig $interface alias 1.2.3.4/8
elif $if_down; then
   # Remove the alias to ensure the DHCP address will become primary
    ifconfig $interface -alias 1.2.3.4/8
fi

I didn't know until now this could even be a problem - adding code to dhcpcd 
to ensure the DHCP derived address is always "primary" shouldn't be a problem.
I'll work on it when I have time, but until then the above script should 
suffice, maybe with tweaking.

> I'd like something akin to 'dhclient's "prepend" and "supersede" directives
> for various DHCP options.  In particular, to enforce the use of my own
> NTP servers and prefer the use of my own DNS servers.  I've worked around
> it by using the "no-hook" directive with the relevant hook scripts and
> maintaining a static "/etc/resolv.conf" and "/etc/ntp.conf".
> 
> I tried using the "static foo-option args..." directive in "dhcpcd.conf",
> but they were ignored, or added AFTER the data from the DHCP server.
> 
> Perhaps in conjuction with the "no-option" directive to suppress
> undesired options?

So there a reason why you don't remove or suppress the options to request DNS 
and NTP servers in dhcpcd.conf?

Anyway, for prepend and append - DNS is handled by resolvconf(8) and its config 
file resolvconf.conf(5). And for NTP, dhcpcd will always add it's stuff at the 
end of your ntp.conf(5) file, but NTP has a different mechanism for working out 
which servers to actually use. I don't see a need for prepend or supercede 
here  - you either want to include the DHCP NTP servers or you don't and that 
can be handled by not requesting the options in the first place.

Thanks

Roy