SDN DHCP with dnsmasq generates static leases only and ignores configured DHCP ranges

A

aryapramudika

Member
Mar 20, 2024
1
0
6
Hi,

I'm testing SDN DHCP on Proxmox VE 9.2.3 following the official documentation:

https://pve.proxmox.com/wiki/Setup_Simple_Zone_With_SNAT_and_DHCP

Environment

  • Proxmox VE 9.2.3
  • libpve-network-perl 1.6.6
  • dnsmasq 2.91
  • Single-node setup
SDN Configuration

Zone:

simple: local
ipam pve
dhcp dnsmasq

VNet:

vnet: net172
zone local

Subnet:

subnet: local-172.20.21.0-24
vnet net172
dhcp-range start-address=172.20.21.2,end-address=172.20.21.254
gateway 172.20.21.1
snat 1

The bridge interface is correctly created:

net172: 172.20.21.1/24

Problem

VMs connected to the SDN VNet never receive a DHCP lease.

Packet capture shows DHCPDISCOVER packets reaching the bridge:

DHCPDISCOVER from VM

but no DHCPOFFER is ever sent.

dnsmasq logs

DHCP, static leases only on 172.20.21.0, lease time infinite
cannot read /etc/dnsmasq.d/local/ethers: No such file or directory
DHCPDISCOVER(net172) xx:xx:xx:xx:xx:xx ignored

Generated dnsmasq configuration

Proxmox generates:

dhcp-hostsfile=/etc/dnsmasq.d/local/ethers
dhcp-ignore=tag:!known

dhcp-range=set:local-172.20.21.0-24,172.20.21.0,static,255.255.255.0,infinite
dhcp-option=tag:local-172.20.21.0-24,option:router,172.20.21.1
interface=net172

Findings

Looking at:

/usr/share/perl5/PVE/Network/SDN/Dhcp/Dnsmasq.pm

I found:

push @{$config}, "dhcp-range=set:$tag,$network,static,$mask,infinite";

which appears to intentionally generate static leases only.

The configured DHCP range:

172.20.21.2 - 172.20.21.254

is not reflected in the generated dnsmasq configuration.

Workaround

If I manually create:

/etc/dnsmasq.d/local/ethers

and add:

bc:24:11:05:ba:67,172.20.21.10

then restart dnsmasq, the VM successfully receives a DHCP lease.

Question

Is this the expected behavior for SDN DHCP with ipam pve in Proxmox VE 9?

If so, how are dynamic DHCP leases supposed to be allocated and how is the ethers file expected to be populated automatically?

Or is this a regression/bug where DHCP ranges are not being translated into dynamic dnsmasq pools?

Thanks.
 
Hi @aryapramudika

thanks for posting in the forum!

aryapramudika said:
Is this the expected behavior for SDN DHCP with ipam pve in Proxmox VE 9?
Click to expand...
No that would defeat the purpose of DHCP in that context.

I tried this setup on a local machine just now and it works on my end.

From my understanding this sounds like there was no DHCP "reservation"/configuration for your VM at the time, that's why there was no ethers file.
Was there an entry for the VM-ID and -MAC in the SDN -> IPAM tab?

If not you have two options:
  1. Manually create the to be assigned DHCP address in the aforementioned IPAM tab with the plus symbol on the right
  2. Activate the "Automatic DHCP" in the configuration of the simple Zone, see [1]
The DHCP range in this case is a little bit misleading, as one is generally used to the fact that the DHCP range is automatically used as an IP address pool, but as long as the latter option is not activated, this works differently.

Secondly an issue i ran into is, with the Firewall enabled you of course have to allow DHCP traffic on the gateway interface or else the DHCPDISCOVER packets won't reach dnsmasq.

Yours sincerely
Jonas

[1] https://pve.proxmox.com/wiki/Setup_...tomatic DHCP' option in the advanced settings
 
You must log in or register to reply here.
Top Bottom
Back