/etc/network/interfaces vs dhclient -s

nahkhiirmees · 2022-07-24 19:40:35

When i say in /etc/network/interfaces : iface eth0 inet dhcp , command "/sbin/ifup eth0" activates dhclient.
By default, dhclient broadcasts DHCPDISCOVER-messages to all hosts(255.255.255.255).
But what if want to say which server dhclient sends it requests?
It is possible to say "reject a.b.c.d/mask" in /etc/dhcp/dhclient.conf but that's not what i mean.

Then i tried /sbin/dhclient --help:

Usage: dhclient [-4|-6] [-SNTPRI1dvrxi] [-nw] [-p <port>] [-D LL|LLT]
[--dad-wait-time <seconds>] [--prefix-len-hint <length>]
[--decline-wait-time <seconds>]
[--address-prefix-len <length>]
[-s server-addr] [-cf config-file]
[-df duid-file] [-lf lease-file]
[-pf pid-file] [--no-pid] [-e VAR=val]
[-sf script-file] [interface]*
dhclient {--version|--help|-h}

it seems that "-s" - option is what i want.
But how i should edit /etc/network/interfaces so that "-s server_ip"-option goes to dhclient when i bring eth0 up with /sbin/ifup?
I guess "pre-up <command>" or "up <command>" are the things that i should add to /e/n/interfaces. But exactly what commands?
Should i bring eth0 up with temporary address by using "ip" command? And after that "dhclient -s <server_ip>" ? Or is dhclient enough?
I'm not a completely newbie with computers or linux but haven't tried this kind of thing before.

Last edited by nahkhiirmees (2022-07-25 11:28:19)

Head_on_a_Stick · 2022-07-24 19:49:22

I think the option should be applied as per dhclient.conf(5).

Disclaimer: I don't use dhclient.

nahkhiirmees · 2022-07-24 20:24:34

I'm not exactly sure there's a keyword in dhclient.conf for what i want. server-name "string"; seems closest thing. I guess i can try that (tomorrow).

nahkhiirmees · 2022-07-25 10:46:52

nahkhiirmees wrote:

When i say in /etc/network/interfaces : iface eth0 inet dhcp , command "/sbin/ifup eth0" activates dhclient.
By default, dhclient broadcasts DHCPREQUEST-messages to all hosts.
But what if want to say which server dhclient sends it requests?

Of course i meant DHCPDISCOVER , not DHCPREQUEST.
Maybe i'll try that "server-name" thing but somehow i doubt that's the thing that i'm after.

And from these pages:

https://manpages.org/etc-network-interfaces/5
https://manpages.org/etc-network-interfaces/5

i noticed the "manual" keyworḍ. Combining that with "up" or "pre-up" seems interesting. I could give commands that way. Commands like "dhclient -s" for example. But do i have to do something to the network interface before invoking dhclient?
I noticed, from /sbin/dhclient-script that there is this command called "ip". It seems it can do many things.
Unfortunately i'm not familiar with "ip" command, so some help would be appreciated,

Last edited by nahkhiirmees (2022-07-25 11:08:08)

nahkhiirmees · 2022-07-25 11:07:23

I tried some commands today:

1.sudo /sbin/ifdown eth0 + unplug the ethernet cable
2. /sbin/ifconfig says:

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
RX packets xxx bytes yyyyyy (yyy.y KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets xxx bytes zzzzzz (zzz.z KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

3. find dhcp server address from /var/lib/dhcp/dhclient.eth0.leases
3,5. plug ethernet cable back in
4. sudo /sbin/dhclient -s <server_addr> eth0
5. after some waiting, give command /sbin/ifconfig, result:

eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet6 fe80::<something> prefixlen 64 scopeid 0x20<link>
ether <something> txqueuelen 1000 (Ethernet)
RX packets xxxxx bytes xxxxxxxxx (xxx.x MiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets yyyyy bytes yyyyyyyy (y.y MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0

lo: flags=73<UP,LOOPBACK,RUNNING> mtu 65536
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 1000 (Local Loopback)
...

so the dhclient command by itself is not enough unless i want to change to ipv6. But not just yet. Let's make ipv4 work first.
And i guess that "ip" commands in /sbin/dhclient-script are there for a reason. So, what kind of "ip"-command should i use?

nahkhiirmees · 2022-07-27 17:20:25

Is it possible to restrict the target address where dhclient sends DHCPDISCOVER messages?
The output of "/sbin/dhclient --help" and https://linux.die.net/man/5/dhclient-options part "option dhcp-server-identifier ip-address; " make me think it is possible.
Ok i guess i could try with iptables, drop ports 67,68 from all unwanted servers or accept only from the server i want to. But for iptables to work, i have to set up the network interface eth0 , right? Kind of a chicken-and-egg situation.

nahkhiirmees · 2022-07-28 15:51:58

Ok, i found out that i can alter iptables rules without activating ethernet interface. So chicken-and-egg can be avoided. But i'm not sure that iptables rules i added, are restricting packets from port 67. I'll try again later.

GlennW · 2022-07-28 22:50:57

if you have a connection to the internet you may try Sheildsup (press "Proceed") "All Service Ports" https://www.grc.com/shieldsup

it will "Determine the status of your system's first 1056 ports".

Quick and easy.

Last edited by GlennW (2022-07-28 22:51:50)

ralph.ronnquist · 2022-07-29 00:00:17

@nahkhiirmees: you might rather want to use the reject statement in the client host's /etc/dhcp/dhclient.conf. See man dhclient.conf for details.

nahkhiirmees · 2022-07-29 18:12:07

I know how to use "reject" in dhclient.conf .
When i say "/sbin/ifup eth0" , ifup starts dhclient and that sends DHCPDISCOVER-message to broadcast address.
The "reject" - statement reject responses from unwanted servers.

On the other hand, if dhclient sends DHCPDISCOVER-messages only to a server mentioned in "-s" option , "reject" may not be necessary.

(man page of dhclient says: " -s server-addr
Specify the server IP address or fully qualified domain name to
use as a destination for DHCP protocol messages before dhclient
has acquired an IP address. Normally, dhclient transmits these
messages to 255.255.255.255 (the IP limited broadcast address)")

That made me think, how can i pass "-s server" to dhclient from ifup? I'm yet to figure out if it is even possible.
Those "up", "pre-up" , "manual" keywords in /etc/network/interfaces seemed interesting. Maybe with those i could gain more control, how i set up network interface.

Command "dhclient -s something" by itself is not enough to activate the interface and associate ip address with it. I have tried.

I don't actually need this thing i'm trying. I just like to find out another way of doing things. (Just using /etc/network/interfaces instead of NetworkManager is not radical enough
I have read /usr/share/doc/ifupdown/examples and it seems that it does not contain exactly the thing i'm after .

Last edited by nahkhiirmees (2022-07-29 18:40:50)

ralph.ronnquist · 2022-07-29 22:51:13

Yes, one way would be to change the "method" for eth0 in (/etc/network/interface) from dhcp to manual and instead have the dhclient command as an up command (i.e. to be run after that the interface is brought up at link level).

To do that you would first run it as dhcp, then use pgrep dhclient to get hold of the full command to run, which you copy to be the up, with your modifications.

The officially official Devuan Forum!

#1 2022-07-24 19:40:35

/etc/network/interfaces vs dhclient -s

#2 2022-07-24 19:49:22

Re: /etc/network/interfaces vs dhclient -s

#3 2022-07-24 20:24:34

Re: /etc/network/interfaces vs dhclient -s

#4 2022-07-25 10:46:52

Re: /etc/network/interfaces vs dhclient -s

#5 2022-07-25 11:07:23

Re: /etc/network/interfaces vs dhclient -s

#6 2022-07-27 17:20:25

Re: /etc/network/interfaces vs dhclient -s

#7 2022-07-28 15:51:58

Re: /etc/network/interfaces vs dhclient -s

#8 2022-07-28 22:50:57

Re: /etc/network/interfaces vs dhclient -s

#9 2022-07-29 00:00:17

Re: /etc/network/interfaces vs dhclient -s

#10 2022-07-29 18:12:07

Re: /etc/network/interfaces vs dhclient -s

#11 2022-07-29 22:51:13

Re: /etc/network/interfaces vs dhclient -s

Board footer