Bug 126637
Summary: | DHCP lease renewals overwrite /etc/resolv.conf thereby throwing away nameservers needed by VPN | ||
---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Mohit Aron <mohit_aron> |
Component: | dhcp | Assignee: | Jason Vas Dias <jvdias> |
Status: | CLOSED ERRATA | QA Contact: | |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 2 | CC: | k.georgiou |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i686 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | dhcp-3.0.1-7 | Doc Type: | Bug Fix |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2004-08-20 14:50:01 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Mohit Aron
2004-06-24 02:47:05 UTC
Why are reporting a Redhat linux 9 "bug" to fedora core 2? I don't know about dhcpclient but for dhclient there is a configuration file called dhclient.conf where you can adjust the behaviour of dhclient to your needs. Maybe the supersede / prepend statements in combination with domain-name-servers could keep dhclient from or restore the values for your name servers. Maybe you could configure the DHCP server not to provide values the DHCP client does not need. So, is this a bug at all? I'm reporting the bug against Fedora core 2 because I didn't find "Redhat Linux" in the list of options that bugzilla offered. I thought Fedora probably inherited the bug, so filed against that. The other close option was "Redhat Enterprise Linux" - I believe that's not a free version anymore - so decided against filing on that. I've checked the dhcpclient.conf man page. Notice that my dhcp client needs the nameserver information from the router the first time. But on lease renewal, it doesn't need that information. There doesn't seem to be a way to specify this. I believe the default behavior of dhcpclient should be such as to not overwrite /etc/resolv.conf if the lease renewal doesn't change any of the earlier parameters. I don't think that dhcpclient overwrites resolv.conf. In the case of
dhclient it's dhclient-script that updates resolv.conf. The man page
for dhclient-script states:
>This script is not meant to be customized by the end user. If
local >customizations are needed, they should be possible using the
enter and >exit hooks provided (see HOOKS for details). These hooks
will allow >the user to override the default behaviour of the
client in creating a >/etc/resolv.conf file.
Hope this helps.
I can certainly put a shell script in /etc/dhclient-enter-hooks that overrides the default behavior of overwriting /etc/resolv.conf. However, the reason I've filed this bug is to help Linux become more usable towards an ordinary user who doesn't know how to write shell scripts and/or such deep system level details. It'll be nice if such common ways to change the behavior of the dhclient-script are already provided. The situation u describe is mentioned in the man page of dhclient-script as well, so maybe u can either help yourself using your skills or wait for a new version of dhclient-script. There is no point in filing this bug which is even mentioned in the man page, is there? dhclient-script BUGS If more than one interface is being used, there's no obvious way to void clashes between server-supplied configuration parameters - for example, the stock dhclient-script rewrites /etc/resolv.conf. If more than one interface is being configured, /etc/resolv.conf will be repeatedly initialized to the values provided by one server, and then the other. Assuming the information provided by both servers is valid, this shouldn't cause any real problems, but it could be confusing. It might be true that the man page of dhclient-script mentions the bug. However, unless someone reports problems, it is not going to be fixed at a high priority. In addition, the man page is biased in thinking thatit won't "cause any real problems". The issue is, for people using VPN over a dhcp interface, this is a real problem. Many more people are likely to be using VPN over an interface than two separate interfaces.I don't think the man page recognizes that. I'll appreciate if this bug can be left open so it is fixed at a higher priority than otherwise. Please recognize that it is bugs such as these that prevent Linux from becoming more accessible to non-geeks. The reason why I spent my time with your problem was that you gave the
impression of being lost:
>So everytime my Redhat linux box renews its dhcp lease, I have to
>manually edit /etc/resolv.conf
That's why I mentioned how you can configure dhclient-script to match
your needs. Sorry for not having realized immediately that you were an
expert trying to save the non geeks.
With dhclient-3.0.1-+ (current version) you can add this line to /etc/dhclient-${interface}.conf (eg. /etc/dhclient-eth0.conf if the interface being configured with DHCP is eth0) : ' prepend domain-name-servers ns1.myvpn.com ns2.myvpn.com; ' This will add the nameservers ns1.myvpn.com ns2.myvpn.com to the beginning of the list of nameservers retrieved from DHCP - or ' append domain-name-servers ns1.myvpn.com ns2.myvpn.com; ' to add them at the end; or ' supersede domain-name-servers ns1.myvpn.com ns2.myvpn.com; ' to replace the nameservers supplied by DHCP server entirely. I hope this helps. An advisory has been issued which should help the problem described in this bug report. This report is therefore being closed with a resolution of ERRATA. For more information on the solution and/or where to find the updated files, please follow the link below. You may reopen this bug report if the solution does not work for you. http://rhn.redhat.com/errata/RHBA-2004-566.html |