dnsmasq DHCP lease time is only 2 min

0

All DHCPOFFERs I get from dnsmasq have a IP lease time of 2min and it ignores the options to change it.

More Details:

I have two routers on my network:

  • AVM FritzBox 7390 (192.168.0.1)
    • VDSL2 Modem
    • Base for DECT Phones
    • Actual routing to the internet
  • Netgear R7000 (running FreshTomato firmware, 192.168.0.2)
    • WiFi access point
    • DHCP Server

My internal DNS is a Pi-Hole running in a Docker Container on my server. (192.168.0.100)

The DHCP Server that FreshTomato brings is a dnsmasq and I need it to tell new clients the following config:

  • IP In range 192.168.0.50 - ...80
  • IP Lease Time ~1 day
  • Router is the FritzBox (192.168.0.1)
  • DNS Servers are Pi-Hole (192.168.0.100) and alternatively the FritzBox (192.168.0.1)

So I put all this info into the R7000's UI and when I save the config the following config file for dnsmasq is generated:

pid-file=/var/run/dnsmasq.pid
resolv-file=/etc/resolv.dnsmasq
addn-hosts=/etc/dnsmasq
dhcp-hostsfile=/etc/dnsmasq
expand-hosts
min-port=4096
interface=br0
dhcp-range=tag:br0,192.168.0.50,192.168.0.80,255.255.255.0,1440m
dhcp-option=tag:br0,3,192.168.0.1
dhcp-lease-max=255
dhcp-authoritative
log-queries
dhcp-option=6,192.168.0.100,192.168.0.1

Looks valid to me, when I test the DHCP config using this neat little nmap script:

nmap --script broadcast-dhcp-disccover

I get the following answer:

| broadcast-dhcp-discover:
|   Response 1 of 1:
|     IP Offered: 192.168.0.71
|     DHCP Message Type: DHCPOFFER
|     Server Identifier: 192.168.0.2
|     IP Address Lease Time: 2m00s
|     Renewal Time Value: 1m00s
|     Rebinding Time Value: 1m45s
|     Subnet Mask: 255.255.255.0
|     Broadcast Address: 192.168.0.255
|     Domain Name Server: 192.168.0.100, 192.168.0.1
|_    Router: 192.168.0.1

Everything is correct except that the IP lease time is only 2 minutes. Some devices (3 Smartphones and 2 Android Tables) in my network don't like that short lease time and loose their WiFi connection every minute.

Does anyone know what I did wrong?

Fun Fact: I just flashed FreshTomato, before that I used DD-WRT which had the exact same problem with dnsmasq.

Edit after a few more tests

I created a small test environment for dnsmasq to test some configurations:

  • a Docker Container running dnsmasq
  • a second Container running that nmap script in a loop

What I found out is: When I specify the lease time in the dhcp-range line, it is simply ignored.

I discoverd that it is possible to set the DHCP options directly via their tags assigned by IANA (https://www.iana.org/assignments/bootp-dhcp-parameters/bootp-dhcp-parameters.xml)

When I set the DHCP Lease time with dhcp-option=51,48h the lease time is changed but the renewal and rebind times aren't.

Setting them with their tags 58 and 59 with

dhcp-option=58,24h # DHCP Renewal (T1) Time
dhcp-option=59,42h # DHCP Rebinding (T2) Time

didn't help, since the result I got was:

IP Address Lease Time: 2d00h00m00s
Renewal Time Value: 1m00s
Rebinding Time Value: 1m45s

NerdyMcNerd

Posted 2019-07-15T19:03:13.430

Reputation: 1

1Sounds like it’s somehow reverting to the minimum supported lease time. Maybe try OpenWrt, if available. – Daniel B – 2019-07-15T19:22:28.037

@DanielB, I'd like to use OpenWRT but it does not support WiFi on the R7000, due to the lack of FOSS drivers. I think it may be an issue with dnsmaq, since it happened with DD-WRT's dnsmasq too. – NerdyMcNerd – 2019-07-16T06:47:58.643

What versions of dd-wrt/openwrt did you try? – Tim_Stewart – 2019-07-16T19:48:44.470

I tried: DD-WRT 3.0 Beta Build 37305 and FreshTomato 2019.3.118 -beta. FreshTomato uses dnsmasq version 2.80-343b7b4. – NerdyMcNerd – 2019-07-17T20:08:22.463

Answers

0

Are you sure that dnsmasq picked up the changes? I ran into some issues at times where the daemon would not properly restart. Try rebooting the router to see if the configuration changes are actually picked up that way. If you don't want to reboot, just restart dnsmasq and check it has a new PID after the restart.

By the way, have you considered the possibility that your DHCP server is indeed responding correctly but that the nmap script is buggy? I just ran that command in my LAN and got the same response. When I checked in syslog, I was able to verify that the leases were indeed much longer.

MAV

Posted 2019-07-15T19:03:13.430

Reputation: 1

Hey @MAV, thanks for the answer but i checked both the dnsmasq and the nmap script:
when i enable the dhcp server of the fritzbox it shows a lease time of 2 days and I still get the 2min times after a router reboot. Even though changes of the DHCP range are applied. – NerdyMcNerd – 2019-07-20T09:20:34.897

Hi, I just re-checked the DHCPOFFERs using wireshark, the output of the nmap script is correct. – NerdyMcNerd – 2019-07-27T12:25:29.820

Asked: 2019-07-15T19:03:13.430

Viewed: 442 times

Active: 2019-07-27T12:55:20.967