Timotej Lazar
7907b6f0e5
This reverts commit 554bf1f711.
Turns out ISC dhcrelay will relay even unicast packets from clients. So
the DHCP server got both the routed and the relayed query.
This tells dnsmasq to tell clients to send everything through the relay.
Since everything now comes from the relay we can drop access from client
networks.
22 lines
593 B
Django/Jinja
22 lines
593 B
Django/Jinja
# disable DNS server
|
|
port = 0
|
|
|
|
# we are the only DHCP server
|
|
dhcp-authoritative
|
|
|
|
# instruct clients to also send unicast traffic through the relay
|
|
# prevents duplicate queries because ISC dhcrelay forwards everything anyway
|
|
dhcp-proxy
|
|
|
|
# don’t try to ping clients for duplicate IP check
|
|
# has 3 s timeout during which no other requests are processed
|
|
no-ping
|
|
|
|
bind-interfaces
|
|
interface = {{ interfaces | map(attribute='name') | join(',') }}
|
|
|
|
dhcp-option = option:dns-server,{{ dns | join(',') }}
|
|
dhcp-option = option:ntp-server,{{ ntp | join(',') }}
|
|
|
|
dhcp-script = /usr/local/bin/dns-update
|