Feature #9169
closed
Option for DHCP proxy to not override next-server
Description
The scenario is a DHCP server & TFTP server that is multihomed and listens on multiple networks for DHCP requests. For a build outside of Foreman, requests coming in on interface result in the server being built connecting to the TFTP server on that interface. For example, a request coming received on 10.0.10.50 (eth0), the TFTP server returned is 10.0.10.50. If the request comes in on 10.0.20.100 (eth1), the TFTP server used is 10.0.20.100.
Foreman and the smart-proxy are setting a "supersede next-server" option in DHCP that overrides this behavior and points all builds to 10.0.10.50. The relevant code is in : app/models/concerns/orchestration/dhcp.rb. The boot_server method uses the tftp_bootserver value in settings.yml or does a host lookup of the proxy server's hostname. The ability to have a third option, no "supersede next-server", would be helpful.
Another scenario where this would be an issue is if the next-server option was explicitly set in the dhcpd config for a subnet block.
Updated by Lukas Zapletal over 8 years ago
Foreman configures the boot_server option on Smart Proxy (YAML configuration file) automatically via the installer, this can be modified with --foreman-proxy-tftp-servername option.
When this configuration value is not present, Foreman uses Smart Proxy hostname as the boot server entry. It converts it to IP address, therefore DNS configuration must be correctly setup on the Server.
We will likely implement it as an option for subnet "Do not pass next-server". When checked, all new reservations for this subnets will not include "supersede server.next-server" option. Does this work for you? Or would you like to have this on per-host level?
Updated by Tim Rudolph over 8 years ago
Lukas Zapletal wrote:
Foreman configures the boot_server option on Smart Proxy (YAML configuration file) automatically via the installer, this can be modified with --foreman-proxy-tftp-servername option.
When this configuration value is not present, Foreman uses Smart Proxy hostname as the boot server entry. It converts it to IP address, therefore DNS configuration must be correctly setup on the Server.
We will likely implement it as an option for subnet "Do not pass next-server". When checked, all new reservations for this subnets will not include "supersede server.next-server" option. Does this work for you? Or would you like to have this on per-host level?
Option for the subnet would work just fine.
Updated by Dominic Cleal over 8 years ago
- Related to Bug #12619: multiple interfaces on on tftp smarthost added
Updated by The Foreman Bot over 8 years ago
- Status changed from New to Ready For Testing
- Pull request https://github.com/theforeman/foreman/pull/3360 added
Updated by The Foreman Bot over 8 years ago
- Pull request https://github.com/theforeman/smart-proxy/pull/398 added
Updated by Dominic Cleal almost 8 years ago
- Status changed from Ready For Testing to New
- Pull request deleted (
https://github.com/theforeman/smart-proxy/pull/398, https://github.com/theforeman/foreman/pull/3360)
Updated by Thomas Saquet about 7 years ago
Hello,
I have the same problem today. Is there a workaround to use the next-server option defined in my dhcpd conf ?
I tried to remove the option from settings, the behaviour does not change.
Thank you in advance for your help :)
Thomas
Updated by Chris B about 6 years ago
I've run into this issue as well and do not see a feature in 1.15.6 to allow disabling of Foreman adding the next-server directive.
I have resorted to commenting out line 45 of /usr/share/foreman-proxy/modules/dhcp_common/isc/omapi_provider.rb to resolve this on my end for now:
#statements << bootServer(options[:nextServer]) if options[:nextServer]
Updated by Lukas Zapletal almost 6 years ago
- Status changed from New to Closed
- Fixed in Releases 1.18.3 added
Hello all, it is now possible to prevent Foreman from sending DHCP filename option. This can be done easily by using PXE Loader flag set to "None". Then filename option will be used as defined in the dhcpd.conf on global level.
I am closing this since this is available in Foreman 1.15+.
Updated by Russell Holloway over 5 years ago
Lukas Zapletal wrote:
Hello all, it is now possible to prevent Foreman from sending DHCP filename option. This can be done easily by using PXE Loader flag set to "None". Then filename option will be used as defined in the dhcpd.conf on global level.
I am closing this since this is available in Foreman 1.15+.
Hmm, perhaps I'm misunderstanding, but this feature doesn't quite seem to align with request. I did verify that using PXE Loader = None the filename will use global, but nextServer is still set which is what I understood this issue to be about.
I still had to use the workaround of manually adjusting the template to comment out nextServer in order to get my setup to boot and use global next-server, although my root cause was slightly different than OP.
Updated by Lukas Zapletal over 5 years ago
- Status changed from Closed to New
- Fixed in Releases deleted (
1.18.3)
I can confirm, I misread it. Valid feature request. If you grep for nextServer string in Foreman core code base, you will find here:
app/models/concerns/orchestration/dhcp.rb
120: dhcp_attr[:nextServer] = boot_server
A host variable can be introduced to skip this line, smart-proxy will then skip adding it into the conf file. Feel free to send a PR it is easy to do, just add a test.
Updated by Ewoud Kohl van Wijngaarden almost 5 years ago
Isn't it sufficient to not select a TFTP proxy? My reading of the boot_server function is that it then returns nil and the smart proxy will not write the entry. Note that I didn't test this.
Updated by Lukas Zapletal almost 5 years ago
Well, it does not work and the bug is valid. I have tried this today with develop, created a host with None PXELoader and the entry was created with next-server:
host mac52c613dd1542.nat.lan {
dynamic;
hardware ethernet 52:c6:13:dd:15:42;
fixed-address 192.168.99.221;
supersede server.next-server = c0:a8:64:01;
supersede host-name = "mac52c613dd1542.nat.lan";
}
Updated by The Foreman Bot almost 5 years ago
- Status changed from New to Ready For Testing
- Assignee set to Lukas Zapletal
- Pull request https://github.com/theforeman/foreman/pull/6987 added
Updated by Lukas Zapletal almost 5 years ago
- Status changed from Ready For Testing to Closed
Applied in changeset 99f3d23f9487f25f3b1a5a37930b138ccdba8880.