From 9901e243c9d430fd399b3fcf9733d5ead660c2c7 Mon Sep 17 00:00:00 2001 From: Luca Di Stefano Date: Wed, 6 Jan 2021 14:15:00 +0000 Subject: Added TF dhcp server configuration Change-Id: I2c96207cddc3409d91c80362dedb9becc2ac5b85 --- dhcp/tf.validation.linaro.org/debug | 38 ++++++++ .../dhclient-enter-hooks.d/debug | 1 + .../dhclient-exit-hooks.d/debug | 1 + .../dhclient-exit-hooks.d/ntp | 64 ++++++++++++ .../dhclient-exit-hooks.d/rfc3442-classless-routes | 78 +++++++++++++++ .../dhclient-exit-hooks.d/timesyncd | 42 ++++++++ dhcp/tf.validation.linaro.org/dhclient.conf | 54 +++++++++++ dhcp/tf.validation.linaro.org/dhcpd.conf | 38 ++++++++ dhcp/tf.validation.linaro.org/dhcpd.old | 107 +++++++++++++++++++++ dhcp/tf.validation.linaro.org/dhcpd6.conf | 102 ++++++++++++++++++++ dhcp/tf.validation.linaro.org/static-lease.conf | 76 +++++++++++++++ 11 files changed, 601 insertions(+) create mode 100644 dhcp/tf.validation.linaro.org/debug create mode 120000 dhcp/tf.validation.linaro.org/dhclient-enter-hooks.d/debug create mode 120000 dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/debug create mode 100644 dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/ntp create mode 100644 dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/rfc3442-classless-routes create mode 100644 dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/timesyncd create mode 100644 dhcp/tf.validation.linaro.org/dhclient.conf create mode 100644 dhcp/tf.validation.linaro.org/dhcpd.conf create mode 100644 dhcp/tf.validation.linaro.org/dhcpd.old create mode 100644 dhcp/tf.validation.linaro.org/dhcpd6.conf create mode 100644 dhcp/tf.validation.linaro.org/static-lease.conf (limited to 'dhcp') diff --git a/dhcp/tf.validation.linaro.org/debug b/dhcp/tf.validation.linaro.org/debug new file mode 100644 index 0000000..593e7df --- /dev/null +++ b/dhcp/tf.validation.linaro.org/debug @@ -0,0 +1,38 @@ +# +# The purpose of this script is just to show the variables that are +# available to all the scripts in this directory. All these scripts are +# called from dhclient-script, which exports all the variables shown +# before. If you want to debug a problem with your DHCP setup you can +# enable this script and take a look at /tmp/dhclient-script.debug. + +# To enable this script set the following variable to "yes" +RUN="no" + +if [ "$RUN" = "yes" ]; then + echo "$(date): entering ${1%/*}, dumping variables." \ + >> /tmp/dhclient-script.debug + + # loop over the 4 possible prefixes: (empty), cur_, new_, old_ + for prefix in '' 'cur_' 'new_' 'old_'; do + # loop over the DHCP variables passed to dhclient-script + for basevar in reason interface medium alias_ip_address \ + ip_address host_name network_number subnet_mask \ + broadcast_address routers static_routes \ + rfc3442_classless_static_routes \ + domain_name domain_search domain_name_servers \ + netbios_name_servers netbios_scope \ + ntp_servers \ + ip6_address ip6_prefix ip6_prefixlen \ + dhcp6_domain_search dhcp6_name_servers ; do + var="${prefix}${basevar}" + eval "content=\$$var" + + # show only variables with values set + if [ -n "${content}" ]; then + echo "$var='${content}'" >> /tmp/dhclient-script.debug + fi + done + done + + echo '--------------------------' >> /tmp/dhclient-script.debug +fi diff --git a/dhcp/tf.validation.linaro.org/dhclient-enter-hooks.d/debug b/dhcp/tf.validation.linaro.org/dhclient-enter-hooks.d/debug new file mode 120000 index 0000000..ee34fdc --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhclient-enter-hooks.d/debug @@ -0,0 +1 @@ +../debug \ No newline at end of file diff --git a/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/debug b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/debug new file mode 120000 index 0000000..ee34fdc --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/debug @@ -0,0 +1 @@ +../debug \ No newline at end of file diff --git a/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/ntp b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/ntp new file mode 100644 index 0000000..eedf6d9 --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/ntp @@ -0,0 +1,64 @@ +NTP_CONF=/etc/ntp.conf +NTP_DHCP_CONF=/run/ntp.conf.dhcp + + +ntp_server_restart() { + invoke-rc.d ntp try-restart +} + + +ntp_servers_setup_remove() { + if [ ! -e $NTP_DHCP_CONF ]; then + return + fi + rm -f $NTP_DHCP_CONF + ntp_server_restart +} + + +ntp_servers_setup_add() { + if [ -e $NTP_DHCP_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then + return + fi + + if [ -z "$new_ntp_servers" ]; then + ntp_servers_setup_remove + return + fi + + tmp=$(mktemp "$NTP_DHCP_CONF.XXXXXX") || return + chmod --reference=$NTP_CONF $tmp + chown --reference=$NTP_CONF $tmp + + ( + echo "# This file was copied from $NTP_CONF with the server options changed" + echo "# to reflect the information sent by the DHCP server. Any changes made" + echo "# here will be lost at the next DHCP event. Edit $NTP_CONF instead." + echo + echo "# NTP server entries received from DHCP server" + for server in $new_ntp_servers; do + echo "server $server iburst" + done + echo + sed '/^[[:space:]]*\(server\|peer\|pool\)[[:space:]]/d' $NTP_CONF + ) >>$tmp + + mv $tmp $NTP_DHCP_CONF + + ntp_server_restart +} + + +ntp_servers_setup() { + case $reason in + BOUND|RENEW|REBIND|REBOOT) + ntp_servers_setup_add + ;; + EXPIRE|FAIL|RELEASE|STOP) + ntp_servers_setup_remove + ;; + esac +} + + +ntp_servers_setup diff --git a/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/rfc3442-classless-routes b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/rfc3442-classless-routes new file mode 100644 index 0000000..1ef7b8a --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/rfc3442-classless-routes @@ -0,0 +1,78 @@ +# set classless routes based on the format specified in RFC3442 +# e.g.: +# new_rfc3442_classless_static_routes='24 192 168 10 192 168 1 1 8 10 10 17 66 41' +# specifies the routes: +# 192.168.10.0/24 via 192.168.1.1 +# 10.0.0.0/8 via 10.10.17.66.41 + +RUN="yes" + + +if [ "$RUN" = "yes" ]; then + if [ -n "$new_rfc3442_classless_static_routes" ]; then + if [ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ]; then + + set -- $new_rfc3442_classless_static_routes + + while [ $# -gt 0 ]; do + net_length=$1 + via_arg='' + + case $net_length in + 32|31|30|29|28|27|26|25) + if [ $# -lt 9 ]; then + return 1 + fi + net_address="${2}.${3}.${4}.${5}" + gateway="${6}.${7}.${8}.${9}" + shift 9 + ;; + 24|23|22|21|20|19|18|17) + if [ $# -lt 8 ]; then + return 1 + fi + net_address="${2}.${3}.${4}.0" + gateway="${5}.${6}.${7}.${8}" + shift 8 + ;; + 16|15|14|13|12|11|10|9) + if [ $# -lt 7 ]; then + return 1 + fi + net_address="${2}.${3}.0.0" + gateway="${4}.${5}.${6}.${7}" + shift 7 + ;; + 8|7|6|5|4|3|2|1) + if [ $# -lt 6 ]; then + return 1 + fi + net_address="${2}.0.0.0" + gateway="${3}.${4}.${5}.${6}" + shift 6 + ;; + 0) # default route + if [ $# -lt 5 ]; then + return 1 + fi + net_address="0.0.0.0" + gateway="${2}.${3}.${4}.${5}" + shift 5 + ;; + *) # error + return 1 + ;; + esac + + # take care of link-local routes + if [ "${gateway}" != '0.0.0.0' ]; then + via_arg="via ${gateway}" + fi + + # set route (ip detects host routes automatically) + ip -4 route add "${net_address}/${net_length}" \ + ${via_arg} dev "${interface}" >/dev/null 2>&1 + done + fi + fi +fi diff --git a/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/timesyncd b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/timesyncd new file mode 100644 index 0000000..3cde992 --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhclient-exit-hooks.d/timesyncd @@ -0,0 +1,42 @@ +TIMESYNCD_CONF=/run/systemd/timesyncd.conf.d/01-dhclient.conf + +timesyncd_servers_setup_remove() { + if [ -e $TIMESYNCD_CONF ]; then + rm -f $TIMESYNCD_CONF + systemctl try-restart systemd-timesyncd.service || true + fi +} + +timesyncd_servers_setup_add() { + if [ ! -d /run/systemd/system ]; then + return + fi + + if [ -e $TIMESYNCD_CONF ] && [ "$new_ntp_servers" = "$old_ntp_servers" ]; then + return + fi + + if [ -z "$new_ntp_servers" ]; then + timesyncd_servers_setup_remove + return + fi + + mkdir -p $(dirname $TIMESYNCD_CONF) + cat < ${TIMESYNCD_CONF}.new +# NTP server entries received from DHCP server +[Time] +NTP=$new_ntp_servers +EOF + mv ${TIMESYNCD_CONF}.new ${TIMESYNCD_CONF} + systemctl try-restart systemd-timesyncd.service || true +} + + +case $reason in + BOUND|RENEW|REBIND|REBOOT) + timesyncd_servers_setup_add + ;; + EXPIRE|FAIL|RELEASE|STOP) + timesyncd_servers_setup_remove + ;; +esac diff --git a/dhcp/tf.validation.linaro.org/dhclient.conf b/dhcp/tf.validation.linaro.org/dhclient.conf new file mode 100644 index 0000000..b85301b --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhclient.conf @@ -0,0 +1,54 @@ +# Configuration file for /sbin/dhclient. +# +# This is a sample configuration file for dhclient. See dhclient.conf's +# man page for more information about the syntax of this file +# and a more comprehensive list of the parameters understood by +# dhclient. +# +# Normally, if the DHCP server provides reasonable information and does +# not leave anything out (like the domain name, for example), then +# few changes must be made to this file, if any. +# + +option rfc3442-classless-static-routes code 121 = array of unsigned integer 8; + +send host-name = gethostname(); +request subnet-mask, broadcast-address, time-offset, routers, + domain-name, domain-name-servers, domain-search, host-name, + dhcp6.name-servers, dhcp6.domain-search, dhcp6.fqdn, dhcp6.sntp-servers, + netbios-name-servers, netbios-scope, interface-mtu, + rfc3442-classless-static-routes, ntp-servers; + +#send dhcp-client-identifier 1:0:a0:24:ab:fb:9c; +#send dhcp-lease-time 3600; +#supersede domain-name "fugue.com home.vix.com"; +#prepend domain-name-servers 127.0.0.1; +#require subnet-mask, domain-name-servers; +#timeout 60; +#retry 60; +#reboot 10; +#select-timeout 5; +#initial-interval 2; +#script "/sbin/dhclient-script"; +#media "-link0 -link1 -link2", "link0 link1"; +#reject 192.33.137.209; + +#alias { +# interface "eth0"; +# fixed-address 192.5.5.213; +# option subnet-mask 255.255.255.255; +#} + +#lease { +# interface "eth0"; +# fixed-address 192.33.137.200; +# medium "link0 link1"; +# option host-name "andare.swiftmedia.com"; +# option subnet-mask 255.255.255.0; +# option broadcast-address 192.33.137.255; +# option routers 192.33.137.250; +# option domain-name-servers 127.0.0.1; +# renew 2 2000/1/12 00:00:01; +# rebind 2 2000/1/12 00:00:01; +# expire 2 2000/1/12 00:00:01; +#} diff --git a/dhcp/tf.validation.linaro.org/dhcpd.conf b/dhcp/tf.validation.linaro.org/dhcpd.conf new file mode 100644 index 0000000..fdc6c20 --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhcpd.conf @@ -0,0 +1,38 @@ +# +# Sample configuration file for ISC dhcpd for Debian +# +# + +# The ddns-updates-style parameter controls whether or not the server will +# attempt to do a DNS update when a lease is confirmed. We default to the +# behavior of the version 2 packages ('none', since DHCP v2 didn't +# have support for DDNS.) +ddns-update-style none; + +# option definitions common to all supported networks... +option domain-name "tflab"; +option domain-search "tflab"; +option domain-name-servers 10.88.16.5; + +default-lease-time 600; +max-lease-time 7200; + +# If this DHCP server is the official DHCP server for the local +# network, the authoritative directive should be uncommented. +authoritative; +allow bootp; +# Use this to send dhcp log messages to a different log file (you also +# have to hack syslog.conf to complete the redirection). +log-facility local7; + +subnet 10.88.16.0 netmask 255.255.252.0 { + range 10.88.18.10 10.88.18.200; + range dynamic-bootp 10.88.18.201 10.88.18.220; + option domain-name-servers 10.88.16.10; + option routers 10.88.16.1; +} + + +include "/etc/dhcp/static-lease.conf"; + + diff --git a/dhcp/tf.validation.linaro.org/dhcpd.old b/dhcp/tf.validation.linaro.org/dhcpd.old new file mode 100644 index 0000000..7c6eeea --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhcpd.old @@ -0,0 +1,107 @@ +# dhcpd.conf +# +# Sample configuration file for ISC dhcpd +# + +# option definitions common to all supported networks... +option domain-name "example.org"; +option domain-name-servers ns1.example.org, ns2.example.org; + +default-lease-time 600; +max-lease-time 7200; + +# The ddns-updates-style parameter controls whether or not the server will +# attempt to do a DNS update when a lease is confirmed. We default to the +# behavior of the version 2 packages ('none', since DHCP v2 didn't +# have support for DDNS.) +ddns-update-style none; + +# If this DHCP server is the official DHCP server for the local +# network, the authoritative directive should be uncommented. +#authoritative; + +# Use this to send dhcp log messages to a different log file (you also +# have to hack syslog.conf to complete the redirection). +#log-facility local7; + +# No service will be given on this subnet, but declaring it helps the +# DHCP server to understand the network topology. + +#subnet 10.152.187.0 netmask 255.255.255.0 { +#} + +# This is a very basic subnet declaration. + +#subnet 10.254.239.0 netmask 255.255.255.224 { +# range 10.254.239.10 10.254.239.20; +# option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org; +#} + +# This declaration allows BOOTP clients to get dynamic addresses, +# which we don't really recommend. + +#subnet 10.254.239.32 netmask 255.255.255.224 { +# range dynamic-bootp 10.254.239.40 10.254.239.60; +# option broadcast-address 10.254.239.31; +# option routers rtr-239-32-1.example.org; +#} + +# A slightly different configuration for an internal subnet. +#subnet 10.5.5.0 netmask 255.255.255.224 { +# range 10.5.5.26 10.5.5.30; +# option domain-name-servers ns1.internal.example.org; +# option domain-name "internal.example.org"; +# option routers 10.5.5.1; +# option broadcast-address 10.5.5.31; +# default-lease-time 600; +# max-lease-time 7200; +#} + +# Hosts which require special configuration options can be listed in +# host statements. If no address is specified, the address will be +# allocated dynamically (if possible), but the host-specific information +# will still come from the host declaration. + +#host passacaglia { +# hardware ethernet 0:0:c0:5d:bd:95; +# filename "vmunix.passacaglia"; +# server-name "toccata.example.com"; +#} + +# Fixed IP addresses can also be specified for hosts. These addresses +# should not also be listed as being available for dynamic assignment. +# Hosts for which fixed IP addresses have been specified can boot using +# BOOTP or DHCP. Hosts for which no fixed address is specified can only +# be booted with DHCP, unless there is an address range on the subnet +# to which a BOOTP client is connected which has the dynamic-bootp flag +# set. +#host fantasia { +# hardware ethernet 08:00:07:26:c0:a5; +# fixed-address fantasia.example.com; +#} + +# You can declare a class of clients and then do address allocation +# based on that. The example below shows a case where all clients +# in a certain class get addresses on the 10.17.224/24 subnet, and all +# other clients get addresses on the 10.0.29/24 subnet. + +#class "foo" { +# match if substring (option vendor-class-identifier, 0, 4) = "SUNW"; +#} + +#shared-network 224-29 { +# subnet 10.17.224.0 netmask 255.255.255.0 { +# option routers rtr-224.example.org; +# } +# subnet 10.0.29.0 netmask 255.255.255.0 { +# option routers rtr-29.example.org; +# } +# pool { +# allow members of "foo"; +# range 10.17.224.10 10.17.224.250; +# } +# pool { +# deny members of "foo"; +# range 10.0.29.10 10.0.29.230; +# } +#} diff --git a/dhcp/tf.validation.linaro.org/dhcpd6.conf b/dhcp/tf.validation.linaro.org/dhcpd6.conf new file mode 100644 index 0000000..87786b4 --- /dev/null +++ b/dhcp/tf.validation.linaro.org/dhcpd6.conf @@ -0,0 +1,102 @@ +# Server configuration file example for DHCPv6 +# From the file used for TAHI tests - addresses chosen +# to match TAHI rather than example block. + +# IPv6 address valid lifetime +# (at the end the address is no longer usable by the client) +# (set to 30 days, the usual IPv6 default) +default-lease-time 2592000; + +# IPv6 address preferred lifetime +# (at the end the address is deprecated, i.e., the client should use +# other addresses for new connections) +# (set to 7 days, the usual IPv6 default) +preferred-lifetime 604800; + +# T1, the delay before Renew +# (default is 1/2 preferred lifetime) +# (set to 1 hour) +option dhcp-renewal-time 3600; + +# T2, the delay before Rebind (if Renews failed) +# (default is 3/4 preferred lifetime) +# (set to 2 hours) +option dhcp-rebinding-time 7200; + +# Enable RFC 5007 support (same than for DHCPv4) +allow leasequery; + +# Global definitions for name server address(es) and domain search list +option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:3f3e; +option dhcp6.domain-search "test.example.com","example.com"; + +# Set preference to 255 (maximum) in order to avoid waiting for +# additional servers when there is only one +##option dhcp6.preference 255; + +# Server side command to enable rapid-commit (2 packet exchange) +##option dhcp6.rapid-commit; + +# The delay before information-request refresh +# (minimum is 10 minutes, maximum one day, default is to not refresh) +# (set to 6 hours) +option dhcp6.info-refresh-time 21600; + +# Static definition (must be global) +#host myclient { +# # The entry is looked up by this +# host-identifier option +# dhcp6.client-id 00:01:00:01:00:04:93:e0:00:00:00:00:a2:a2; +# +# # A fixed address +# fixed-address6 3ffe:501:ffff:100::1234; +# +# # A fixed prefix +# fixed-prefix6 3ffe:501:ffff:101::/64; +# +# # Override of the global definitions, +# # works only when a resource (address or prefix) is assigned +# option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:4f4e; +# +# # For debug (to see when the entry statements are executed) +# # (log "sol" when a matching Solicitation is received) +# ##if packet(0,1) = 1 { log(debug,"sol"); } +#} +# +#host otherclient { +# # This host entry is hopefully matched if the client supplies a DUID-LL +# # or DUID-LLT containing this MAC address. +# hardware ethernet 01:00:80:a2:55:67; +# +# fixed-address6 3ffe:501:ffff:100::4321; +#} + +# The subnet where the server is attached +# (i.e., the server has an address in this subnet) +#subnet6 3ffe:501:ffff:100::/64 { +# # Two addresses available to clients +# # (the third client should get NoAddrsAvail) +# range6 3ffe:501:ffff:100::10 3ffe:501:ffff:100::11; +# +# # Use the whole /64 prefix for temporary addresses +# # (i.e., direct application of RFC 4941) +# range6 3ffe:501:ffff:100:: temporary; +# +# # Some /64 prefixes available for Prefix Delegation (RFC 3633) +# prefix6 3ffe:501:ffff:100:: 3ffe:501:ffff:111:: /64; +#} + +# A second subnet behind a relay agent +#subnet6 3ffe:501:ffff:101::/64 { +# range6 3ffe:501:ffff:101::10 3ffe:501:ffff:101::11; +# +# # Override of the global definitions, +# # works only when a resource (address or prefix) is assigned +# option dhcp6.name-servers 3ffe:501:ffff:101:200:ff:fe00:3f3e; +# +#} + +# A third subnet behind a relay agent chain +#subnet6 3ffe:501:ffff:102::/64 { +# range6 3ffe:501:ffff:102::10 3ffe:501:ffff:102::11; +#} diff --git a/dhcp/tf.validation.linaro.org/static-lease.conf b/dhcp/tf.validation.linaro.org/static-lease.conf new file mode 100644 index 0000000..8c5e76a --- /dev/null +++ b/dhcp/tf.validation.linaro.org/static-lease.conf @@ -0,0 +1,76 @@ +host tf-pi-worker01{ + hardware ethernet dc:a6:32:ac:57:e4; + fixed-address 10.88.16.20; +} + +host tf-pi-worker02{ + hardware ethernet dc:a6:32:4b:4b:f1; + fixed-address 10.88.16.21; +} + +host tf-pi-worker03{ + hardware ethernet dc:a6:32:4b:48:c4; + fixed-address 10.88.16.22; +} + +host tf-pi-worker04{ + hardware ethernet dc:a6:32:4b:4f:de; + fixed-address 10.88.16.23; +} + +host tf-pi-worker05{ + hardware ethernet dc:a6:32:4b:50:82; + fixed-address 10.88.16.24; +} + +host juno-r2-01{ + hardware ethernet 00:02:f7:00:66:5d; + fixed-address 10.88.18.10; +} + +host juno-r2-02{ + hardware ethernet 00:02:f7:00:75:e3; + fixed-address 10.88.18.11; +} + +host juno-r2-03{ + hardware ethernet 00:02:f7:00:68:3d; + fixed-address 10.88.18.12; +} + +host juno-r2-01-SMC { + hardware ethernet 00:02:f7:00:66:5e; + fixed-address 10.88.18.15; +} + +host juno-r1-01 { + hardware ethernet 00:02:f7:00:61:5b; + fixed-address 10.88.18.30; +} + +host juno-r0-01{ + hardware ethernet 00:02:f7:00:58:af; + fixed-address 10.88.18.21; +} + +host juno-r0-02{ + hardware ethernet 00:02:f7:00:59:7b; + fixed-address 10.88.18.22; +} + +host juno-r0-03{ + hardware ethernet 00:02:f7:00:58:0d; + fixed-address 10.88.18.23; +} + +host juno-r0-04{ + hardware ethernet 00:02:f7:00:58:7b; + fixed-address 10.88.18.24; +} + +host juno-r0-05{ + hardware ethernet 00:02:f7:00:58:37; + fixed-address 10.88.18.25; +} + + -- cgit v1.2.3