Probleme mit DHCP Einrichtung


#1

Moin,

ich habe jetzt, da mein Router nach Tausch und etlichen Firmwareupdates nach Monaten immer wieder die DHCP und Portweiterleitungen zerschießt keine Lust mehr auf das Gerät und will nun den Univention DHCP einrichten.

Soweit so gut. Ich habe den Dienst erstellt und im Anschluss schon einmal die Rechner hinzugefügt, welche eh schon in der Rechnerliste waren.

Leider startet der dhcpd dienst nicht korrekt.

Die erste Meldung war immer:

Jul  3 23:00:12 central univention-dhcp[11883]: Starting DHCP server: dhcpdtimeout: finish: univention-dhcp: (pid 12125) 2s, normally down
Jul  3 23:00:12 central univention-dhcp[11883]:  failed!
Jul  3 23:00:12 central systemd[1]: univention-dhcp.service: Control process exited, code=exited status=1
Jul  3 23:00:12 central systemd[1]: Failed to start LSB: DHCP server.
Jul  3 23:00:12 central systemd[1]: univention-dhcp.service: Unit entered failed state.
Jul  3 23:00:12 central systemd[1]: univention-dhcp.service: Failed with result 'exit-code'.
Jul  3 23:00:15 central dhcpd[12137]: Error: Cannot find LDAP entry matching (&(objectClass=dhcpServer)(cn=central))
Jul  3 23:00:15 central dhcpd[12137]: Configuration file errors encountered -- exiting
Jul  3 23:00:15 central dhcpd[12137]: 
Jul  3 23:00:15 central dhcpd[12137]: If you think you have received this message due to a bug rather
Jul  3 23:00:15 central dhcpd[12137]: than a configuration issue please read the section on submitting
Jul  3 23:00:15 central dhcpd[12137]: bugs on either our web page at www.isc.org or in the README file
Jul  3 23:00:15 central dhcpd[12137]: before submitting a bug.  These pages explain the proper
Jul  3 23:00:15 central dhcpd[12137]: process and the information we find helpful for debugging..
Jul  3 23:00:15 central dhcpd[12137]: 
Jul  3 23:00:15 central dhcpd[12137]: exiting.
Jul  3 23:00:21 central dhcpd[12145]: Error: Cannot find LDAP entry matching (&(objectClass=dhcpServer)(cn=central))
Jul  3 23:00:21 central dhcpd[12145]: Configuration file errors encountered -- exiting
Jul  3 23:00:21 central dhcpd[12145]: 
Jul  3 23:00:21 central dhcpd[12145]: If you think you have received this message due to a bug rather
Jul  3 23:00:21 central dhcpd[12145]: than a configuration issue please read the section on submitting
Jul  3 23:00:21 central dhcpd[12145]: bugs on either our web page at www.isc.org or in the README file
Jul  3 23:00:21 central dhcpd[12145]: before submitting a bug.  These pages explain the proper
Jul  3 23:00:21 central dhcpd[12145]: process and the information we find helpful for debugging..

Das wiederholte sich etliche Male. Da habe ich hier dann auch den Tipp bekommen, mal in den UCR Variablen zu schauen.

Habe dann das hier eingefügt:

dhcpd/ldap/base: cn=dhcp,dc=c-lab,dc=one

Nun habe ich heute Morgen den Dienst neustarten wollen. Leider kommt nun das nächste:

Jul  4 06:17:24 central systemd[1]: Stopping LSB: DHCP server...
Jul  4 06:17:27 central univention-dhcp[7074]: Stopping DHCP server: dhcpdok: down: univention-dhcp: 0s
Jul  4 06:17:27 central univention-dhcp[7074]: .
Jul  4 06:17:27 central systemd[1]: Stopped LSB: DHCP server.
Jul  4 06:17:27 central systemd[1]: Starting LSB: DHCP server...
Jul  4 06:17:27 central dhcpd[7093]: Internet Systems Consortium DHCP Server 4.3.5
Jul  4 06:17:27 central dhcpd[7093]: Copyright 2004-2016 Internet Systems Consortium.
Jul  4 06:17:27 central dhcpd[7093]: All rights reserved.
Jul  4 06:17:27 central dhcpd[7093]: For info, please visit https://www.isc.org/software/dhcp/
Jul  4 06:17:27 central dhcpd[7093]: Config file: /etc/dhcp/dhcpd.conf
Jul  4 06:17:27 central dhcpd[7093]: Database file: /var/lib/dhcp/dhcpd.leases
Jul  4 06:17:27 central dhcpd[7093]: PID file: /var/run/dhcpd.pid
Jul  4 06:17:27 central dhcpd[7096]: Wrote 0 leases to leases file.
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: No subnet declaration for veth2184a3d (no IPv4 addresses).
Jul  4 06:17:27 central dhcpd[7096]: ** Ignoring requests on veth2184a3d.  If this is not what
Jul  4 06:17:27 central dhcpd[7096]:    you want, please write a subnet declaration
Jul  4 06:17:27 central dhcpd[7096]:    in your dhcpd.conf file for the network segment
Jul  4 06:17:27 central dhcpd[7096]:    to which interface veth2184a3d is attached. **
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: No subnet declaration for veth61f2627 (no IPv4 addresses).
Jul  4 06:17:27 central dhcpd[7096]: ** Ignoring requests on veth61f2627.  If this is not what
Jul  4 06:17:27 central dhcpd[7096]:    you want, please write a subnet declaration
Jul  4 06:17:27 central dhcpd[7096]:    in your dhcpd.conf file for the network segment
Jul  4 06:17:27 central dhcpd[7096]:    to which interface veth61f2627 is attached. **
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: No subnet declaration for veth51f88bd (no IPv4 addresses).
Jul  4 06:17:27 central dhcpd[7096]: ** Ignoring requests on veth51f88bd.  If this is not what
Jul  4 06:17:27 central dhcpd[7096]:    you want, please write a subnet declaration
Jul  4 06:17:27 central dhcpd[7096]:    in your dhcpd.conf file for the network segment
Jul  4 06:17:27 central dhcpd[7096]:    to which interface veth51f88bd is attached. **
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: No subnet declaration for vethf144e73 (no IPv4 addresses).
Jul  4 06:17:27 central dhcpd[7096]: ** Ignoring requests on vethf144e73.  If this is not what
Jul  4 06:17:27 central dhcpd[7096]:    you want, please write a subnet declaration
Jul  4 06:17:27 central dhcpd[7096]:    in your dhcpd.conf file for the network segment
Jul  4 06:17:27 central dhcpd[7096]:    to which interface vethf144e73 is attached. **
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: No subnet declaration for vethb8e49fb (no IPv4 addresses).
Jul  4 06:17:27 central dhcpd[7096]: ** Ignoring requests on vethb8e49fb.  If this is not what
Jul  4 06:17:27 central dhcpd[7096]:    you want, please write a subnet declaration
Jul  4 06:17:27 central dhcpd[7096]:    in your dhcpd.conf file for the network segment
Jul  4 06:17:27 central dhcpd[7096]:    to which interface vethb8e49fb is attached. **
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: No subnet declaration for docker0 (172.17.42.1).
Jul  4 06:17:27 central dhcpd[7096]: ** Ignoring requests on docker0.  If this is not what
Jul  4 06:17:27 central dhcpd[7096]:    you want, please write a subnet declaration
Jul  4 06:17:27 central dhcpd[7096]:    in your dhcpd.conf file for the network segment
Jul  4 06:17:27 central dhcpd[7096]:    to which interface docker0 is attached. **
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: No subnet declaration for ens192 (10.0.0.10).
Jul  4 06:17:27 central dhcpd[7096]: ** Ignoring requests on ens192.  If this is not what
Jul  4 06:17:27 central dhcpd[7096]:    you want, please write a subnet declaration
Jul  4 06:17:27 central dhcpd[7096]:    in your dhcpd.conf file for the network segment
Jul  4 06:17:27 central dhcpd[7096]:    to which interface ens192 is attached. **
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: Not configured to listen on any interfaces!
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: If you think you have received this message due to a bug rather
Jul  4 06:17:27 central dhcpd[7096]: than a configuration issue please read the section on submitting
Jul  4 06:17:27 central dhcpd[7096]: bugs on either our web page at www.isc.org or in the README file
Jul  4 06:17:27 central dhcpd[7096]: before submitting a bug.  These pages explain the proper
Jul  4 06:17:27 central dhcpd[7096]: process and the information we find helpful for debugging..
Jul  4 06:17:27 central dhcpd[7096]: 
Jul  4 06:17:27 central dhcpd[7096]: exiting.

Muss ich für jedes Docker ein Subnetz machen?!? Oder wie soll ich das verstehen?

Mein Ziel:
Ein DHCP Server für meine Interne Infrastruktur und alle Hardwaregeräte inkl. auch unbekannte in einen DHCP Pool zu stecken, damit ich sie dann zuweisen kann.

Internes Netz: 10.0.0.0
DHCP: 10.0.0.10
Smarthome und Sonos ist ebenso im Netzwerk via Wlan dabei.

UPDATE:
Habe nun einfach mal alles raus geschmissen und dann neu aufgebaut.

Habe nun nur Server und Subnetz erstellt mit dem gleichen Netz, was ich hier habe (Laut Doku sollte ich da lieber ein Shared Network nehmen oder?)

Das klappt:

er/systemd-exit.service.requires: Not a directory
Jul  4 07:17:46 central systemd[28466]: Stopped target Default.
Jul  4 07:17:46 central systemd[28466]: Stopped target Basic System.
Jul  4 07:17:46 central systemd[28466]: Stopped target Sockets.
Jul  4 07:17:46 central systemd[28466]: Closed GnuPG cryptographic agent (access for web browsers).
Jul  4 07:17:46 central systemd[28466]: Closed GnuPG cryptographic agent (ssh-agent emulation).
Jul  4 07:17:46 central systemd[28466]: Closed GnuPG cryptographic agent and passphrase cache.
Jul  4 07:17:46 central systemd[28466]: Closed GnuPG network certificate management daemon.
Jul  4 07:17:46 central systemd[28466]: Closed GnuPG cryptographic agent and passphrase cache (restricted).
Jul  4 07:17:46 central systemd[28466]: Stopped target Timers.
Jul  4 07:17:46 central systemd[28466]: Reached target Shutdown.
Jul  4 07:17:46 central systemd[28466]: Starting Exit the Session...
Jul  4 07:17:46 central systemd[28466]: Stopped target Paths.
Jul  4 07:17:46 central systemd[28466]: Received SIGRTMIN+24 from PID 28484 (kill).
Jul  4 07:17:46 central systemd[1]: Stopped User Manager for UID 2087.
Jul  4 07:17:46 central systemd[1]: Removed slice User Slice of NIGHTVISION$.
Jul  4 07:17:48 central dhcpd[28304]: reuse_lease: lease age 101 (secs) under 25% threshold, reply with unaltered, existing lease for 10.0.0.7
Jul  4 07:17:48 central dhcpd[28304]: DHCPDISCOVER from ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:17:48 central dhcpd[28304]: DHCPOFFER on 10.0.0.7 to ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:17:48 central dhcpd[28304]: reuse_lease: lease age 101 (secs) under 25% threshold, reply with unaltered, existing lease for 10.0.0.7
Jul  4 07:17:48 central dhcpd[28304]: DHCPREQUEST for 10.0.0.7 (10.0.0.10) from ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:17:48 central dhcpd[28304]: DHCPACK on 10.0.0.7 to ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:18:08 central dhcpd[28304]: reuse_lease: lease age 121 (secs) under 25% threshold, reply with unaltered, existing lease for 10.0.0.7
Jul  4 07:18:08 central dhcpd[28304]: DHCPDISCOVER from ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:18:08 central dhcpd[28304]: DHCPOFFER on 10.0.0.7 to ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:18:08 central dhcpd[28304]: reuse_lease: lease age 121 (secs) under 25% threshold, reply with unaltered, existing lease for 10.0.0.7
Jul  4 07:18:08 central dhcpd[28304]: DHCPREQUEST for 10.0.0.7 (10.0.0.10) from ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:18:08 central dhcpd[28304]: DHCPACK on 10.0.0.7 to ec:fa:bc:13:1b:78 (sonoff-buero-1-7032) via ens192
Jul  4 07:18:20 central systemd[1]: Created slice User Slice of CORIN-II$.
Jul  4 07:18:20 central systemd[1]: Starting User Manager for UID 2031...
Jul  4 07:18:20 central systemd[1]: Started Session c1563 of user CORIN-II$.
Jul  4 07:18:20 central systemd[28655]: Failed to open directory /dev/null/.config/systemd/user, ignoring: Not a directory
Jul  4 07:18:20 central systemd[28655]: Failed to open directory /dev/null/.local/share/systemd/user, ignoring: Not a directory
Jul  4 07:18:20 central systemd[28655]: Listening on GnuPG cryptographic agent and passphrase cache (restricted).
Jul  4 07:18:20 central systemd[28655]: Reached target Timers.
Jul  4 07:18:20 central systemd[28655]: Listening on GnuPG cryptographic agent (ssh-agent emulation).
Jul  4 07:18:20 central systemd[28655]: Listening on GnuPG cryptographic agent (access for web browsers).
Jul  4 07:18:20 central systemd[28655]: Reached target Paths.
Jul  4 07:18:20 central systemd[28655]: Listening on GnuPG cryptographic agent and passphrase cache.
Jul  4 07:18:20 central systemd[28655]: Listening on GnuPG network certificate management daemon.
Jul  4 07:18:20 central systemd[28655]: Reached target Sockets.
Jul  4 07:18:20 central systemd[28655]: Reached target Basic System.
Jul  4 07:18:20 central systemd[28655]: Reached target Default.
Jul  4 07:18:20 central systemd[28655]: Startup finished in 7ms.
Jul  4 07:18:20 central systemd[1]: Started User Manager for UID 2031.

Nur hat kein Gerät Internet. Da schaue ich nun mal weiter.

UPDATE 2:
Internet funktioniert nun auch.

Ich habe nun 2 Subnetze laufen, eines für bekannte Clients, eines für unbekannte.

Wenn ich nun aber ein neues Gerät aktiviere, wird es dennoch in den subnetzbereich gepackt, der nur für bekannte Clients sein soll. Habe dort schon in der Richtlinie “DHCP Erlauben/Verbieten” “Unbekannte Clients” verboten. Dennoch bekommen die IPs im Bereich 1-150.

Im zweiten Subnetz sollen unbekannte rein, ist dort per Richtlinie auch erlaubt. IPs sollen die kriegen im Bereich von 200-254.

jemand eine Idee?

p.s.: Ja das ist wieder ein sehr komischer Thread, in dem ich stück für stück alles updaten muss, weil ich das schon selbst gelöst habe.

Grüße

Alex