Allow more granular control of DHCP lease time


#1

When I ran DNSMASQ on my routers via the Tomato Firmware for DNS/DHCP services their configuration page allowed for two time values, one for static defined DHCP hosts and another for undefined hosts. I used to set the static addresses to 24 hours and the un-defined to 1 hour. This would handle guests that came into my house to use the guest network and not consume a address for a long period of time.


#2

How would this be helpful? Setting the dynamic requests to 1 hour puts more traffic on the wire. The clients will be requesting re-lease of the address at around half the lease lifetime so in a shorter lease the chattiness of the clients maintaining the lease is increased. If they are around longer then they would just extend or request the same IP at the expiration of the existing lease. As for running out of IP space, even a /24 has 250+ available addresses, more if you jump to a bigger subnet/supernet.

Security doesn’t increase, once they leave the radio signal footprint they can’t access your network, and if they come back in to range they will just request their old address. If that has been leased, they will get a new lease.

Really the only need for shorter lease times is if you have clients that will be changing networks often or network space that is changing and you need for clients to ask for a new IP address in the new segment without manually cycling the IP stack or forcing a new lease.


#3

It’s not about security but for releasing leases of guest devices. I have set a range of 20 ip addresses to be handed out in a very low number range to identify guests. My permanent devices get static addresses in the higher ranges using a numbering scheme for what the devices do. When I have a bunch of guests over for gaming, sports, whatever, they use my guest access point and get assigned to the lower IP’s. Since people come and go I want the leases to expire much more quickly that say my 24 hours of the permanent devices.

This is the same technique I have used for years at various locations for events. The guest DHCP network has a duration of less that 5 minutes. Yes it generates traffic but it keeps the network open for incoming clients.

The native DNSMASQ defition line for static hosts is configurable to this level but the issue is that pi.hole overrights those files on restart. Here is an example of one of the lines for a host with a custom duration:

dhcp-host=[<hwaddr>][,id:<client_id>|*][,set:<tag>][,<ipaddr>][,<hostname>][,<lease_time>][,ignore]

dhcp-host=xx:xx:xx:xx:xx:xx,192.168.1.100,static-host,24h

And then the global configuration could contain the default lease time of say 10 minutes to cover the lower range.


#8

Where is your dnsmasq configuration file located?

As a short term solution, you could set the default lease time to 1 hour (or whatever you want for your guests) and then manually enter the 24 static leases in /etc/dnsmasq.d/30-static.conf. The file in that location won’t be overwritten by Pi-Hole.


#9

Thanks for the tip, I will give that a try. I have the normal /etc/dnsmaq.d directory with 3 configuration files including the 04-pihole-static-dhcp.conf which is the file that pi-whole writes to. I could copy that file to a new file and edit as you stated if it loads in directory order the 30-static.conf would be the last configuration file loaded.

Let me do some testing but this is a good idea.


#11

The files are loaded in lexicographical/directory order. I think we keep things down to 10 or lower so you can throw in overrides as needed, and 90-99 will always be available for local hard overrides.