Do I just need to change dhcpcd.conf to get a static IP?

[Chris Green]

I have two Pi systems on my LAN here at home, one just provides DNS
using dnsmasq and the other has a big external USB drive for backups.

The DNS Pi has a static IP of 192.168.1.2.

If the DNS Pi dies I want to quickly configure the backup Pi to
provide DNS. The main thing required for this to work is to give it a
static IP of 192.168.1.2 and to configure dnsmasq on it.

Copying the dnsmasq configuration across is easy enough, I can simply
synchronise /etc/dnsmasq.conf and /etc/dnsmasq.d between the two
systems and that's done. As long as I don't actually run dnsmasq on
the backup machine all will be well.

So, if/when the DNS Pi dies all I need to do is:-

Configure the backup machine to have a static IP of 192.168.1.2

Copy the dnsmasq.leases file (I'm keeping a live copy of that)

Start dnsmasq

Simple! :-)


Is the configuration in /etc/dhcpcd.conf *all* that's needed for a
static IP?

--
Chris Green
·

[NY]

"Chris Green" <c...@isbd.net> wrote in message
news:bfeb2i-...@esprimo.zbmc.eu...

I'm always cautious of configuring any computer with a static IP address in
the device's TCP configuration. It's all too easy to move a portable device
onto a different LAN where the static IP may either be in the wrong subnet
or may be within the scope of the LAN's DHCP server and so may, when Sod's
Law is in operation, give another device the same address.

Instead, I configure the router to allocate a reserved address (as an
IP-to-MAC address mapping) for the devices that I want to have a "static"
address. Most modern routers seem to allow reserved IPs to be configured.
There is no need for the reserved addresses to be outside the scope of
addresses that DHCP hands out.

So you are using DHCP in exactly the same way as a normal (random-IP) setup,
but forcing the router's DHCP to give certain devices fixed addresses.

In your situation where you want either the main or the backup Pi to have
the same IP, you could achieve this by tweaking the router's reserved
addresses. Whether it's easier/harder than reconfiguring the static IP at
the backup Pi's TCP settings - well, that's debateable :-)

[Tauno Voipio]

If your network is set up by systemd, see the directory
/etc/systemd/network. There is a setup file, see
man systemd.network.

If the network is set up the traditional way, see the
directory /etc/network/interfaces.d. The setup file
interfaces is described in man 5 interfaces.

--

-TV

[Jean-Pierre Kuypers]

In article (Dans l'article) <siv8v8$5pc$1...@dont-email.me>, Tauno Voipio
<tauno....@notused.fi.invalid> wrote (écrivait) :

> If your network is set up by systemd, see the directory
> /etc/systemd/network.
>

> If the network is set up the traditional way, see the directory
> /etc/network/interfaces.d.

On my RPi, I get :

pi@raspberrypi:~ $ ls -al /etc/network/interfaces.d
total 8
drwxr-xr-x 2 root root 4096 jan 30 2017 .
drwxr-xr-x 7 root root 4096 nov 9 2020 ..

pi@raspberrypi:~ $ ls -al /etc/systemd/network
total 8
drwxr-xr-x 2 root root 4096 aoû 31 15:43 .
drwxr-xr-x 5 root root 4096 sep 13 12:43 ..
lrwxrwxrwx 1 root root 9 aoû 31 15:43 99-default.link -> /dev/null

pi@raspberrypi:~ $ uname -a
Linux raspberrypi 5.10.60-v7+ #1449 SMP Wed Aug 25 15:00:01 BST 2021
armv7l GNU/Linux

--
Jean-Pierre Kuypers

[Chris Green]

Er, the Pi in quation is also the DHCP server! That's the point,
it's how it gets to know the LAN systems' names.

--
Chris Green
·

[Tauno Voipio]

One more try: /etc/dhcpcd.conf. In some set-ups, it seems to
control static addresses, too.

--

-TV

[Martin Gregorie]

On Tue, 28 Sep 2021 13:30:03 +0100, Chris Green wrote:

> I have two Pi systems on my LAN here at home, one just provides DNS
> using dnsmasq and the other has a big external USB drive for backups.
>
> The DNS Pi has a static IP of 192.168.1.2.
>
> If the DNS Pi dies I want to quickly configure the backup Pi to provide
> DNS. The main thing required for this to work is to give it a static IP
> of 192.168.1.2 and to configure dnsmasq on it.
>
> Copying the dnsmasq configuration across is easy enough, I can simply
> synchronise /etc/dnsmasq.conf and /etc/dnsmasq.d between the two systems
> and that's done. As long as I don't actually run dnsmasq on the backup
> machine all will be well.
>
> So, if/when the DNS Pi dies all I need to do is:-
>
> Configure the backup machine to have a static IP of 192.168.1.2
>
> Copy the dnsmasq.leases file (I'm keeping a live copy of that)
>
> Start dnsmasq
>
> Simple! :-)
>

I use an even simpler approach to maintain:

I run named to provide a DNS service for my LAN, partly because its
easier to maintain a single central zone file for my LAN than to keep
resolv.conf files in sync on all systems on the LAN that need this info
and partly because I could and anyway I wanted to understand the care and
feeding of a DNS.

/etc/systemd/resolved.comp is the same on all computers: the IPs listed
in the DNS= and FallbackDNS= lines are:

DNS= my_local_DNS my_ISP's_DNS_resolver
FallbackDNS= My network supplier's DNS resolvers

This file should never need to be modified and is the same on all my
computers.


--
--
Martin | martin at
Gregorie | gregorie dot org

[Ahem A Rivet's Shot]

On Tue, 28 Sep 2021 17:26:41 +0100
Chris Green <c...@isbd.net> wrote:

> Er, the Pi in quation is also the DHCP server! That's the point,
> it's how it gets to know the LAN systems' names.

There are two ways a DHCP server gets to know the LAN systems'
names. Many (not all) systems send the hostname as part of the DHCP
request, this can be used to updated DNS (trivially easy with dnsmasq, more
fiddly otherwise). With dnsmasq it is also possible to specify a name for a
MAC address and have it assigned in the DNS to the dynamic or fixed IP
address issued by dnsmasq. Similar things are possible with other DHCP and
DNS servers but usually the only easy thing is to issue a fixed IP address
corresponding to a fixed DNS entry.

--
Steve O'Hara-Smith
Odds and Ends at http://www.sohara.org/

[Chris Green]

Yes, exactly! It's why I use dnsmasq as the DNS and DHCP server on my
LAN. Most systems supply a name when getting their IP from the DHCP
server so as a result most systems on my LAN can be called by name
with no extra effort needed from me. A few systems that don't provide
names as you say can be given names in dnsmasq.conf .They're mostly
things like Freeview boxes, a Roku streaming box and an Onko
amplifier, still it's nice to give them names so otherwise anonymous
devices can be identified as "meant to be there".

--
Chris Green
·

[Chris Green]

But this doesn't give you names for the systems on your LAN does it?

I want to be able to ssh freely from desktop (name esprimo) to laptop
(name t470) to Pi (dns) to another Pi (backup) to my wife's laptop
(x201), etc. Running dnsmasq as DHCP/DNS server provides me with this
ability easily.

--
Chris Green
·

[Joe]

On Tue, 28 Sep 2021 19:17:57 +0100
Chris Green <c...@isbd.net> wrote:

> Martin Gregorie <mar...@mydomain.invalid> wrote:
>
> >
> > DNS= my_local_DNS my_ISP's_DNS_resolver
> > FallbackDNS= My network supplier's DNS resolvers
> >
> > This file should never need to be modified and is the same on all
> > my computers.
> >
> But this doesn't give you names for the systems on your LAN does it?
>
> I want to be able to ssh freely from desktop (name esprimo) to laptop
> (name t470) to Pi (dns) to another Pi (backup) to my wife's laptop
> (x201), etc. Running dnsmasq as DHCP/DNS server provides me with this
> ability easily.
>

The canonical way is to run BIND9 and link it with the dhcp server,
which may or may not run on the same machine. You set the static
addresses in dhcpd.conf and they will be transferred to BIND. There is
an encryption key held in common.

Yes, a lot of people like something simpler, but I run a mixed network,
and BIND works with anything, even the wretched Windows. It is, after
all, the reference *nix DNS server.

Note that while dhcp can push many types of information, including
hostnames, the client has no obligation to use any of it.

--
Joe

[Ahem A Rivet's Shot]

On Tue, 28 Sep 2021 19:14:50 +0100
Chris Green <c...@isbd.net> wrote:

> Yes, exactly! It's why I use dnsmasq as the DNS and DHCP server on my
> LAN.

You can do it all with other DNS and DHCP servers but you have to
put all the glue in place yourself which is a RPITA, dnsmasq makes it
wonderfully easy. If only it had good failover support (that's hard).

> Most systems supply a name when getting their IP from the DHCP
> server so as a result most systems on my LAN can be called by name
> with no extra effort needed from me. A few systems that don't provide
> names as you say can be given names in dnsmasq.conf .They're mostly

There's an even cooler trick it can do if you have IPv6, you can
get it to do the router advertisements and notice when a SLAAC address
embeds the same MAC as a DHCP lease and assign the IPv6 SLAAC address to
the name. I don't know anything else that does this.

> things like Freeview boxes, a Roku streaming box and an Onko
> amplifier, still it's nice to give them names so otherwise anonymous
> devices can be identified as "meant to be there".

Exactly why I bother to do the same thing.

[Ahem A Rivet's Shot]

On Tue, 28 Sep 2021 20:04:53 +0100
Joe <j...@jretrading.com> wrote:

> The canonical way is to run BIND9 and link it with the dhcp server,

The easy way (that admittedly is less scalable and less robust -
no failover options) is to use dnsmasq for both.

> Yes, a lot of people like something simpler, but I run a mixed network,
> and BIND works with anything, even the wretched Windows. It is, after
> all, the reference *nix DNS server.

As does dnsmasq. Standards are wonderful things they encourage
multiple implementations with differing characteristics. My home network
has three flavours of unix, Mac OS, Android, ChromeOS, IOS, Windows and
whatever various TVs, dongles and games consoles run. All perfectly happy
with dnsmasq being the DNS, DHCP and router advertisement server.

I wouldn't use dnsmasq for a corporate name server and these days I
wouldn't use bind for a home network (I used to).

[Martin Gregorie]

On Tue, 28 Sep 2021 19:17:57 +0100, Chris Green wrote:

> But this doesn't give you names for the systems on your LAN does it?
>

Yes it does: the name is linked with the IP when you add the new system
to the zone file: the resolved.conf file directs name searches to your DNS
first, so the enquirer gets handed the correct IP by your local DNS: if
the query fails its a fair assumption that the name doesn't belong to one
of your local machines, and the systemd resolver then asks the external
DNSs listed in your resolved.conf file.

I assume that you'll you've given each new system it's name when you
first configured it, but I don't think that affects much apart from
allowing the system to realise that the connection request can be
satisfied without bothering any DNS.

> I want to be able to ssh freely from desktop (name esprimo) to laptop
> (name t470) to Pi (dns) to another Pi (backup) to my wife's laptop
> (x201), etc. Running dnsmasq as DHCP/DNS server provides me with this
> ability easily.
>

That's exactly what I do: any machine on my LAN can connect to any other
machine on it because my local DNS resolves all names with of the form
localsystemname.localdomain.lan - localdomain.lan being the zone it is
configured to resolve names in.

Initially, setting up named needed a little head scratching, but I found
"DNS and BIND" (O'Reilly) useful, but it doesn't cover the unbound
resolver, so other books may relevant too. It may be worth noting that,
apart from adding and deleting machines as my LAN system population
changes, my named configuration hasn't needed to change for many years.

[Ahem A Rivet's Shot]

On Tue, 28 Sep 2021 22:39:10 -0000 (UTC)
Martin Gregorie <mar...@mydomain.invalid> wrote:

> On Tue, 28 Sep 2021 19:17:57 +0100, Chris Green wrote:
>
> > But this doesn't give you names for the systems on your LAN does it?
> >
> Yes it does: the name is linked with the IP when you add the new system
> to the zone file: the resolved.conf file directs name searches to your
> DNS first, so the enquirer gets handed the correct IP by your local DNS:

Right but you have to edit the zone file - it is possible to have
the name supplied as part of the DHCP query added to the DNS for the LAN
with no intervention so that new hosts added to the network get a name in
the DNS without having to edit a zone file.

[Chris Green]

Yes, that's right. Using dnsmasq a new system plugged into the LAN
gets assigned an IP by dnsmasq and (assuming it gives dnsmasq its name
which Linux systems, including Pis, do) you can then use the name to
access the new system without any extra configuration.

--
Chris Green
·

[zeneca]

I have internet access via Orange Belgium.
I have configured the DHCP on the modem (router) with mac addresses and
ip adresses, and so I always got same ip adresses for my computers.
Just info, depend of your environment.

[Joe]

On Thu, 30 Sep 2021 09:12:51 +0200
zeneca <pas...@ailleur.fr> wrote:

> >
> >
> > Is the configuration in /etc/dhcpcd.conf *all* that's needed for a
> > static IP?
> >
> I have internet access via Orange Belgium.
> I have configured the DHCP on the modem (router) with mac addresses
> and ip adresses, and so I always got same ip adresses for my
> computers. Just info, depend of your environment.
>

And over the years, many of us have been let down by domestic-grade
routers, sometimes in subtle ways. Few of us can afford industrial
Cisco kit or the like.

I once used a router for DNS to gain caching from my ISP. One day,
after a couple of frustrating hours, I found it was failing to return
the occasional MX (always the same ones). My BIND was immediately
switched to root hints, less efficient but I know it works every time.

I had one router (several actually) which needed a reboot occasionally,
so I made a small cron script to do it when needed. Thanks to the
vagaries of router signal handling, I ended up checking up to six Net
sites in round-robin, and actually parsing some returned characters from
each one. I couldn't find anything less that would reliably detect the
need to reboot.

So I run BIND9 on root hints, even on my venerable Pi2. It works almost
perfectly, except for the Pi apt repository site, which sometimes needs
a couple of tries to get DNS results during update.

--
Joe

[The Natural Philosopher]

I cannot but agree. In the end I ended up with a S/H Cisco SOHO router -
rebadged linksys I think - which was reliable but too much of a room
heater and replaced it with a draytek, which has been 100% reliable, but
was around £132 from memory. So not a typical home router, but frankly
if you need the internet thats only a few months broadband bill.
I've had D link, Netgear and TP-link routers too - all have been at one
time or another replaced due to flakiness.Ive got a Netgear whose ADSL
performance went suspect after a thunderstorm in use as a WAP. It still
isn't 100% reliable.

The use of BIND on root hints seems fine to me. DNS was never a huge
network or CPU load. And it allows you to fully control DNS.




--
The lifetime of any political organisation is about three years before
its been subverted by the people it tried to warn you about.

Anon.

[Joe]

On Fri, 1 Oct 2021 14:34:52 +0100
The Natural Philosopher <t...@invalid.invalid> wrote:

> On 01/10/2021 10:02, Joe wrote:
>> >>>
> >> I have internet access via Orange Belgium.
> >> I have configured the DHCP on the modem (router) with mac addresses
> >> and ip adresses, and so I always got same ip adresses for my
> >> computers. Just info, depend of your environment.
> >>
> >
> > And over the years, many of us have been let down by domestic-grade
> > routers, sometimes in subtle ways. Few of us can afford industrial
> > Cisco kit or the like.
>
> >
>

> I cannot but agree. In the end I ended up with a S/H Cisco SOHO
> router - rebadged linksys I think - which was reliable but too much
> of a room heater and replaced it with a draytek, which has been 100%
> reliable, but was around £132 from memory. So not a typical home
> router, but frankly if you need the internet thats only a few months
> broadband bill. I've had D link, Netgear and TP-link routers too -
> all have been at one time or another replaced due to flakiness.Ive
> got a Netgear whose ADSL performance went suspect after a
> thunderstorm in use as a WAP. It still isn't 100% reliable.
>
>

+many for Draytek. I've also had a variety, of which Netgear (one of
the many DG834s) was about the least bad, but the Draytek Vigor was
easily way ahead of them all, only being abandoned when I went to FTTC.
Many more facilities and somehow, a more professional configuration
menu.

--
Joe

[Ahem A Rivet's Shot]

On Fri, 1 Oct 2021 10:02:17 +0100
Joe <j...@jretrading.com> wrote:

> And over the years, many of us have been let down by domestic-grade
> routers, sometimes in subtle ways. Few of us can afford industrial
> Cisco kit or the like.

These days my router is a refurbished office PC with a decent dual
port NIC (as well as the onboard one) running FreeBSD. It's overkill
(especially the 8Gb of RAM) but it handles PPPoE at gigabit speeds without
breaking a sweat, is rock solid reliable and runs software I understand.

[Richard Falken]

Re: Re: Do I just need to change dhcpcd.conf to get a static IP?
By: Joe to zeneca on Fri Oct 01 2021 10:02 am

> And over the years, many of us have been let down by domestic-grade
> routers, sometimes in subtle ways. Few of us can afford industrial
> Cisco kit or the like.
>

Maybe I am pushing my nose where it is not wanted, but I have found that
Mikrotiks work very well for home environments and small offices. They are
pretty much consumer-grade hardware running enterprise firmware, so you can do
a lot of stuff with them.

Even some of the cheapo models have _separated_ logic so you put the effort of
filtering packets on the switches or move it to the CPU at your convenience.

If that is not your thing, many people just gets some SOHO junk and places
OpenWRT in it for a nice effect.

--
gopher://gopher.richardfalken.com/1/richardfalken