DHCP to assign IP address with a netmask of 255.255.255.255

asked 2019-05-12 17:14:05 -0500

marcus.frenkel gravatar image

updated 2019-05-12 17:22:37 -0500

The VPSs provided by the hosting providers OVH and Hetzner have IP with a netmask of 255.255.255.255 assigned by DHCP. Both providers use Openstack.

I assume they do that to: a) prevent broadcast storms caused by large broadcast domains and b) prevent users to scan the same L2 broadcast domain for neighbor hosts.

My goal is to create a /24 network in Openstack and still have the DHCP assign IP to instances with broadcast address same as the IP and a netmask of 255.255.255.255. If instances need to communicate between them, they should be able to do that over L3, meaning through the gateway.

Does someone know how to do it with Openstack?

In Hyper-V this could be achieved with PVLAN feature, which similarly to the way it works on physical switches, creates an environment where VMs may only interact with the Internet and not have visibility for neighbor VMs.

edit retag flag offensive close merge delete

Comments

Perhaps the dnsmasq_config_file option allows you to achieve this. You would have to research what dnsmasq can do. Note that this is a global option - all networks would be affected.

Bernd Bausch gravatar imageBernd Bausch ( 2019-05-12 18:56:04 -0500 )edit

@Bernd Bausch, thanks a lot. I added "dhcp-option=1,255.255.255.255" in a custom config file - instances get /32 mask now. Problem: how to add option for broadcast address as the last address without specifying the exact address?

marcus.frenkel gravatar imagemarcus.frenkel ( 2019-05-15 17:53:18 -0500 )edit

@Bernd Bausch, unfortunately, the /32 mask does not work in all OSs. For instance, cirros loses connection with this kind of IP config.

marcus.frenkel gravatar imagemarcus.frenkel ( 2019-05-15 17:55:13 -0500 )edit

This looks like a DHCP rather than a Neutron problem. Perhaps it can be solved by replacing dnsmasq with another DHCP server, but I would not know how, nor do I know if Neutron has non-dnsmasq implementations of DHCP.

As to Cirros, perhaps it's simply unable to deal with your requirement.

Bernd Bausch gravatar imageBernd Bausch ( 2019-05-15 19:21:30 -0500 )edit

"looks like", "perhaps" etc may be indications that I am not that knowledgeable in this area :)

Bernd Bausch gravatar imageBernd Bausch ( 2019-05-15 19:23:25 -0500 )edit