Package: isc-dhcp-client
Version: 4.1.1-P1-9
Severity: normal
Tags: patch
--- Please enter the report below this line. ---
Hi,
the current implementation of the "rfc3442-classless-routes" exit hook breaks
the routing in my local setup. The attached patch fixes this issue for me.
Here is my setup ...
Consider four hosts:
A/B/C:
three routers in front of different sub-nets (netA, netB, netC); their WAN
interfaces are configured via DHCP (provided by G)
G:
central router - delivering DHCP to A, B and C
I want to announce A, B and C as routers for their respective sub-nets via DHCP
to the other routers. This reduces problems with ICMP redirect and simplifies
routing in general (for me).
Here is the problem:
A adds the following routes via the rfc3442 exit hook:
netA via A
netB via B
netC via C
the route to itself ("netA via A") competes with A's interface based route
(something along "netA dev eth0"). The result: the hosts in netA can't talk to A
anymore, since A uses the new "netA via A" route (looping -> packets are lost)
The attached patch skips the routes that point to the current router itself.
Just in case you need some real-life numbers: the following example is taken
from a host with the local IPs 172.16.19.1 ("lan") and 172.16.23.13 ("wan").
root@router-lardia:~# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
0.0.0.0 172.16.23.1 0.0.0.0 UG 0 0 0 wan
172.16.16.0 172.16.23.1 255.255.240.0 UG 0 0 0 wan
172.16.17.0 172.16.23.11 255.255.255.0 UG 0 0 0 wan
172.16.18.0 172.16.23.12 255.255.255.0 UG 0 0 0 wan
172.16.19.0 172.16.23.13 255.255.255.0 UG 0 0 0 wan
172.16.19.0 0.0.0.0 255.255.255.0 U 0 0 0 lan
The second to last line (gateway 172.16.23.13) is the crucial one: it prevents
packets to the local "lan" network (172.16.19.0/24) from being delivered via
"lan".
Essentially the router does not communicate via the "lan" interface at all.
The respective rfc3442 dhcp option (distributed by the central gateway) is the
following:
dhcp-option=121,172.16.16.0/20,172.16.23.1, \
172.16.17.0/24,172.16.23.11, \
172.16.18.0/24,172.16.23.12, \
172.16.19.0/24,172.16.23.13
The attached patch compares the rfc3442 "gateway" with all local IP addresses
(retrieved via "ip addr show").
Basically it says: "never add a route that points to yourself".
What do you think about this change? Is this a relevant use-case?
cheers,
Lars
--- /root/rfc3442-classless-routes.orig 1960-09-30 13:33:19.000000000 +0000
+++ rfc3442-classless-routes 1960-09-30 13:49:04.000000000 +0000
@@ -23,6 +23,10 @@
gateway[$j]=${rfc_routes[$i]}
done
+ # skip gateways identified by IP addresses that are attached to local interfaces
+ # (prevent competing routes for local networks)
+ ip addr show | grep -q " inet ${gateway[0]}\.${gateway[1]}\.${gateway[2]}\.${gateway[3]}/" && continue
+
old_IFS="$IFS"
IFS='.'
