Package: dhcp
Version: 2.0pl5-19.5
Severity: important
Hi,
I have a setup where a client that has obtained an IP address re-issues a
DHCP request with a *different* requested-ip. The DHCP server then assigns
the requested IP instead of sticking to the previously assigned address.
The behavior of the client occurs with an NFS-mounted root filesystem. In
order to mount root, initrd obtains an IP address. When the init scripts
bring up eth0, dhcpcd re-does the job. As requested-ip, it fills in the
IP address the host had during a previous up-period. The server then
honours this request instead of rejecting it.
This behavior makes the dhcp server unusable in this setting: as the
root directory is mounted over NFS, a change in IP address makes it
effectively permanently unreachable, with as only solution a poweroff.
Although the behavior of the client is questionable (IMHO it should
prefer to use any currently configured address), my understanding is
that it is not against the spec. However, the way I read the spec,
the server's behavior violates it. Specifically:
Quote from section: '4.3.1 DHCPDISCOVER message':
When a server receives a DHCPDISCOVER message from a client, the
server chooses a network address for the requesting client. If no
address is available, the server may choose to report the problem to
the system administrator. If an address is available, the new address
SHOULD be chosen as follows:
o The client's current address as recorded in the client's current
binding, ELSE
o The client's previous address as recorded in the client's (now
expired or released) binding, if that address is in the server's
pool of available addresses and not already allocated, ELSE
o The address requested in the 'Requested IP Address' option, if that
address is valid and not already allocated, ELSE
o A new address allocated from the server's pool of available
addresses; the address is selected based on the subnet from which
the message was received (if 'giaddr' is 0) or on the address of
the relay agent that forwarded the message ('giaddr' when not 0).u
Quote from section: '4.3.2 DHCPREQUEST message':
If the network is correct, then the DHCP server should check if
the client's notion of its IP address is correct. If not, then the
server SHOULD send a DHCPNAK message to the client.
The way I understand this, if an address is currently assigned to the
client, the server should assign the client's current address. If there
is no current address, it should use previous address. Only if there
is no previous address either can the requested address be assigned.
In this case, the server's response to the client's request should
therefore be a DHCPNAK.
Additional note (this may be another bug): later, after the lease has
expired, the client does a new request, and the server allocates yet
another different address...
tcpdump log:
---------------------------------------------------------------
gyronef:root ~ 1 # tcpdump -i br0 -s 1500 -vvv -n port bootpc
tcpdump: listening on br0, link-type EN10MB (Ethernet), capture size 1500 bytes
10:36:12.835953 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP
(17), length: 299) 0.0.0.0.68 > 255.255.255.255.67: [no cksum] BOOTP/DHCP,
Request from 00:16:3e:23:ac:1f, length 271, xid 0x1787da63, secs 15, Flags [
none ] (0x0000)
Client-Ethernet-Address 00:16:3e:23:ac:1f
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Parameter-Request Option 55, length 9:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, RP, MTU, BR
YD
Vendor-Class Option 60, length 14: "Linux ipconfig"
10:36:13.834994 IP (tos 0x10, ttl 64, id 0, offset 0, flags [none], proto: UDP
(17), length: 328) 192.168.0.65.67 > 192.168.0.210.68: [udp sum ok] BOOTP/DHCP,
Reply, length 300, xid 0x1787da63, secs 15, Flags [ none ] (0x0000)
Your-IP 192.168.0.210
Server-IP 192.168.0.65
Client-Ethernet-Address 00:16:3e:23:ac:1f
file "/pxelinux.0"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: 192.168.0.65
Lease-Time Option 51, length 4: 120
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 192.168.0.3
Domain-Name-Server Option 6, length 4: 192.168.0.18
Domain-Name Option 15, length 3: "rjg"
BR Option 28, length 4: 192.168.0.255
10:36:13.836582 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP
(17), length: 311) 0.0.0.0.68 > 255.255.255.255.67: [no cksum] BOOTP/DHCP,
Request from 00:16:3e:23:ac:1f, length 283, xid 0x1787da63, secs 16, Flags [
none ] (0x0000)
Client-IP 192.168.0.210
Client-Ethernet-Address 00:16:3e:23:ac:1f
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
Server-ID Option 54, length 4: 192.168.0.65
Requested-IP Option 50, length 4: 192.168.0.210
Parameter-Request Option 55, length 9:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, RP, MTU, BR
YD
Vendor-Class Option 60, length 14: "Linux ipconfig"
10:36:13.849264 IP (tos 0x10, ttl 64, id 0, offset 0, flags [none], proto: UDP
(17), length: 328) 192.168.0.65.67 > 192.168.0.210.68: [udp sum ok] BOOTP/DHCP,
Reply, length 300, xid 0x1787da63, secs 16, Flags [ none ] (0x0000)
Client-IP 192.168.0.210
Your-IP 192.168.0.210
Server-IP 192.168.0.65
Client-Ethernet-Address 00:16:3e:23:ac:1f
file "/pxelinux.0"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 192.168.0.65
Lease-Time Option 51, length 4: 120
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 192.168.0.3
Domain-Name-Server Option 6, length 4: 192.168.0.18
Domain-Name Option 15, length 3: "rjg"
BR Option 28, length 4: 192.168.0.255
10:36:28.844092 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto: UDP
(17), length: 311) 0.0.0.0.68 > 255.255.255.255.67: [no cksum] BOOTP/DHCP,
Request from 00:16:3e:23:ac:1f, length 283, xid 0x1787da63, secs 31, Flags [
none ] (0x0000)
Client-IP 192.168.0.210
Client-Ethernet-Address 00:16:3e:23:ac:1f
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
Server-ID Option 54, length 4: 192.168.0.65
Requested-IP Option 50, length 4: 192.168.0.210
Parameter-Request Option 55, length 9:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, RP, MTU, BR
YD
Vendor-Class Option 60, length 14: "Linux ipconfig"
10:36:28.847795 IP (tos 0x10, ttl 64, id 0, offset 0, flags [none], proto: UDP
(17), length: 328) 192.168.0.65.67 > 192.168.0.210.68: [udp sum ok] BOOTP/DHCP,
Reply, length 300, xid 0x1787da63, secs 31, Flags [ none ] (0x0000)
Client-IP 192.168.0.210
Your-IP 192.168.0.210
Server-IP 192.168.0.65
Client-Ethernet-Address 00:16:3e:23:ac:1f
file "/pxelinux.0"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 192.168.0.65
Lease-Time Option 51, length 4: 120
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 192.168.0.3
Domain-Name-Server Option 6, length 4: 192.168.0.18
Domain-Name Option 15, length 3: "rjg"
BR Option 28, length 4: 192.168.0.255
10:36:41.485847 IP (tos 0x0, ttl 64, id 1312, offset 0, flags [none], proto:
UDP (17), length: 576) 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok]
BOOTP/DHCP, Request from 00:16:3e:23:ac:1f, length 548, xid 0x62fd2665, secs
10, Flags [ none ] (0x0000)
Client-Ethernet-Address 00:16:3e:23:ac:1f
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
MSZ Option 57, length 2: 576
Requested-IP Option 50, length 4: 192.168.0.214
Lease-Time Option 51, length 4: 4294967295
Parameter-Request Option 55, length 15:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, RP, TTL, BR
MD, Router-Discovery, Static-Route, YD
YS, NTP, Option 119
Hostname Option 12, length 8: "testnfs^@"
Vendor-Class Option 60, length 27: "Linux 2.6.18-3-xen-686 i686"
Client-ID Option 61, length 7: ether 00:16:3e:23:ac:1f
10:36:41.492557 IP (tos 0x10, ttl 64, id 0, offset 0, flags [none], proto: UDP
(17), length: 328) 192.168.0.65.67 > 192.168.0.214.68: [udp sum ok] BOOTP/DHCP,
Reply, length 300, xid 0x62fd2665, secs 10, Flags [ none ] (0x0000)
Your-IP 192.168.0.214
Server-IP 192.168.0.65
Client-Ethernet-Address 00:16:3e:23:ac:1f
file "/pxelinux.0"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 192.168.0.65
Lease-Time Option 51, length 4: 120
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 192.168.0.3
Domain-Name-Server Option 6, length 4: 192.168.0.18
Domain-Name Option 15, length 4: "rjg^@"
BR Option 28, length 4: 192.168.0.255
10:38:29.607249 IP (tos 0x0, ttl 64, id 1313, offset 0, flags [none], proto:
UDP (17), length: 576) 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok]
BOOTP/DHCP, Request from 00:16:3e:23:ac:1f, length 548, xid 0xf3fe0f26, secs
10, Flags [ none ] (0x0000)
Client-Ethernet-Address 00:16:3e:23:ac:1f
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
MSZ Option 57, length 2: 576
Requested-IP Option 50, length 4: 192.168.0.214
Lease-Time Option 51, length 4: 4294967295
Parameter-Request Option 55, length 15:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, RP, TTL, BR
MD, Router-Discovery, Static-Route, YD
YS, NTP, Option 119
Hostname Option 12, length 8: "testnfs^@"
Vendor-Class Option 60, length 27: "Linux 2.6.18-3-xen-686 i686"
Client-ID Option 61, length 7: ether 00:16:3e:23:ac:1f
10:38:33.756854 IP (tos 0x0, ttl 64, id 1314, offset 0, flags [none], proto:
UDP (17), length: 576) 0.0.0.0.68 > 255.255.255.255.67: [udp sum ok]
BOOTP/DHCP, Request from 00:16:3e:23:ac:1f, length 548, xid 0xf3fe0f26, secs
10, Flags [ none ] (0x0000)
Client-Ethernet-Address 00:16:3e:23:ac:1f
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
MSZ Option 57, length 2: 576
Requested-IP Option 50, length 4: 192.168.0.214
Lease-Time Option 51, length 4: 4294967295
Parameter-Request Option 55, length 15:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, RP, TTL, BR
MD, Router-Discovery, Static-Route, YD
---------------------------------------------------------------
-- System Information:
Debian Release: 4.0
APT prefers testing
APT policy: (500, 'testing')
Architecture: i386 (i686)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.15-1-686
Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968)
Versions of packages dhcp depends on:
ii libc6 2.3.6.ds1-8 GNU C Library: Shared libraries
ii netbase 4.27 Basic TCP/IP networking system
dhcp recommends no packages.
-- no debconf information
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
