Rectification, after more investigation here what is happening :
Trusty got the random port right away because NSUPDATE is enable at
compile time in package "isc-dhcp-client"
In Xenial and late (including debian) with commit
[b1d5bab630a29f2ca94c458f9402aa43cc5975c4], a new pkg binary package is
introduced "isc-dhcp-client-ddns" set as optional.
#debian/control:
+Package: isc-dhcp-client-ddns
+Priority: optional
+Architecture: any
+Depends:
+ ${misc:Depends},
+ ${shlibs:Depends},
+ isc-dhcp-client (= ${binary:Version}),
+Enhances: isc-dhcp-client
+Description: Dynamic DNS (DDNS) enabled DHCP client
+ This a Dynamic DNS enabled version of the DHCP client.
So basically the random port still exist in Xenial and late, but it requires,
the "isc-dhcp-client-ddns" package (optional) to be installed. So basically, it
is split probably to accommodate the folks having this problem, and in the same
time it allows peoples that really needs this feature to use it by installing
this additionnal new package.
On Xenial :
** Without "isc-dhcp-client-ddns" **
# lsof -i udp
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
dhclient 140 root 6u IPv4 344477 0t0 UDP *:bootpc
** With "isc-dhcp-client-ddns" **
# lsof -i udp
COMMAND PID USER FD TYPE DEVICE SIZE/OFF NODE NAME
dhclient 140 root 6u IPv4 336839 0t0 UDP *:bootpc
dhclient 140 root 20u IPv4 336827 0t0 UDP *:65239
dhclient 140 root 21u IPv6 336828 0t0 UDP *:12817
Eric
--
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1176046
Title:
isc-dhcp dhclient listens on extra random ports
Status in isc-dhcp package in Ubuntu:
In Progress
Bug description:
Ubuntu 13.04 Server 64-bit. Fresh install. Only one network adapter.
dhclient process is listening on two randomly chosen udp ports in
addition to the usual port 68. This appears to be a bug in the
discovery code for probing information on interfaces in the system.
Initial research of the code also suggested omapi, but adding omapi
port 9999 to /etc/dhcp/dhclient.conf only opened a forth port with the
two random udp ports still enabled.
Version of included distro dhclient was 4.2.4. I also tested with the
latest isc-dhclient-4.2.5-P1 and got the same results.
Debian has the same bug:
http://forums.debian.net/viewtopic.php?f=10&t=95273&p=495605#p495605
One impact of these random ports is that security hardening becomes
more difficult. The purpose of these random ports and security
implications are unknown.
Example netstat -lnp output:
udp 0 0 0.0.0.0:21117 0.0.0.0:*
2659/dhclient
udp 0 0 0.0.0.0:68 0.0.0.0:*
2659/dhclient
udp6 0 0 :::45664 :::*
2659/dhclient
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/isc-dhcp/+bug/1176046/+subscriptions
--
Mailing list: https://launchpad.net/~touch-packages
Post to : touch-packages@lists.launchpad.net
Unsubscribe : https://launchpad.net/~touch-packages
More help : https://help.launchpad.net/ListHelp
