Date: Sat, 19 Jan 2008 12:13:44 GMT From: Domagoj Hranjec <cab902_no_spam@yahoo.com> To: freebsd-gnats-submit@FreeBSD.org Subject: bin/119801: dhclient changes alias to address Message-ID: <200801191213.m0JCDiX5089663@www.freebsd.org> Resent-Message-ID: <200801191220.m0JCK0eb006300@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 119801
>Category: bin
>Synopsis: dhclient changes alias to address
>Confidential: no
>Severity: non-critical
>Priority: medium
>Responsible: freebsd-bugs
>State: open
>Quarter:
>Keywords:
>Date-Required:
>Class: sw-bug
>Submitter-Id: current-users
>Arrival-Date: Sat Jan 19 12:20:00 UTC 2008
>Closed-Date:
>Last-Modified:
>Originator: Domagoj Hranjec
>Release: 6.2-RELEASE-p9
>Organization:
>Environment:
FreeBSD spitfire.dionet.hr 6.2-RELEASE-p9 FreeBSD 6.2-RELEASE-p9 #0: Thu Nov 29 04:07:33 UTC 2007 root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC i386
>Description:
My FreeBSD machine works as a router/firewall/nat for my network. It has 2 IPs on one interface. I'm using DHCP client with alias defined in /etc/dhclient.conf.
After dhclient renews lease it changes the order of addresses, hence alias becomes network address (like this:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=8<VLAN_MTU>
inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
inet 88.207.8.120 netmask 0xfffffc00 broadcast 255.255.255.255
ether 00:11:3b:0e:a7:2f
media: Ethernet autoselect (100baseTX <full-duplex>)
status: active
)
It has two unfortunate side effects:
1) ipnat-s 0/32 special keyword start to means alias (192.168.1.5), which means that all machines on the inside are cut-off from the Net
2) ddclient sends alias IP to DNS so the machine also cannot be identified from the outside
I've added tracing to /sbin/dhclient-script and tried to replicate the problem with the help of my other machine (Debian etch) dhcp 2.0pl5-19.5etch2 server.
Unfortunately I haven't manage to repeat the problem. It went to (FAIL->PREINIT->BOUND->RENEW+) cycles which correctly configured address and alias. When I forced change of address on dhcp server side it went through (EXPIRE->PREINIT->BOUND->RENEW+) cycles which also correctly configured address and alias.
Then I've switch it again to my provider's dhcp server. It went through (EXPIRE->PREINIT->BOUND) phase and correctly configured address and alias. But when renew time came it (as usual) failed to renew but didn't went through EXPIRE->PREINIT phase but directly (ARPSEND?)->(ARPCHECK?)->BOUND. The problem is that in BOUND part of the code it checks is $old_ip_address defined but although it should be, it isn't so the code don't clean-up alias and address. After that it adds new address which overwrites the old address but position it as alias. Afterwards it adds alias but as previously it hasn't clean it, it's position stays the same: first, which means, it's an address not an alias.
The fix can be made in dhclient-script, but the question remains: Why dhclient didn't fill $old_ip_address? Why it didn't went througt EXPIRE->PREINIT? (Probably related with empty "$old_ip_address".)
>How-To-Repeat:
Configure DHCP with alias and wait for renew time.
>Fix:
>Release-Note:
>Audit-Trail:
>Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200801191213.m0JCDiX5089663>