From nobody Fri Sep 27 09:35:07 2024 X-Original-To: questions@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4XFQL52dSYz5Xmgh for ; Fri, 27 Sep 2024 09:35:09 +0000 (UTC) (envelope-from freebsd-doc@fjl.co.uk) Received: from bs2.fjl.org.uk (bs2.fjl.org.uk [84.45.41.208]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "bs2.fjl.org.uk", Issuer "bs2.fjl.org.uk" (not verified)) by mx1.freebsd.org (Postfix) with ESMTPS id 4XFQL44bvDz4Srd for ; Fri, 27 Sep 2024 09:35:08 +0000 (UTC) (envelope-from freebsd-doc@fjl.co.uk) Authentication-Results: mx1.freebsd.org; dkim=none; spf=pass (mx1.freebsd.org: domain of freebsd-doc@fjl.co.uk designates 84.45.41.208 as permitted sender) smtp.mailfrom=freebsd-doc@fjl.co.uk; dmarc=none Received: from roundcube.fjl.uk ([192.168.0.2]) by bs2.fjl.org.uk (8.16.1/8.16.1) with ESMTP id 48R9Z7fq017575 for ; Fri, 27 Sep 2024 09:35:07 GMT (envelope-from freebsd-doc@fjl.co.uk) List-Id: User questions List-Archive: https://lists.freebsd.org/archives/freebsd-questions List-Help: List-Post: List-Subscribe: List-Unsubscribe: X-BeenThere: freebsd-questions@freebsd.org Sender: owner-freebsd-questions@FreeBSD.org MIME-Version: 1.0 Date: Fri, 27 Sep 2024 10:35:07 +0100 From: Frank Leonhardt To: questions@freebsd.org Subject: Re: Why does dhcpd have a routers (plural) option for a subnet? In-Reply-To: References: <292574df4e30929138035c55f6d69185@fjl.co.uk> Message-ID: X-Sender: freebsd-doc@fjl.co.uk Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit X-Spamd-Result: default: False [-2.05 / 15.00]; SUBJECT_ENDS_QUESTION(1.00)[]; NEURAL_HAM_MEDIUM(-0.97)[-0.970]; NEURAL_HAM_LONG(-0.97)[-0.967]; NEURAL_HAM_SHORT(-0.91)[-0.910]; R_SPF_ALLOW(-0.20)[+ip4:84.45.41.208:c]; ONCE_RECEIVED(0.10)[]; MIME_GOOD(-0.10)[text/plain]; ARC_NA(0.00)[]; RCVD_COUNT_ONE(0.00)[1]; ASN(0.00)[asn:25577, ipnet:84.45.0.0/17, country:GB]; MISSING_XM_UA(0.00)[]; MIME_TRACE(0.00)[0:+]; FROM_HAS_DN(0.00)[]; R_DKIM_NA(0.00)[]; MLMMJ_DEST(0.00)[questions@freebsd.org]; TO_DN_NONE(0.00)[]; FROM_EQ_ENVFROM(0.00)[]; MID_RHS_MATCH_FROM(0.00)[]; TO_MATCH_ENVRCPT_ALL(0.00)[]; RCVD_TLS_LAST(0.00)[]; PREVIOUSLY_DELIVERED(0.00)[questions@freebsd.org]; DMARC_NA(0.00)[fjl.co.uk]; RCPT_COUNT_ONE(0.00)[1] X-Rspamd-Queue-Id: 4XFQL44bvDz4Srd X-Spamd-Bar: -- On 2024-09-26 21:16, Steve Rikli wrote: > On Thu, Sep 26, 2024 at 03:29:39PM +0100, Frank Leonhardt wrote: >> On 2024-09-25 21:04, Steve Rikli wrote: >> > On Wed, Sep 25, 2024 at 08:39:39PM +0100, Frank Leonhardt wrote: >> > > Ever wondered why there's a "routers" option in dhcpd.conf? I have. >> > ... >> > Fwiw, dhcp-options(5) says: >> > >> > option routers ip-address [, ip-address ...]; >> > The routers option specifies a list of IP addresses for routers >> > on the client's subnet. Routers should be listed in order of >> > preference. >> > >> > That said, I've never really tried multiple address there either. :-) >> >> So the next interesting question would be which host stacks would >> accept >> multiple gateways and what would they do with them? > > As an experiment, I configured DHCP service in the lab to offer 2 > routers > to some test VM's, using an option like this: > > option routers 172.16.0.1, 172.16.0.2; > > The original config had only 172.16.0.1, and 'netstat -rn' on the VM's > reported same. > > After rebooting, FreeBSD 14.1 and NetBSD 10.0 both continued to use > just > the 1st router listed -- 172.16.0.1. > > A Debian 12.7 VM added the 2nd router, listing both afterwards: > > $ netstat -rn > Kernel IP routing table > Destination Gateway Genmask Flags MSS Window > irtt Iface > 0.0.0.0 172.16.0.1 0.0.0.0 UG 0 0 > 0 ens18 > 0.0.0.0 172.16.0.2 0.0.0.0 UG 0 0 > 0 ens18 > 172.16.0.0 0.0.0.0 255.255.255.0 U 0 0 > 0 ens18 > > Checking "order of preference" from the man page, I reversed the > routers > list order in the DHCP offer, and rebooted the VM's; as you'd expect, > the > BSD's then used the 172.16.0.2 router, and Debian likewise re-ordered > the > netstat list to have 172.16.0.2 first. > > AFAI can see, DHCP makes no effort to determine if either router is up > or > valid, which is what I'd expect. E.g. 172.16.0.2 in my test was > shutdown. > > So it looks like ISC DHCP is working as advertised, and how a given > host > makes use of this config is apparently OS-dependent. Seems reasonable. > > If you do have multiple gateway paths out of your network, this could > provide a basic way to offer both to DHCP clients, in the absence of > other router failover mechanisms, HSRP, pf+CARP, etc. But you'd still > have to manage the DHCP routers list yourself -- not automatic. That's interesting - FreeBSD ignores the second but a Linux adds both to the routing table. I recall something about Windoze starting to accept multiple default gateways a few years ago so it may too. You can, however, add multiple default routes, at least to recent versions of FreeBSD. I occasionally do it by mistake and it's a PITA to delete wrong one. The next question is how do these systems decide which to use, and if they flip, in what circumstances? The naïve answer would be "when one stops working switch to the other", but how does a host know a gateway router has failed? And then, if you're LAN has switched to using a 4G modem router because your landline rebooted, how does it know to switch back? Experimentation needed - or perhaps I'll dig into the source. Regards, Frank.