Date: Wed, 8 Apr 2015 20:47:56 -0700 From: Kevin Oberman <rkoberman@gmail.com> To: "J.R. Oldroyd" <fbsd@opal.com> Cc: Yuri <yuri@rawbw.com>, Brooks Davis <brooks@freebsd.org>, "freebsd-net@freebsd.org" <net@freebsd.org> Subject: Re: [BUG?] dhclient sends packets with source IP address that has been deleted Message-ID: <CAN6yY1t13ogzM9=S2B7m-ac4W2h69EdVwxT7OqXSuga%2B-4MLJQ@mail.gmail.com> In-Reply-To: <20150408100349.31a74103@shibato> References: <55234B74.5020506@rawbw.com> <20150407145354.GA9746@spindle.one-eyed-alien.net> <20150408100349.31a74103@shibato>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, Apr 8, 2015 at 1:03 AM, J.R. Oldroyd <fbsd@opal.com> wrote: > On Tue, 7 Apr 2015 14:53:54 +0000 Brooks Davis <brooks@freebsd.org> wrote: > > > > On Mon, Apr 06, 2015 at 08:13:56PM -0700, Yuri wrote: > > > I am observing what dhclient sends to the server. Source IP of the > > > packet it sends is the previous DHCP lease. This address doesn't exist > > > any more, because I manually deleted it with 'ifconfig em0 remove <IP>' > > > command. Yet, when I rerun dhclient, it takes this address from > > > /var/db/dhclient.leases.em0 and sends the UDP packet with this > > > non-existent IP as source address in IP header. > > > > > > This looks very weird to me, though I am not sure what the practical > > > implications of this might be. My guess is that it is able to do this > > > because it injects packets with bpf. > > > Should this thing be fixed, or this is harmless? > > > > > > Some other host might have this IP address by the time dhclient runs, > > > and this might cause confusion somewhere. > > > > I suppose that since dhclient has been killed and restarted it can't > > know it's on the same network, but in practice you want to try to get > > the same lease again and fall back if it turns out you've moved or your > dhcp > > server is broken and lost state. I don't see how this would hurt > anything. > > > > -- Brooks > > This bit me, too, some time back, when I was writing some custom dhcpd > back-end scripts. > > dhclient is broadcasting (to 255.255.255.255) an initial DHCPREQUEST > to try to re-obtain its old IP. The old IP is used as the source IP > and the message body also contains the old IP request. > > From RFC2131, section 4.1: > > DHCP messages broadcast by a client prior to that client obtaining > its IP address must have the source address field in the IP header > set to 0. > > Note the "must" there. > > So the current behavior looks like an error, to me. > > If the re-obtaining of the old IP fails, DHCPDISCOVER messages are > then sent and these do have source 0.0.0.0 which is per the standard. > > -jr > This one gets rather confusing and is subject to some interpretation. The idea is that a system should attempt to maintain the same address, if possible. That is why the dhclient.leases files are there. Even if a system has its interface shut down or is rebooted, the file contains the last assigned address. If it issues a request and the network is different, it will not get the address. If it is on the same network, it will get it's old address. >From the RFC 4.3.2 DHCPREQUEST message: 'requested IP address' option MUST be filled in with client's notion of its previously assigned address. The data in dhclient.leases provides that notion, and the interface has had a previously assigned address, but I agree that this is debatable. I think the word "notion" provides a clear indication of the intent. I know that Windows XP-SP2 behaved this way. I have not looked at anything more recent as that what we ran at work when I last was responsible for running a DHCP server. -- Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAN6yY1t13ogzM9=S2B7m-ac4W2h69EdVwxT7OqXSuga%2B-4MLJQ>