From owner-freebsd-net@FreeBSD.ORG Thu Apr 9 03:47:57 2015 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 444449F4; Thu, 9 Apr 2015 03:47:57 +0000 (UTC) Received: from mail-ie0-x22c.google.com (mail-ie0-x22c.google.com [IPv6:2607:f8b0:4001:c03::22c]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 069E0AB6; Thu, 9 Apr 2015 03:47:57 +0000 (UTC) Received: by iejt8 with SMTP id t8so19262059iej.2; Wed, 08 Apr 2015 20:47:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:in-reply-to:references:date:message-id:subject :from:to:cc:content-type; bh=WRWFGFkWT0nFmDdFMwnppFiHWVXzKdSd1VX5jfhR9S0=; b=v4tplU/+dn/TV84YXvG77kBniJa99hMP5w++IQMVr62R+78e1HST7LwUCkZmQQM4cS L0Ev/6JUIwUxsa2qPf+MW0NfmzJRSsyuQEFoIQpK+5A57I4kf9ngRlFHePuvvPied65A gqIoOpPjy6mEgUffhK0ZzyRQLJfkzqgY7tWNSQKEPfz9Oo/MWQAWgt4PiN4cRDlzChpZ lPsXi+N0D+fZMLYOpDoxe9F6/mcuiPUZVNXp7tLNPeQMrTokruDTvhe+6yu1N9DS5/Sf eqcczrR24v3LyhDOr+NC+LKshexKVPS3BBCKSPPXv11PYsJU8uQVfrq3kmcc8zh4wrbM aMmg== MIME-Version: 1.0 X-Received: by 10.107.27.143 with SMTP id b137mr43750047iob.76.1428551276163; Wed, 08 Apr 2015 20:47:56 -0700 (PDT) Sender: kob6558@gmail.com Received: by 10.107.174.86 with HTTP; Wed, 8 Apr 2015 20:47:56 -0700 (PDT) In-Reply-To: <20150408100349.31a74103@shibato> References: <55234B74.5020506@rawbw.com> <20150407145354.GA9746@spindle.one-eyed-alien.net> <20150408100349.31a74103@shibato> Date: Wed, 8 Apr 2015 20:47:56 -0700 X-Google-Sender-Auth: Rb1vrxTy_l8t1_svVLP4tfKfVKo Message-ID: Subject: Re: [BUG?] dhclient sends packets with source IP address that has been deleted From: Kevin Oberman To: "J.R. Oldroyd" Content-Type: text/plain; charset=UTF-8 X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 Cc: Yuri , Brooks Davis , "freebsd-net@freebsd.org" X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Apr 2015 03:47:57 -0000 On Wed, Apr 8, 2015 at 1:03 AM, J.R. Oldroyd wrote: > On Tue, 7 Apr 2015 14:53:54 +0000 Brooks Davis wrote: > > > > On Mon, Apr 06, 2015 at 08:13:56PM -0700, Yuri wrote: > > > I am observing what dhclient sends to the server. Source IP of the > > > packet it sends is the previous DHCP lease. This address doesn't exist > > > any more, because I manually deleted it with 'ifconfig em0 remove ' > > > command. Yet, when I rerun dhclient, it takes this address from > > > /var/db/dhclient.leases.em0 and sends the UDP packet with this > > > non-existent IP as source address in IP header. > > > > > > This looks very weird to me, though I am not sure what the practical > > > implications of this might be. My guess is that it is able to do this > > > because it injects packets with bpf. > > > Should this thing be fixed, or this is harmless? > > > > > > Some other host might have this IP address by the time dhclient runs, > > > and this might cause confusion somewhere. > > > > I suppose that since dhclient has been killed and restarted it can't > > know it's on the same network, but in practice you want to try to get > > the same lease again and fall back if it turns out you've moved or your > dhcp > > server is broken and lost state. I don't see how this would hurt > anything. > > > > -- Brooks > > This bit me, too, some time back, when I was writing some custom dhcpd > back-end scripts. > > dhclient is broadcasting (to 255.255.255.255) an initial DHCPREQUEST > to try to re-obtain its old IP. The old IP is used as the source IP > and the message body also contains the old IP request. > > From RFC2131, section 4.1: > > DHCP messages broadcast by a client prior to that client obtaining > its IP address must have the source address field in the IP header > set to 0. > > Note the "must" there. > > So the current behavior looks like an error, to me. > > If the re-obtaining of the old IP fails, DHCPDISCOVER messages are > then sent and these do have source 0.0.0.0 which is per the standard. > > -jr > This one gets rather confusing and is subject to some interpretation. The idea is that a system should attempt to maintain the same address, if possible. That is why the dhclient.leases files are there. Even if a system has its interface shut down or is rebooted, the file contains the last assigned address. If it issues a request and the network is different, it will not get the address. If it is on the same network, it will get it's old address. >From the RFC 4.3.2 DHCPREQUEST message: 'requested IP address' option MUST be filled in with client's notion of its previously assigned address. The data in dhclient.leases provides that notion, and the interface has had a previously assigned address, but I agree that this is debatable. I think the word "notion" provides a clear indication of the intent. I know that Windows XP-SP2 behaved this way. I have not looked at anything more recent as that what we ran at work when I last was responsible for running a DHCP server. -- Kevin Oberman, Network Engineer, Retired E-mail: rkoberman@gmail.com