From owner-freebsd-net@FreeBSD.ORG Wed Apr 8 08:04:23 2015 Return-Path: Delivered-To: net@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 6F78640E; Wed, 8 Apr 2015 08:04:23 +0000 (UTC) Received: from relay.mailchannels.net (ftx-008-i775.relay.mailchannels.net [50.61.143.75]) by mx1.freebsd.org (Postfix) with ESMTP id 2F45AC88; Wed, 8 Apr 2015 08:04:21 +0000 (UTC) X-Sender-Id: duocircle|x-authuser|opaldns Received: from smtp5.ore.mailhop.org (ip-10-237-13-110.us-west-2.compute.internal [10.237.13.110]) by relay.mailchannels.net (Postfix) with ESMTPA id F25201207B4; Wed, 8 Apr 2015 08:04:12 +0000 (UTC) X-Sender-Id: duocircle|x-authuser|opaldns Received: from smtp5.ore.mailhop.org (smtp5.ore.mailhop.org [10.83.15.107]) (using TLSv1 with cipher DHE-RSA-AES256-SHA) by 0.0.0.0:2500 (trex/5.4.8); Wed, 08 Apr 2015 08:04:13 +0000 X-MC-Relay: Neutral X-MailChannels-SenderId: duocircle|x-authuser|opaldns X-MailChannels-Auth-Id: duocircle X-MC-Loop-Signature: 1428480253081:782897074 X-MC-Ingress-Time: 1428480253081 Received: from pool-71-255-171-111.bstnma.east.verizon.net ([71.255.171.111] helo=homobox.opal.com) by smtp5.ore.mailhop.org with esmtpsa (TLSv1.2:DHE-RSA-AES256-GCM-SHA384:256) (Exim 4.82) (envelope-from ) id 1Yfky2-0008Ct-Vt; Wed, 08 Apr 2015 08:04:11 +0000 Received: from shibato (ip51cd975c.adsl-surfen.hetnet.nl [81.205.151.92]) (authenticated bits=0) by homobox.opal.com (8.14.9/8.14.9) with ESMTP id t38841Op098650 (version=TLSv1/SSLv3 cipher=AES128-GCM-SHA256 bits=128 verify=NO); Wed, 8 Apr 2015 04:04:03 -0400 (EDT) (envelope-from fbsd@opal.com) X-Mail-Handler: DuoCircle Outbound SMTP X-Originating-IP: 71.255.171.111 X-Report-Abuse-To: abuse@duocircle.com (see https://support.duocircle.com/support/solutions/articles/5000540958-duocircle-standard-smtp-abuse-information for abuse reporting information) X-MHO-User: U2FsdGVkX19v3yEEGBvbUCSgj9C5Upeb Date: Wed, 8 Apr 2015 10:03:49 +0200 From: "J.R. Oldroyd" To: Brooks Davis Subject: Re: [BUG?] dhclient sends packets with source IP address that has been deleted Message-ID: <20150408100349.31a74103@shibato> In-Reply-To: <20150407145354.GA9746@spindle.one-eyed-alien.net> References: <55234B74.5020506@rawbw.com> <20150407145354.GA9746@spindle.one-eyed-alien.net> X-Mailer: Claws Mail 3.11.1 (GTK+ 2.24.25; amd64-portbld-freebsd10.0) MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; boundary="Sig_/q39P7DUM2TL0ieEE8Zo497T"; protocol="application/pgp-signature" X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.4.3 (homobox.opal.com [71.255.171.111]); Wed, 08 Apr 2015 04:04:04 -0400 (EDT) X-Spam-Status: No, score=3.5 required=5.0 tests=AWL,BAYES_40, FSL_HELO_NON_FQDN_1,RCVD_IN_PBL shortcircuit=no autolearn=no autolearn_force=no version=3.4.0 X-Spam-Level: *** X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on homobox.opal.com X-AuthUser: opaldns Cc: Yuri , net@freebsd.org X-BeenThere: freebsd-net@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: Networking and TCP/IP with FreeBSD List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Apr 2015 08:04:23 -0000 --Sig_/q39P7DUM2TL0ieEE8Zo497T Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: quoted-printable On Tue, 7 Apr 2015 14:53:54 +0000 Brooks Davis wrote: > > On Mon, Apr 06, 2015 at 08:13:56PM -0700, Yuri wrote: > > I am observing what dhclient sends to the server. Source IP of the=20 > > packet it sends is the previous DHCP lease. This address doesn't exist= =20 > > any more, because I manually deleted it with 'ifconfig em0 remove '= =20 > > command. Yet, when I rerun dhclient, it takes this address from=20 > > /var/db/dhclient.leases.em0 and sends the UDP packet with this=20 > > non-existent IP as source address in IP header. > >=20 > > This looks very weird to me, though I am not sure what the practical=20 > > implications of this might be. My guess is that it is able to do this=20 > > because it injects packets with bpf. > > Should this thing be fixed, or this is harmless? > >=20 > > Some other host might have this IP address by the time dhclient runs,=20 > > and this might cause confusion somewhere. >=20 > I suppose that since dhclient has been killed and restarted it can't > know it's on the same network, but in practice you want to try to get > the same lease again and fall back if it turns out you've moved or your d= hcp > server is broken and lost state. I don't see how this would hurt anythin= g. >=20 > -- Brooks This bit me, too, some time back, when I was writing some custom dhcpd back-end scripts. dhclient is broadcasting (to 255.255.255.255) an initial DHCPREQUEST to try to re-obtain its old IP. The old IP is used as the source IP and the message body also contains the old IP request. =46rom RFC2131, section 4.1: DHCP messages broadcast by a client prior to that client obtaining its IP address must have the source address field in the IP header set to 0. Note the "must" there. So the current behavior looks like an error, to me. If the re-obtaining of the old IP fails, DHCPDISCOVER messages are then sent and these do have source 0.0.0.0 which is per the standard. -jr --Sig_/q39P7DUM2TL0ieEE8Zo497T Content-Type: application/pgp-signature Content-Description: OpenPGP digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v2 iEYEARECAAYFAlUk4OoACgkQls33urr0k4kNlwCfR8IXSPnjhyPcLX2UhhmjNox+ 9FgAnRBqsJaJU7pSinoBwil7MnnraQUW =Wq2K -----END PGP SIGNATURE----- --Sig_/q39P7DUM2TL0ieEE8Zo497T--