[BUG?] dhclient sends packets with source IP address that has been deleted
J.R. Oldroyd
fbsd at opal.com
Wed Apr 8 08:04:23 UTC 2015
On Tue, 7 Apr 2015 14:53:54 +0000 Brooks Davis <brooks at freebsd.org> wrote:
>
> On Mon, Apr 06, 2015 at 08:13:56PM -0700, Yuri wrote:
> > I am observing what dhclient sends to the server. Source IP of the
> > packet it sends is the previous DHCP lease. This address doesn't exist
> > any more, because I manually deleted it with 'ifconfig em0 remove <IP>'
> > command. Yet, when I rerun dhclient, it takes this address from
> > /var/db/dhclient.leases.em0 and sends the UDP packet with this
> > non-existent IP as source address in IP header.
> >
> > This looks very weird to me, though I am not sure what the practical
> > implications of this might be. My guess is that it is able to do this
> > because it injects packets with bpf.
> > Should this thing be fixed, or this is harmless?
> >
> > Some other host might have this IP address by the time dhclient runs,
> > and this might cause confusion somewhere.
>
> I suppose that since dhclient has been killed and restarted it can't
> know it's on the same network, but in practice you want to try to get
> the same lease again and fall back if it turns out you've moved or your dhcp
> server is broken and lost state. I don't see how this would hurt anything.
>
> -- Brooks
This bit me, too, some time back, when I was writing some custom dhcpd
back-end scripts.
dhclient is broadcasting (to 255.255.255.255) an initial DHCPREQUEST
to try to re-obtain its old IP. The old IP is used as the source IP
and the message body also contains the old IP request.
From RFC2131, section 4.1:
DHCP messages broadcast by a client prior to that client obtaining
its IP address must have the source address field in the IP header
set to 0.
Note the "must" there.
So the current behavior looks like an error, to me.
If the re-obtaining of the old IP fails, DHCPDISCOVER messages are
then sent and these do have source 0.0.0.0 which is per the standard.
-jr
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 181 bytes
Desc: OpenPGP digital signature
URL: <http://lists.freebsd.org/pipermail/freebsd-net/attachments/20150408/5d985fce/attachment.sig>
More information about the freebsd-net
mailing list