suggestion to improve dhcpd behavior regarding default setting of max-lease-time statement

Thu Apr 24 15:13:15 UTC 2008

Hi,
I understand that setting a default-lease-time higher than the
max-lease-time is a configuration error, one should not do that.

I do agree however that a sysadmin who isn't very familiar with dhcp may be
induced to make this error due to lack of information in the man-page, thus
I suggest a note is added to the default-lease-time explanation in
dhcpd.conf(5).

Actually default-lease-time is just a hint for dhcpd in case the client
didn't provide a desired expiration time, whereas max-lease-time has a
larger scope which is to enforce expiration times remain between well
defined boundaries.

default lease > max lease is supposed to have the same behavior of a client
asking for a lease > max lease, thus the situation you explained is
expected.

IMHO a change in the manpage is welcome but we should not change the code
behavior, which is not a good pratice unless really necessary (imagine the
huge user base having to adopt to new rules, it's wiser to teach new admins
on how it works).

Best regards,
-- 
Eduardo M. Fleury
Researcher at INdT - Instituto Nokia de Tecnologia
http://eduardofleury.com

On Thu, Apr 24, 2008 at 11:45 AM, Fons de Jongh <fdjongh at novell.com> wrote:

> Dear DHCP Hackers,
>
> My name is Fons de Jongh and I work at Novell as a technical support
> engineer. I understood from S Kalyanasundaram, who is a developer at Novell,
> that you can verify my suggestion for dhcpd, and may-be approve it in case
> it makes sense.
>
> Okay, here I start...
>
> I have installed dhcp-server-3.0.3-23.38 on SuSE Linux Enterprise Server
> 10.
>
> One can configure a 'default-lease-time' and a 'max-lease-time' statement
> with the 'global parameters' of a DHCP server or with any declaration. As
> desired, dhcpd will use the configured statements of a declaration that is
> most specific to the IP address to be offered/allocated (yiaddr) for the
> setting of the IP Address Lease Time option (option 51) in DHCPOFFER and
> DHCPACK reply messages.
>
> Apparently the default value of 'max-lease-time' is 86400 seconds (1 day).
> However, this is not mentioned with the description of the 'max-lease-time'
> statement in the manual page of dhcpd.conf. So dhcpd administrators cannot
> be aware of this hardcoded limit.
>
> The consequential behavior of dhcpd is that if one does not configure a
> 'max-lease-time' statement, but only a 'default-lease-time' statement with a
> value greater than 86400 seconds, dhcpd will return an IP Address Lease Time
> of 86400 seconds with option 51 in DHCPOFFER and DHCPACK messages,
> regardless to the higher setting of the 'default-lease-time' statement.
>
> Hence, if one configures a 'default-lease-time' statement with a value
> greater than 86400 seconds, one must also configure a 'max-lease-time'
> statement with the same value as 'default-lease-time' or higher, in order to
> make dhcpd return the desired configuration of 'default-lease-time' with
> option 51 in DHCPOFFER and DHCPACK messages. This condition is not described
> in the manual page of dhcpd.conf, so dhcpd administrators do not know they
> should set a 'max-lease-time' greater than or equal to the
> 'default-lease-time' if they configure a 'default-lease-time' greater than
> 86400 seconds.
>
> My suggestion is to change the default setting of 'max-lease-time' to a
> variable value instead of the current hardcoded constant 86400. I suggest to
> make the default value of 'max-lease-time' equal to the value of
> 'default-lease-time', so that if one configures the 'default-lease-time'
> only, the 'max-lease-time' will never limit the 'default-lease-time'.
>
> An alternate suggestion to handle the same configuration conflict is to
> make the default setting of 'max-lease-time' 0xFFFFFFFF (infinite), but that
> may result into undesired behavior when clients request for an infinite
> lease time per DHCP option 51 in a DHCPREQUEST message.
>
> Please let me know if you agree with my suggestion to make the default
> value of 'max-lease-time' equal to the value of 'default-lease-time' or if
> you have comments or questions.
>
> Thank you and kind regards,
>
> Fons de Jongh
> Novell Technical Services
>
>