Need help with LEASEQUERY..continued

Fri May 21 16:25:22 UTC 2010

Matt,
Good thought. Unfortunately, I've already gone there.
As with your luck, I never got anything to respond to the
Perl code either. Even found a few snippets wherein people
claimed it worked for them and STILL...no response from
dhcpd when I tried it.

The packets on the wire look pretty much the same to me.

I keep wondering..am I just getting something wrong?
Am I missing a byte or bit somewhere that's throwing it off?
Is the ISC DHCPd simply not going to respond no matter what
I send it?

I've tried sending from the same server, bouncing off the same
nic/IP, bouncing off the local loopback, heck, I even tried
sending to it via a unix socket like dhcpd will use to send to
a local syslog daemon. Then I tried sending from a different system,
even faking a valid relay's IP on our network. Nothing.

According to one of the RFC's I was reading, I got the impression
that any "server" that is responding to a relay's leasequery packet
"should" throw out the packet if it looks like the giaddr (relay
IP) has been spoofed to be the same as the server. Given that, maybe
I can't send a packet to a dhcpd running on the same box that my
code is running on? That would really suck as I have written a
PHP based syslog daemon that replaces the real one, catches option-82
info being logged, then wants to send a leasquery packet to dhcpd to
query it for the remaining info about  the lease. Thus, I really
need all the pieces to run on the same box. Failing that, I'd have to
have another daemon running elsewhere that the PHP syslog daemon would
have to send a message to and have it connect back to do the query.
At that point, that's one more piece than I want in the equation,
and one more piece that can break in a production environment.

I'd really rather not have to hack on ISC's code to make it work
the way I want and have to keep up with patching future versions, etc.

Really fishing for ideas as to what to try next...

-- 
Patrick T. Winn
Systems Engineer
Cimarron Telephone Co.
(918) 865-3311 x280 - office
(918) 606-6602 - cell

While counting 0's and 1's, Matt Pascoe said:
> One thought for comparison.. try using the perl leasequery tool to see if
> you see it generating the same packet on the wire.
>
> I have tried the perl tool before and was never able to get it working
> either.  I'm wondering if there is a common issue here (probably me not
> getting it to work right either way :)
>
> I went as far as trying to get a perl cli tool to work for what I needed
> so
> that I could just "exec" it from within PHP.  This was not ideal of course
> but I never got either one working.
>
> Just a thought... I'd work on it too but I'm seriously swamped at work
> right
> now.  Hopefully that will get better soon............
>
> Thanks.
>
> On Fri, May 21, 2010 at 9:12 AM, Pat Winn <ptwinn at cimtel.net> wrote:
>
>> All,
>> I have gotten as far as to send a packet which in my WireShark
>> packet trace..at least..LOOKS to me like it *should* be correct.
>> Yet, I still receive no response.
>>
>> The code snippet I'm attaching is but a simple single file
>> with the basic code needed to construct and send a DHCPLEASEQUERY
>> packet in PHP. It will send the packet but not listen for a
>> response. As yet, I'm only watching the server output, server logs
>> and WireShark packet sniff/traces to see what is going back and
>> forth over the wire.
>>
>> The packet goes out, looks good but as I mentioned above, the
>> server never responds to it. Either I'm still off on something
>> in the packet or something is not right in the server?
>> (running 4.1.1 freshly compiled).
>>
>> The code (real IP's replaced with dummys of course..):
>> (sorry if my web mail client borks up the formatting)..
>>
>> #!/usr/bin/php -e
>> <?
>>
>> $packet = Array();
>>
>> $packet['op']     = '01';
>> $packet['htype']  = '00';
>> $packet['hlen']   = '00';
>> $packet['hops']   = '00';
>> $packet['xid']    = '12345678';
>> $packet['secs']   = '0005';
>> $packet['flags']  = '0000';
>> $packet['ciaddr'] = ip2hex("1.2.3.4");
>> $packet['yiaddr'] = ip2hex("0.0.0.0");
>> $packet['siaddr'] = ip2hex("0.0.0.0");
>> $packet['giaddr'] = ip2hex("1.2.5.1");
>> $packet['chaddr'] = '00000000000000000000000000000000';
>> $packet['sname']  =
>>
>> '00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000';
>> $packet['file'] =
>>
>> '0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000';
>> $packet['magic'] = '63825363';
>> $packet['options']  = int2hex(53) . int2hex(1) . int2hex(10);   //
>> DHCPLEASEQUERY packet type
>> $packet['options'] .= int2hex(55) . int2hex(2) . int2hex(58);
>> $packet['options'] .= int2hex(82) . int2hex(255);
>>
>> $myPacket = pack("H2H2H2H2H8H4H4H8H8H8H8H32H128H256H8H*",
>>    $packet['op'], $packet['htype'], $packet['hlen'], $packet['hops'],
>> $packet['xid'],
>>    $packet['secs'], $packet['flags'], $packet['ciaddr'],
>> $packet['yiaddr'], $packet['siaddr'],
>>    $packet['giaddr'], $packet['chaddr'], $packet['sname'],
>> $packet['file'],
>>    $packet['magic'], $packet['options']);
>>
>> $socket = socket_create(AF_INET, SOCK_DGRAM, SOL_UDP);
>> socket_set_option($socket, SOL_SOCKET, SO_BROADCAST, 1);
>> socket_bind($socket, "1.2.5.1", 68);
>>
>> $error = socket_sendto($socket, $myPacket, strlen($myPacket), 0,
>> '1.2.5.1', 67);
>>
>> if ($error === FALSE) {
>>    print("Send failed for address");
>>    print_r("ERROR: ". $error ." while trying to send.");
>> } else {
>>    echo "Sent ". $error ." bytes\n";
>> }
>>
>> // convert a string to hex values
>> function str2hex($s) {
>>    $hex = '';
>>    for ($i = 0 ; $i < strlen($s); $i++) {
>>        $hex .= dechex(ord($s[$i]));
>>    }
>>
>>    return($hex);
>> }
>>
>> // convert an ip address to hex values
>> function ip2hex($ip) {
>>    $t = explode(".", $ip);
>>    return int2hex($t[0]) . int2hex($t[1]) . int2hex($t[2]) .
>> int2hex($t[3]);
>> }
>>
>> // convert an int value to 0 padded hex value
>> function int2hex($int) {
>>    $hex = base_convert($int, 10, 16);
>>
>>    switch(strlen($hex)) {
>>        case 1:
>>        case 3:
>>        case 7: $hex = '0' . $hex; break;
>>        case 5: $hex = '000' . $hex; break;
>>    }
>>
>>    return $hex;
>> }
>>
>> ?>
>>
>>
>> ..and then, the packet trace (what was actually sent):
>>
>> No.     Time        Source                Destination           Protocol
>> Info
>>  104942 1994.263153 1.2.5.1        1.2.5.1        DHCP     DHCP Lease
>> query - Transaction ID 0x12345678
>>
>> Frame 104942 (292 bytes on wire, 292 bytes captured)
>>    Arrival Time: May 21, 2010 09:56:26.129252000
>>    [Time delta from previous captured frame: 0.000276000 seconds]
>>    [Time delta from previous displayed frame: 1.795716000 seconds]
>>    [Time since reference or first frame: 1994.263153000 seconds]
>>    Frame Number: 104942
>>    Frame Length: 292 bytes
>>    Capture Length: 292 bytes
>>    [Frame is marked: False]
>>    [Protocols in frame: sll:ip:udp:bootp]
>>    [Coloring Rule Name: UDP]
>>    [Coloring Rule String: udp]
>>    Protocol: IP (0x0800)
>> Internet Protocol, Src: 1.2.5.1 (1.2.5.1), Dst: 1.2.5.1 (1.2.5.1)
>>    Version: 4
>>    Header length: 20 bytes
>>    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
>>        0000 00.. = Differentiated Services Codepoint: Default (0x00)
>>        .... ..0. = ECN-Capable Transport (ECT): 0
>>        .... ...0 = ECN-CE: 0
>>    Total Length: 276
>>    Identification: 0x0000 (0)
>>    Flags: 0x04 (Don't Fragment)
>>        0... = Reserved bit: Not set
>>        .1.. = Don't fragment: Set
>>        ..0. = More fragments: Not set
>>    Fragment offset: 0
>>    Time to live: 64
>>    Protocol: UDP (0x11)
>>    Header checksum: 0x7ffb [correct]
>>        [Good: True]
>>        [Bad : False]
>>    Source: 1.2.5.1 (1.2.5.1)
>>    Destination: 1.2.5.1 (1.2.5.1)
>> User Datagram Protocol, Src Port: bootpc (68), Dst Port: bootps (67)
>>    Source port: bootpc (68)
>>    Destination port: bootps (67)
>>    Length: 256
>>    Checksum: 0xd472 [correct]
>>        [Good Checksum: True]
>>        [Bad Checksum: False]
>> Bootstrap Protocol
>>    Message type: Boot Request (1)
>>    Hardware type: NET/ROM pseudo
>>    Hardware address length: 0
>>    Hops: 0
>>    Transaction ID: 0x12345678
>>    Seconds elapsed: 5
>>    Bootp flags: 0x0000 (Unicast)
>>        0... .... .... .... = Broadcast flag: Unicast
>>        .000 0000 0000 0000 = Reserved flags: 0x0000
>>    Client IP address: 1.2.3.4 (1.2.3.4)
>>    Your (client) IP address: 0.0.0.0 (0.0.0.0)
>>    Next server IP address: 0.0.0.0 (0.0.0.0)
>>    Relay agent IP address: 1.2.5.1 (1.2.5.1)
>>    Client address not given
>>    Server host name not given
>>    Boot file name not given
>>    Magic cookie: (OK)
>>    Option: (t=53,l=1) DHCP Message Type = DHCP Lease query
>>        Option: (53) DHCP Message Type
>>        Length: 1
>>        Value: 0A
>>    Option: (t=55,l=2) Parameter Request List
>>        Option: (55) Parameter Request List
>>        Length: 2
>>        Value: 3A52
>>        58 = Renewal Time Value
>>        82 = Agent Information Option
>>    End Option
>>
>>
>> Umm....help?
>>
>> Thanks again for any help offered!!
>>
>>
>> --
>> Patrick T. Winn
>> Systems Engineer
>> Cimarron Telephone Co.
>> (918) 865-3311 x280 - office
>> (918) 606-6602 - cell
>>
>>
>>
>> _______________________________________________
>> dhcp-hackers mailing list
>> dhcp-hackers at lists.isc.org
>> https://lists.isc.org/mailman/listinfo/dhcp-hackers
>>
>