[PATCH] Workaround for broken ip-helper in Cisco Nexus switches
Steinar H. Gunderson
sgunderson at bigfoot.com
Wed Apr 4 15:19:08 UTC 2012
Hi from The Gathering 2012 (www.gathering.org)!
This morning, we had a problem with some clients, especially the ones running
Windows Vista without the infamous patch for the broadcast flag, not getting
an IP address, and we eventually traced it to the fact that these clients are
on Nexus 7000 switches and not Catalyst 6500 as we've used before.
Some debugging revealed that the Nexus' ip-helper equivalent simply drops
all DHCPOFFER packets that come back with the broadcast flag set, and since
the Vista clients set the broadcast flag in the request, the return packets
never get there. (Some Windows 7 clients also seem to exhibit the same
behavior, but we haven't debugged this in depth.)
The attached patch adds a new option “never-broadcast” that is the exact
opposite of the “never-broadcast” flag; it clears the broadcast bit
unconditionally in requests, no matter what the client sent. With this
enabled, we have no problems among our ~5k visitors that I know of.
It's not perfect; in particular, perhaps always-broadcast and never-broadcast
should be combined into some tristate flag. I'm unsure how to best do this
without breaking configuration compatibility.
/* Steinar */
--
Chief, Tech:Server, The Gathering 2012
http://www.sesse.net/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dhcpd-never-broadcast.diff
Type: text/x-diff
Size: 3891 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/dhcp-hackers/attachments/20120404/e1f6646b/attachment.bin>
More information about the dhcp-hackers
mailing list