<html>
<head>
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
<font face="monospace"> I apologize if it's not proper etiquette
to post the same issue to both mailing lists, but I'm looking for
a bit of feedback as to whether what I'm experiencing is
'expected' behaviour from the isc dhcp software. It looks as
though myself and Leigh are both observing the same 'multiple ack'
scenario, but it's a bit of a "muddy" explanation in the RFC as to
whether both ACKs should present themself during a reboot/DORA
(although I'd expect it to happen at a T2 timer).<br>
<br>
- Joey D.<br>
</font><br>
<br>
<div class="moz-cite-prefix">On 04/02/2014 12:48 PM, jobewan wrote:<br>
</div>
<blockquote cite="mid:533C4D7D.208@gmail.com" type="cite">
<meta content="text/html; charset=ISO-8859-1"
http-equiv="Content-Type">
In our environment, multiple ACKs are causing an issue. We
have our servers setup in 2 different geographic regions, and
there is a DHCP proxy in-line near the client site. The issue is
that the anti-spoofing mechanism in the dhcp-proxy always picks up
on the 1st ack to make it back, which is always going to be
'Server A' (due to the latency b/t the regions); although 'Server
B' is sending the offer. This in turn causes issues for the
client that is wanting an IP address from Server B.<br>
<br>
Is the double ACK an expected behavior on a reboot? The RFC on
3.1 says "If the client already knows its address, some steps may
be omitted", which indicates that this should potentially follow
the process noted in 3.2 (showing both servers sending an ACK).
Although, during a reboot, the client doesn't know it's ip address
and follows a simple DORA which would indicate it would use the
process in 3.1 (meaning only 1 server sends an ACK)<br>
<br>
(also, sorry for the double post, It appeared that my initial mail
was caught by a spamfilter).<br>
<br>
- Joey D.<br>
<br>
<br>
<div class="moz-cite-prefix">On 04/02/2014 11:16 AM, Leigh Porter
wrote:<br>
</div>
<blockquote
cite="mid:D181DDABABE57E4DB72FEE0033147864010D12C9@EALPO1.ukbroadband.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=ISO-8859-1">
<meta name="Generator" content="Microsoft Word 14 (filtered
medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
@font-face
{font-family:Tahoma;
panose-1:2 11 6 4 3 5 4 4 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman","serif";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-reply;
font-family:"Calibri","sans-serif";
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-family:"Calibri","sans-serif";
mso-fareast-language:EN-US;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
<div class="WordSection1">
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I
see a similar issue with a similar config, however the
duplicate ACK is not on the initial request but for lease
renewals.<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">I’ve
not bothered investigating so far as it seemed to do no
harm for now..<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">--<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D">Leigh<o:p></o:p></span></p>
<p class="MsoNormal"><span
style="font-size:11.0pt;font-family:"Calibri","sans-serif";color:#1F497D"><o:p> </o:p></span></p>
<p class="MsoNormal"><b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif""
lang="EN-US">From:</span></b><span
style="font-size:10.0pt;font-family:"Tahoma","sans-serif""
lang="EN-US"> <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:dhcp-users-bounces+leigh.porter=ukbroadband.com@lists.isc.org">dhcp-users-bounces+leigh.porter=ukbroadband.com@lists.isc.org</a>
[<a moz-do-not-send="true" class="moz-txt-link-freetext"
href="mailto:dhcp-users-bounces+leigh.porter=ukbroadband.com@lists.isc.org">mailto:dhcp-users-bounces+leigh.porter=ukbroadband.com@lists.isc.org</a>]
<b>On Behalf Of </b>Joey D.<br>
<b>Sent:</b> 02 April 2014 17:04<br>
<b>To:</b> <a moz-do-not-send="true"
class="moz-txt-link-abbreviated"
href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a><br>
<b>Subject:</b> Multiple ACK Issue<o:p></o:p></span></p>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif""> Below
is a diagram of what we witness is happening in the
event of a device reboot of a previously connected
device (meaning the device is already established in the
leases db on both servers), as well as our failover
config. Is there a configuration directive that can be
used which mandates that only the server sending the
offer can send the ACK? (much like what is done when
allocating a fresh lease like in sec 3.2 in the rfc).
I can detail a bit more as to the environment layout if
necessary, but I'm hoping there is an option I'm simply
overlooking. <br>
<br>
<br>
</span><o:p></o:p></p>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
Server A Client Server B<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif""> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
v v v<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| Begins initialization |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| _____________/|\____________ |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
|/DHCPDISCOVER | DHCPDISCOVER\|<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | ___________/|<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | /DHCPOFFER |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| |/ |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| Selects configuration |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| _____________/|\____________ |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
|/ DHCPREQUEST | DHCPREQUEST\|<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
|\_____________ | ____________/|<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| DHCPACK \|/ DHCPACK |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| | |<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
| Initialization complete | <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif""><o:p> </o:p></span></p>
</div>
<p class="MsoNormal"><span
style="font-size:10.0pt;font-family:"Arial","sans-serif"">
<br>
<br>
SERVER A: <br>
stash-agent-options true; <br>
<br>
failover peer "iah-kcm" { <br>
primary; <br>
address x.x.1.248; <br>
port 647; <br>
peer address x.x.2.248; <br>
peer port 647; <br>
auto-partner-down 121; <br>
max-response-delay 120; <br>
max-unacked-updates 10; <br>
load balance max seconds 5; <br>
mclt 3600; <br>
split 128; <br>
<br>
} <br>
server-identifier x.x.1.248; <br>
ping-check false; <br>
<br>
<br>
SERVER B: <br>
stash-agent-options true; <br>
<br>
failover peer "iah-kcm" { <br>
<br>
secondary; <br>
address x.x.2.248; <br>
port 647; <br>
peer address x.x.1.248; <br>
peer port 647; <br>
auto-partner-down 121; <br>
max-response-delay 120; <br>
max-unacked-updates 10; <br>
load balance max seconds 5; <br>
} <br>
server-identifier x.x.2.248; <br>
ping-check false; <br>
<br>
<br>
- Joey D. </span><o:p></o:p></p>
</div>
<p class="MsoNormal"><br>
______________________________________________________________________<br>
This email has been scanned by the Symantec Email
Security.cloud service.<br>
For more information please visit <a moz-do-not-send="true"
href="http://www.symanteccloud.com">http://www.symanteccloud.com</a><br>
______________________________________________________________________<o:p></o:p></p>
</div>
<br clear="all">
______________________________________________________________________<br>
This email has been scanned by the Symantec Email Security.cloud
service.<br>
For more information please visit <a moz-do-not-send="true"
class="moz-txt-link-freetext"
href="http://www.symanteccloud.com">http://www.symanteccloud.com</a><br>
______________________________________________________________________<br>
<br>
<fieldset class="mimeAttachmentHeader"></fieldset>
<br>
<pre wrap="">_______________________________________________
dhcp-users mailing list
<a moz-do-not-send="true" class="moz-txt-link-abbreviated" href="mailto:dhcp-users@lists.isc.org">dhcp-users@lists.isc.org</a>
<a moz-do-not-send="true" class="moz-txt-link-freetext" href="https://lists.isc.org/mailman/listinfo/dhcp-users">https://lists.isc.org/mailman/listinfo/dhcp-users</a></pre>
</blockquote>
</blockquote>
<br>
</body>
</html>