SV: DISCOVER bursts

Glenn Satchell Glenn.Satchell at uniq.com.au
Tue Jan 9 10:38:15 UTC 2007


>From: Lars Jacobsen <lars-jacobsen at newmail.dk>
>To: dhcp-users at isc.org
>Subject: Re: SV: DISCOVER bursts
>Date: Mon, 08 Jan 2007 21:24:16 +0100
>
>
>Glenn Satchell <Glenn.Satchell at uniq.com.au> wrote:
>> There was a bug fix recently wrt to lease limit. 
>
>Yes im aware.
>
>> When a lease is
>> offered it has a 2 minute lease duration. If the client then
>> comes back
>> and requests it the lease offered has the normal lease
>> duration
>> (whatever you configured, or the client asked for). Until
>> the lease is
>> requested it's a sort-of temporary lease and not part of the
>> lease
>> limit yet.
>> 
>
>So does this mean that if a malicius user /faulty client keeps
>requesting IP address it would drain the pool - for a 2 minute period
>-, even thoug the protechtion against this has been made ?

As Simon mentioned, this is a problem with any dhcp server. A malicious
client could keep making requests with different client-ids and the
dhcp server would have to honour all those requests.

>And its not possible to se these "temporary" leases anywhere or ?

Yes, they get written into dhcpd.leases like any other lease. Here's an
example - notice the 2 minute difference between starts and ends.

lease 192.168.14.243 {
  starts 0 2007/01/07 12:34:50;
  ends 0 2007/01/07 12:36:50;
  tstp 0 2006/05/14 14:28:12;
  tsfp 0 2006/05/14 14:28:12;
  atsfp 0 2006/05/14 14:28:12;
  cltt 0 2007/01/07 12:34:50;
  binding state backup;
  hardware ethernet 00:c0:4f:cf:ac:a0;
  uid "\001\000\300O\317\254\240";
  client-hostname "pink";
}

Here's the piece of code from server/dhcp.c that sets the 2 minutes:

        /* Set the lease to really expire in 2 minutes, unless it has
           not yet expired, in which case leave its expiry time alone. */
        when = cur_time + 120;

>> Does the dhcp client eventually accept one of the offers and
>> send a
>> request for it? If so, then the other temporary leases will
>> expire in
>> two minutes and go back to being available for other
>> clients.
>
>OK fine.
>
>> 
>> Yes, it sounds like a client that's not well written, but
>> the client
>> should handle these cases and try to do something sensible.

err, I meant the server should handle it sensibly. :(

regards,
-glenn
--


More information about the dhcp-users mailing list