Vista doesn't ack dhcp offer
Doug Tucker
tuckerd at engr.smu.edu
Mon Sep 24 13:58:12 UTC 2007
Sorry, after spending a week on that I had to catch up on some stuff.
Here are the filters for the 128 subnet in question on the gateway
router.
deny128a 0.0.0.0/ 0: 445 129.119.128.0/24: 0 T-D-X
13702
deny128b 0.0.0.0/ 0: 445 129.119.128.0/24: 0 U-D-X 1
deny128c 0.0.0.0/ 0: 139 129.119.128.0/24: 0 T-D-X
15526
deny128d 0.0.0.0/ 0: 139 129.119.128.0/24: 0 U-D-X 0
deny128e 0.0.0.0/ 0: 23 129.119.128.0/24: 0 T-D-X
59762
deny128f 0.0.0.0/ 0: 25 129.119.128.0/24: 0 T-D-X
60575
deny128g 0.0.0.0/ 0: 135 129.119.128.0/24: 0 T-D-X
242950
deny128h 0.0.0.0/ 0: 135 129.119.128.0/24: 0 U-D-X
4409220
all128 129.119.128.0/24: 0 129.119.128.0/24: 0 I-P-X
130887102
http128 0.0.0.0/ 0: 80 129.119.128.0/24: 0 T-P-X
386362774
https128 0.0.0.0/ 0: 443 129.119.128.0/24: 0 T-P-X
141582344
ssmtp128 0.0.0.0/ 0: 465 129.119.128.0/24: 0 T-P-X
476275
imaps128 0.0.0.0/ 0: 993 129.119.128.0/24: 0 T-P-X
3505476
pop3s128 0.0.0.0/ 0: 995 129.119.128.0/24: 0 T-P-X
4091082
ssh128 0.0.0.0/ 0: 22 129.119.128.0/24: 0 T-P-X
20399138
dns128 0.0.0.0/ 0: 53 129.119.128.0/24: 0 T-P-X
177768
dns128udp 0.0.0.0/ 0: 53 129.119.128.0/24: 0 U-P-X
7924870
socks128 0.0.0.0/ 0:1080 129.119.128.0/24: 0 T-P-X
6044712
pgp128 129.119.0.0/16:9000 129.119.128.0/24: 0 T-P-X
505
dhcp128 0.0.0.0/ 0: 0 129.119.128.0/24: 67 U-P-X
584
They are exactly the same now, as the day things were working for
unicast and not working for broadcast for dns, with the only acception
being we added the ONE filter for dhcp128, which allowed the broadcast
to work as well. To recap, without this filter in allowing broadcast
though, the clients not setting the broadcast bit were still working
fine.
On Fri, 2007-09-21 at 23:09 +0100, Simon Hobson wrote:
> Doug Tucker wrote:
> >If anyone is interested, we found it. Our gateway router had
> >filters on it to allow 80, 443, 21, 22...and then deny everything
> >else. We added an allow for dhcp, and wallah, everything is
> >working. What still has us scratching our heads, and why we kept
> >ruling that out, is even with the filter in place, dhcp still
> >worked, as long as the client dind't have the broadcast flag set.
> >Makes no sense to me, either dhcp is blocked or it isn't I would
> >think, reguardless of broadcast client flag.
>
> Don't forget that the route taken by packets, and the destination
> address, depends on the mode of delivery. Perhaps if you posted the
> filters then someone might see an obvious answer.
>
More information about the dhcp-users
mailing list