dhcpd handing out wrong gateway
Glenn Satchell
glenn.satchell at uniq.com.au
Thu Sep 8 14:58:46 UTC 2011
On 09/09/11 00:30, Fredrik Björk wrote:
> Hi!
> We're having occasional problems with ISC dhcpd handing out an incorrect
> gateway (option routers) to some clients. This happens only for specific
> clients and is more or less persistent for those. The config is somewhat
> complicated and involves a few shared networks.
> What happens is that a client in network 123.123.230.0/24 gets a correct
> IP, the appropriate subnet mask and all other options, but the gateway
> is 123.123.235.1, which is in a totally different subnet and even
> another shared network! Anybody with a clue about what's going on out there?
> Just to give you a rough idea on the structure, I've filtered out a few
> lines from the config:
> shared-network eth0{
> subnet 192.168.20.0 netmask 255.255.255.0 {
> subnet 123.123.224.0 netmask 255.255.255.0 {
> subnet 123.123.236.0 netmask 255.255.255.0 {
> shared-network BSR1CM {
> subnet 172.16.0.0 netmask 255.255.252.0 {
> subnet 172.16.8.0 netmask 255.255.255.0 {
> shared-network BSR1CPE {
> subnet 123.123.225.0 netmask 255.255.255.0 {
> subnet 123.123.226.0 netmask 255.255.255.128 {
> subnet 123.123.226.128 netmask 255.255.255.192 {
> subnet 123.123.226.192 netmask 255.255.255.224 {
> shared-network BSR1MTA {
> subnet 123.123.226.224 netmask 255.255.255.224 {
> shared-network BSR2CM {
> subnet 172.17.0.0 netmask 255.255.252.0 {
> subnet 172.17.4.0 netmask 255.255.252.0 {
> subnet 172.17.8.0 netmask 255.255.252.0 {
> shared-network BSR2CPE {
> subnet 123.123.227.0 netmask 255.255.255.0 {
> subnet 123.123.228.0 netmask 255.255.255.128 {
> subnet 123.123.228.128 netmask 255.255.255.192 {
> subnet 123.123.228.192 netmask 255.255.255.224 {
> subnet 123.123.228.224 netmask 255.255.255.224 {
> shared-network BSR2MTA {
> subnet 123.123.229.0 netmask 255.255.255.0 {
> shared-network BSR3CM {
> subnet 172.18.0.0 netmask 255.255.252.0 {
> subnet 172.18.4.0 netmask 255.255.252.0 {
> subnet 172.18.8.0 netmask 255.255.252.0 {
> shared-network BSR3CPE {
> subnet 123.123.230.0 netmask 255.255.255.0 {
> subnet 123.123.233.0 netmask 255.255.255.0 {
> subnet 123.123.231.0 netmask 255.255.255.0 {
> shared-network BSR3MTA {
> subnet 123.123.232.0 netmask 255.255.255.0 {
> subnet 123.123.234.0 netmask 255.255.255.0 {
> shared-network CASACM {
> subnet 172.19.0.0 netmask 255.255.240.0 {
> shared-network CASACPE {
> subnet 123.123.235.0 netmask 255.255.255.0 {
> subnet 123.123.237.0 netmask 255.255.255.0 {
> subnet 123.123.238.0 netmask 255.255.255.0 {
> 14:29:20.933479 IP (tos 0x0, ttl 255, id 5252, offset 0, flags [none],
> proto UDP (17), length 344) 123.123.230.1.68 > 123.123.224.
> 42.67: BOOTP/DHCP, Request from 00:19:99:a0:51:13, length 316, hops 1,
> xid 0x39e50835, Flags [none]
> Gateway-IP 123.123.230.1
> Client-Ethernet-Address 00:19:99:a0:51:13
> Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: Discover
> Client-ID Option 61, length 7: ether 00:19:99:a0:51:13
> Requested-IP Option 50, length 4: 123.123.233.232
> Hostname Option 12, length 12: "MyRouter"
> Vendor-Class Option 60, length 8: "MSFT 5.0"
> Parameter-Request Option 55, length 12:
> Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server
> Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery
> Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft,
> Vendor-Option
> Agent-Information Option 82, length 14:
> Unknown SubOption 2, length 6:
> 0x0000: 0013 71e7 68ee
> Unknown SubOption 43, length 4:
> 0x0000: ac12 03f5
> 14:29:21.001405 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
> UDP (17), length 335) 123.123.224.42.67 > 123.123.230.1.67:
> BOOTP/DHCP, Reply, length 307, hops 1, xid 0x39e50835, Flags [none]
> Your-IP 123.123.233.232
> Server-IP 123.123.224.42
> Gateway-IP 123.123.230.1
> Client-Ethernet-Address 00:19:99:a0:51:13
> Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: Offer
> Server-ID Option 54, length 4: 123.123.224.42
> Lease-Time Option 51, length 4: 600
> Subnet-Mask Option 1, length 4: 255.255.255.0
> Domain-Name Option 15, length 11: "sweden.se"
> Default-Gateway Option 3, length 4: 123.123.235.1 <<<<----- WRONG!
> Domain-Name-Server Option 6, length 8: 213.50.29.170,208.67.222.222
> Agent-Information Option 82, length 14:
> Unknown SubOption 2, length 6:
> 0x0000: 0013 71e7 68ee
> Unknown SubOption 43, length 4:
> 0x0000: ac12 03f5
> 14:29:21.016281 IP (tos 0x0, ttl 255, id 5256, offset 0, flags [none],
> proto UDP (17), length 364) 123.123.230.1.68 > 123.123.224.42.67:
> BOOTP/DHCP, Request from 00:19:99:a0:51:13, length 336, hops 1, xid
> 0x39e50835, Flags [none]
> Gateway-IP 123.123.230.1
> Client-Ethernet-Address 00:19:99:a0:51:13
> Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: Request
> Client-ID Option 61, length 7: ether 00:19:99:a0:51:13
> Requested-IP Option 50, length 4: 123.123.233.232
> Server-ID Option 54, length 4: 123.123.224.42
> Hostname Option 12, length 12: "MyRouter"
> FQDN Option 81, length 15: "MyRouter"
> Vendor-Class Option 60, length 8: "MSFT 5.0"
> Parameter-Request Option 55, length 12:
> Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server
> Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery
> Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft,
> Vendor-Option
> Agent-Information Option 82, length 14:
> Unknown SubOption 2, length 6:
> 0x0000: 0013 71e7 68ee
> Unknown SubOption 43, length 4:
> 0x0000: ac12 03f5
> 14:29:21.017506 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto
> UDP (17), length 335) 123.123.224.42.67 > 123.123.230.1.67: BOOTP/DHCP,
> Reply, length 307, hops 1, xid 0x39e50835, Flags [none]
> Your-IP 123.123.233.232
> Server-IP 123.123.224.42
> Gateway-IP 123.123.230.1
> Client-Ethernet-Address 00:19:99:a0:51:13
> Vendor-rfc1048 Extensions
> Magic Cookie 0x63825363
> DHCP-Message Option 53, length 1: ACK
> Server-ID Option 54, length 4: 123.123.224.42
> Lease-Time Option 51, length 4: 600
> Subnet-Mask Option 1, length 4: 255.255.255.0
> Domain-Name Option 15, length 11: "sweden.se"
> Default-Gateway Option 3, length 4: 123.123.235.1
> Domain-Name-Server Option 6, length 8: 213.50.29.170,208.67.222.222
> Agent-Information Option 82, length 14:
> Unknown SubOption 2, length 6:
> 0x0000: 0013 71e7 68ee
> Unknown SubOption 43, length 4:
> 0x0000: ac12 03f5
> Any help is much appreciated!
> /Fredrik
>
If you grep for that mac address in the logs, what entries do you get,
in particular, where does it think the request is coming from?
Double check the shared-network and subnet statements to make sure the
closing braces match up in the right positions.
Are you defining "option routers" in the pools, or in the subnets? This
is a subnet option, and should be defined in the subnet scope, rather
than the pool scope (unless of course you have multiple pools, and you
want different gateways for some reason).
Are you using dynamic range statements to assign the ip addresses, or
are there host statements?
Could you post the subnet definitions from dhcpd.conf for the two shared
networks please?
It's obvious that the wrong IP is being handed out, but for some reason
dhcpd thinks it is doing the proper thing...
regards,
-glenn
More information about the dhcp-users
mailing list