DHCP-Relay duplicating unicast packets

Ray Soucy rps at maine.edu
Fri Sep 11 13:09:21 UTC 2015


You could be seeing this if you're using the native (untagged)
interface in addition to VLAN sub-interfaces:

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=643564

Also note that the default behavior of dhcrelay is to relay relay
packets [sic], you may want to disable this using the "-m discard"
option.




On Fri, Sep 11, 2015 at 7:28 AM, Marc Haber <mh+dhcp-users at zugschlus.de> wrote:
> Hi,
>
> I have a test network setup with some VLANs. Relevant here are VLANs
> 181 (Infrastructure) and 185 (Clients). VLAN 181 houses the
> DHCP server; the router between the networks runs a DHCP relay. Both
> machines are Debian jessie, DHCP server and relay are ISC DHCP 4.3.2.
>
> My test client is an android phone and has MAC address
> cc:07:ab:ac:99:7e and IP address 192.168.185.156.
>
> All systems do run IPv6 as well, that's irrelevant here and I have
> thus removed the IPv6 addresses.
>
> Router:
> |[3/501]mh at barrida:~$ ip addr show dev int181
> |9: int181 at eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
> |    link/ether 9a:3d:9f:63:27:ac brd ff:ff:ff:ff:ff:ff
> |    inet 192.168.181.254/32 brd 192.168.181.254 scope global int181
> |       valid_lft forever preferred_lft forever
> |    inet 192.168.181.163/24 brd 192.168.181.255 scope global int181
> |       valid_lft forever preferred_lft forever
> |[4/502]mh at barrida:~$ ip addr show dev int185
> |13: int185 at eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default
> |    link/ether fe:fd:22:0f:79:5e brd ff:ff:ff:ff:ff:ff
> |    inet 192.168.185.254/24 brd 192.168.185.255 scope global int185
> |       valid_lft forever preferred_lft forever
> |[5/503]mh at barrida:~$ sudo cat /proc/net/vlan/config
> |VLAN Dev name    | VLAN ID
> |Name-Type: VLAN_NAME_TYPE_RAW_PLUS_VID_NO_PAD
> |int181         | 181  | eth0
> |int185         | 185  | eth0
> |[16/514]mh at barrida:~$ cat /etc/default/isc-dhcp-relay
> |SERVERS="192.168.181.161 192.168.251.9"
> |INTERFACES="int181 int182 int183 int184 int185 int186 int187 int188 int189"
> |OPTIONS=""
>
> DHCP server:
> |[7/505]mh at chasse:~$ ip addr show dev eth0
> |2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
> |    link/ether 52:54:00:bd:92:b1 brd ff:ff:ff:ff:ff:ff
> |    inet 192.168.181.161/24 brd 192.168.181.255 scope global eth0
> |       valid_lft forever preferred_lft forever
>
> Client wants to renew its lease and sends an _Unicast_ DHCP REQUEST
> directly to the server that had assigned its lease. Here a tcpdump
> taken on the router's int185:
> |12:35:30.343624 cc:07:ab:ac:99:7e > fe:fd:22:0f:79:5e, ethertype IPv4 (0x0800), length 353: 192.168.185.156.68 > 192.168.181.161.67: BOOTP/DHCP, Request from cc:07:ab:ac:99:7e, length 311
> |12:35:30.353324 fe:fd:22:0f:79:5e > cc:07:ab:ac:99:7e, ethertype IPv4 (0x0800), length 372: 192.168.181.161.67 > 192.168.185.156.68: BOOTP/DHCP, Reply, length 330
> |12:35:30.353754 fe:fd:22:0f:79:5e > cc:07:ab:ac:99:7e, ethertype IPv4 (0x0800), length 372: 192.168.185.254.67 > 192.168.185.156.68: BOOTP/DHCP, Reply, length 330
>
> The DHCP relay thinks that it should play here and creates two more
> instances of the DHCP REQUEST. Here a tcpdump taken on the router's
> int181:
> |12:35:30.343739 9a:3d:9f:63:27:ac > 52:54:00:bd:92:b1, ethertype IPv4 (0x0800), length 353: 192.168.185.156.68 > 192.168.181.161.67: BOOTP/DHCP, Request from cc:07:ab:ac:99:7e, length 311
> |12:35:30.344094 9a:3d:9f:63:27:ac > 52:54:00:bd:92:b1, ethertype IPv4 (0x0800), length 353: 192.168.181.163.67 > 192.168.181.161.67: BOOTP/DHCP, Request from cc:07:ab:ac:99:7e, length 311
> |12:35:30.344184 9a:3d:9f:63:27:ac > 52:54:00:bd:92:b1, ethertype IPv4 (0x0800), length 353: 192.168.181.163.67 > 192.168.181.161.67: BOOTP/DHCP, Request from cc:07:ab:ac:99:7e, length 311
> |12:35:30.353242 52:54:00:bd:92:b1 > 9a:3d:9f:63:27:ac, ethertype IPv4 (0x0800), length 372: 192.168.181.161.67 > 192.168.185.156.68: BOOTP/DHCP, Reply, length 330
> |12:35:30.353502 52:54:00:bd:92:b1 > 9a:3d:9f:63:27:ac, ethertype IPv4 (0x0800), length 372: 192.168.181.161.67 > 192.168.185.254.67: BOOTP/DHCP, Reply, length 330
> |12:35:30.353999 52:54:00:bd:92:b1 > 9a:3d:9f:63:27:ac, ethertype IPv4 (0x0800), length 342: 192.168.181.161.67 > 192.168.181.254.67: BOOTP/DHCP, Reply, length 300
> |12:35:30.354106 9a:3d:9f:63:27:ac > ff:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 342: 192.168.181.254.67 > 255.255.255.255.68: BOOTP/DHCP, Reply, length 300
>
> The DHCP server itself writes this to its logs:
> |Sep 11 12:35:30 chasse dhcpd[767]: Adap-lease: Total: 100, Free: 96, Ends: 156, Adaptive: 300, Fill: 4, Threshold: 80
> |Sep 11 12:35:30 chasse dhcpd[767]: DHCPREQUEST for 192.168.185.156 from cc:07:ab:ac:99:7e via eth0
> |Sep 11 12:35:30 chasse dhcpd[767]: DHCPACK on 192.168.185.156 to cc:07:ab:ac:99:7e (android-82ac454c2cdff807) via eth0
> |Sep 11 12:35:30 chasse dhcpd[767]: Adap-lease: Total: 100, Free: 96, Ends: 300, Adaptive: 300, Fill: 4, Threshold: 80
> |Sep 11 12:35:30 chasse dhcpd[767]: reuse_lease: lease age 0 (secs) under 25% threshold, reply with unaltered, existing lease
> |Sep 11 12:35:30 chasse dhcpd[767]: DHCPREQUEST for 192.168.185.156 from cc:07:ab:ac:99:7e (android-82ac454c2cdff807) via 192.168.185.254
> |Sep 11 12:35:30 chasse dhcpd[767]: DHCPACK on 192.168.185.156 to cc:07:ab:ac:99:7e via 192.168.185.254
> |Sep 11 12:35:30 chasse dhcpd[767]: DHCPREQUEST for 192.168.185.156 from cc:07:ab:ac:99:7e via 192.168.181.254: wrong network.
> |Sep 11 12:35:30 chasse dhcpd[767]: DHCPNAK on 192.168.185.156 to cc:07:ab:ac:99:7e via 192.168.181.254
>
> I am now wondering why the DHCP relay does act on those Unicast packets
> in the first place. Is it supposed to? Why does it? Why does it send
> the DHCP request out twice? And what does the dhcpd mean with "wrong
> network" in response to the DHCPREQUEST sent out by the relay with the
> relay agent address set to the relay's int181 address?
>
> Any hints will be appreciated.
>
> Greetings
> Marc
>
> --
> -----------------------------------------------------------------------------
> Marc Haber         | "I don't trust Computers. They | Mailadresse im Header
> Leimen, Germany    |  lose things."    Winona Ryder | Fon: *49 6224 1600402
> Nordisch by Nature |  How to make an American Quilt | Fax: *49 6224 1600421
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users



-- 
Ray Patrick Soucy
Network Engineer I
Networkmaine, University of Maine System US:IT

207-561-3526


More information about the dhcp-users mailing list