Bad client using all leases

Mon Oct 16 11:25:26 UTC 2017

Not quite answering your question but one way to restore some order
could be to give this one device a fixed address and perhaps ask the
server to not do pings for this device.

On 16-10-2017 13.00, Dave Ca wrote:
> Hi
> I am running a failover pair
> default-lease-time 43200;
> dynamic-bootp-lease-length 43200;
> failover peer "failover" {
>     max-response-delay 20;
>     max-unacked-updates 10;
>     load balance max seconds 3;
>     mclt 300;
>     split 128;
> }
> I have a client that will repeatedly do a DHCPDISCOVER at 50% lease
> time (rather than a renew), even when it already has an address
> in 4-3-6 this is how the flow goes :
> ===
> * client does discover
> * server offers lease of 5 mins
> after 2.5 mins :
> * client does discover
> * server pings previous IP it handed out to client
> It gets a response (client is trying to do discover as a way of
> renewing lease and has not released the old address)
> * server marks previous address as abandoned and ignores client
> * Client does discover
> * server offers new address with lease time of 5 mins (MCLT)
> Then we loop round and start again
> ===
> I happened to have an old device at the back of a cupboard with
> 4-1-1-p1 on it so just tried against that
> The result is the same, except it does not mark leases as abandoned in
> the leases file so they get back into pool quicker
> And also on the 4th DHCPDISCOVER the client does it gets a 12 hour
> lease for the same address offered on 3rd DHCPDISCOVER.
> Client packets are the same against both servers, client never sends
> it's address in the DHCPDISOCVER packet  
> I know this client is behaving badly but I am not sure what he
> expected dhcpd behaviour is, should it just keep
> letting the client eat through addresses or should it treat it like a
> renew as the old version does (eventually on 4th go) ?
> I know the server will start to use the addresses that were abandoned
> when it runs out of new leases but
> would rather they didn't all get eaten up in the first place. I am
> approaching the device vendor too but I
> don't hold out much hope there.
> Thanks
> Dave
