ISC_DHCP 4.1-ESV-R12 is now available for download.

Thomas Markwalder tmark at
Thu Sep 3 19:23:01 UTC 2015

ISC DHCP 4.1-ESV-R12 is now available for download.

This is the release of ISC DHCP 4.1-ESV-R12, a maintenance
release which contains a number of bug fixes.

Field testing is an important part of our quality process.
Please report bugs to dhcp-bugs at

A list of the changes in this release has been appended to the end
of this message.  For a complete list of changes from any previous
release, please consult the RELNOTES file within the source distribution.
They can also be found at:

Knowledge base articles about various features can be found starting from:

Webinars can be found here:

This release, and its OpenPGP-signatures are available now from:

ISC's Release Signing Key can be obtained at:

The following are changes that may be more interesting and require
a bit more explanation.

We have modified the PARANOIA patch to adjust the file permissions
(owner and group) used for the lease file.  In our testing this had
no negative effects.  However, given the range of OSes and security
features, we are not able to test all possible combinations.

The following is the list of all changes for this release.

            Changes since 4.1-ESV-R12b1

- None

            Changes since 4.1-ESV-R11

- The server now does a better check to see if it can allocate the memory
  for large blocks of v4 leases and should provide a slightly better error
  message.  Note well: the server pre-allocates v4 addresses, if you use
  a large range, such as a /8, the server will attempt to use a large
  amount of memory and may not start if there either isn't enough memory
  or the size exceeds what the code supports.
  [ISC-Bugs #38637]

- The server will now reject unicast Request, Renew, Decline, and Release
  messages from a client unless the server would have sent that client the
  dhcp6.unicast option.  This behavior is in compliance with paragraph 1 in
  each of the sections 18.2,1, 18.2.3, 18.2.6, and 18.2.7 of RFC 3315. Prior
  to this, the server would simply accept the messages.  Now, in order for
  the server to accept such a message, the server configuration must include
  the dhcp6.unicast option either globally or within the shared network to
  which the requested lease belongs. In other words, the server will map
  the first IA_XX address found within the client message to a
  and look for the presence of the unicast option there and then globally.
  [ISC-Bugs #21235]

- Write out the DUID server id on startup in all cases, previously if it
  was read in from server-duid option in the config or lease files for
  DHCPv4 it would not be written to the new lease file.
  [ISC-Bugs #37791]

- When parsing dates for leases convert dates past 2038 to "never".
  This avoids problems with integer overflows in the date and time
  handling code for people that decide to use very large lease times
  or add a lease entry with a date far in the future.
  [ISC-Bugs #33056]

- Leave the siaddr field clear when sending a NACK as per RFC 2131
  table 3.
  [ISC-Bugs #38769]

- Some compilers don't like the use of abs in minires/ns_verify.c,
  change it to labs to make them happy.
  [ISC-Bugs #39301]

- In the client don't send expired addresses to the script as part of
  the binding process.  Thanks to Sven Trenkel at Google for reporting
  the issue and suggesting the patch.
  [ISC-Bugs #38631]

- While parsing IPv6 addresses treat "add" as part of the address instead
  of as a token.
  [ISC-Bugs #39529]

- Delayed-ack now works properly with Failover. Prior to this, bind updates
  post startup were being queued but never delivered. Among other
things, this
  was causing leases to not transition from expired or released to free.
  [ISC-Bugs #31474]

- Clean up parsing of v6 lease files a bit to avoid infinite loops if the
  lease file is corrupt in certain ways.
  [ISC-Bugs #39760]

- Corrected an issue in v6 lease file parsing. Prior to this, when
  a lease with an address for which no configured pool exists, the
server was
  declaring the lease file corrupt and incorrectly skipping over the
  entry in the file.  The server will now emit a log message indicating that
  no pool was found for the address (or prefix) and correctly resume parsing
  with the next entry in the lease file.  Our thanks to Michal Žejdl for
  reporting the issue.
  [ISC-Bugs #39314]

- Enhance the PARANOIA patch to include fchown() the lease file to
  allow it to be manipulated after the server does a chown().
  Thanks to Jiri Popelka at Red Hat for the patch.
  [ISC-Bugs #36978]

- Fixed a server crash that could occur when the server attempts to remove
  the billing class from the last lease billed to a dynamic class after said
  class has been deleted.
  [ISC-Bugs #39978]

- Handle an out of memory condition in the client a bit better.
  Thanks to Frédéric Perrin from Brocade for finding the issue
  and suggesting a patch.
  [ISC-Bugs #39279]

More information about the dhcp-workers mailing list