[Kea-users] Invalid DHCP Server Identifier: 0.0.0.0

Marcin Siodelski marcin at isc.org
Thu Sep 1 12:08:53 UTC 2016


On 31.08.2016 16:46, Adam Twardowski wrote:
> On 08/31/2016 05:07 AM, Marcin Siodelski wrote:
> > On 30.08.2016 17:42, Adam Twardowski wrote:
> >> I am running kea on FreeBSD.  I have a cisco router configured as a
> dhcp
> >> relay, forwarding requests to Kea.  Kea receives the requests and sends
> >> out a reply, but the reply has option 54 set to 0.0.0.0, which as
> far as
> >> I know doesn't make any sense.  The DHCP client can't continue the
> >> transaction because it obviously can't send a packet to 0.0.0.0.  Is
> >> there any way I can tell kea to send a valid server identifier?
> >>
> >>
> >> Config:
> >>
> >> {
> >> "Dhcp4":
> >> {
> >>    "interfaces-config": {
> >>      "interfaces": [ "em0" ],
> >>      "dhcp-socket-type": "udp"
> >>    },
> >>    "lease-database": {
> >>      "type": "memfile",
> >>      "lfc-interval": 1800
> >>    },
> >>    "expired-leases-processing": {
> >>      "reclaim-timer-wait-time": 10,
> >>      "flush-reclaimed-timer-wait-time": 25,
> >>      "hold-reclaimed-time": 3600,
> >>      "max-reclaim-leases": 100,
> >>      "max-reclaim-time": 250,
> >>      "unwarned-reclaim-cycles": 5
> >>    },
> >>
> >>    "valid-lifetime": 4000,
> >>
> >>    "subnet4": [
> >>    {    "subnet": "10.128.224.0/20",
> >>         "pools": [ { "pool": "10.128.239.3 - 10.128.239.254" } ],
> >>         "option-data": [
> >>              { "name": "routers", "data": "10.128.224.1" },
> >>              { "name": "domain-name-servers", "data": "8.8.8.8,
> >> 8.8.4.4" },
> >>          ]
> >>    }
> >>    ]
> >> },
> >>
> >>
> >>
> >> Kea Reply:
> >>
> >> Bootstrap Protocol (Offer)
> >>      Message type: Boot Reply (2)
> >>      Hardware type: Ethernet (0x01)
> >>      Hardware address length: 6
> >>      Hops: 1
> >>      Transaction ID: 0xccc20000
> >>      Seconds elapsed: 0
> >>      Bootp flags: 0x0000 (Unicast)
> >>          0... .... .... .... = Broadcast flag: Unicast
> >>          .000 0000 0000 0000 = Reserved flags: 0x0000
> >>      Client IP address: 0.0.0.0
> >>      Your (client) IP address: 10.128.239.4
> >>      Next server IP address: 0.0.0.0
> >>      Relay agent IP address: 10.128.224.1
> >>      Client MAC address: ---------- DELETED -----------
> >>      Client hardware address padding: 00000000000000000000
> >>      Server host name not given
> >>      Boot file name not given
> >>      Magic cookie: DHCP
> >>      Option: (1) Subnet Mask
> >>          Length: 4
> >>          Subnet Mask: 255.255.240.0
> >>      Option: (3) Router
> >>          Length: 4
> >>          Router: 10.128.224.1
> >>      Option: (6) Domain Name Server
> >>          Length: 8
> >>          Domain Name Server: 8.8.8.8
> >>          Domain Name Server: 8.8.4.4
> >>      Option: (51) IP Address Lease Time
> >>          Length: 4
> >>          IP Address Lease Time: (4000s) 1 hour, 6 minutes, 40 seconds
> >>      Option: (53) DHCP Message Type (Offer)
> >>          Length: 1
> >>          DHCP: Offer (2)
> >>      Option: (54) DHCP Server Identifier
> >>          Length: 4
> >>          DHCP Server Identifier: 0.0.0.0
> >>      Option: (255) End
> >>          Option End: 255
> >>
> > Adam,
> >
> > Would it be possible for you to send us the dump of the DHCPDISCOVER
> > which triggers this response, along with the entire Ethernet/IP/UDP
> > stack?
> >
> > Thanks,
> > Marcin Siodelski
> > ISC
> >
>
> Kea debug log, config, and tcpdump attached.
>
> Kea is running on FreeBSD 10.3-RELEASE-p7, which is a VM running in
> ESXi.  Kea is installed from the ports tree. (I also tested with latest
> git release).  Tcpdump was run on the kea server.  The dhcp client in
> this case is a Tripplite PDU, but I've seen the same issue with
> otherclients .
>
> As I mentioned in the other message, based on the debug output listing
> the destination address of 0.0.0.0, I believe the issue is that FreeBSD
> doesn't support the IP_PKTINFO socket option and uses IP_RECVDSTADDR
> instead for IPv4.
>
> You can see how the PowerDNS project handles this situation at these
> links:
> https://blog.powerdns.com/2012/10/08/on-binding-datagram-udp-sockets-to-the-any-addresses/
>
> https://github.com/PowerDNS/pdns/blob/4f18781a43c3734855a00f5aded03255250ba6d9/pdns/iputils.cc#L146
>
> https://github.com/PowerDNS/pdns/blob/4f18781a43c3734855a00f5aded03255250ba6d9/pdns/iputils.hh#L876
>
>

Adam,

Thanks for providing the traffic captures. I was able to reproduce the
problem on FreeBSD10.3, with the "dhcp-socket-type" set to "udp".

Your diagnosis is correct. On BSDs, Kea should use IP_RECVDSTADDR option
to determine the local IP address (which is also used as a server
identifier). I have a working proof of concept.

The following ticket has been opened to address that issue:
http://kea.isc.org/ticket/5003. I am hoping to get it done for the 1.1.0
final release.

Marcin




More information about the Kea-users mailing list