Discussion:
[Dnsmasq-discuss] DNSMASQ Not Sending ACK?
Jason Kary (jkary)
2017-09-21 13:15:03 UTC
Permalink
Hi Folks,

I’m working on getting DNSMASQ to work with IP RELAY in a VxLAN environment. Using tcpdump we were able to trace a DHCP relay request to the ‘request’ message. It appears the server is not sending an DHCP ACK message.

Here is a tcpdump of the request message:

11:18:56.868214 IP (tos 0x10, ttl 254, id 29262, offset 0, flags [none], proto UDP (17), length 374)
22.22.22.21.bootps > dhcp-server.localdomain.bootps: [udp sum ok] BOOTP/DHCP, Request from 00:25:b5:00:00:01 (oui Unknown), length 346, hops 1, xid 0x9a632d2c, Flags [none] (0x0000)
Gateway-IP 22.22.22.21
Client-Ethernet-Address 00:25:b5:00:00:01 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
Server-ID Option 54, length 4: dhcp-server.localdomain
Requested-IP Option 50, length 4: 10.168.102.132
Parameter-Request Option 55, length 18:
Subnet-Mask, BR, Time-Zone, Classless-Static-Route
Domain-Name, Domain-Name-Server, Hostname, YD
YS, NTP, MTU, Option 119
Default-Gateway, Classless-Static-Route, Classless-Static-Route-Microsoft, Static-Route
Option 252, NTP
Agent-Information Option 82, length 44:
Circuit-ID SubOption 1, length 10: ^A^H^@^F^@LO*^@^I
Remote-ID SubOption 2, length 6: M-LFM-V!M-)w
Unknown SubOption 151, length 10:
0x0000: 0062 6274 2d76 786c 616e
Unknown SubOption 11, length 4:
0x0000: 0aa8 6601
Unknown SubOption 5, length 4:
0x0000: 0aa8 6600
END Option 255, length 0
PAD Option 0, length 0, occurs 24

Is there any obvious issues you can see here?

Take Care
Jason
Chris Novakovic
2017-09-22 12:44:23 UTC
Permalink
If you're using 2.76,
It's implied by my later comment, but I should also clarify that this
bug affects 2.77 as well as 2.76.
Jason Kary
2017-09-22 18:32:01 UTC
Permalink
Hi Chris,

Thank you for the update. We are running version 2.66

Take Care
Jason
Post by Chris Novakovic
If you're using 2.76,
It's implied by my later comment, but I should also clarify that this
bug affects 2.77 as well as 2.76.
.
Chris Novakovic
2017-09-22 21:10:43 UTC
Permalink
Post by Jason Kary
Thank you for the update. We are running version 2.66
2.66 is four and a half years old now, and those parts of the codebase
have been overhauled quite a lot since then --- is there any way you can
test your setup with 2.77 plus the patch in [2] from my initial reply
(or, better still, master/HEAD in the git repository)? Also, it'd be
helpful if you could post your full dnsmasq configuration.
Jason Kary
2017-09-25 20:11:32 UTC
Permalink
Hi Chris,

I cloned the GIT repository and tested with version 2.78test2-gb697fbb

I’m still seeing the server fail to respond to the request message:

Frame 40189 (388 bytes on wire, 388 bytes captured)
Arrival Time: Sep 25, 2017 20:59:01.142813000
[Time delta from previous captured frame: 0.000646000 seconds]
[Time delta from previous displayed frame: 0.000646000 seconds]
[Time since reference or first frame: 149.170698000 seconds]
Frame Number: 40189
Frame Length: 388 bytes
Capture Length: 388 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:bootp]
Ethernet II, Src: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1), Dst: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Destination: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Address: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
Address: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: 33.33.33.33 (33.33.33.33), Dst: 10.168.101.20 (10.168.101.20)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 374
Identification: 0xbd9b (48539)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 255
Protocol: UDP (0x11)
Header checksum: 0x4acd [correct]
[Good: True]
[Bad : False]
Source: 33.33.33.33 (33.33.33.33)
Destination: 10.168.101.20 (10.168.101.20)
User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)
Source port: bootps (67)
Destination port: bootps (67)
Length: 354
Checksum: 0x95d3 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Bootstrap Protocol
Message type: Boot Request (1)
Hardware type: Ethernet
Hardware address length: 6
Hops: 1
Transaction ID: 0x21696b65
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 33.33.33.33 (33.33.33.33)
Client MAC address: 00:0c:29:65:e0:ea (00:0c:29:65:e0:ea)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Request
Option: (53) DHCP Message Type
Length: 1
Value: 03
Option: (t=54,l=4) DHCP Server Identifier = 10.168.101.20
Option: (54) DHCP Server Identifier
Length: 4
Value: 0AA86514
Option: (t=50,l=4) Requested IP Address = 10.168.102.128
Option: (50) Requested IP Address
Length: 4
Value: 0AA86680
Option: (t=55,l=18) Parameter Request List
Option: (55) Parameter Request List
Length: 18
Value: 011C02790F060C28292A1A770379F921FC2A
1 = Subnet Mask
28 = Broadcast Address
2 = Time Offset
121 = Classless Static Route
15 = Domain Name
6 = Domain Name Server
12 = Host Name
40 = Network Information Service Domain
41 = Network Information Service Servers
42 = Network Time Protocol Servers
26 = Interface MTU
119 = Domain Search [TODO]
3 = Router
121 = Classless Static Route
249 = Private/Classless Static Route (Microsoft)
33 = Static Route
252 = Private/Proxy autodiscovery
42 = Network Time Protocol Servers
Option: (t=82,l=44) Agent Information Option
Option: (82) Agent Information Option
Length: 44
Value: 010A01080006004C4F2A002F020658AC78B138E1970A0062...
Agent Circuit ID: 01080006004C4F2A002F
Agent Remote ID: 58AC78B138E1
DHCPv4 Virtual Subnet Selection: 006262742D76786C616E
Server Identifier Override: 0AA86601
Link selection: 10.168.102.0
End Option
Padding




Pls find my dnsmasq.conf as follows:



Take Care
Jason
Hi,
<PastedGraphic-1.tiff>
Take Care
Jason
Post by Chris Novakovic
Post by Jason Kary
Thank you for the update. We are running version 2.66
2.66 is four and a half years old now, and those parts of the codebase
have been overhauled quite a lot since then --- is there any way you can
test your setup with 2.77 plus the patch in [2] from my initial reply
(or, better still, master/HEAD in the git repository)? Also, it'd be
helpful if you could post your full dnsmasq configuration.
Jason Kary
2017-09-28 19:28:11 UTC
Permalink
Hi Folks,

I wanted to follow up and see if anyone is available to help debug this issue? I won’t have the test bed available to me to help out for much longer.

Is there some sort of debug that I could collect to help with the analysis?

Take Care
Jason
Post by Jason Kary
Hi Chris,
I cloned the GIT repository and tested with version 2.78test2-gb697fbb
Frame 40189 (388 bytes on wire, 388 bytes captured)
Arrival Time: Sep 25, 2017 20:59:01.142813000
[Time delta from previous captured frame: 0.000646000 seconds]
[Time delta from previous displayed frame: 0.000646000 seconds]
[Time since reference or first frame: 149.170698000 seconds]
Frame Number: 40189
Frame Length: 388 bytes
Capture Length: 388 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:bootp]
Ethernet II, Src: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1), Dst: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Destination: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Address: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
Address: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: 33.33.33.33 (33.33.33.33), Dst: 10.168.101.20 (10.168.101.20)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 374
Identification: 0xbd9b (48539)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 255
Protocol: UDP (0x11)
Header checksum: 0x4acd [correct]
[Good: True]
[Bad : False]
Source: 33.33.33.33 (33.33.33.33)
Destination: 10.168.101.20 (10.168.101.20)
User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)
Source port: bootps (67)
Destination port: bootps (67)
Length: 354
Checksum: 0x95d3 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Bootstrap Protocol
Message type: Boot Request (1)
Hardware type: Ethernet
Hardware address length: 6
Hops: 1
Transaction ID: 0x21696b65
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 33.33.33.33 (33.33.33.33)
Client MAC address: 00:0c:29:65:e0:ea (00:0c:29:65:e0:ea)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Request
Option: (53) DHCP Message Type
Length: 1
Value: 03
Option: (t=54,l=4) DHCP Server Identifier = 10.168.101.20
Option: (54) DHCP Server Identifier
Length: 4
Value: 0AA86514
Option: (t=50,l=4) Requested IP Address = 10.168.102.128
Option: (50) Requested IP Address
Length: 4
Value: 0AA86680
Option: (t=55,l=18) Parameter Request List
Option: (55) Parameter Request List
Length: 18
Value: 011C02790F060C28292A1A770379F921FC2A
1 = Subnet Mask
28 = Broadcast Address
2 = Time Offset
121 = Classless Static Route
15 = Domain Name
6 = Domain Name Server
12 = Host Name
40 = Network Information Service Domain
41 = Network Information Service Servers
42 = Network Time Protocol Servers
26 = Interface MTU
119 = Domain Search [TODO]
3 = Router
121 = Classless Static Route
249 = Private/Classless Static Route (Microsoft)
33 = Static Route
252 = Private/Proxy autodiscovery
42 = Network Time Protocol Servers
Option: (t=82,l=44) Agent Information Option
Option: (82) Agent Information Option
Length: 44
Value: 010A01080006004C4F2A002F020658AC78B138E1970A0062...
Agent Circuit ID: 01080006004C4F2A002F
Agent Remote ID: 58AC78B138E1
DHCPv4 Virtual Subnet Selection: 006262742D76786C616E
Server Identifier Override: 0AA86601
Link selection: 10.168.102.0
End Option
Padding
<PastedGraphic-1.tiff>
Take Care
Jason
Hi,
<PastedGraphic-1.tiff>
Take Care
Jason
Post by Chris Novakovic
Post by Jason Kary
Thank you for the update. We are running version 2.66
2.66 is four and a half years old now, and those parts of the codebase
have been overhauled quite a lot since then --- is there any way you can
test your setup with 2.77 plus the patch in [2] from my initial reply
(or, better still, master/HEAD in the git repository)? Also, it'd be
helpful if you could post your full dnsmasq configuration.
Jason Kary
2017-09-28 20:44:14 UTC
Permalink
Hi Folks,

I was able to fix the problem by removing the following code:

lines 1107-1108 in rfc2131.c:

if (option_addr(opt).s_addr != override.s_addr)
return 0;

Once I commented out this if statement the client was able to obtain the correct IP address via DHCP Relay. The return 0 was causing the dnsmasq process to just silently ignore the DHCP Request packet.

I do not understand what the above code is checking for and why it is returning 0. Maybe someone can help me the context a bit better?

Take Care
Jason
Post by Jason Kary
Hi Chris,
I cloned the GIT repository and tested with version 2.78test2-gb697fbb
Frame 40189 (388 bytes on wire, 388 bytes captured)
Arrival Time: Sep 25, 2017 20:59:01.142813000
[Time delta from previous captured frame: 0.000646000 seconds]
[Time delta from previous displayed frame: 0.000646000 seconds]
[Time since reference or first frame: 149.170698000 seconds]
Frame Number: 40189
Frame Length: 388 bytes
Capture Length: 388 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:bootp]
Ethernet II, Src: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1), Dst: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Destination: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Address: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
Address: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: 33.33.33.33 (33.33.33.33), Dst: 10.168.101.20 (10.168.101.20)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 374
Identification: 0xbd9b (48539)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 255
Protocol: UDP (0x11)
Header checksum: 0x4acd [correct]
[Good: True]
[Bad : False]
Source: 33.33.33.33 (33.33.33.33)
Destination: 10.168.101.20 (10.168.101.20)
User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)
Source port: bootps (67)
Destination port: bootps (67)
Length: 354
Checksum: 0x95d3 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Bootstrap Protocol
Message type: Boot Request (1)
Hardware type: Ethernet
Hardware address length: 6
Hops: 1
Transaction ID: 0x21696b65
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 33.33.33.33 (33.33.33.33)
Client MAC address: 00:0c:29:65:e0:ea (00:0c:29:65:e0:ea)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Request
Option: (53) DHCP Message Type
Length: 1
Value: 03
Option: (t=54,l=4) DHCP Server Identifier = 10.168.101.20
Option: (54) DHCP Server Identifier
Length: 4
Value: 0AA86514
Option: (t=50,l=4) Requested IP Address = 10.168.102.128
Option: (50) Requested IP Address
Length: 4
Value: 0AA86680
Option: (t=55,l=18) Parameter Request List
Option: (55) Parameter Request List
Length: 18
Value: 011C02790F060C28292A1A770379F921FC2A
1 = Subnet Mask
28 = Broadcast Address
2 = Time Offset
121 = Classless Static Route
15 = Domain Name
6 = Domain Name Server
12 = Host Name
40 = Network Information Service Domain
41 = Network Information Service Servers
42 = Network Time Protocol Servers
26 = Interface MTU
119 = Domain Search [TODO]
3 = Router
121 = Classless Static Route
249 = Private/Classless Static Route (Microsoft)
33 = Static Route
252 = Private/Proxy autodiscovery
42 = Network Time Protocol Servers
Option: (t=82,l=44) Agent Information Option
Option: (82) Agent Information Option
Length: 44
Value: 010A01080006004C4F2A002F020658AC78B138E1970A0062...
Agent Circuit ID: 01080006004C4F2A002F
Agent Remote ID: 58AC78B138E1
DHCPv4 Virtual Subnet Selection: 006262742D76786C616E
Server Identifier Override: 0AA86601
Link selection: 10.168.102.0
End Option
Padding
<PastedGraphic-1.tiff>
Take Care
Jason
Hi,
<PastedGraphic-1.tiff>
Take Care
Jason
Post by Chris Novakovic
Post by Jason Kary
Thank you for the update. We are running version 2.66
2.66 is four and a half years old now, and those parts of the codebase
have been overhauled quite a lot since then --- is there any way you can
test your setup with 2.77 plus the patch in [2] from my initial reply
(or, better still, master/HEAD in the git repository)? Also, it'd be
helpful if you could post your full dnsmasq configuration.
Jason Kary
2017-10-06 13:35:00 UTC
Permalink
Hello,

Does anyone have an issue if we make the change below?

If we keep the code then at the very least the code should log why we are failing.

Take Care
Jason
Post by Jason Kary (jkary)
Hi Folks,
if (option_addr(opt).s_addr != override.s_addr)
return 0;
Once I commented out this if statement the client was able to obtain the correct IP address via DHCP Relay. The return 0 was causing the dnsmasq process to just silently ignore the DHCP Request packet.
I do not understand what the above code is checking for and why it is returning 0. Maybe someone can help me the context a bit better?
Take Care
Jason
Post by Jason Kary
Hi Chris,
I cloned the GIT repository and tested with version 2.78test2-gb697fbb
Frame 40189 (388 bytes on wire, 388 bytes captured)
Arrival Time: Sep 25, 2017 20:59:01.142813000
[Time delta from previous captured frame: 0.000646000 seconds]
[Time delta from previous displayed frame: 0.000646000 seconds]
[Time since reference or first frame: 149.170698000 seconds]
Frame Number: 40189
Frame Length: 388 bytes
Capture Length: 388 bytes
[Frame is marked: False]
[Protocols in frame: eth:ip:udp:bootp]
Ethernet II, Src: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1), Dst: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Destination: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
Address: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Source: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
Address: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
.... ...0 .... .... .... .... = IG bit: Individual address (unicast)
.... ..0. .... .... .... .... = LG bit: Globally unique address (factory default)
Type: IP (0x0800)
Internet Protocol, Src: 33.33.33.33 (33.33.33.33), Dst: 10.168.101.20 (10.168.101.20)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x10 (DSCP 0x04: Unknown DSCP; ECN: 0x00)
0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
.... ..0. = ECN-Capable Transport (ECT): 0
.... ...0 = ECN-CE: 0
Total Length: 374
Identification: 0xbd9b (48539)
Flags: 0x00
0.. = Reserved bit: Not Set
.0. = Don't fragment: Not Set
..0 = More fragments: Not Set
Fragment offset: 0
Time to live: 255
Protocol: UDP (0x11)
Header checksum: 0x4acd [correct]
[Good: True]
[Bad : False]
Source: 33.33.33.33 (33.33.33.33)
Destination: 10.168.101.20 (10.168.101.20)
User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)
Source port: bootps (67)
Destination port: bootps (67)
Length: 354
Checksum: 0x95d3 [validation disabled]
[Good Checksum: False]
[Bad Checksum: False]
Bootstrap Protocol
Message type: Boot Request (1)
Hardware type: Ethernet
Hardware address length: 6
Hops: 1
Transaction ID: 0x21696b65
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 33.33.33.33 (33.33.33.33)
Client MAC address: 00:0c:29:65:e0:ea (00:0c:29:65:e0:ea)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: (OK)
Option: (t=53,l=1) DHCP Message Type = DHCP Request
Option: (53) DHCP Message Type
Length: 1
Value: 03
Option: (t=54,l=4) DHCP Server Identifier = 10.168.101.20
Option: (54) DHCP Server Identifier
Length: 4
Value: 0AA86514
Option: (t=50,l=4) Requested IP Address = 10.168.102.128
Option: (50) Requested IP Address
Length: 4
Value: 0AA86680
Option: (t=55,l=18) Parameter Request List
Option: (55) Parameter Request List
Length: 18
Value: 011C02790F060C28292A1A770379F921FC2A
1 = Subnet Mask
28 = Broadcast Address
2 = Time Offset
121 = Classless Static Route
15 = Domain Name
6 = Domain Name Server
12 = Host Name
40 = Network Information Service Domain
41 = Network Information Service Servers
42 = Network Time Protocol Servers
26 = Interface MTU
119 = Domain Search [TODO]
3 = Router
121 = Classless Static Route
249 = Private/Classless Static Route (Microsoft)
33 = Static Route
252 = Private/Proxy autodiscovery
42 = Network Time Protocol Servers
Option: (t=82,l=44) Agent Information Option
Option: (82) Agent Information Option
Length: 44
Value: 010A01080006004C4F2A002F020658AC78B138E1970A0062...
Agent Circuit ID: 01080006004C4F2A002F
Agent Remote ID: 58AC78B138E1
DHCPv4 Virtual Subnet Selection: 006262742D76786C616E
Server Identifier Override: 0AA86601
Link selection: 10.168.102.0
End Option
Padding
<PastedGraphic-1.tiff>
Take Care
Jason
Hi,
<PastedGraphic-1.tiff>
Take Care
Jason
Post by Chris Novakovic
Post by Jason Kary
Thank you for the update. We are running version 2.66
2.66 is four and a half years old now, and those parts of the codebase
have been overhauled quite a lot since then --- is there any way you can
test your setup with 2.77 plus the patch in [2] from my initial reply
(or, better still, master/HEAD in the git repository)? Also, it'd be
helpful if you could post your full dnsmasq configuration.
Simon Kelley
2017-10-10 21:50:35 UTC
Permalink
That code is only being executed because your DHCP relay is including
the agent-id option in requests with sub-option 11, server-identifier
override.

It would be worth reading RFC 5107 to get more background on this.

The idea is that the server-identifier IP address in the DHCP exchange
should be the IP address of the _relay_ and not the IP address of the
DHCP server. This ensures that _all_ DHCP exchanges take place through
the relay. (Otherwise, the server-id is the address of the server, and
when the client comes to renew the lease, it will unicast direct to the
server, bypassing the relay)

Note that this is sufficently unusual case that I certainly can't rule
out dnsmasq bugs, but it's worth looking at what the value of the
server-id options are in all the packets, and what your relay is adding
as option 82 - suboption 11. These should be the same and be the address
of the relay. I can't tell if they are because your tcpdump has
unhelpfully resolved the serverid address to dhcp-server.localdomain,
but that doesn't look hopeful :)


Cheers,

Simon.
Post by Jason Kary (jkary)
Hi Folks,
 if (option_addr(opt).s_addr != override.s_addr)
   return 0;
Once I commented out this if statement the client was able to obtain the
correct IP address via DHCP Relay.  The return 0 was causing the dnsmasq
process to just silently ignore the DHCP Request packet.
I do not understand what the above code is checking for and why it is
returning 0.  Maybe someone can help me the context a bit better?
Take Care
Jason
Post by Jason Kary
Hi Chris,
I cloned the GIT repository and tested with version 2.78test2-gb697fbb 
Frame 40189 (388 bytes on wire, 388 bytes captured)
   Arrival Time: Sep 25, 2017 20:59:01.142813000
   [Time delta from previous captured frame: 0.000646000 seconds]
   [Time delta from previous displayed frame: 0.000646000 seconds]
   [Time since reference or first frame: 149.170698000 seconds]
   Frame Number: 40189
   Frame Length: 388 bytes
   Capture Length: 388 bytes
   [Frame is marked: False]
   [Protocols in frame: eth:ip:udp:bootp]
00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
   Destination: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
       Address: 00:0c:29:cf:10:0b (00:0c:29:cf:10:0b)
       .... ...0 .... .... .... .... = IG bit: Individual address
(unicast)
       .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
   Source: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
       Address: 58:ac:78:b1:38:e1 (58:ac:78:b1:38:e1)
       .... ...0 .... .... .... .... = IG bit: Individual address
(unicast)
       .... ..0. .... .... .... .... = LG bit: Globally unique address
(factory default)
   Type: IP (0x0800)
Internet Protocol, Src: 33.33.33.33 (33.33.33.33), Dst: 10.168.101.20 (10.168.101.20)
   Version: 4
   Header length: 20 bytes
0x00)
       0001 00.. = Differentiated Services Codepoint: Unknown (0x04)
       .... ..0. = ECN-Capable Transport (ECT): 0
       .... ...0 = ECN-CE: 0
   Total Length: 374
   Identification: 0xbd9b (48539)
   Flags: 0x00
       0.. = Reserved bit: Not Set
       .0. = Don't fragment: Not Set
       ..0 = More fragments: Not Set
   Fragment offset: 0
   Time to live: 255
   Protocol: UDP (0x11)
   Header checksum: 0x4acd [correct]
       [Good: True]
       [Bad : False]
   Source: 33.33.33.33 (33.33.33.33)
   Destination: 10.168.101.20 (10.168.101.20)
User Datagram Protocol, Src Port: bootps (67), Dst Port: bootps (67)
   Source port: bootps (67)
   Destination port: bootps (67)
   Length: 354
   Checksum: 0x95d3 [validation disabled]
       [Good Checksum: False]
       [Bad Checksum: False]
Bootstrap Protocol
   Message type: Boot Request (1)
   Hardware type: Ethernet
   Hardware address length: 6
   Hops: 1
   Transaction ID: 0x21696b65
   Seconds elapsed: 0
   Bootp flags: 0x0000 (Unicast)
       0... .... .... .... = Broadcast flag: Unicast
       .000 0000 0000 0000 = Reserved flags: 0x0000
   Client IP address: 0.0.0.0 (0.0.0.0)
   Your (client) IP address: 0.0.0.0 (0.0.0.0)
   Next server IP address: 0.0.0.0 (0.0.0.0)
   Relay agent IP address: 33.33.33.33 (33.33.33.33)
   Client MAC address: 00:0c:29:65:e0:ea (00:0c:29:65:e0:ea)
   Client hardware address padding: 00000000000000000000
   Server host name not given
   Boot file name not given
   Magic cookie: (OK)
   Option: (t=53,l=1) DHCP Message Type = DHCP Request
       Option: (53) DHCP Message Type
       Length: 1
       Value: 03
   Option: (t=54,l=4) DHCP Server Identifier = 10.168.101.20
       Option: (54) DHCP Server Identifier
       Length: 4
       Value: 0AA86514
   Option: (t=50,l=4) Requested IP Address = 10.168.102.128
       Option: (50) Requested IP Address
       Length: 4
       Value: 0AA86680
   Option: (t=55,l=18) Parameter Request List
       Option: (55) Parameter Request List
       Length: 18
       Value: 011C02790F060C28292A1A770379F921FC2A
       1 = Subnet Mask
       28 = Broadcast Address
       2 = Time Offset
       121 = Classless Static Route
       15 = Domain Name
       6 = Domain Name Server
       12 = Host Name
       40 = Network Information Service Domain
       41 = Network Information Service Servers
       42 = Network Time Protocol Servers
       26 = Interface MTU
       119 = Domain Search [TODO]
       3 = Router
       121 = Classless Static Route
       249 = Private/Classless Static Route (Microsoft)
       33 = Static Route
       252 = Private/Proxy autodiscovery
       42 = Network Time Protocol Servers
   Option: (t=82,l=44) Agent Information Option
       Option: (82) Agent Information Option
       Length: 44
       Value: 010A01080006004C4F2A002F020658AC78B138E1970A0062...
       Agent Circuit ID: 01080006004C4F2A002F
       Agent Remote ID: 58AC78B138E1
       DHCPv4 Virtual Subnet Selection: 006262742D76786C616E
       Server Identifier Override: 0AA86601
       Link selection: 10.168.102.0
   End Option
   Padding
<PastedGraphic-1.tiff>
Take Care
Jason
Hi,
<PastedGraphic-1.tiff>
Take Care
Jason
Post by Chris Novakovic
Thank you for the update.  We are running version 2.66
2.66 is four and a half years old now, and those parts of the codebase
have been overhauled quite a lot since then --- is there any way you can
test your setup with 2.77 plus the patch in [2] from my initial reply
(or, better still, master/HEAD in the git repository)? Also, it'd be
helpful if you could post your full dnsmasq configuration.
_______________________________________________
Dnsmasq-discuss mailing list
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
Loading...