Discussion:
[Dnsmasq-discuss] iPhones not getting proper dhcp
Jeff Boyce
2017-08-24 20:47:28 UTC
Permalink
Greetings -

I have an issue in our office where the iPhones are not able to receive
an internet connection through our wireless access point. I believe I
have it narrowed it down to a DHCP issue by looking at how the Android
phones connect and looking at the log files, but am not sure of the root
problem and how to resolve it.

The appropriate network map is:
Network Gateway is at 192.168.112.11 (a pfSense firewall router)
Wireless Access Point is at 192.168.112.12 (an Ubiquiti UniFi
AP-AC-Pro)
Dnsmasq on CentOS VM is at 192.168.112.51

Dnsmasq has static addresses assigned to desktop systems in the office,
but provides dhcp addresses to wireless clients. The dnsmasq
configuration is:

bogus-priv
filterwin2k
strict-order
server=/pfgateway.mei.lan/192.168.112.11
local=/mei.lan/
expand-hosts
domain=mei.lan
dhcp-range=192.168.112.100,192.168.112.199,1h
# Desktop Systems
dhcp-host=jab-prec3610,192.168.112.101,24h
dhcp-host=gwg-lat7480,192.168.112.104,24h
dhcp-host=jsn-lat6420,192.168.112.105,24h
dhcp-host=rdr-lat6540,192.168.112.106,24h
dhcp-host=jks-lat6540,192.168.112.107,24h
# Field Laptops
dhcp-host=jks-e6500,192.168.112.121,24h
dhcp-host=rdr-d830,192.168.112.122,24h
# Wireless Access Point
dhcp-host=04:18:d6:c0:b3:2e,192.168.112.12,24h
dhcp-option=3,192.168.112.11
dhcp-option=44,192.168.112.50 # Wins (samba) Server is on Sequoia
dhcp-option=45,192.168.112.50 # Wins (samba) Server is on Sequoia
dhcp-option=46,8
dhcp-option=vendor:MSFT,2,1i
log-facility=/var/log/dsnmasq.log
log-dhcp

Looking at the Ubiquiti Access Point web interface of the clients as
they connect it shows Android devices get an IP address in the range of
192.168.112/24 as expected. However, iPhone clients get an IP address
such as 169.254.55.140. I assumed from this that there is some issue
with getting a proper IP address from the dhcp server, and
169.254.55.xxx is a default network for the Apple devices. So the
iPhones connect to the wireless access point, but they will not have an
internet connection.

So I pulled the logs from dnsmasq showing an Android phone connecting,
an iPhone connecting, and also the Apple Watch that is tethered to the
iPhone. From this I can see that the iPhone is being offered the
address of 192.168.112.112. I have checked the dnsmasq.leases file and
can see that this address is not used elsewhere on the network. The
logs are listed below.

Android

Aug 24 11:51:09 dnsmasq-dhcp[26073]: 2392689489 Available DHCP range:
192.168.112.100 -- 192.168.112.199

Aug 24 11:51:09 dnsmasq-dhcp[26073]: 2392689489 client provides name:
android-66f1326de74eb90e

Aug 24 11:51:09 dnsmasq-dhcp[26073]: 2392689489 Vendor class: dhcpcd-5.5.6

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 DHCPDISCOVER(eth0)
d0:22:be:cc:4c:57

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 DHCPOFFER(eth0)
192.168.112.109 d0:22:be:cc:4c:57

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 requested options:
1:netmask, 33:static-route, 3:router, 6:dns-server,

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 requested options:
15:domain-name, 26:mtu, 28:broadcast, 51:lease-time,

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 requested options:
58:T1, 59:T2

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 tags: eth0

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 next server: 192.168.112.51

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:1 option:
53:message-type02

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
54:server-identifier192.168.112.51

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
51:lease-time00:00:0e:10

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
58:T100:00:07:08

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
59:T200:00:0c:4e

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4
option:1:netmask255.255.255.0

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
28:broadcast192.168.112.255

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4
option:6:dns-server192.168.112.51

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:7 option:
15:domain-namemei.lan

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4
option:3:router192.168.112.11

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 Available DHCP range:
192.168.112.100 -- 192.168.112.199

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 client provides name:
android-66f1326de74eb90e

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 Vendor class: dhcpcd-5.5.6

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 DHCPREQUEST(eth0)
192.168.112.109 d0:22:be:cc:4c:57

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 DHCPACK(eth0)
192.168.112.109 d0:22:be:cc:4c:57 android-66f1326de74eb90e

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 requested options:
1:netmask, 33:static-route, 3:router, 6:dns-server,

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 requested options:
15:domain-name, 26:mtu, 28:broadcast, 51:lease-time,

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 requested options:
58:T1, 59:T2

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 tags: eth0

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 next server: 192.168.112.51

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:1 option:
53:message-type05

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
54:server-identifier192.168.112.51

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
51:lease-time00:00:0e:10

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
58:T100:00:07:08

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
59:T200:00:0c:4e

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4
option:1:netmask255.255.255.0

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4 option:
28:broadcast192.168.112.255

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4
option:6:dns-server192.168.112.51

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:7 option:
15:domain-namemei.lan

Aug 24 11:51:12 dnsmasq-dhcp[26073]: 2392689489 sent size:4
option:3:router192.168.112.11

iPhone

Aug 24 11:51:14 dnsmasq-dhcp[26073]: 3282959948 Available DHCP range:
192.168.112.100 -- 192.168.112.199

Aug 24 11:51:14 dnsmasq-dhcp[26073]: 3282959948 client provides name:
Robbanks-iPhone

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 DHCPDISCOVER(eth0)
e0:c7:67:89:d1:0c

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 DHCPOFFER(eth0)
192.168.112.112 e0:c7:67:89:d1:0c

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 requested options:
1:netmask, 121:classless-static-route, 3:router,

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 requested options:
6:dns-server, 15:domain-name, 119:domain-search,

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 requested options: 252

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 tags: eth0

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 next server: 192.168.112.51

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:1 option:
53:message-type02

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4 option:
54:server-identifier192.168.112.51

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4 option:
51:lease-time00:00:0e:10

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4 option:
58:T100:00:07:08

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4 option:
59:T200:00:0c:4e

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4
option:1:netmask255.255.255.0

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4 option:
28:broadcast192.168.112.255

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4
option:6:dns-server192.168.112.51

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:7 option:
15:domain-namemei.lan

Aug 24 11:51:17 dnsmasq-dhcp[26073]: 3282959948 sent size:4
option:3:router192.168.112.11

Apple Watch (linked to above iPhone)

Aug 24 11:59:04 dnsmasq-dhcp[26073]: 2153487984 Available DHCP range:
192.168.112.100 -- 192.168.112.199

Aug 24 11:59:04 dnsmasq-dhcp[26073]: 2153487984 client provides name:
RobynsApleWatch

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 DHCPDISCOVER(eth0)
c0:ce:cd:dc:24:b4

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 DHCPOFFER(eth0)
192.168.112.127 c0:ce:cd:dc:24:b4

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 requested options:
1:netmask, 121:classless-static-route, 3:router,

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 requested options:
6:dns-server, 15:domain-name, 119:domain-search,

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 requested options: 252

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 tags: eth0

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 next server: 192.168.112.51

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:1 option:
53:message-type02

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4 option:
54:server-identifier192.168.112.51

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4 option:
51:lease-time00:00:0e:10

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4 option:
58:T100:00:07:08

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4 option:
59:T200:00:0c:4e

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4
option:1:netmask255.255.255.0

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4 option:
28:broadcast192.168.112.255

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4
option:6:dns-server192.168.112.51

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:7 option:
15:domain-namemei.lan

Aug 24 11:59:07 dnsmasq-dhcp[26073]: 2153487984 sent size:4
option:3:router192.168.112.11

I want to say that this is an Apple iPhone issue because it is occurring
only with the iPhones in the office, and not anything else. However, I
don't know where to look any further and am hoping someone can give me
some pointers on further diagnosing this, or if an obvious solution is
available that I am unaware of. Thanks.

Jeff
--
Jeff Boyce
Meridian Environmental
Jeff Boyce
2017-08-25 18:30:28 UTC
Permalink
Thanks for the response Andras

I was unfamiliar with MAC address randomization, but after learning
about it and checking the logs over the last week I can see that the MAC
address for an iOS client is not being changed.

I have done some more investigation and am more certain this is a dhcp
(client?) issue, but I don't see anything indicating that it is a
dnsmasq issue. I will explain further what I am seeing from a Wireshark
capture on the dnsmasq server.

1. iPhone Client broadcasts a DHCP Discover (source IP 0.0.0.0,
destination IP 255.255.255.255)
a. Client MAC address identifies it as the iPhone that has had
previous issues connecting.

2. DHCP Server replies to the iPhone Client with a DHCP Offer (source
IP 192.168.112.51, destination IP 192.168.112.202)
a. The destination IP, lease time, and other DHCP options correctly
match the DHCP configuration

3. The DHCP Discover and DHCP Offer repeat numerous times during a
1-minute period.

4. The iPhone Client never sends a DHCP Request back to the Server.

5. After approximately 1-minute I can see in the web interface for my
wireless access point that the iPhone assigns itself a Link-Local
address in the 169.254.0.0/16 address range.

I have tried assigning a static IP address in dnsmasq for this client
based on it's MAC address and it is correctly picked up and used by
dnsmasq for the DHCP Offer.

Watching the dhcp log files and the wireless AP web interface, I have
seen this iPhone on a few occasions be assigned the correct LAN IP
address (can see DHCP Requests and DHCP Acks), however it does not stay
longer than a minute or so. In the logs I have also seen the iPhone
client give a DHCP Request for an address in the 10.0.0.0/24 range, and
the DHCP Server responds with a DHCP NAK, wrong address. The iPhone
user does not know if the 10.0.0.0/24 address range is their home network.

Also, to be clear the issue occurs with all the iPhones in the office
and is not just isolated to this one that I am testing with.

Any other suggestions or ideas. Let me know if there is a better list
to send this to, since I don't think the issue is dnsmasq related. Thanks.

Jeff
Jeff,
Post by Jeff Boyce
I have an issue in our office where the iPhones are not able to
receive an internet connection through our wireless access point.
Is this perhaps related to MAC address randomization that was introduced
in iOS a while back, interacting badly with the DHCP server?
--
Jeff Boyce
Meridian Environmental
Loading...