On Friday 12 Dec 2014 15:51:20 John D. Baker wrote: > I've been using NetBSD/sparc as a router/firewall for a long time. My > ADSL service provider uses DHCP for address assignment. When I first > started using ADSL, I was using ISC 'dhclient' and it worked quite well > in exchange for having to do some fiddly bits in the "/etc/ifconfig.xxx" > file. > > In the netbsd-6 era, with 'dhcpcd' being the default mechanism for a > simple "dhcp" configuration line, I figured I'd give it a try for handling > the upstream connection to my ISP. It has required even more fiddly > business to make it work than its alternative. At present, using > netbsd-7, the most vexing problem is as follows: > > Following an update and a reboot, 'dhcpcd' ignores the "/20" netmask > presented by the ISP's DHCP server and instead installs the address with > a "/8" netmask instead (the address assigned by the DHCP server would > otherwise be a Class A were it not for the "/20" netmask). > > This, naturally, cuts off vast swaths of T3h Intarw3bz (most notably > Google) since my router then assumes they are on the same network and > expects to get a response via ARP. > > Using '/etc/rc.d/network restart' gets things working again, but it's > still not right. The ISP's DHCP server again issues a "/20" netmask, > but this time, 'dhcpcd' installs a "/24" netmask instead. It installs > a route to the "/20" network along with the nearest "/24" network. > > My ISP's upstream router is operating as a DHCP relay as the DHCP > server is on an entirely different network from that presented by > the upstream router. Perhaps this causes confusion?
Possibly. Can you email me a full tcpdump off the DHCP message so I can analyse it please? > > My ISP seems to suffer prolonged outages of its upstream router, so > when the lease expires, an IPv4LL/APIPA address is assigned and this > also frequently has the wrong netmask (usually /24 instead of /16). > > I don't know if this is architecture-dependent or not. Perhaps I'll > copy my firewall rules over to one of my Soekris net4501s and see how > it behaves on an i386 system in place of the sparc system. (I have a > local patch to work around kern/49124 for -7/-current.) I cannot replicate this on i386, a /20 is assigned fine from my local ISC dhcpd server using dhcpcd-6.6.5. I suppose I cannot rule out any architectural problems and I don't have any big endian hardware to test on, but I've not heard of any problems with dhcpcd on these platforms. Does anyone else on bigendian have a problem with dhcpcd and subnet masks? Roy
