Hello all, On my firewall I have a bit of a complex setup in terms of interfaces. I do VLAN trunking / subifs, SQM for bufferbloat, and some “aliases” (ex: eth0:0 - secondary IP on same subnet).
Under ISC dhcpd I don’t see this behavior. I discovered this (no pun intended) with a Nagios check_dhcp script. If I send a unicast request direct to the server, I get one response. If I send a broadcast - it seems the server is “hearing it twice” ? I see multiple replies in the logs for actual clients as well. In the middle of writing this message, I decided to try messing with the alias. Seems to be the culprit. If I ifdown the alias interface - I get one response. Seems like Kea binds (??) to the alias as well - even though it’s not defined in the interfaces in config. I could bring it back up after Kea was running and everything was fine. It’s only when Kea starts and this alias exists that I get this behavior (i.e. on a fresh boot). Also to be very clear, not only is this an alias, but it’s an alias on a VLAN subif. Don’t know how much that matters: enp1s0f4d1.10:0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 192.168.64.10 netmask 255.255.255.0 broadcast 192.168.64.255 ether 00:07:43:16:0d:e8 txqueuelen 1000 (Ethernet) Is there some knob that can be turned to pare this down to just the actual interface in the config ? Or did I stumble on a bug ? Thanks. Some output: With Kea running - single server: root@nms:/home/vom# /usr/local/nagios/libexec/check_dhcp -i ens192 -v DHCP socket: 3 Hardware address: 00:0c:29:33:58:37 DHCPDISCOVER to 255.255.255.255 port 67 DHCPDISCOVER XID: 155217937 (0x9407011) DHCDISCOVER ciaddr: 0.0.0.0 DHCDISCOVER yiaddr: 0.0.0.0 DHCDISCOVER siaddr: 0.0.0.0 DHCDISCOVER giaddr: 0.0.0.0 send_dhcp_packet result: 548 recv_result_1: 309 recv_result_2: 309 receive_dhcp_packet() result: 309 receive_dhcp_packet() source: 192.168.64.1 Result=OK DHCPOFFER from IP address 192.168.64.1 via 192.168.64.1 DHCPOFFER XID: 155217937 (0x9407011) DHCPOFFER chaddr: 000C29335837 DHCPOFFER ciaddr: 0.0.0.0 DHCPOFFER yiaddr: 192.168.64.129 DHCPOFFER siaddr: 0.0.0.0 DHCPOFFER giaddr: 0.0.0.0 Option: 53 (0x01) Option: 1 (0x04) Option: 3 (0x04) Option: 6 (0x08) Option: 15 (0x11) Option: 51 (0x04) Option: 54 (0x04) Option: 58 (0x04) Option: 59 (0x04) Lease Time: 86400 seconds Renewal Time: 43200 seconds Rebinding Time: 75600 seconds Added offer from server @ 192.168.64.1 of IP address 192.168.64.129 recv_result_1: 309 recv_result_2: 309 receive_dhcp_packet() result: 309 receive_dhcp_packet() source: 192.168.64.1 Result=OK DHCPOFFER from IP address 192.168.64.1 via 192.168.64.1 DHCPOFFER XID: 155217937 (0x9407011) DHCPOFFER chaddr: 000C29335837 DHCPOFFER ciaddr: 0.0.0.0 DHCPOFFER yiaddr: 192.168.64.130 DHCPOFFER siaddr: 0.0.0.0 DHCPOFFER giaddr: 0.0.0.0 Option: 53 (0x01) Option: 1 (0x04) Option: 3 (0x04) Option: 6 (0x08) Option: 15 (0x11) Option: 51 (0x04) Option: 54 (0x04) Option: 58 (0x04) Option: 59 (0x04) Lease Time: 86400 seconds Renewal Time: 43200 seconds Rebinding Time: 75600 seconds Added offer from server @ 192.168.64.1 of IP address 192.168.64.130 No (more) data received (nfound: 0) Result=ERROR Total responses seen on the wire: 2 Valid responses for this machine: 2 OK: Received 2 DHCPOFFER(s), max lease time = 86400 sec. With dhcpd: root@nms:/home/vom# /usr/local/nagios/libexec/check_dhcp -i ens192 -v DHCP socket: 3 Hardware address: 00:0c:29:33:58:37 DHCPDISCOVER to 255.255.255.255 port 67 DHCPDISCOVER XID: 2285418180 (0x8838B6C4) DHCDISCOVER ciaddr: 0.0.0.0 DHCDISCOVER yiaddr: 0.0.0.0 DHCDISCOVER siaddr: 0.0.0.0 DHCDISCOVER giaddr: 0.0.0.0 send_dhcp_packet result: 548 recv_result_1: 312 recv_result_2: 312 receive_dhcp_packet() result: 312 receive_dhcp_packet() source: 192.168.64.1 Result=OK DHCPOFFER from IP address 192.168.64.1 via 192.168.64.1 DHCPOFFER XID: 2285418180 (0x8838B6C4) DHCPOFFER chaddr: 000C29335837 DHCPOFFER ciaddr: 0.0.0.0 DHCPOFFER yiaddr: 192.168.64.212 DHCPOFFER siaddr: 0.0.0.0 DHCPOFFER giaddr: 0.0.0.0 Option: 53 (0x01) Option: 54 (0x04) Option: 51 (0x04) Option: 1 (0x04) Option: 3 (0x04) Option: 6 (0x08) Option: -4 (0x01) Option: 2 (0x04) Option: 42 (0x04) Option: 15 (0x11) Lease Time: 300 seconds Renewal Time: 0 seconds Rebinding Time: 0 seconds Added offer from server @ 192.168.64.1 of IP address 192.168.64.212 No (more) data received (nfound: 0) Result=ERROR Total responses seen on the wire: 1 Valid responses for this machine: 1 OK: Received 1 DHCPOFFER(s), max lease time = 300 sec. Here is a “real” transaction. Note the same XID, 2 IPs offered, and one ACKed: root@ice:/home/vom# grep kea /var/log/messages | grep 0x18a954de Jun 9 18:00:52 ice kea-dhcp4: INFO DHCP4_LEASE_ADVERT [hwtype=1 3c:a6:f6:11:6a:42], cid=[01:3c:a6:f6:11:6a:42], tid=0x18a954de: lease 192.168.64.138 will be advertised Jun 9 18:00:52 ice kea-dhcp4: INFO DHCP4_LEASE_ADVERT [hwtype=1 3c:a6:f6:11:6a:42], cid=[01:3c:a6:f6:11:6a:42], tid=0x18a954de: lease 192.168.64.139 will be advertised Jun 9 18:00:53 ice kea-dhcp4: INFO DHCP4_LEASE_ALLOC [hwtype=1 3c:a6:f6:11:6a:42], cid=[01:3c:a6:f6:11:6a:42], tid=0x18a954de: lease 192.168.64.138 has been allocated for 86400 seconds Jun 9 18:00:53 ice kea-dhcp4: INFO DHCP4_LEASE_ALLOC [hwtype=1 3c:a6:f6:11:6a:42], cid=[01:3c:a6:f6:11:6a:42], tid=0x18a954de: lease 192.168.64.138 has been allocated for 86400 seconds -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users