dhcpd omits server id (option 54) in NAK to a RENEW request

Tue, 23 Mar 2010 14:52:59 -0700 

Hi,

I stumbled upon a dhcp server problem with OpenBSD 4.6 dhcp server:

Whenever a client tries to renew its lease and the dhcp server agrees,
an ACK is returned to the client that contains option 54 (Server Id)
if the client had this option present in the renew request.
If for whatever reason, the server sees a conflict and NAK's the
clients' renew request, it doesn't return the option 54 when it was
present in the renew request.

Now according to RFC 2132 thats ok: "This option is used in DHCPOFFER
and DHCPREQUEST messages, and may
optionally be included in the DHCPACK and DHCPNAK messages"

But when using it in relation with a dhcp relay proxy setup for
subscriber management, the NAK gets dropped instead of forwarded due
to a check if the options provided from the server matches the ones
from the renew request.

Another way to look at it is that IMHO the behavior regarding the
option in question should be equal if the server response is an ACK or
a NAK. Or do I miss here something? Shall I open a bug for it?

A possible patch that copies the received server id, if present, is this:

--- dhcp.c.orig Tue Jan 26 08:05:24 2010
+++ dhcp.c      Thu Jan 28 05:45:02 2010
@@ -575,6 +575,23 @@
        options[DHO_DHCP_MESSAGE]->timeout = -1;
        options[DHO_DHCP_MESSAGE]->tree = NULL;

+       /* If we were given Server Id with the RENEW request,
+           respond also with it. Its done for NAK as well and
+           at least one routing hardware vendor depends on it
+           when using dhcp relay proxy mode
+         */
+       if (packet->options[DHO_DHCP_SERVER_IDENTIFIER].len) {
+               /* Set SERVER_IDENTIFIER */
+               options[DHO_DHCP_SERVER_IDENTIFIER] = &dhcpmsg_tree;
+/*             options[DHO_DHCP_MESSAGE]->value =
packet->options[DHO_DHCP_SERVER_IDENTIFIER]->value; */
+
bcopy(packet->options[DHO_DHCP_SERVER_IDENTIFIER].data,
options[DHO_DHCP_SERVER_IDENTIFIER]->value,
+                       packet->options[DHO_DHCP_SERVER_IDENTIFIER].len);
+               options[DHO_DHCP_SERVER_IDENTIFIER]->len =
packet->options[DHO_DHCP_SERVER_IDENTIFIER].len;
+               options[DHO_DHCP_SERVER_IDENTIFIER]->buf_size =
packet->options[DHO_DHCP_SERVER_IDENTIFIER].len;
+               options[DHO_DHCP_SERVER_IDENTIFIER]->timeout = -1;
+               options[DHO_DHCP_SERVER_IDENTIFIER]->tree = NULL;
+       }
+
        /* Do not use the client's requested parameter list. */
        i = DHO_DHCP_PARAMETER_REQUEST_LIST;
        if (packet->options[i].data) {

This patch actually solved the problem I dealt with but certainly
needs a clean rewrite I guess ;-)

many thanks

Marcel

Reply via email to