dhcp issueshttps://gitlab.isc.org/isc-projects/dhcp/-/issues2023-10-18T01:29:52Zhttps://gitlab.isc.org/isc-projects/dhcp/-/issues/1016KEA DHCPv6 server not receving incoming DHCPv6 messages2023-10-18T01:29:52ZJordy BenavidesKEA DHCPv6 server not receving incoming DHCPv6 messagesHi Friends,
I´m having an issue with kea dhcpv6 server is not receiving any kind of messages from clients as I demostrate in the picture bellow
![image](/uploads/86e6914ae5226a7465e9d78e20d9b047/image.png)
but I connected a mikrotik i...Hi Friends,
I´m having an issue with kea dhcpv6 server is not receiving any kind of messages from clients as I demostrate in the picture bellow
![image](/uploads/86e6914ae5226a7465e9d78e20d9b047/image.png)
but I connected a mikrotik instead with the same configuration and worked any idea ??
This is my interface configuration, kea services are running on ubuntu server 22 lts
network:
ethernets:
eno1:
addresses:
- 1.1.1.1/30
- 2000:1300:2400:4000::3/50
nameservers:
addresses:
- 8.8.8.8
- 2001:4860:4860::8888
accept-ra: true
routes:
- to: 192.168.8.0/24
via: 10.1.1.1
- to: ::/0
via: 2000:1300:2400:4000::1
- to: 10.0.0.0/8
via: x.x.x.x
eno2:
dhcp4: true
dhcp6: true
This is my dhcpv6 configuration file
{
# DHCPv6 configuration starts on the next line
"Dhcp6": {
# First we set up global values
"valid-lifetime": 4000,
"renew-timer": 1000,
"rebind-timer": 2000,
"preferred-lifetime": 3000,
# Next we set up the interfaces to be used by the server.
"interfaces-config": {
"interfaces": [ "eno1" ]
},
# And we specify the type of lease database
"lease-database": {
"type": "memfile",
"persist": true,
"name": "/var/lib/kea/dhcp6.leases"
},
# Finally, we list the subnets from which we will be leasing addresses.
"subnet6": [
{
"subnet": "2000:1300:2404::/48",
"pd-pools": [
{
"prefix": "2000:1300:2404::",
"prefix-len": 48,
"delegated-len": 56
}
]
}
]
# DHCPv6 configuration ends with the next line
}
}https://gitlab.isc.org/isc-projects/dhcp/-/issues/289DHCPv4 SerDHCPv4 Server Lease file is not getting cleared when the clients ar...2023-09-18T20:58:12ZAarthi TDHCPv4 SerDHCPv4 Server Lease file is not getting cleared when the clients are not active
ISC Dhcp server lease file is persistent and not getting cleared when the clients are inactive.
Say there are 100 lease entries in dhcpv4 server leases (dhcpdv4.leases) . Then the clients are disabled. No lease update for 2 hours (or e...
ISC Dhcp server lease file is persistent and not getting cleared when the clients are inactive.
Say there are 100 lease entries in dhcpv4 server leases (dhcpdv4.leases) . Then the clients are disabled. No lease update for 2 hours (or even more) .
As per the design the file should be backed up every 1 hour and new lease file has to be created. But when the client is disabled, and no lease update happens, the file is not removed from the system.
ver Lease file is not getting cleared when the clients are not activehttps://gitlab.isc.org/isc-projects/dhcp/-/issues/282Symptoms of dhcp.conf file disappearance after baremetal power-off to power-on2023-06-01T06:59:12Zalven-kimSymptoms of dhcp.conf file disappearance after baremetal power-off to power-on---
name: Bug report
about: Create a report to help us improve
---
**Description**
All files in the /etc/dhcpd.conf.d/ directory are missing.
I worked power-off the server and power-on.
Configuration file missing after power off -> o...---
name: Bug report
about: Create a report to help us improve
---
**Description**
All files in the /etc/dhcpd.conf.d/ directory are missing.
I worked power-off the server and power-on.
Configuration file missing after power off -> on
/etc/dhcpd.conf.d/dhcpd.master, /etc/dhcpd.conf.d/dhcpd.master
Is there a way to recover existing files for?
Please refer to the information below for more information.
**Environment**
- OS : Debian10
- Kernel : 4.19.0-16-amd64 #1 SMP Debian 4.19.181-1 (2021-03-19) x86_64 GNU/Linux
- etc : Baremetal
**Additional context**
Add any other context about the feature request here.
- 2023/05/26 21:58 baremetal power-off
- 2023/05/27 03:10 baremetal power-on
after, syslog : No such file or directory
1. power-off log
```
May 26 21:58:01 dhcp01 CRON[33764]: pam_unix(cron:session): session opened for user librenms by (uid=0)
May 26 21:58:01 dhcp01 CRON[33767]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33766]: pam_unix(cron:session): session opened for user librenms by (uid=0)
May 26 21:58:01 dhcp01 CRON[33768]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33765]: pam_unix(cron:session): session opened for user librenms by (uid=0)
May 26 21:58:01 dhcp01 CRON[33769]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33780]: (myuser) CMD (sleep 55; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33782]: (myuser) CMD (sleep 50; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33779]: (librenms) CMD ( /opt/librenms/ping.php >> /dev/null 2>&1)
May 26 21:58:01 dhcp01 CRON[33781]: (librenms) CMD ( /opt/librenms/alerts.php >> /dev/null 2>&1)
May 26 21:58:01 dhcp01 CRON[33783]: (myuser) CMD (sleep 45; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33784]: (librenms) CMD ( cd /opt/librenms/ && php artisan schedule:run >> /dev/null 2>&1)
May 26 21:58:01 dhcp01 CRON[33770]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33771]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33773]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33785]: (myuser) CMD (sleep 40; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33774]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33776]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33778]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33786]: (myuser) CMD (sleep 35; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33787]: (myuser) CMD (sleep 25; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33775]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33777]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33772]: pam_unix(cron:session): session opened for user myuser by (uid=0)
May 26 21:58:01 dhcp01 CRON[33788]: (myuser) CMD (sleep 20; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33789]: (myuser) CMD (bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33790]: (myuser) CMD (sleep 10; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33791]: (myuser) CMD (sleep 15; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33792]: (myuser) CMD (sleep 5; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33793]: (myuser) CMD (sleep 30; bash /home/myuser/test_simple_api/run.sh check & bash /home/myuser/test_simple_api02/run.sh check)
May 26 21:58:01 dhcp01 CRON[33778]: pam_unix(cron:session): session closed for user myuser
May 26 21:58:01 dhcp01 CRON[33766]: pam_unix(cron:session): session closed for user librenms
May 26 21:58:01 dhcp01 CRON[33765]: pam_unix(cron:session): session closed for user librenms
May 26 21:58:02 dhcp01 dhcpd[12662]: DHCPDISCOVER from 2c:ea:7f:5e:5c:15 via eno1: network 10.30.2.0/24: no free leases
May 26 21:58:06 dhcp01 CRON[33777]: pam_unix(cron:session): session closed for user myuser
May 26 21:58:11 dhcp01 CRON[33764]: pam_unix(cron:session): session closed for user librenms
May 26 21:58:11 dhcp01 CRON[33776]: pam_unix(cron:session): session closed for user myuser
May 26 21:58:16 dhcp01 CRON[33775]: pam_unix(cron:session): session closed for user myuser
May 26 21:58:21 dhcp01 CRON[33774]: pam_unix(cron:session): session closed for user myuser
May 26 21:58:21 dhcp01 dhcpd[12662]: DHCPDISCOVER from 2c:ea:7f:5e:5c:15 via eno1: network 10.30.2.0/24: no free leases
May 26 21:58:26 dhcp01 CRON[33773]: pam_unix(cron:session): session closed for user myuser
May 26 21:58:27 dhcp01 etc-dhcp-dhcpd.conf.d[10103]: [2023-05-26 12:58:27.492615] C [rpc-clnt-ping.c:162:rpc_clnt_ping_timer_expired] 0-dhcp-conf-client-1: server 10.30.2.242:49152 has not responded in the last 42 seconds, disconnecting.
May 26 21:58:29 dhcp01 dhcpd[12662]: DHCPDISCOVER from 2c:ea:7f:5e:5c:15 via eno1: network 10.30.2.0/24: no free leases
May 26 21:58:30 dhcp01 kernel: tg3 0000:03:00.0 eno1: Link is down
May 26 21:58:31 dhcp01 CRON[33772]: pam_unix(cron:session): session closed for user myuser
May 26 21:58:31 dhcp01 ntpd[9869]: Deleting interface #3 eno1, 10.30.2.241#123, interface stats: received=113508, sent=127702, dropped=0, active_time=44797832 secs
May 26 21:58:31 dhcp01 ntpd[9869]: 192.46.211.253 local addr 10.30.2.241 -> <null>
May 26 21:58:31 dhcp01 ntpd[9869]: 193.123.243.2 local addr 10.30.2.241 -> <null>
May 26 21:58:31 dhcp01 ntpd[9869]: 132.226.17.96 local addr 10.30.2.241 -> <null>
May 26 21:58:31 dhcp01 ntpd[9869]: Deleting interface #5 eno1, fe80::da9d:67ff:fe13:5d48%2#123, interface stats: received=0, sent=0, dropped=0, active_time=44797832 secs
```
2. power-on log
```
May 27 03:10:50 dhcp01 systemd[1]: etc-dhcp-dhcpd.conf.d.mount: Failed with result 'exit-code'.
May 27 03:10:50 dhcp01 systemd[1]: Started LSB: start or stop rrdcached.
May 27 03:10:50 dhcp01 systemd[1]: Started LSB: HPA's tftp server.
May 27 03:10:50 dhcp01 dhcpd[1399]: Can't open /etc/dhcp/dhcpd.conf.d/dhcpd.master: No such file or directory
May 27 03:10:50 dhcp01 dhcpd[1399]:
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: dhcpd self-test failed. Please fix /etc/dhcp/dhcpd.conf.
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: The error was:
May 27 03:10:50 dhcp01 dhcpd[1399]: If you think you have received this message due to a bug rather
May 27 03:10:50 dhcp01 dhcpd[1399]: than a configuration issue please read the section on submitting
May 27 03:10:50 dhcp01 dhcpd[1399]: bugs on either our web page at www.isc.org or in the README file
May 27 03:10:50 dhcp01 dhcpd[1399]: before submitting a bug. These pages explain the proper
May 27 03:10:50 dhcp01 dhcpd[1399]: process and the information we find helpful for debugging.
May 27 03:10:50 dhcp01 dhcpd[1399]:
May 27 03:10:50 dhcp01 dhcpd[1399]: exiting.
May 27 03:10:50 dhcp01 dhcpd[1495]: Internet Systems Consortium DHCP Server 4.4.1
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: Internet Systems Consortium DHCP Server 4.4.1
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: Copyright 2004-2018 Internet Systems Consortium.
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: All rights reserved.
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: For info, please visit https://www.isc.org/software/dhcp/
May 27 03:10:50 dhcp01 dhcpd[1495]: Copyright 2004-2018 Internet Systems Consortium.
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: Can't open /etc/dhcp/dhcpd.conf.d/dhcpd.master: No such file or directory
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: If you think you have received this message due to a bug rather
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: than a configuration issue please read the section on submitting
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: bugs on either our web page at www.isc.org or in the README file
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: before submitting a bug. These pages explain the proper
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: process and the information we find helpful for debugging.
May 27 03:10:50 dhcp01 isc-dhcp-server[1366]: exiting.
May 27 03:10:50 dhcp01 dhcpd[1495]: All rights reserved.
May 27 03:10:50 dhcp01 systemd[1]: isc-dhcp-server.service: Control process exited, code=exited, status=1/FAILURE
May 27 03:10:50 dhcp01 dhcpd[1495]: For info, please visit https://www.isc.org/software/dhcp/
May 27 03:10:50 dhcp01 systemd[1]: isc-dhcp-server.service: Failed with result 'exit-code'.
May 27 03:10:50 dhcp01 dhcpd[1495]: Can't open /etc/dhcp/dhcpd.conf.d/dhcpd.master: No such file or directory
May 27 03:10:50 dhcp01 systemd[1]: Failed to start LSB: DHCP server.
May 27 03:10:50 dhcp01 dhcpd[1495]:
May 27 03:10:50 dhcp01 dhcpd[1495]: If you think you have received this message due to a bug rather
May 27 03:10:50 dhcp01 dhcpd[1495]: than a configuration issue please read the section on submitting
May 27 03:10:50 dhcp01 dhcpd[1495]: bugs on either our web page at www.isc.org or in the README file
May 27 03:10:50 dhcp01 dhcpd[1495]: before submitting a bug. These pages explain the proper
May 27 03:10:50 dhcp01 dhcpd[1495]: process and the information we find helpful for debugging.
May 27 03:10:50 dhcp01 dhcpd[1495]:
May 27 03:10:50 dhcp01 dhcpd[1495]: exiting.
May 27 03:10:50 dhcp01 systemd[1]: Started Postfix Mail Transport Agent (instance -).
May 27 03:10:50 dhcp01 systemd[1]: Starting Postfix Mail Transport Agent...
May 27 03:10:50 dhcp01 systemd[1]: Started Postfix Mail Transport Agent.
May 27 03:10:55 dhcp01 systemd-udevd[1541]: Using default interface naming scheme 'v240'.
May 27 03:10:55 dhcp01 systemd-udevd[1541]: link_config: autonegotiation is unset or enabled, the speed and duplex are not writable.
May 27 03:10:56 dhcp01 systemd[1]: Started Latency Logging and Graphing System.
May 27 03:10:56 dhcp01 systemd-resolved[727]: Using degraded feature set (UDP+EDNS0+DO) for DNS server 8.8.8.8.
May 27 03:10:57 dhcp01 systemd[1]: Started Docker Application Container Engine.
May 27 03:10:57 dhcp01 systemd[1]: Reached target Multi-User System.
May 27 03:10:57 dhcp01 systemd[1]: Started Oxidized - Network Device Configuration Backup Tool.
May 27 03:10:57 dhcp01 systemd[1]: Reached target Graphical Interface.
May 27 03:10:57 dhcp01 systemd[1]: Starting Update UTMP about System Runlevel Changes...
May 27 03:10:57 dhcp01 systemd[1]: systemd-update-utmp-runlevel.service: Succeeded.
May 27 03:10:57 dhcp01 systemd[1]: Started Update UTMP about System Runlevel Changes.
May 27 03:10:57 dhcp01 systemd[1]: Startup finished in 27.483s (kernel) + 36.223s (userspace) = 1min 3.707s.
```
3. systemctl status
```
● isc-dhcp-server.service - LSB: DHCP server
Loaded: loaded (/etc/init.d/isc-dhcp-server; generated)
Active: failed (Result: exit-code) since Wed 2023-05-31 11:27:49 KST; 2h 12min ago
Docs: man:systemd-sysv-generator(8)
Process: 9079 ExecStart=/etc/init.d/isc-dhcp-server start (code=exited, status=1/FAILURE)
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]: Can't open /etc/dhcp/dhcpd.conf.d/dhcpd.master: No such file or directory
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]:
May 31 11:27:49 dhcp01.hq.alven.local systemd[1]: Failed to start LSB: DHCP server.
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]: If you think you have received this message due to a bug rather
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]: than a configuration issue please read the section on submitting
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]: bugs on either our web page at www.isc.org or in the README file
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]: before submitting a bug. These pages explain the proper
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]: process and the information we find helpful for debugging.
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]:
May 31 11:27:49 dhcp01.hq.alven.local dhcpd[9089]: exiting.
```https://gitlab.isc.org/isc-projects/dhcp/-/issues/272Implement spawning classes (isc dhcp) => templates classes (kea) conversion2023-05-17T11:22:22ZTomek MrugalskiImplement spawning classes (isc dhcp) => templates classes (kea) conversionThe feature is now implemented. The last ticket about documentation for template classes (https://gitlab.isc.org/isc-projects/kea/-/issues/2606) will be released in upcoming Kea 2.3.3.
My belief is that subclasses can be handled in Kea ...The feature is now implemented. The last ticket about documentation for template classes (https://gitlab.isc.org/isc-projects/kea/-/issues/2606) will be released in upcoming Kea 2.3.3.
My belief is that subclasses can be handled in Kea as host reservations.
The other features - spawning classes - can now be handled with the template classes.https://gitlab.isc.org/isc-projects/dhcp/-/issues/269run option_unittest:parse_X failed and report core dump2023-07-01T07:07:02ZMingshuai Renrenmingshuai@huawei.comrun option_unittest:parse_X failed and report core dump---
name: Bug report
about: option_unittest:parse_X failed
---
**To Reproduce**
Steps to reproduce the behavior:
1. git clone https://gitlab.isc.org/isc-projects/dhcp.git
2. cd dhcp
3. ./configure --build=aarch64-openEuler-linux-gnu -...---
name: Bug report
about: option_unittest:parse_X failed
---
**To Reproduce**
Steps to reproduce the behavior:
1. git clone https://gitlab.isc.org/isc-projects/dhcp.git
2. cd dhcp
3. ./configure --build=aarch64-openEuler-linux-gnu --host=aarch64-openEuler-linux-gnu --program-prefix= --disable-dependency-tracking --prefix=/usr --exec-prefix=/usr --bindir=/usr/bin --sbindir=/usr/sbin --sysconfdir=/etc --datadir=/usr/share --includedir=/usr/include --libdir=/usr/lib64 --libexecdir=/usr/libexec --localstatedir=/var --sharedstatedir=/var/lib --mandir=/usr/share/man --infodir=/usr/share/info --with-srv-lease-file=/var/lib/dhcpd/dhcpd.leases --with-srv6-lease-file=/var/lib/dhcpd/dhcpd6.leases --with-cli-lease-file=/var/lib/dhclient/dhclient.leases --with-cli6-lease-file=/var/lib/dhclient/dhclient6.leases --with-srv-pid-file=/var/run/dhcpd.pid --with-srv6-pid-file=/var/run/dhcpd6.pid --with-cli-pid-file=/var/run/dhclient.pid --with-cli6-pid-file=/var/run/dhclient6.pid --with-relay-pid-file=/var/run/dhcrelay.pid --with-ldap --with-ldapcrypto --with-ldap-gssapi --disable-static --enable-log-pid --enable-paranoia --enable-early-chroot --enable-binary-leases --with-systemd --with-atf
4. make
5. make check
6. option_unittest:parse_X failed and the log is show as follow
![image](/uploads/10d1193d5f9326409ea37ac1fde4b83e/image.png)
**Expected behavior**
all test passed
**Environment:**
- ISC DHCP version: dhcp-4.4.3
- OS: [openEuler-22.03-LTS]https://gitlab.isc.org/isc-projects/dhcp/-/issues/268add new option for dhclient to set the request ipv6 lease time2023-03-22T09:04:12ZMingshuai Renrenmingshuai@huawei.comadd new option for dhclient to set the request ipv6 lease time---
name: add new option for dhclient to set the request ipv6 lease time
about: dhclient -6 can not set the time of lease time that it request
---
Add new option named lease-time-ipv6 to allow dhclient -6 to set the request lease time.---
name: add new option for dhclient to set the request ipv6 lease time
about: dhclient -6 can not set the time of lease time that it request
---
Add new option named lease-time-ipv6 to allow dhclient -6 to set the request lease time.https://gitlab.isc.org/isc-projects/dhcp/-/issues/267Please Fix the CVE disclosed on the official website in the code.2022-11-24T08:51:36ZSiqi ZhouPlease Fix the CVE disclosed on the official website in the code.I found that CVE-2022-2928 and CVE-2022-2929 have been disclosed on the official website and provided two patches in the patch repository for fixing. When can the patches be incorporated into the official code?
Thank youI found that CVE-2022-2928 and CVE-2022-2929 have been disclosed on the official website and provided two patches in the patch repository for fixing. When can the patches be incorporated into the official code?
Thank youhttps://gitlab.isc.org/isc-projects/dhcp/-/issues/266DHCP fail after Update - Error on OSI layer 82022-10-19T22:45:46ZJJDHCP fail after Update - Error on OSI layer 8Error on OSI layer 8 ;)Error on OSI layer 8 ;)https://gitlab.isc.org/isc-projects/dhcp/-/issues/263Which ports are recommended for high availability?2022-09-14T21:51:01Zvps-ericWhich ports are recommended for high availability?I have found inconsistencies between the `dhcpd` manpages and ISC's blog.
[This ISC document](https://kb.isc.org/docs/aa-00502) by @sgoldlust contains the following (shortened) example for the primary server of a HA pair:
```
failover p...I have found inconsistencies between the `dhcpd` manpages and ISC's blog.
[This ISC document](https://kb.isc.org/docs/aa-00502) by @sgoldlust contains the following (shortened) example for the primary server of a HA pair:
```
failover peer "failover-partner" {
primary;
port 519;
peer port 520;
}
```
[The manpages for dhcpd.conf 4.4](https://kb.isc.org/docs/isc-dhcp-44-manual-pages-dhcpdconf#configuring-failover) say the same:
```
failover peer "foo" {
primary;
port 519;
peer port 520;
}
include "/etc/dhcpd.master";
```
But, the manpages say that the IANA assigned port 647 is used by default for both the local `port` and `peer port`. This conflicts with the aforementioned examples in that it both claims that the default is 647, and not 519, and that the local and peer ports are the same by default (implying that setting different ports for both is not recommended).
In addition, see the following output on Almalinux 8.6:
```
$ rpm -qa | grep dhcp
dhcp-client-4.3.6-47.el8.x86_64
dhcp-common-4.3.6-47.el8.noarch
dhcp-libs-4.3.6-47.el8.x86_64
dhcp-server-4.3.6-47.el8.x86_64
```
Ports 647 and 847 are accounted for by the `dhcpd_port_t` type:
```
$ sudo semanage port -l | grep dhcp
dhcpc_port_t tcp 68, 546, 5546
dhcpc_port_t udp 68, 546, 5546
dhcpd_port_t tcp 547, 548, 647, 847, 7911
dhcpd_port_t udp 67, 547, 548, 647, 847
```
But, 519 and 520 are not:
```
$ sudo semanage port -l | grep -E '(519|520)'
efs_port_t tcp 520
router_port_t udp 520, 521
```
Given this, it appears that ports 519 and 520 should **not** be used, despite the examples on the manpage and documentation.
So:
1. Should 519 and 520 be used for HA configuration? Why were these ports used in the documentation?
2. Should both the local server and peer share one port (i.e. 647 for DHCPv4 on both servers and 847 for DHCPv6 on both servers) as according to the default for these config options? Or, should both be used (i.e. 647 for local HA port on primary and 847 on peer) as according to the manpage and documentation examples?
Thank you.https://gitlab.isc.org/isc-projects/dhcp/-/issues/258Update Keama option table2023-05-17T11:22:23ZFrancis DupontUpdate Keama option tableEach time a new option is supported by ISC DHCP or KEA the Keama option table must be updated.Each time a new option is supported by ISC DHCP or KEA the Keama option table must be updated.https://gitlab.isc.org/isc-projects/dhcp/-/issues/257dhclient: concurrent writes to lease db file are possible2022-08-31T07:27:22ZThomas Woutersdhclient: concurrent writes to lease db file are possibleWe were having networking issues where some network traffic got heavily stalled or lost, can't tell for sure at this point, but after this event we've detected corrupted lease files on ~300 of ~3000 virtual machines running on this netwo...We were having networking issues where some network traffic got heavily stalled or lost, can't tell for sure at this point, but after this event we've detected corrupted lease files on ~300 of ~3000 virtual machines running on this network.
All of them looked like some form of the following:
```
[snip]
lease {
interface lease {
interface "eth0";
fixed-address X.X.X.X;
option subnet-mask 255.255.252.0;
option routers X.X.X.X;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 8.8.8.8,1.1.1.1,8.8.4.4;
option dhcp-server-identifier X.X.X.X;
option domain-search "";
option interface-mtu 1500;
option dhcp-renewal-time 40003;
option broadcast-address X.X.X.X;
option dhcp-rebinding-time 72403;
option host-name "host-X-X-X-X";
option domain-name "host-X-X-X-X";
renew 1 2022/08/29 10:25:22;
rebind 1 2022/08/29 21:00:55;
expire 2 202lease {
interface lease {
interface "eth0";
fixed-address X.X.X.X;
option subnet-mask 255.255.252.0;
option routers X.X.X.X;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 8.8.8.8,1.1.1.1,8.8.4.4;
option dhcp-server-identifier X.X.X.X;
option domain-search "";
option interface-mtu 1500;
option dhcp-renewal-time 39358;
option broadcast-address X.X.X.X;
option dhcp-rebinding-time 71758;
option host-name "host-X-X-X-X";
option domain-name "host-X-X-X-X";
renew 1 2022/08/29 19:10:19;
rebind 2 2022/08/30 06:21:20;
expire 2 202lease {
interface lease {
interface "eth0";
fixed-address X.X.X.X;
option subnet-mask 255.255.252.0;
option routers X.X.X.X;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 8.8.8.8,1.1.1.1,8.8.4.4;
option dhcp-server-identifier X.X.X.X;
option domain-search "";
option interface-mtu 1500;
option dhcp-renewal-time 39874;
option broadcast-address X.X.X.X;
option dhcp-rebinding-time 72274;
option host-name "host-X-X-X-X";
option domain-name "host-X-X-X-X";
renew 2 2022/08/30 05:26:46;
rebind 2 2022/08/30 15:14:53;
expire 2 202lease {
interface lease {
interface "eth0";
fixed-address X.X.X.X;
option subnet-mask 255.255.252.0;
option routers X.X.X.X;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 8.8.8.8,1.1.1.1,8.8.4.4;
option dhcp-server-identifier X.X.X.X;
option domain-search "";
option interface-mtu 1500;
option dhcp-renewal-time 39483;
option broadcast-address X.X.X.X;
option dhcp-rebinding-time 71883;
option host-name "host-X-X-X-X";
option domain-name "host-X-X-X-X";
renew 2 2022/08/30 16:20:10;
rebind 3 2022/08/31 01:24:50;
expire 3 202lease {
interface "eth0";
fixed-address X.X.X.X;
option subnet-mask 255.255.252.0;
option routers X.X.X.X;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 8.8.8.8,1.1.1.1,8.8.4.4;
option dhcp-server-identifier X.X.X.X;
option domain-search "";
option interface-mtu 1500;
option dhcp-renewal-time 39823;
option broadcast-address X.X.X.X;
option dhcp-rebinding-time 72223;
option host-name "host-X-X-X-X";
option domain-name "host-X-X-X-X";
renew 2 2022/08/30 18:17:09;
rebind 3 2022/08/31 05:48:17;
expire 3 2022/08/31 09:44:34;
}
```
There have been cases reported online where a lease file has corrupt data:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=945441
https://lists.debian.org/debian-user/2006/11/msg03263.html
Replicating the issue will be difficult because we don't know what exactly caused our networking issues yet.https://gitlab.isc.org/isc-projects/dhcp/-/issues/243/etc/dhcpdv4.conf line 21: expecting a declaration error2022-05-26T08:58:05ZKalyan K/etc/dhcpdv4.conf line 21: expecting a declaration errormy DHCP dhcpdv4.conf configuration is as below. The server is rejecting this configuration by throwing the following error. Kindly suggest:
/etc/dhcpdv4.conf line 11: expecting a declaration
^
range
/etc/dhcpdv4.conf line 10: right br...my DHCP dhcpdv4.conf configuration is as below. The server is rejecting this configuration by throwing the following error. Kindly suggest:
/etc/dhcpdv4.conf line 11: expecting a declaration
^
range
/etc/dhcpdv4.conf line 10: right brace expected.
subnet 10.10.10.0 netmask 255.255.255.0 {
range 10.10.10.1 10.10.10.254;
# lease-count 254;
# range_start 10.10.10.1;
# range_end 10.10.10.254;
default-lease-time 86400;
min-lease-time 86400;
max-lease-time 86400;
if option dhcp-client-identifier = "abcd" {
range 10.10.10.4 10.10.10.4;
}
}https://gitlab.isc.org/isc-projects/dhcp/-/issues/242How to configure HA for DHCPv62022-05-20T15:32:20Zvps-ericHow to configure HA for DHCPv6How is HA configured for DHCPv6? All of the following fail:
```
failover peer "foo" {
...
address 2000:dead::beef;
address [2000:dead::beef];
address6 2000:dead::beef;
address6 [2000:dead::beef];
...
}
```
ISC DHCPd 4.3.6 ru...How is HA configured for DHCPv6? All of the following fail:
```
failover peer "foo" {
...
address 2000:dead::beef;
address [2000:dead::beef];
address6 2000:dead::beef;
address6 [2000:dead::beef];
...
}
```
ISC DHCPd 4.3.6 running on Almalinux 8.6https://gitlab.isc.org/isc-projects/dhcp/-/issues/241Release ipv6 faild with -r2022-05-23T06:26:31ZMingshuai Renrenmingshuai@huawei.comRelease ipv6 faild with -r**To Reproduce**
Steps to reproduce the behavior:
1. request ipv6 address
dhclient -6 -pf /tmp/enp2s2.pid -lf /tmp/enp2s2.lease enp2s2
![image](/uploads/9395cd9147ed196850f5a17b9b3a5f58/image.png)
2. release the ipv6 lease
dhclient -6 -d...**To Reproduce**
Steps to reproduce the behavior:
1. request ipv6 address
dhclient -6 -pf /tmp/enp2s2.pid -lf /tmp/enp2s2.lease enp2s2
![image](/uploads/9395cd9147ed196850f5a17b9b3a5f58/image.png)
2. release the ipv6 lease
dhclient -6 -d -r -pf /tmp/enp2s2.pid -lf /tmp/enp2s2.lease enp2s2
![image](/uploads/b37f97dd774ca5d3e7c76e5834bb9914/image.png)
As show in the above picture, the process of releasing the lease never eixt, while the process of requesting lease was killed as expected, and the lease was also released.
**Expected behavior**
1. The process of requesting lease was killed.
2. The lease was also released.
3. The process of releasing lease eixt.
**gdb infomation**
![image](/uploads/2488123e159eea7ff4cbf8c751e1d767/image.png)
the process is stoped at select(), because the timeout for select is NULL. Relevant codes are as follows,
```
static isc_result_t
evloop(isc__appctx_t *ctx) {
...
readytasks = isc__taskmgr_ready(ctx->taskmgr);
if (readytasks) {
tv.tv_sec = 0;
tv.tv_usec = 0;
tvp = &tv;
call_timer_dispatch = true;
} else {
result = isc__timermgr_nextevent(ctx->timermgr, &when);
if (result != ISC_R_SUCCESS)
tvp = NULL; //tvp is NULL because ctx->timermgr->nscheduled == 0
else {
TIME_NOW(&now);
us = isc_time_microdiff(&when, &now);
if (us == 0)
call_timer_dispatch = true;
tv.tv_sec = us / 1000000;
tv.tv_usec = us % 1000000;
tvp = &tv;
}
}
...
}
```
**Environment:**
- ISC DHCP version: DHCP Client 4.4.2
- OS: openEuler
**Describe the solution you'd like**
Are the above phenomena normal? whyhttps://gitlab.isc.org/isc-projects/dhcp/-/issues/239dhcpd initialization race can leave a socket unread forever2022-04-28T21:59:09ZNick Owensdhcpd initialization race can leave a socket unread forever---
name: Bug report
about: Create a report to help us improve
---
If you believe your bug report is a security issue (e.g. a packet that can kill the server), DO NOT
REPORT IT HERE. Please use https://www.isc.org/community/report-bug/...---
name: Bug report
about: Create a report to help us improve
---
If you believe your bug report is a security issue (e.g. a packet that can kill the server), DO NOT
REPORT IT HERE. Please use https://www.isc.org/community/report-bug/ instead or send mail to
security-office(at)isc(dot)org. If you really need to report it here, please set the confidential
field to true.
**Describe the bug**
we are experiencing a race condition in dhcpd initialization that prevents leases from being handed out if a packet arrives during server init. note that in our case we use dhcpd 4.4.1 and libisc from bind 9.11.35 but i believe the issue still exists. our bind libraries are built using threads and epoll on linux.
in https://gitlab.isc.org/isc-projects/dhcp/-/blob/master/omapip/dispatch.c#L259 we register a socket into libisc with a callback. a little later, we insert into a linked list https://gitlab.isc.org/isc-projects/dhcp/-/blob/master/omapip/dispatch.c#L279.
in the callback, we check if the callback argument (the registered socket) is in the linked list https://gitlab.isc.org/isc-projects/dhcp/-/blob/master/omapip/dispatch.c#L137. if it is not, we return 0. this return 0 will disable re-arming of the socket in libisc epoll code in https://gitlab.isc.org/isc-projects/bind9/-/blob/v9_11_35/lib/isc/unix/socket.c#L4017.
if socket fails to be re-armed (because we returned 0), it never gets armed again and server will run without reading any DHCP packets. we can observe the socket receive queue increasing when this happens, and dhcp clients time out.
```
# ss -0ap | grep -E 'dhcpd|Netid'
Cannot open netlink socket: Protocol not supported
Netid State Recv-Q Send-Q Local Address:Port Peer Address:Port Process
p_raw UNCONN 26880 0 *:br-lan * users:(("dhcpd",pid=13706,fd=11))
```
**To Reproduce**
Steps to reproduce the behavior:
1. run dhcpd.
2. client sends dhcp request.
3. if server race is triggered, it will not reply and packets pile up in receive queue.
to widen the race, you can try to place sleep(10); at https://gitlab.isc.org/isc-projects/dhcp/-/blob/master/omapip/dispatch.c#L278 after fdwatch creation but before linked list insertion, and send dhcp request in that sleep window.
**Expected behavior**
server replies to dhcp requests.
**Environment:**
- ISC DHCP version: 4.4.1
- OS: yocto 3.1
- Which features were compiled in
**Additional Information**
Add any other context about the problem here. In particular, feel free to share your config file and
logs from around the time error occurred. Don't be shy to send more logs than you think are
relevant. It is easy to grep large log files. It is tricky to guess what may have happened without
any information.
Make sure you anonymize your config files (at the very lease make sure you obfuscate your database
credentials, but you may also replace your actual IP addresses and host names with example.com
and 10.0.0.0/8 or 2001:db8::/32).
**Some initial questions**
- Are you sure your feature is not already implemented in the latest ISC DHCP version?
- Are you sure your requrested feature is not already impemented in Kea? Perhaps it's a good time
to consider migration?
- Are you sure what you would like to do is not possible using some other mechanisms?
- Have you discussed your idea on dhcp-users and/or dhcp-workers mailing lists?
**Is your feature request related to a problem? Please describe.**
A clear and concise description of what the problem is. Ex. I'm always frustrated when [...]
It is very important to describe what you would like to do and why?
**Describe the solution you'd like**
A clear and concise description of what you want to happen.
**Describe alternatives you've considered**
A clear and concise description of any alternative solutions or features you've considered.
**Additional context**
Add any other context about the feature request here.
**Funding its development**
ISC DHCP is run by ISC, which is a small non-profit organization without any government funding or
any permanent sponsorship organizations. Are you able and willing to participate financially in the
development costs?
**Participating in development**
Are you willing to participate in the feature development? ISC team always tries to make a feature
as generic as possible, so it can be used in wide variety of situations. That means the proposed
solution may be a bit different that you initially thought. Are you willing to take part in the
design discussions? Are you willing to test an unreleased engineering code?
**Contacting you**
How can ISC reach you to discuss this matter further? If you do not specify any means such as
e-mail, jabber id or a telephone, we may send you a message on github with questions when we have
them.https://gitlab.isc.org/isc-projects/dhcp/-/issues/236dhcpd: Wait until next whole second bug reintroduced with #10 - ping-timeout-...2022-03-31T20:27:25ZTomas Ebenlendrdhcpd: Wait until next whole second bug reintroduced with #10 - ping-timeout-ms configuration option---
name: dhcpd ping-timeout-ms 999 waits until next whole second
about: tv_usec can overflow in do_ping_check() and is later capped to 999999 in add_timeout()
---
https://gitlab.isc.org/isc-projects/dhcp/-/blob/master/server/dhcp.c#L3...---
name: dhcpd ping-timeout-ms 999 waits until next whole second
about: tv_usec can overflow in do_ping_check() and is later capped to 999999 in add_timeout()
---
https://gitlab.isc.org/isc-projects/dhcp/-/blob/master/server/dhcp.c#L3708
`tv.tv_usec` may be assigned value up to `1999998`
https://gitlab.isc.org/isc-projects/dhcp/-/blob/master/common/dispatch.c#L286
`tv_usec` is here capped to `999999` instead of adding to `tv_sec`.
**To Reproduce**
Steps to reproduce the behavior:
1. set dhcpd configuration value `ping-timeout-ms` to `999`
2. send `DHCPDISCOVER` just before second ends
3. The server waits until whole second (miliseconds==000) instead waiting exactly 999 miliseconds
**Expected behavior**
The server waits requested miliseconds for icmp echo reply.
**Environment:**
Bug was discovered in current source code (31e68e5e, master as of writing this bugreport)
as I was searching for similar bug in version 4.1.1 (which was fixed later,
before introduction of ping-timeout-ms configuration option)
**Additional Information**
I did not actually tested the errorneous behaviour of current version.
**Describe the solution you'd like**
Divide `tv_usec` by `1000000` and add result into `tv_sec` and keep only remainder.
(I have no opinion about to which of the two functions should be the fix applied to.)https://gitlab.isc.org/isc-projects/dhcp/-/issues/231final release of 4.4.32022-03-08T09:25:06ZWlodzimierz Wencelfinal release of 4.4.34.4.3Wlodzimierz WencelWlodzimierz Wencelhttps://gitlab.isc.org/isc-projects/dhcp/-/issues/230Error parsing local-address62022-10-25T14:16:31ZMingshuai Renrenmingshuai@huawei.comError parsing local-address6---
name: Bug report
about: Error parsing local-address6
---
**Describe the bug**
An error occurred when setting local-address6 in the /etc/dhcpd/dhcpd6.conf as describing in dhcpd.conf(5).
The error is as follows:
![image](/uploads/3...---
name: Bug report
about: Error parsing local-address6
---
**Describe the bug**
An error occurred when setting local-address6 in the /etc/dhcpd/dhcpd6.conf as describing in dhcpd.conf(5).
The error is as follows:
![image](/uploads/3e795761606f36e1370cd6a3c1327f06/image.png)
The description about local-address6 in dhcpd.conf(5) is as follows,
![image](/uploads/46a079974ae0d5433e99e6f98400497d/image.png)
**Environment:**
- ISC DHCP version: dhcp-4.4.2.https://gitlab.isc.org/isc-projects/dhcp/-/issues/2294.4.2 final release notes2022-03-07T18:30:29ZWlodzimierz Wencel4.4.2 final release notesWrite release notes and please remember about comment https://gitlab.isc.org/isc-projects/dhcp/-/issues/222#note_262849Write release notes and please remember about comment https://gitlab.isc.org/isc-projects/dhcp/-/issues/222#note_2628494.4.3https://gitlab.isc.org/isc-projects/dhcp/-/issues/2284.4.3 release2022-03-10T13:57:42ZWlodzimierz Wencel4.4.3 release---
name: a.b.c release checklist
about: Create a new issue using this checklist for each release.
---
# ISC-DHCP Release Checklist
1. Check Jenkins results:
1. [x] Check Jenkins [tarball](https://jenkins.aws.isc.org/view/isc-dhcp-d...---
name: a.b.c release checklist
about: Create a new issue using this checklist for each release.
---
# ISC-DHCP Release Checklist
1. Check Jenkins results:
1. [x] Check Jenkins [tarball](https://jenkins.aws.isc.org/view/isc-dhcp-dev/job/dhcp-dev/job/dhcp-tarball/) job for failures
1. [x] Check Jenkins [unit tests](https://jenkins.aws.isc.org/view/isc-dhcp-dev/job/dhcp-dev/job/tarball-system-tests/) job for failures
1. [x] Check Jenkins [system tests](https://jenkins.aws.isc.org/view/isc-dhcp-dev/job/dhcp-dev/job/tarball-system-tests/) job for failures
1. [x] If needed use those jobs to run tests against any branch
1. Tarball preparation:
1. [x] If this is release of final version please check sanity check ticket of previous release and make sure all comments are addressed
1. [x] Make sure that Release Notes are written and reviewed before sanity checks, changes in Release Notes require tarball respin!
1. [x] bump up version in configure.ac
1. [x] change copy rights string that is printed on startup for each of the applications in `server/dhcpd.c`
1. [x] change copy rights string that is printed on startup for each of the applicationsdate in `client/dhclient.c`
1. [x] change copy rights string that is printed on startup for each of the applicationsdate in `relay/dhcrelay.c`
1. [x] check the date in LICENSE
1. [x] check README file (including installation details)
1. [x] update copyrigths in all touched files using simple script in [qa-dhcp](https://gitlab.isc.org/isc-private/qa-dhcp/-/tree/master/dhcp/scripts).
1. [x] commit changes to repo
1. aclocal/autoheader/automake/autoconf
1. [x] login to docs.isc.org
1. [x] checkout release branch (it's important to have configure.ac change done before)
1. [x] regenerate makefiles `aclocal && autoheader && automake && autoconf`
1. [x] review and push changes
1. Build tarball
1. [x] go to [tarball](https://jenkins.aws.isc.org/view/isc-dhcp-dev/job/dhcp-dev/job/dhcp-tarball/) > Build with Parameters, in field `dhcpBranch` put in release branch and run job, this will build release tarball and save it as artifact of the job
1. [x] wait for other jobs to finish testing (unit-tests and system-tests) and check their results
1. [x] before tarball will be deemed as ready to release it will be `release candidate`. Each consecutive respin will have it's own name starting from `-rc1`
1. [x] prepare directory for current release at repo.isc.org with correct prefix for release candidate e.g. `/data/shared/sweng/dhcp/releases/4.4.3b1.rc1`
1. [x] upload tarball and release notes (even if release notes are included into tarball, it should be also in separate file) to created directory for sanity checks
1. Sanity Checks
1. [x] open a ticket in dhcp repo called `release X.Y.Z-rcX sanity checks` and put there location of release tarball and it's sha256 sum
1. [x] wait for team input about new tarball, if respin is needed go back to `Build tarball` point also increasing release candidate number
1. [x] if tarball is accepted create a tag of this version on a last commit in release branch
1. [x] move tarball and release notes to non release candidate location (e.g. moving from /data/shared/sweng/dhcp/releases/4.3.2b1.rc1 to /data/shared/sweng/dhcp/releases/4.3.2b1)
1. [x] make sure that new release directory allow group write e.g. `chmod 665 /data/shared/sweng/dhcp/releases/4.3.2b1`
1. [x] open tickets to address issues mentioned in sanity checks IF those were not already fixed and close sanity check ticket
1. Signing and notification
1. [x] it's time to [open a signing ticket](https://gitlab.isc.org/isc-private/signing/-/issues) that include location and sha256 of the tarball
1. [x] notify support about readiness of release, at this point QA and dev team work is done
1. Releasing tarball
- [x] ***(Support)*** Wait for clearance from Security Officer to proceed with the public release (if applicable).
- [x] ***(Support)*** Wait for the signing ticket from the release engineer.
- [x] ***(Support)*** Confirm that the tarballs have the checksums mentioned on the signing ticket.
- [x] ***(Support)*** Sign the tarballs.
- [x] ***(Support)*** Upload signature files to repo.isc.org.
- [x] ***(Support)*** Place tarballs in public location on FTP site.
- [x] ***(Support)*** Publish links to downloads on ISC website.
- [x] ***(Support)*** Write release email to *dhcp-announce*.
- [x] ***(Support)*** Write email to *dhcp-users* (if a major release).
- [x] ***(Support)*** Send eligible customers updated links to the Subscription software FTP site.
- [x] ***(Support)*** Update tickets in case of waiting for support customers.
- [ ] ***(Marketing)*** Announce on social media.
- [ ] ***(Marketing)*** Write blog article (if a major release).
- [ ] ***(Marketing)*** Translate the man pages, reformat and upload to the DHCP documentation pages in the KB.
[checklist source](https://wiki.isc.org/bin/view/Main/HowToReleaseDHCP)4.4.3Wlodzimierz WencelWlodzimierz Wencel