Skip to content

GitLab

Kea
Kea
Open
Opened by Joost Bekkers@j.bekkers_equest

NAK sent while authoritative=false

Describe the bug When two dhcp servers are serving the same subnet. Kea can receive a REBIND from a client which currently has a lease issued by the other server. Kea notices this and reports ALLOC_ENGINE_V4_REQUEST_OUT_OF_POOL and DHCP4_PACKET_NAK_0004. The NAK is sent even though the subnet has authoritative set to false.

To Reproduce Steps to reproduce the behavior:

  1. Run Kea dhcpv4 (S1) and a second dhcp server (S2) in the same subnet with non-overlapping pools. Both servers should be configured as 'not authoritative'.
  2. Have a client obtain a lease from S2
  3. Have that client perform a REBIND for that lease
  4. Observe S1 send a NAK for the valid lease

Expected behavior The server should only send a NAK if either it is authoritative, or the ciaddr/requested-ip-address belongs to its own pool/reservations.

Environment:

  • Kea version: 1.8.0
  • OS: FreeBSD 12.2
  • MySQL backend was compiled in, but not configured
  • Hooks: flex-option, stats

Additional Information

 DEBUG [kea-dhcp4.packets/38691.0x80173a000] DHCP4_BUFFER_RECEIVED received buffer from 10.2.175.149:68 to 255.255.255.255:67 over interface vmx1
 DEBUG [kea-dhcp4.options/38691.0x80173a000] DHCP4_BUFFER_UNPACK parsing buffer received from 10.2.175.149 to 255.255.255.255 over interface vmx1
 DEBUG [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS1 evaluated to 0
 DEBUG [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS2 evaluated to 0
 DEBUG [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS3 evaluated to 0
 INFO  [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS4 evaluated to 1
 DEBUG [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS5 evaluated to 0
 INFO  [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS6 evaluated to 1
 INFO  [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS7 evaluated to 1
 DEBUG [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS8 evaluated to 0
 INFO  [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS9 evaluated to 1
 INFO  [kea-dhcp4.options/38691.0x80173a000] EVAL_RESULT Expression USER_CLASS10 evaluated to 1
 DEBUG [kea-dhcp4.dhcpsrv/38691.0x80173a000] DHCPSRV_CFGMGR_SUBNET4_ADDR selected subnet 10.2.0.0/16 for packet received by matching address 10.2.0.8
 DEBUG [kea-dhcp4.packets/38691.0x80173a000] DHCP4_SUBNET_SELECTED [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e: the subnet with ID 167903232 was selected for client assignments
 DEBUG [kea-dhcp4.packets/38691.0x80173a000] DHCP4_PACKET_RECEIVED [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e: DHCPREQUEST (type 3) received from 10.2.175.149 to 255.255.255.255 on interface vmx1
 DEBUG [kea-dhcp4.dhcpsrv/38691.0x80173a000] DHCPSRV_CFGMGR_SUBNET4_ADDR selected subnet 10.2.0.0/16 for packet received by matching address 10.2.0.8
 DEBUG [kea-dhcp4.packets/38691.0x80173a000] DHCP4_SUBNET_SELECTED [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e: the subnet with ID 167903232 was selected for client assignments
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation for subnet id 167903232, identified by hwaddr=34E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: hwaddr=34E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier hwaddr=34E38013A560, found 0 host(s)
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 167903232 and identifier hwaddr=34E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation for subnet id 167903232, identified by duid=0003000134E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: duid=0003000134E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier duid=0003000134E38013A560, found 0 host(s)
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 167903232 and identifier duid=0003000134E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation for subnet id 167903232, identified by circuit-id=011630352D33362D5350302D303030343137352D31303230
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: circuit-id=011630352D33362D5350302D303030343137352D31303230
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier circuit-id=011630352D33362D5350302D303030343137352D31303230, found 0 host(s)
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 167903232 and identifier circuit-id=011630352D33362D5350302D303030343137352D31303230
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER get one host with IPv4 reservation for subnet id 167903232, identified by client-id=FF000100010003000134E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER get all hosts with reservations using identifier: client-id=FF000100010003000134E38013A560
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_IDENTIFIER_COUNT using identifier client-id=FF000100010003000134E38013A560, found 0 host(s)
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_IDENTIFIER_NULL host not found using subnet id 167903232 and identifier client-id=FF000100010003000134E38013A560
 DEBUG [kea-dhcp4.dhcp4/38691.0x80173a000] DHCP4_CLASS_ASSIGNED [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e: client packet has been assigned to the following class(es): UNKNOWN
 DEBUG [kea-dhcp4.dhcp4/38691.0x80173a000] DHCP4_CLASS_ASSIGNED [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e: client packet has been assigned to the following class(es): ALL, VENDOR_CLASS_geneos-lunar-3.13.1-R,lunar,platinum-7840,dslforum.org, USER_CLASS4, USER_CLASS6, USER_CLASS7, USER_CLASS9, USER_CLASS10, UNKNOWN
 DEBUG [kea-dhcp4.ddns/38691.0x80173a000] DHCP4_CLIENT_HOSTNAME_PROCESS [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e: processing client's Hostname option
 DEBUG [kea-dhcp4.dhcpsrv/38691.0x80173a000] DHCPSRV_MEMFILE_GET_CLIENTID obtaining IPv4 leases for client ID ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60
 DEBUG [kea-dhcp4.dhcpsrv/38691.0x80173a000] DHCPSRV_MEMFILE_GET_HWADDR obtaining IPv4 leases for hardware address hwtype=1 34:e3:80:13:a5:60
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_ADDRESS4 get one host with reservation for subnet id 167903232 and IPv4 address 10.2.175.149
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_ADDRESS4 get all hosts with reservations for IPv4 address 10.2.175.149
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ALL_ADDRESS4_COUNT using address 10.2.175.149, found 0 host(s)
 DEBUG [kea-dhcp4.hosts/38691.0x80173a000] HOSTS_CFG_GET_ONE_SUBNET_ID_ADDRESS4_NULL host not found using subnet id 167903232 and address 10.2.175.149
 DEBUG [kea-dhcp4.dhcpsrv/38691.0x80173a000] DHCPSRV_MEMFILE_GET_ADDR4 obtaining IPv4 lease for address 10.2.175.149
 DEBUG [kea-dhcp4.alloc-engine/38691.0x80173a000] ALLOC_ENGINE_V4_REQUEST_OUT_OF_POOL client [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e, which doesn't have a reservation, requested address 10.2.175.149 out of the dynamic pool
 DEBUG [kea-dhcp4.bad-packets/38691.0x80173a000] DHCP4_PACKET_NAK_0004 [hwtype=1 34:e3:80:13:a5:60], cid=[ff:00:01:00:01:00:03:00:01:34:e3:80:13:a5:60], tid=0x5d0d759e: failed to grant a lease, client sent ciaddr 10.2.175.149, requested-ip-address (no address)

Contacting you j.bekkers at e-quest dot nl

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information