DHCP Server Question Debian Sarge

Hi,

I think I don't understand the dhcp protocol. In my network the dhcp
server is of version 3.0.1-2 on debian sarge with 2.6.7. It is
configured as follows:

dhcpd.conf:
1 authoritative;
2 default-lease-time 86400;
3 max-lease-time 604800;
4 option subnet-mask 255.255.255.0;
5 option broadcast-address 192.168.2.255;
6 option domain-name "clusty.homelinux.org";
7 option routers 192.168.2.254;
8 option domain-name-servers 192.168.2.15, 217.237.150.33,
217.237.151.161;
9
10 subnet 192.168.2.0 netmask 255.255.255.0 {
11 range 192.168.2.150 192.168.2.250;
12 }

I got a laptop here on the net,which had of my old dhcp server the
address 192.168.2.118. When the client contacts to my dhcp server, I
see the following in the logs:

May 22 20:12:18 clusty2 dhcpd: DHCPREQUEST for 192.168.2.118 from
00:0e:35:69:b9:1f via eth0: unknown lease 192.168.2.118.
May 22 20:13:07 clusty2 dhcpd: DHCPINFORM from 192.168.2.118 via eth0
May 22 20:13:07 clusty2 dhcpd: DHCPACK to 192.168.2.118
May 22 20:13:10 clusty2 dhcpd: DHCPINFORM from 192.168.2.118 via eth0
May 22 20:13:10 clusty2 dhcpd: DHCPACK to 192.168.2.118
May 22 20:21:22 clusty2 dhcpd: DHCPREQUEST for 192.168.2.118 from
00:0e:35:69:b9:1f via eth0: unknown lease 192.168.2.118.

The client uses its old address (WIN XP)
I thought, that my server will not DHCPACK to the client, because it
doesn't know anything about the address and it is not in the pool of
its range statement. So it should send a DHCPNAK in my understanding.

from the man pages:
Address allocation is actually only done when a client is in the INIT
state and has sent a DHCPDISCOVER message.
If the server knows nothing about the address, it will remain silent,
unless the address is incorrect for the network segment to which the
client has been attached and the server is authoritative for that
network segment, in which case the server will send a DHCPNAK even
though it doesn't know about the address.

So my server should remain silent, but it sends a DHCPACK to that
client. What is going on here???

Thanks in advance...

hakim wrote:
> Hi,
>
> I think I don't understand the dhcp protocol. In my network the dhcp
> server is of version 3.0.1-2 on debian sarge with 2.6.7. It is
> configured as follows:
>
> dhcpd.conf:
> 1 authoritative;
> 2 default-lease-time 86400;
> 3 max-lease-time 604800;
> 4 option subnet-mask 255.255.255.0;
> 5 option broadcast-address 192.168.2.255;
> 6 option domain-name "clusty.homelinux.org";
> 7 option routers 192.168.2.254;
> 8 option domain-name-servers 192.168.2.15, 217.237.150.33,
> 217.237.151.161;
> 9
> 10 subnet 192.168.2.0 netmask 255.255.255.0 {
> 11 range 192.168.2.150 192.168.2.250;
> 12 }
>
> I got a laptop here on the net,which had of my old dhcp server the
> address 192.168.2.118. When the client contacts to my dhcp server, I
> see the following in the logs:
>
> May 22 20:12:18 clusty2 dhcpd: DHCPREQUEST for 192.168.2.118 from
> 00:0e:35:69:b9:1f via eth0: unknown lease 192.168.2.118.
> May 22 20:13:07 clusty2 dhcpd: DHCPINFORM from 192.168.2.118 via eth0
> May 22 20:13:07 clusty2 dhcpd: DHCPACK to 192.168.2.118
> May 22 20:13:10 clusty2 dhcpd: DHCPINFORM from 192.168.2.118 via eth0
> May 22 20:13:10 clusty2 dhcpd: DHCPACK to 192.168.2.118
> May 22 20:21:22 clusty2 dhcpd: DHCPREQUEST for 192.168.2.118 from
> 00:0e:35:69:b9:1f via eth0: unknown lease 192.168.2.118.
>
> The client uses its old address (WIN XP)
> I thought, that my server will not DHCPACK to the client, because it
> doesn't know anything about the address and it is not in the pool of
> its range statement. So it should send a DHCPNAK in my understanding.
>
> from the man pages:
> Address allocation is actually only done when a client is in the
INIT
> state and has sent a DHCPDISCOVER message.
> If the server knows nothing about the address, it will remain silent,
> unless the address is incorrect for the network segment to which
the
> client has been attached and the server is authoritative for that
> network segment, in which case the server will send a DHCPNAK even
> though it doesn't know about the address.
>
> So my server should remain silent, but it sends a DHCPACK to that
> client. What is going on here???

Most dhcpd DHCPNAK messages are of the SHOULD variety -- ie., most are
not MUST.

In your case, I think this is what is being applied (ICBW):

http://www.faqs.org/rfcs/rfc2131.html
[q]
3.4 Obtaining parameters with externally configured network address

If a client has obtained a network address through some other means
(e.g., manual configuration), it may use a DHCPINFORM request message
to obtain other local configuration parameters. Servers receiving a
DHCPINFORM message construct a DHCPACK message with any local
configuration parameters appropriate for the client without:
allocating a new address, checking for an existing binding, filling
in 'yiaddr' or including lease time parameters. The servers SHOULD
unicast the DHCPACK reply to the address given in the 'ciaddr' field
of the DHCPINFORM message.

The server SHOULD check the network address in a DHCPINFORM message
for consistency, but MUST NOT check for an existing lease. The
server forms a DHCPACK message containing the configuration
parameters for the requesting client and sends the DHCPACK message
directly to the client.
[eq]

Besides looking at the precise sequence of messages, you can usually
get very good clues by examining the packet data with, eg., ethereal.

DHCP is very "flexible" so it's not always obvious what's going on

One idea with many exchanges is, "If it ain't broke, don't fix it."
With the 7 day max lease time, you probably want to erase client's
lease files and/or have it release it's current address and request a
new one.

hth,
prg
email above disabled

Thanks a lot!

This makes things much clearer AND I should look with such stuff into
the rfc first. Anyway that was very nice...