Client got wrong gateway

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

Client got wrong gateway

Rui Mao

Hi,

 

I installed a Ubuntu 16.04 and configured isc-dhcp-server 4.3.3 as DHCP/BOOTp server. But the iPXE didn't got correct gateway from it.

 

The DHCP server is 10.210.0.11, and the client is in another VLAN which gateway is 10.211.0.1.

 

I captured Ethernet packages by tcpdump, and also used a Windows Server 2012 for comparison. It seems ISC-DHCP-Server sent a wrong gateway.

 

Is this a configuration issue or a bug of ISC-DHCP-Server?

 

 

 

Here is the screen capture.

 

 

The DHCP configuration I used.

 

# DHCP Server Configuration file\n#see /usr/share/doc/dhcp*/dhcpd.conf.sample

# This file was created by FOG

#Definition of PXE-specific options

# Code 1: Multicast IP Address of bootfile

# Code 2: UDP Port that client should monitor for MTFTP Responses

# Code 3: UDP Port that MTFTP servers are using to listen for MTFTP requests

# Code 4: Number of seconds a client must listen for activity before trying

#         to start a new MTFTP transfer

# Code 5: Number of seconds a client must listen before trying to restart

#         a MTFTP transfer

option space PXE;

option PXE.mtftp-ip code 1 = ip-address;

option PXE.mtftp-cport code 2 = unsigned integer 16;

option PXE.mtftp-sport code 3 = unsigned integer 16;

option PXE.mtftp-tmout code 4 = unsigned integer 8;

option PXE.mtftp-delay code 5 = unsigned integer 8;

option arch code 93 = unsigned integer 16;

use-host-decl-names on;

ddns-update-style interim;

ignore client-updates;

# Specify subnet of ether device you do NOT want service.

# For systems with two or more ethernet devices.

# subnet 136.165.0.0 netmask 255.255.0.0 {}

 

subnet 10.210.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.210.0.20 10.210.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.210.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

subnet 10.211.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.211.0.20 10.211.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.211.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

subnet 10.212.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.212.0.20 10.212.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.212.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

subnet 10.213.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.213.0.20 10.213.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.213.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

 

ISC-DHCP-Server packet, captured by tcpdump:

 

[code]15:20:07.562620 IP (tos 0x0, ttl 63, id 65239, offset 0, flags [none], proto UDP (17), length 448)

    10.211.0.1.67 > 10.210.0.11.67: [udp sum ok] BOOTP/DHCP, Request from 00:e0:4c:69:3b:17, length 420, hops 1, xid 0x542d2231, secs 18, Flags [Broadcast] (0x8000)

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Request

            MSZ Option 57, length 2: 1472

            ARCH Option 93, length 2: 0

            NDI Option 94, length 3: 1.2.1

            Vendor-Class Option 60, length 32: "PXEClient:Arch:00000:UNDI:002001"

            User-Class Option 77, length 4:

              instance#1: ERROR: malformed option

            Parameter-Request Option 55, length 22:

              Subnet-Mask, Default-Gateway, Domain-Name-Server, LOG

              Hostname, Domain-Name, RP, Vendor-Option

              Vendor-Class, TFTP, BF, Option 119

              Option 128, Option 129, Option 130, Option 131

              Option 132, Option 133, Option 134, Option 135

              Option 175, Option 203

            T175 Option 175, length 57: 177.5.1.16.236.129.104.235.3.1.0.0.23.1.1.34.1.1.22.1.1.19.1.1.20.1.1.17.1.1.39.1.1.25.1.1.41.1.1.16.1.2.33.1.1.21.1.1.24.1.1.38.1.1.18.1.1

            Client-ID Option 61, length 7: ether 00:e0:4c:69:3b:17

            GUID Option 97, length 17: 0.0.2.0.3.0.4.0.5.0.6.0.7.0.8.0.9

            Server-ID Option 54, length 4: 10.210.0.11

            Requested-IP Option 50, length 4: 10.211.0.20

        0x0000:  4500 01c0 fed7 0000 3f11 65a5 0ad3 0001  E.......?.e.....

        0x0010:  0ad2 000b 0043 0043 01ac aa05 0101 0601  .....C.C........

        0x0020:  542d 2231 0012 8000 0000 0000 0000 0000  T-"1............

        0x0030:  0000 0000 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0339  ........c.Sc5..9

        0x0110:  0205 c05d 0200 005e 0301 0201 3c20 5058  ...]...^....<.PX

        0x0120:  4543 6c69 656e 743a 4172 6368 3a30 3030  EClient:Arch:000

        0x0130:  3030 3a55 4e44 493a 3030 3230 3031 4d04  00:UNDI:002001M.

        0x0140:  6950 5845 3716 0103 0607 0c0f 112b 3c42  iPXE7........+<B

        0x0150:  4377 8081 8283 8485 8687 afcb af39 b105  Cw...........9..

        0x0160:  0110 ec81 68eb 0301 0000 1701 0122 0101  ....h........"..

        0x0170:  1601 0113 0101 1401 0111 0101 2701 0119  ............'...

        0x0180:  0101 2901 0110 0102 2101 0115 0101 1801  ..).....!.......

        0x0190:  0126 0101 1201 013d 0701 00e0 4c69 3b17  .&.....=....Li;.

        0x01a0:  6111 0000 0200 0300 0400 0500 0600 0700  a...............

        0x01b0:  0800 0936 040a d200 0b32 040a d300 14ff  ...6.....2......

 

15:20:07.562955 IP (tos 0x0, ttl 64, id 55711, offset 0, flags [DF], proto UDP (17), length 328)

    10.210.0.11.67 > 10.211.0.1.67: [bad udp cksum 0x16f6 -> 0xb719!] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x542d2231, secs 18, Flags [Broadcast] (0x8000)

          Your-IP 10.211.0.20

          Server-IP 10.210.0.11

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          file "undionly.kkpxe"

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: ACK

            Server-ID Option 54, length 4: 10.210.0.11

            Lease-Time Option 51, length 4: 20780

            Subnet-Mask Option 1, length 4: 255.255.255.0

            Default-Gateway Option 3, length 4: 10.210.0.1

            Domain-Name-Server Option 6, length 4: 10.210.0.11

        0x0000:  4500 0148 d99f 4000 4011 4a55 0ad2 000b  E..H..@.@.JU....

        0x0010:  0ad3 0001 0043 0043 0134 16f6 0201 0601  .....C.C.4......

        0x0020:  542d 2231 0012 8000 0000 0000 0ad3 0014  T-"1............

        0x0030:  0ad2 000b 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 756e 6469 6f6e 6c79  ........undionly

        0x0090:  2e6b 6b70 7865 0000 0000 0000 0000 0000  .kkpxe..........

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0536  ........c.Sc5..6

        0x0110:  040a d200 0b33 0400 0051 2c01 04ff ffff  .....3...Q,.....

        0x0120:  0003 040a d200 0106 040a d200 0bff 0000  ................

        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0140:  0000 0000 0000 0000                      ........

 

 

Windows Server 2012 packet, captured by Wireshark:

 

Frame 4: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits) on interface 0

Ethernet II, Src: SuperMic_32:38:54 (0c:c4:7a:32:38:54), Dst: HuaweiTe_f5:1d:41 (48:46:fb:f5:1d:41)

Internet Protocol Version 4, Src: 10.210.0.11, Dst: 10.211.0.1

User Datagram Protocol, Src Port: 67, Dst Port: 67

Bootstrap Protocol (Offer)

    Message type: Boot Reply (2)

    Hardware type: Ethernet (0x01)

    Hardware address length: 6

    Hops: 0

    Transaction ID: 0xdb98d333

    Seconds elapsed: 0

    Bootp flags: 0x8000, Broadcast flag (Broadcast)

    Client IP address: 0.0.0.0

    Your (client) IP address: 10.211.0.50

    Next server IP address: 10.210.0.11

    Relay agent IP address: 10.211.0.1

    Client MAC address: RealtekS_69:3b:17 (00:e0:4c:69:3b:17)

    Client hardware address padding: 00000000000000000000

    Server host name not given

    Boot file name not given

    Magic cookie: DHCP

    Option: (53) DHCP Message Type (Offer)

        Length: 1

        DHCP: Offer (2)

    Option: (1) Subnet Mask

        Length: 4

        Subnet Mask: 255.255.255.0

    Option: (58) Renewal Time Value

    Option: (59) Rebinding Time Value

    Option: (51) IP Address Lease Time

    Option: (54) DHCP Server Identifier

        Length: 4

        DHCP Server Identifier: 10.210.0.11

    Option: (3) Router

        Length: 4

        Router: 10.211.0.1

    Option: (6) Domain Name Server

        Length: 4

        Domain Name Server: 10.210.0.11

    Option: (255) End

Padding: 0000000000000000000000000000

 

0000   48 46 fb f5 1d 41 0c c4 7a 32 38 54 08 00 45 00  HF...A..z28T..E.

0010   01 48 61 c0 40 00 80 11 00 00 0a d2 00 0b 0a d3  .Ha.@...........

0020   00 01 00 43 00 43 01 34 16 f6 02 01 06 00 db 98  ...C.C.4........

0030   d3 33 00 00 80 00 00 00 00 00 0a d3 00 32 0a d2  .3...........2..

0040   00 0b 0a d3 00 01 00 e0 4c 69 3b 17 00 00 00 00  ........Li;.....

0050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00a0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00b0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00c0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00d0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00e0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00f0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0110   00 00 00 00 00 00 63 82 53 63 35 01 02 01 04 ff  ......c.Sc5.....

0120   ff ff 00 3a 04 00 00 01 2c 3b 04 00 00 02 0d 33  ...:....,;.....3

0130   04 00 00 02 58 36 04 0a d2 00 0b 03 04 0a d3 00  ....X6..........

0140   01 06 04 0a d2 00 0b ff 00 00 00 00 00 00 00 00  ................

0150   00 00 00 00 00 00                                ......

 

Best regards,

Rui Mao

 


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

RE: Client got wrong gateway

Rui Mao

Things are getting complex... The Windows client could get correct gateway. May the iPXE client also have a bug?

 

09:40:42.627428 IP (tos 0x0, ttl 127, id 24566, offset 0, flags [none], proto UDP (17), length 328)

    10.211.0.1.67 > 10.210.0.11.67: [udp sum ok] BOOTP/DHCP, Request from 00:e0:4c:69:3b:17, length 300, hops 1, xid 0x88f7ef80, Flags [none] (0x0000)

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Discover

            Client-ID Option 61, length 7: ether 00:e0:4c:69:3b:17

            Requested-IP Option 50, length 4: 10.211.0.20

            Hostname Option 12, length 15: "USER-20161114RB"

            Vendor-Class Option 60, length 8: "MSFT 5.0"

            Parameter-Request Option 55, length 12:

              Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server

              Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery

              Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft, Vendor-Option

        0x0000:  4500 0148 5ff6 0000 7f11 c4fe 0ad3 0001  E..H_...........

        0x0010:  0ad2 000b 0043 0043 0134 0f95 0101 0601  .....C.C.4......

        0x0020:  88f7 ef80 0000 0000 0000 0000 0000 0000  ................

        0x0030:  0000 0000 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 013d  ........c.Sc5..=

        0x0110:  0701 00e0 4c69 3b17 3204 0ad3 0014 0c0f  ....Li;.2.......

        0x0120:  5553 4552 2d32 3031 3631 3131 3452 423c  USER-20161114RB<

        0x0130:  084d 5346 5420 352e 3037 0c01 0f03 062c  .MSFT.5.07.....,

        0x0140:  2e2f 1f21 79f9 2bff                      ./.!y.+.

09:40:43.628899 IP (tos 0x0, ttl 64, id 24723, offset 0, flags [DF], proto UDP (17), length 328)

    10.210.0.11.67 > 10.211.0.1.67: [bad udp cksum 0x16f6 -> 0xcb0f!] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x88f7ef80, Flags [none] (0x0000)

          Your-IP 10.211.0.20

          Server-IP 10.210.0.11

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Offer

            Server-ID Option 54, length 4: 10.210.0.11

            Lease-Time Option 51, length 4: 21600

            Subnet-Mask Option 1, length 4: 255.255.255.0

            Default-Gateway Option 3, length 4: 10.211.0.1

            Domain-Name-Server Option 6, length 4: 10.210.0.11

        0x0000:  4500 0148 6093 4000 4011 c361 0ad2 000b  E..H`.@.@..a....

        0x0010:  0ad3 0001 0043 0043 0134 16f6 0201 0601  .....C.C.4......

        0x0020:  88f7 ef80 0000 0000 0000 0000 0ad3 0014  ................

        0x0030:  0ad2 000b 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0236  ........c.Sc5..6

        0x0110:  040a d200 0b33 0400 0054 6001 04ff ffff  .....3...T`.....

        0x0120:  0003 040a d300 0106 040a d200 0bff 0000  ................

        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0140:  0000 0000 0000 0000                      ........

09:40:43.638932 IP (tos 0x0, ttl 127, id 24568, offset 0, flags [none], proto UDP (17), length 354)

    10.211.0.1.67 > 10.210.0.11.67: [udp sum ok] BOOTP/DHCP, Request from 00:e0:4c:69:3b:17, length 326, hops 1, xid 0x88f7ef80, Flags [none] (0x0000)

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Request

            Client-ID Option 61, length 7: ether 00:e0:4c:69:3b:17

            Requested-IP Option 50, length 4: 10.211.0.20

            Server-ID Option 54, length 4: 10.210.0.11

            Hostname Option 12, length 15: "USER-20161114RB"

            FQDN Option 81, length 18: "USER-20161114RB"

            Vendor-Class Option 60, length 8: "MSFT 5.0"

            Parameter-Request Option 55, length 12:

              Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server

              Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery

              Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft, Vendor-Option

        0x0000:  4500 0162 5ff8 0000 7f11 c4e2 0ad3 0001  E..b_...........

        0x0010:  0ad2 000b 0043 0043 014e e470 0101 0601  .....C.C.N.p....

        0x0020:  88f7 ef80 0000 0000 0000 0000 0000 0000  ................

        0x0030:  0000 0000 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 033d  ........c.Sc5..=

        0x0110:  0701 00e0 4c69 3b17 3204 0ad3 0014 3604  ....Li;.2.....6.

        0x0120:  0ad2 000b 0c0f 5553 4552 2d32 3031 3631  ......USER-20161

        0x0130:  3131 3452 4251 1200 0000 5553 4552 2d32  114RBQ....USER-2

        0x0140:  3031 3631 3131 3452 423c 084d 5346 5420  0161114RB<.MSFT.

        0x0150:  352e 3037 0c01 0f03 062c 2e2f 1f21 79f9  5.07.....,./.!y.

        0x0160:  2bff                                     +.

09:40:43.709093 IP (tos 0x0, ttl 64, id 24725, offset 0, flags [DF], proto UDP (17), length 328)

    10.210.0.11.67 > 10.211.0.1.67: [bad udp cksum 0x16f6 -> 0xc80f!] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x88f7ef80, Flags [none] (0x0000)

          Your-IP 10.211.0.20

          Server-IP 10.210.0.11

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: ACK

            Server-ID Option 54, length 4: 10.210.0.11

            Lease-Time Option 51, length 4: 21600

            Subnet-Mask Option 1, length 4: 255.255.255.0

            Default-Gateway Option 3, length 4: 10.211.0.1

            Domain-Name-Server Option 6, length 4: 10.210.0.11

        0x0000:  4500 0148 6095 4000 4011 c35f 0ad2 000b  E..H`.@.@.._....

        0x0010:  0ad3 0001 0043 0043 0134 16f6 0201 0601  .....C.C.4......

        0x0020:  88f7 ef80 0000 0000 0000 0000 0ad3 0014  ................

        0x0030:  0ad2 000b 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0536  ........c.Sc5..6

        0x0110:  040a d200 0b33 0400 0054 6001 04ff ffff  .....3...T`.....

        0x0120:  0003 040a d300 0106 040a d200 0bff 0000  ................

        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0140:  0000 0000 0000 0000                      ........

09:40:47.316836 IP (tos 0x0, ttl 127, id 24571, offset 0, flags [none], proto UDP (17), length 328)

    10.211.0.1.67 > 10.210.0.11.67: [udp sum ok] BOOTP/DHCP, Request from 00:e0:4c:69:3b:17, length 300, hops 1, xid 0x394f0aa9, Flags [none] (0x0000)

          Client-IP 10.211.0.20

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Inform

            Client-ID Option 61, length 7: ether 00:e0:4c:69:3b:17

            Hostname Option 12, length 15: "USER-20161114RB"

            Vendor-Class Option 60, length 8: "MSFT 5.0"

            Parameter-Request Option 55, length 13:

              Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server

              Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery

              Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft, Vendor-Option

              Option 252

        0x0000:  4500 0148 5ffb 0000 7f11 c4f9 0ad3 0001  E..H_...........

        0x0010:  0ad2 000b 0043 0043 0134 6f1b 0101 0601  .....C.C.4o.....

        0x0020:  394f 0aa9 0000 0000 0ad3 0014 0000 0000  9O..............

        0x0030:  0000 0000 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 083d  ........c.Sc5..=

        0x0110:  0701 00e0 4c69 3b17 0c0f 5553 4552 2d32  ....Li;...USER-2

        0x0120:  3031 3631 3131 3452 423c 084d 5346 5420  0161114RB<.MSFT.

        0x0130:  352e 3037 0d01 0f03 062c 2e2f 1f21 79f9  5.07.....,./.!y.

        0x0140:  2bfc ff00 0000 0000                      +.......

09:40:47.317119 IP (tos 0x0, ttl 64, id 62942, offset 0, flags [DF], proto UDP (17), length 328)

    10.210.0.11.67 > 10.211.0.20.68: [bad udp cksum 0x1709 -> 0x6103!] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x394f0aa9, Flags [none] (0x0000)

          Client-IP 10.211.0.20

          Server-IP 10.210.0.11

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: ACK

            Server-ID Option 54, length 4: 10.210.0.11

            Subnet-Mask Option 1, length 4: 255.255.255.0

            Default-Gateway Option 3, length 4: 10.211.0.1

            Domain-Name-Server Option 6, length 4: 10.210.0.11

        0x0000:  4500 0148 f5de 4000 4011 2e03 0ad2 000b  E..H..@.@.......

        0x0010:  0ad3 0014 0043 0044 0134 1709 0201 0601  .....C.D.4......

        0x0020:  394f 0aa9 0000 0000 0ad3 0014 0000 0000  9O..............

        0x0030:  0ad2 000b 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0536  ........c.Sc5..6

        0x0110:  040a d200 0b01 04ff ffff 0003 040a d300  ................

        0x0120:  0106 040a d200 0bff 0000 0000 0000 0000  ................

        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0140:  0000 0000 0000 0000                      ........

09:40:50.325551 IP (tos 0x0, ttl 127, id 24574, offset 0, flags [none], proto UDP (17), length 328)

    10.211.0.1.67 > 10.210.0.11.67: [udp sum ok] BOOTP/DHCP, Request from 00:e0:4c:69:3b:17, length 300, hops 1, xid 0x394f0aa9, secs 768, Flags [none] (0x0000)

          Client-IP 10.211.0.20

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Inform

            Client-ID Option 61, length 7: ether 00:e0:4c:69:3b:17

            Hostname Option 12, length 15: "USER-20161114RB"

            Vendor-Class Option 60, length 8: "MSFT 5.0"

            Parameter-Request Option 55, length 13:

              Subnet-Mask, Domain-Name, Default-Gateway, Domain-Name-Server

              Netbios-Name-Server, Netbios-Node, Netbios-Scope, Router-Discovery

              Static-Route, Classless-Static-Route, Classless-Static-Route-Microsoft, Vendor-Option

              Option 252

        0x0000:  4500 0148 5ffe 0000 7f11 c4f6 0ad3 0001  E..H_...........

        0x0010:  0ad2 000b 0043 0043 0134 6c1b 0101 0601  .....C.C.4l.....

        0x0020:  394f 0aa9 0300 0000 0ad3 0014 0000 0000  9O..............

        0x0030:  0000 0000 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 083d  ........c.Sc5..=

        0x0110:  0701 00e0 4c69 3b17 0c0f 5553 4552 2d32  ....Li;...USER-2

        0x0120:  3031 3631 3131 3452 423c 084d 5346 5420  0161114RB<.MSFT.

        0x0130:  352e 3037 0d01 0f03 062c 2e2f 1f21 79f9  5.07.....,./.!y.

        0x0140:  2bfc ff00 0000 0000                      +.......

09:40:50.325837 IP (tos 0x0, ttl 64, id 63385, offset 0, flags [DF], proto UDP (17), length 328)

    10.210.0.11.67 > 10.211.0.20.68: [bad udp cksum 0x1709 -> 0x5e03!] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x394f0aa9, secs 768, Flags [none] (0x0000)

          Client-IP 10.211.0.20

          Server-IP 10.210.0.11

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: ACK

            Server-ID Option 54, length 4: 10.210.0.11

            Subnet-Mask Option 1, length 4: 255.255.255.0

            Default-Gateway Option 3, length 4: 10.211.0.1

            Domain-Name-Server Option 6, length 4: 10.210.0.11

        0x0000:  4500 0148 f799 4000 4011 2c48 0ad2 000b  E..H..@.@.,H....

        0x0010:  0ad3 0014 0043 0044 0134 1709 0201 0601  .....C.D.4......

        0x0020:  394f 0aa9 0300 0000 0ad3 0014 0000 0000  9O..............

        0x0030:  0ad2 000b 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0536  ........c.Sc5..6

        0x0110:  040a d200 0b01 04ff ffff 0003 040a d300  ................

        0x0120:  0106 040a d200 0bff 0000 0000 0000 0000  ................

        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0140:  0000 0000 0000 0000                      ........

 

Best regards,

Rui Mao

 

From: dhcp-users-bounces+maorui2k=[hidden email] [mailto:dhcp-users-bounces+maorui2k=[hidden email]] On Behalf Of Rui Mao
Sent: Friday, February 24, 2017 9:23 AM
To: [hidden email]
Subject: Client got wrong gateway

 

Hi,

 

I installed a Ubuntu 16.04 and configured isc-dhcp-server 4.3.3 as DHCP/BOOTp server. But the iPXE didn't got correct gateway from it.

 

The DHCP server is 10.210.0.11, and the client is in another VLAN which gateway is 10.211.0.1.

 

I captured Ethernet packages by tcpdump, and also used a Windows Server 2012 for comparison. It seems ISC-DHCP-Server sent a wrong gateway.

 

Is this a configuration issue or a bug of ISC-DHCP-Server?

 

 

 

Here is the screen capture.

 

 

The DHCP configuration I used.

 

# DHCP Server Configuration file\n#see /usr/share/doc/dhcp*/dhcpd.conf.sample

# This file was created by FOG

#Definition of PXE-specific options

# Code 1: Multicast IP Address of bootfile

# Code 2: UDP Port that client should monitor for MTFTP Responses

# Code 3: UDP Port that MTFTP servers are using to listen for MTFTP requests

# Code 4: Number of seconds a client must listen for activity before trying

#         to start a new MTFTP transfer

# Code 5: Number of seconds a client must listen before trying to restart

#         a MTFTP transfer

option space PXE;

option PXE.mtftp-ip code 1 = ip-address;

option PXE.mtftp-cport code 2 = unsigned integer 16;

option PXE.mtftp-sport code 3 = unsigned integer 16;

option PXE.mtftp-tmout code 4 = unsigned integer 8;

option PXE.mtftp-delay code 5 = unsigned integer 8;

option arch code 93 = unsigned integer 16;

use-host-decl-names on;

ddns-update-style interim;

ignore client-updates;

# Specify subnet of ether device you do NOT want service.

# For systems with two or more ethernet devices.

# subnet 136.165.0.0 netmask 255.255.0.0 {}

 

subnet 10.210.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.210.0.20 10.210.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.210.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

subnet 10.211.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.211.0.20 10.211.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.211.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

subnet 10.212.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.212.0.20 10.212.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.212.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

subnet 10.213.0.0 netmask 255.255.255.0{

    authoritative;

    option subnet-mask 255.255.255.0;

    range dynamic-bootp 10.213.0.20 10.213.0.200;

    default-lease-time 21600;

    max-lease-time 43200;

    option routers 10.213.0.1;

    option domain-name-servers 10.210.0.11;

    next-server 10.210.0.11;

    class "Legacy" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00000";

        filename "undionly.kkpxe";

    }

    class "UEFI-32-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00002";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-32-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00006";

        filename "i386-efi/ipxe.efi";

    }

    class "UEFI-64-1" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00007";

        filename "ipxe.efi";

    }

    class "UEFI-64-2" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00008";

        filename "ipxe.efi";

    }

    class "UEFI-64-3" {

        match if substring(option vendor-class-identifier, 0, 20) = "PXEClient:Arch:00009";

        filename "ipxe.efi";

    }

    class "SURFACE-PRO-4" {

        match if substring(option vendor-class-identifier, 0, 32) = "PXEClient:Arch:00007:UNDI:003016";

        filename "ipxe7156.efi";

    }

    class "Apple-Intel-Netboot" {

        match if substring(option vendor-class-identifier, 0, 14) = "AAPLBSDPC/i386";

        option dhcp-parameter-request-list 1,3,17,43,60;

        if (option dhcp-message-type = 8) {

            option vendor-class-identifier "AAPLBSDPC";

            if (substring(option vendor-encapsulated-options, 0, 3) = 01:01:01) {

                # BSDP List

                option vendor-encapsulated-options 01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:46:4f:47;

                filename "ipxe.efi";

            }

        }

    }

}

 

 

ISC-DHCP-Server packet, captured by tcpdump:

 

[code]15:20:07.562620 IP (tos 0x0, ttl 63, id 65239, offset 0, flags [none], proto UDP (17), length 448)

    10.211.0.1.67 > 10.210.0.11.67: [udp sum ok] BOOTP/DHCP, Request from 00:e0:4c:69:3b:17, length 420, hops 1, xid 0x542d2231, secs 18, Flags [Broadcast] (0x8000)

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Request

            MSZ Option 57, length 2: 1472

            ARCH Option 93, length 2: 0

            NDI Option 94, length 3: 1.2.1

            Vendor-Class Option 60, length 32: "PXEClient:Arch:00000:UNDI:002001"

            User-Class Option 77, length 4:

              instance#1: ERROR: malformed option

            Parameter-Request Option 55, length 22:

              Subnet-Mask, Default-Gateway, Domain-Name-Server, LOG

              Hostname, Domain-Name, RP, Vendor-Option

              Vendor-Class, TFTP, BF, Option 119

              Option 128, Option 129, Option 130, Option 131

              Option 132, Option 133, Option 134, Option 135

              Option 175, Option 203

            T175 Option 175, length 57: 177.5.1.16.236.129.104.235.3.1.0.0.23.1.1.34.1.1.22.1.1.19.1.1.20.1.1.17.1.1.39.1.1.25.1.1.41.1.1.16.1.2.33.1.1.21.1.1.24.1.1.38.1.1.18.1.1

            Client-ID Option 61, length 7: ether 00:e0:4c:69:3b:17

            GUID Option 97, length 17: 0.0.2.0.3.0.4.0.5.0.6.0.7.0.8.0.9

            Server-ID Option 54, length 4: 10.210.0.11

            Requested-IP Option 50, length 4: 10.211.0.20

        0x0000:  4500 01c0 fed7 0000 3f11 65a5 0ad3 0001  E.......?.e.....

        0x0010:  0ad2 000b 0043 0043 01ac aa05 0101 0601  .....C.C........

        0x0020:  542d 2231 0012 8000 0000 0000 0000 0000  T-"1............

        0x0030:  0000 0000 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0090:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0339  ........c.Sc5..9

        0x0110:  0205 c05d 0200 005e 0301 0201 3c20 5058  ...]...^....<.PX

        0x0120:  4543 6c69 656e 743a 4172 6368 3a30 3030  EClient:Arch:000

        0x0130:  3030 3a55 4e44 493a 3030 3230 3031 4d04  00:UNDI:002001M.

        0x0140:  6950 5845 3716 0103 0607 0c0f 112b 3c42  iPXE7........+<B

        0x0150:  4377 8081 8283 8485 8687 afcb af39 b105  Cw...........9..

        0x0160:  0110 ec81 68eb 0301 0000 1701 0122 0101  ....h........"..

        0x0170:  1601 0113 0101 1401 0111 0101 2701 0119  ............'...

        0x0180:  0101 2901 0110 0102 2101 0115 0101 1801  ..).....!.......

        0x0190:  0126 0101 1201 013d 0701 00e0 4c69 3b17  .&.....=....Li;.

        0x01a0:  6111 0000 0200 0300 0400 0500 0600 0700  a...............

        0x01b0:  0800 0936 040a d200 0b32 040a d300 14ff  ...6.....2......

 

15:20:07.562955 IP (tos 0x0, ttl 64, id 55711, offset 0, flags [DF], proto UDP (17), length 328)

    10.210.0.11.67 > 10.211.0.1.67: [bad udp cksum 0x16f6 -> 0xb719!] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x542d2231, secs 18, Flags [Broadcast] (0x8000)

          Your-IP 10.211.0.20

          Server-IP 10.210.0.11

          Gateway-IP 10.211.0.1

          Client-Ethernet-Address 00:e0:4c:69:3b:17

          file "undionly.kkpxe"

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: ACK

            Server-ID Option 54, length 4: 10.210.0.11

            Lease-Time Option 51, length 4: 20780

            Subnet-Mask Option 1, length 4: 255.255.255.0

            Default-Gateway Option 3, length 4: 10.210.0.1

            Domain-Name-Server Option 6, length 4: 10.210.0.11

        0x0000:  4500 0148 d99f 4000 4011 4a55 0ad2 000b  [hidden email]....

        0x0010:  0ad3 0001 0043 0043 0134 16f6 0201 0601  .....C.C.4......

        0x0020:  542d 2231 0012 8000 0000 0000 0ad3 0014  T-"1............

        0x0030:  0ad2 000b 0ad3 0001 00e0 4c69 3b17 0000  ..........Li;...

        0x0040:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0050:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0060:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0070:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0080:  0000 0000 0000 0000 756e 6469 6f6e 6c79  ........undionly

        0x0090:  2e6b 6b70 7865 0000 0000 0000 0000 0000  .kkpxe..........

        0x00a0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00b0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00c0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00d0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00e0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x00f0:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0100:  0000 0000 0000 0000 6382 5363 3501 0536  ........c.Sc5..6

        0x0110:  040a d200 0b33 0400 0051 2c01 04ff ffff  .....3...Q,.....

        0x0120:  0003 040a d200 0106 040a d200 0bff 0000  ................

        0x0130:  0000 0000 0000 0000 0000 0000 0000 0000  ................

        0x0140:  0000 0000 0000 0000                      ........

 

 

Windows Server 2012 packet, captured by Wireshark:

 

Frame 4: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits) on interface 0

Ethernet II, Src: SuperMic_32:38:54 (0c:c4:7a:32:38:54), Dst: HuaweiTe_f5:1d:41 (48:46:fb:f5:1d:41)

Internet Protocol Version 4, Src: 10.210.0.11, Dst: 10.211.0.1

User Datagram Protocol, Src Port: 67, Dst Port: 67

Bootstrap Protocol (Offer)

    Message type: Boot Reply (2)

    Hardware type: Ethernet (0x01)

    Hardware address length: 6

    Hops: 0

    Transaction ID: 0xdb98d333

    Seconds elapsed: 0

    Bootp flags: 0x8000, Broadcast flag (Broadcast)

    Client IP address: 0.0.0.0

    Your (client) IP address: 10.211.0.50

    Next server IP address: 10.210.0.11

    Relay agent IP address: 10.211.0.1

    Client MAC address: RealtekS_69:3b:17 (00:e0:4c:69:3b:17)

    Client hardware address padding: 00000000000000000000

    Server host name not given

    Boot file name not given

    Magic cookie: DHCP

    Option: (53) DHCP Message Type (Offer)

        Length: 1

        DHCP: Offer (2)

    Option: (1) Subnet Mask

        Length: 4

        Subnet Mask: 255.255.255.0

    Option: (58) Renewal Time Value

    Option: (59) Rebinding Time Value

    Option: (51) IP Address Lease Time

    Option: (54) DHCP Server Identifier

        Length: 4

        DHCP Server Identifier: 10.210.0.11

    Option: (3) Router

        Length: 4

        Router: 10.211.0.1

    Option: (6) Domain Name Server

        Length: 4

        Domain Name Server: 10.210.0.11

    Option: (255) End

Padding: 0000000000000000000000000000

 

0000   48 46 fb f5 1d 41 0c c4 7a 32 38 54 08 00 45 00  HF...A..z28T..E.

0010   01 48 61 c0 40 00 80 11 00 00 0a d2 00 0b 0a d3  [hidden email]...........

0020   00 01 00 43 00 43 01 34 16 f6 02 01 06 00 db 98  ...C.C.4........

0030   d3 33 00 00 80 00 00 00 00 00 0a d3 00 32 0a d2  .3...........2..

0040   00 0b 0a d3 00 01 00 e0 4c 69 3b 17 00 00 00 00  ........Li;.....

0050   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0060   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0070   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0080   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0090   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00a0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00b0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00c0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00d0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00e0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

00f0   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0100   00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00  ................

0110   00 00 00 00 00 00 63 82 53 63 35 01 02 01 04 ff  ......c.Sc5.....

0120   ff ff 00 3a 04 00 00 01 2c 3b 04 00 00 02 0d 33  ...:....,;.....3

0130   04 00 00 02 58 36 04 0a d2 00 0b 03 04 0a d3 00  ....X6..........

0140   01 06 04 0a d2 00 0b ff 00 00 00 00 00 00 00 00  ................

0150   00 00 00 00 00 00                                ......

 

Best regards,

Rui Mao

 


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: Client got wrong gateway

Simon Hobson
In reply to this post by Rui Mao
Rui Mao <[hidden email]> wrote:

> I installed a Ubuntu 16.04 and configured isc-dhcp-server 4.3.3 as DHCP/BOOTp server. But the iPXE didn't got correct gateway from it.
>  
> The DHCP server is 10.210.0.11, and the client is in another VLAN which gateway is 10.211.0.1.
>  
> I captured Ethernet packages by tcpdump, and also used a Windows Server 2012 for comparison. It seems ISC-DHCP-Server sent a wrong gateway.
>  
> Is this a configuration issue or a bug of ISC-DHCP-Server?

It's a configuration issue - and a known "gotcha" !

Move your class statements out of the subnet declarations - regardless of where you define them, they are global in scope (ditto for host statements). So a client can match a class even if you **think** you've defined it only for a specific subnet. When this happens, the client gets options inherited from the class in the other subnet - and a side effect is getting (in this case) the router option from a different subnet.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

RE: Client got wrong gateway

Rui Mao
Thank you! It works as expected now.

Best regards,
Rui Mao

-----Original Message-----
From: dhcp-users-bounces+maorui2k=[hidden email]
[mailto:dhcp-users-bounces+maorui2k=[hidden email]] On Behalf Of
Simon Hobson
Sent: Friday, February 24, 2017 4:07 PM
To: Users of ISC DHCP <[hidden email]>
Subject: Re: Client got wrong gateway

Rui Mao <[hidden email]> wrote:

> I installed a Ubuntu 16.04 and configured isc-dhcp-server 4.3.3 as
DHCP/BOOTp server. But the iPXE didn't got correct gateway from it.
>  
> The DHCP server is 10.210.0.11, and the client is in another VLAN which
gateway is 10.211.0.1.
>  
> I captured Ethernet packages by tcpdump, and also used a Windows Server
2012 for comparison. It seems ISC-DHCP-Server sent a wrong gateway.
>  
> Is this a configuration issue or a bug of ISC-DHCP-Server?

It's a configuration issue - and a known "gotcha" !

Move your class statements out of the subnet declarations - regardless of
where you define them, they are global in scope (ditto for host statements).
So a client can match a class even if you **think** you've defined it only
for a specific subnet. When this happens, the client gets options inherited
from the class in the other subnet - and a side effect is getting (in this
case) the router option from a different subnet.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users