DHCP Client Debug Verbosity

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

DHCP Client Debug Verbosity

Russell Dekema
Good evening,

Beyond issuing the -v flag on the dhclient command line, is there a
way to increase the level or verbosity of debugging output?

I am trying to troubleshoot a problem in which the ISC DHCP client
sends a DHCPDISCOVER and I can see what seems like a valid DHCPOFFER
come back to the client over the wire, but the DHCP client appears to
be ignoring the offer. Adding the -v flag to the dhclient command line
does not produce any useful troubleshooting information; it simply
shows repeated DHCPDISCOVER frames being sent, and nothing else.

I have read the dhclient man page and searched the web extensively but
haven't found any way to do this. I am hoping for a middle ground
between "-v" and running the client in gdb or extensively
instrumenting the code with printf()s (or the like), as those are both
a bit outside my normal realm of expertise.

Thanks in advance for any suggestions.

Sincerely,
Rusty Dekema
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: DHCP Client Debug Verbosity

sthaug
> I have read the dhclient man page and searched the web extensively but
> haven't found any way to do this. I am hoping for a middle ground
> between "-v" and running the client in gdb or extensively
> instrumenting the code with printf()s (or the like), as those are both
> a bit outside my normal realm of expertise.

Using tcpdump or Wireshark to look at the actual traffic can sometimes
be invaluable.

Steinar Haug, Nethelp consulting, [hidden email]
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: DHCP Client Debug Verbosity

Simon Hobson
[hidden email] wrote:

>> I have read the dhclient man page and searched the web extensively but
>> haven't found any way to do this. I am hoping for a middle ground
>> between "-v" and running the client in gdb or extensively
>> instrumenting the code with printf()s (or the like), as those are both
>> a bit outside my normal realm of expertise.
>
> Using tcpdump or Wireshark to look at the actual traffic can sometimes
> be invaluable.

However, for most traffic, it can show you packets arriving on the wire which are then dropped by a firewall (iptables rules) before reaching the application to which they are addressed. I'm not sure if this applies to the dhcp client since IIRC that uses raw sockets and bypasses the IP stack.

Yes, I've been had by this one often enough.

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: DHCP Client Debug Verbosity

Russell Dekema
On Tue, Nov 24, 2015 at 2:56 AM, Simon Hobson <[hidden email]> wrote:

> [hidden email] wrote:
>
>>> I have read the dhclient man page and searched the web extensively but
>>> haven't found any way to do this. I am hoping for a middle ground
>>> between "-v" and running the client in gdb or extensively
>>> instrumenting the code with printf()s (or the like), as those are both
>>> a bit outside my normal realm of expertise.
>>
>> Using tcpdump or Wireshark to look at the actual traffic can sometimes
>> be invaluable.
>
> However, for most traffic, it can show you packets arriving on the wire which are then dropped by a firewall (iptables rules) before reaching the application to which they are addressed. I'm not sure if this applies to the dhcp client since IIRC that uses raw sockets and bypasses the IP stack.
>
> Yes, I've been had by this one often enough.

This (offers getting dropped by iptables rules) definitely applies to
the DHCP client - at least when using DHCPv6. I learned that the hard
way last week on an unrelated case, and I don't see why it would be
any different with v4.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: DHCP Client Debug Verbosity

Russell Dekema
In reply to this post by Russell Dekema
On Mon, Nov 23, 2015 at 7:27 PM, Russell Dekema <[hidden email]> wrote:

> Good evening,
>
> Beyond issuing the -v flag on the dhclient command line, is there a
> way to increase the level or verbosity of debugging output?
>
> I am trying to troubleshoot a problem in which the ISC DHCP client
> sends a DHCPDISCOVER and I can see what seems like a valid DHCPOFFER
> come back to the client over the wire, but the DHCP client appears to
> be ignoring the offer. Adding the -v flag to the dhclient command line
> does not produce any useful troubleshooting information; it simply
> shows repeated DHCPDISCOVER frames being sent, and nothing else.
>
> I have read the dhclient man page and searched the web extensively but
> haven't found any way to do this. I am hoping for a middle ground
> between "-v" and running the client in gdb or extensively
> instrumenting the code with printf()s (or the like), as those are both
> a bit outside my normal realm of expertise.
>
> Thanks in advance for any suggestions.
>
> Sincerely,
> Rusty Dekema

To answer my own question and perhaps save a future troubleshooter
some time, the answer is to edit includes/site.h and uncomment as many
of the #define DEBUG_[xyz] lines as you see fit.

In my case, it revealed the following:

DHCPDISCOVER on ib0 to 255.255.255.255 port 67 interval 4 (xid=0x31fd9d0e)
DHCPOFFER in wrong transaction.

Off the top of your heads, does anyone know what goes into the
transaction matching logic other than the xid? According to my packet
captures, the xid on the received DHCPOFFER matches the xid on the
transmitted DHCPDISCOVER.

Cheers,
Rusty
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: DHCP Client Debug Verbosity

Simon Hobson
In reply to this post by Russell Dekema
Russell Dekema <[hidden email]> wrote:

> This (offers getting dropped by iptables rules) definitely applies to
> the DHCP client - at least when using DHCPv6. I learned that the hard
> way last week on an unrelated case, and I don't see why it would be
> any different with v4.

It's considerably different between IPv4 and IPv6.

In IPv6, the client self-configures a link-local address and uses that during solicitation. So all traffic is "normal" IP packets that can go through the normal IP stack - and hence always through iptables.
With IPv4 it's very different. Prior to getting an address and configuring the interface, the DHCP client has to work with an unconfigured interface and so the requirement to use raw sockets - thus bypassing the IP stack and (I think) iptables rules.


_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Reply | Threaded
Open this post in threaded view
|

Re: DHCP Client Debug Verbosity

Russell Dekema
On Tue, Nov 24, 2015 at 7:00 AM, Simon Hobson <[hidden email]> wrote:

> Russell Dekema <[hidden email]> wrote:
>
>> This (offers getting dropped by iptables rules) definitely applies to
>> the DHCP client - at least when using DHCPv6. I learned that the hard
>> way last week on an unrelated case, and I don't see why it would be
>> any different with v4.
>
> It's considerably different between IPv4 and IPv6.
>
> In IPv6, the client self-configures a link-local address and uses that during solicitation. So all traffic is "normal" IP packets that can go through the normal IP stack - and hence always through iptables.
> With IPv4 it's very different. Prior to getting an address and configuring the interface, the DHCP client has to work with an unconfigured interface and so the requirement to use raw sockets - thus bypassing the IP stack and (I think) iptables rules.

Ahhh, right; good point!
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users