DHCP sending incorrect gateway in DHCP Reply

On 16 Oct 2019, at 16.07, Eric Koons <[hidden email]> wrote:

I’m having an issue with ISC DHCP where it’s sending the incorrect router option/gateway in the DHCP reply.   Any help is appreciated.

Below is a capture using TCPDUMP on the DHCP server.  With this particular request, it should be sending the Gateway of 10.123.4.41, but it’s sending 10.123.4.49 which is the gateway option defined in the other scope.  It almost seems like the first device in a DHCP scope that comes online the Server uses that as the router option for all other requests.  I’ve also attached a copy of the dhcpd.conf file below.  This is on a CENTOS server: CentOS Linux release 7.7.1908 (Core).

09:57:27.101056 00:a5:bf:9d:a9:59 > 00:50:56:ae:be:10, ethertype IPv4 (0x0800), length 442: (tos 0xc0, ttl 29, id 53170, offset 0, flags [none], proto UDP (17), length 428)

    10.123.4.41.bootps > 10.123.0.9.bootps: [udp sum ok] BOOTP/DHCP, Request from 00:18:48:02:6e:a0, length 400, xid 0xcc58406, Flags [none] (0x0000)

          Gateway-IP 10.123.4.41

          Client-Ethernet-Address 00:18:48:02:6e:a0

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Request

            Server-ID Option 54, length 4: 10.123.0.9

            Requested-IP Option 50, length 4: 10.123.4.45

            Parameter-Request Option 55, length 12: 

              Subnet-Mask, BR, Time-Zone, Default-Gateway

              Domain-Name, Domain-Name-Server, Hostname, Vendor-Option

              Time-Server, BF, TFTP, WWW

            Vendor-Option Option 43, length 86: 2.3.82.80.68.3.9.69.67.77.58.101.83.65.70.69.4.7.57.49.48.52.50.48.53.5.5.48.46.48.46.49.6.7.49.95.53.48.95.50.51.7.5.48.46.48.46.49.8.6.48.48.49.56.52.56.9.6.53.50.48.48.48.49.10.20.86.101.99.105.109.97.32.78.101.116.119.111.114.107.115.32.73.110.99.46

            Vendor-Class Option 60, length 3: "RPD"

            Client-ID Option 61, length 15: hardware-type 255, 48:02:6e:a0:00:03:00:01:00:18:48:02:6e:a0

            Agent-Information Option 82, length 18: 

              Circuit-ID SubOption 1, length 6: ^@^D^@^@^@^C

              Remote-ID SubOption 2, length 8: ^@^F^@M-^^^^]YM-^

            END Option 255, length 0

09:57:27.101623 00:50:56:ae:be:10 > 00:00:0c:07:ac:00, ethertype IPv4 (0x0800), length 381: (tos 0x0, ttl 64, id 62282, offset 0, flags [DF], proto UDP (17), length 367)

    10.123.0.9.bootps > 10.123.4.41.bootps: [bad udp cksum 0x1a94 -> 0xcaaa!] BOOTP/DHCP, Reply, length 339, xid 0xcc58406, Flags [none] (0x0000)

          Your-IP 10.123.4.45

          Gateway-IP 10.123.4.41

          Client-Ethernet-Address 00:18:48:02:6e:a0

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: ACK

            Server-ID Option 54, length 4: 10.123.0.9

            Lease-Time Option 51, length 4: 86400

            Subnet-Mask Option 1, length 4: 255.255.255.248

            BR Option 28, length 4: 10.123.4.55

            Time-Zone Option 2, length 4: -18000

            Default-Gateway Option 3, length 4: 10.123.4.49

            Domain-Name Option 15, length 13: "rpd.sectv.com"

            Domain-Name-Server Option 6, length 4: 10.123.0.9

            Vendor-Option Option 43, length 10: 61.8.10.123.4.10.10.123.4.58

            Time-Server Option 4, length 4: 10.123.0.9

            Agent-Information Option 82, length 18: 

              Circuit-ID SubOption 1, length 6: ^@^D^@^@^@^C

              Remote-ID SubOption 2, length 8: ^@^F^@M-^^^^]YM-^

            END Option 255, length 0

Here is a copy of my dhcpd.conf:

#Global Options:   

        #Set the server to authoritative;

        authoritative;      

        option domain-name-servers 10.123.0.9;

        option log-servers 10.123.0.9;

        option ntp-servers 10.123.0.9;

        option time-servers 10.123.0.9;

        local-address 10.123.0.9;

        #Time Offset

        option time-offset -18000;

        #Lease time

        default-lease-time 86400;

        max-lease-time 172800;

        #Time zone

        option PCode code 100 = text;

        option TCode code 101 = text;

        option PCode "”EST5EDT4,M3.2.0/02:00,M11.1.0/02:00";

        option TCode "America/New_York”";

        #Remote Phy Stuff

       # option CCAPCore code 43 = string;

#        option iNode-manager code 43 = string;

        option space VCM;

        option VCM.ccap_cores code 61 = { array of ip-address };

        default-lease-time 86400;

        max-lease-time 172800;

# Use this to enble / disable dynamic dns updates globally.

 #       ddns-updates        on;

 #       ddns-update-style interim;

 #       ddns-rev-domainname "in-addr.arpa";

 #       deny declines;

 #       deny bootp;

        #allow client-updates;

 #       key dhcpupdate {

  #              algorithm hmac-md5;

  #              secret iY+hMAmhBJvhxc82gX8Vgg==;

  #      }

  #      zone sectv.com. {

  #              primary 10.0.40.5;

  #              key dhcpupdate;

  #      }

   #     zone 10.123.in-addr.arpa. {

   #     primary 10.0.40.5;

   #     key dhcpupdate;

   #     }

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

#10.123.0.0/24 Subnet - Management

subnet 10.123.0.0 netmask 255.255.255.0 {

#No options or ranges defined - No DHCP

}

# 10.123.4.40/29 Subnet

subnet 10.123.4.40 netmask 255.255.255.248 {

        range 10.123.4.42 10.123.4.46;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.41;

        option broadcast-address 10.123.4.47;

#        class "CiscoRPD" {

#                match if option vendor-class-identifier="RPD";

                vendor-option-space VCM;

                option VCM.ccap_cores 10.123.4.10, 10.123.4.58;

                option domain-name "rpd.sectv.com";

#        }

#        class "CiscoiNode"{

#                match if option vendor-class-identifier="Cisco.iNode.oib.1.0";

#                option iNode-manager 01:04:0a:7b:00:0a;

#                option tftp-server-name "10.123.0.9";

#                option bootfile-name "inode.bin";

#                option domain-name "inode.sectv.com";

#        }

}

# 10.123.4.48/29 Subnet

subnet 10.123.4.48 netmask 255.255.255.248 {

        range 10.123.4.50 10.123.4.54;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.49;

        option broadcast-address 10.123.4.55;

        class "CiscoRPD" {

                match if option vendor-class-identifier="RPD";

                vendor-option-space VCM;

                option VCM.ccap_cores 10.123.4.10, 10.123.4.58;

                option domain-name "rpd.sectv.com";

        }

 #       class "CiscoiNode"{

 #               match if option vendor-class-identifier="Cisco.iNode.oib.1.0";

 #               option iNode-manager 01:04:0a:7b:00:0a;

 #               option tftp-server-name "10.123.0.9";

 #               option bootfile-name "inode.bin";

 #               option domain-name "inode.sectv.com";

 #       }

}

 # 10.123.4.56/29 Subnet

subnet 10.123.4.56 netmask 255.255.255.248 {

        range 10.123.4.58 10.123.4.62;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.57;

        option broadcast-address 10.123.4.63;

}

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

On 16 Oct 2019, at 19.36, Eric Koons <[hidden email]> wrote:

Thanks for the help.  I moved the class stuff to the global section and that is working fine.   However, wonder if I can ask another question.  I’m trying to now pass certain options using classes based upon the vendor-class-identifier.  It’s not putting those options in the DHCP reply.  I can provide TCPDUMPS if necessary, but I have verified that the device is sending the correct and matching vendor class identifier.  Is there something wrong with my config below?

#Global Options:   

        #Set the server to authoritative;

        authoritative;      

        option domain-name-servers 10.123.0.9;

        option log-servers 10.123.0.9;

        option ntp-servers 10.123.0.9;

        option time-servers 10.123.0.9;

        local-address 10.123.0.9;

        #Time Offset

        option time-offset -18000;

        #Lease time

        default-lease-time 86400;

        max-lease-time 172800;

        #Time zone

        option PCode code 100 = text;

        option TCode code 101 = text;

        option PCode "”EST5EDT4,M3.2.0/02:00,M11.1.0/02:00";

        option TCode "America/New_York”";

        #Remote Phy Stuff

       # option CCAPCore code 43 = string;

        option iNode-manager code 43 = string;

        option space VCM;

        option VCM.ccap_cores code 61 = { array of ip-address };

        option VCM.ccap_cores 10.123.4.10, 10.123.4.58;

        default-lease-time 86400;

        max-lease-time 172800;

# Use this to enble / disable dynamic dns updates globally.

       ddns-updates        on;

        ddns-update-style interim;

        ddns-rev-domainname "in-addr.arpa";

        deny declines;

        deny bootp;

        #allow client-updates;

        key dhcpupdate {

                algorithm hmac-md5;

                secret iY+hMAmhBJvhxc82gX8Vgg==;

        }

        zone sectv.com. {

                primary 10.0.40.5;

                key dhcpupdate;

        }

        zone 10.123.in-addr.arpa. {

        primary 10.0.40.5;

        key dhcpupdate;

        }

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

#10.123.0.0/24 Subnet - Management

subnet 10.123.0.0 netmask 255.255.255.0 {

#No options or ranges defined - No DHCP

}

# 10.123.4.40/29 Subnet

subnet 10.123.4.40 netmask 255.255.255.248 {

        range 10.123.4.42 10.123.4.46;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.41;

        option broadcast-address 10.123.4.47;

}

# 10.123.4.48/29 Subnet

subnet 10.123.4.48 netmask 255.255.255.248 {

        range 10.123.4.50 10.123.4.54;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.49;

        option broadcast-address 10.123.4.55;

}

 # 10.123.4.56/29 Subnet

#Vecima Node Manager

subnet 10.123.4.56 netmask 255.255.255.248 {

        range 10.123.4.58 10.123.4.62;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.57;

        option broadcast-address 10.123.4.63;

}

class "RPD" {

                match if option vendor-class-identifier="RPD"; 

                vendor-option-space VCM;

                option VCM.ccap_cores 10.123.4.10, 10.123.4.58;

        }      

class "Inode" {

                match if option vendor-class-identifier="Cisco.iNode.oib.1.0";

                option iNode-manager 01:04:0a:7b:00:0a;

                option tftp-server-name "10.123.0.9";

                option bootfile-name "inode.bin";

        }

  

On Oct 16, 2019, at 12:27 PM, Sten Carlsen <[hidden email]> wrote:

On 16 Oct 2019, at 16.07, Eric Koons <[hidden email]> wrote:

I’m having an issue with ISC DHCP where it’s sending the incorrect router option/gateway in the DHCP reply.   Any help is appreciated.

Below is a capture using TCPDUMP on the DHCP server.  With this particular request, it should be sending the Gateway of 10.123.4.41, but it’s sending 10.123.4.49 which is the gateway option defined in the other scope.  It almost seems like the first device in a DHCP scope that comes online the Server uses that as the router option for all other requests.  I’ve also attached a copy of the dhcpd.conf file below.  This is on a CENTOS server: CentOS Linux release 7.7.1908 (Core).

09:57:27.101056 00:a5:bf:9d:a9:59 > 00:50:56:ae:be:10, ethertype IPv4 (0x0800), length 442: (tos 0xc0, ttl 29, id 53170, offset 0, flags [none], proto UDP (17), length 428)

    10.123.4.41.bootps > 10.123.0.9.bootps: [udp sum ok] BOOTP/DHCP, Request from 00:18:48:02:6e:a0, length 400, xid 0xcc58406, Flags [none] (0x0000)

          Gateway-IP 10.123.4.41

          Client-Ethernet-Address 00:18:48:02:6e:a0

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: Request

            Server-ID Option 54, length 4: 10.123.0.9

            Requested-IP Option 50, length 4: 10.123.4.45

            Parameter-Request Option 55, length 12: 

              Subnet-Mask, BR, Time-Zone, Default-Gateway

              Domain-Name, Domain-Name-Server, Hostname, Vendor-Option

              Time-Server, BF, TFTP, WWW

            Vendor-Option Option 43, length 86: 2.3.82.80.68.3.9.69.67.77.58.101.83.65.70.69.4.7.57.49.48.52.50.48.53.5.5.48.46.48.46.49.6.7.49.95.53.48.95.50.51.7.5.48.46.48.46.49.8.6.48.48.49.56.52.56.9.6.53.50.48.48.48.49.10.20.86.101.99.105.109.97.32.78.101.116.119.111.114.107.115.32.73.110.99.46

            Vendor-Class Option 60, length 3: "RPD"

            Client-ID Option 61, length 15: hardware-type 255, 48:02:6e:a0:00:03:00:01:00:18:48:02:6e:a0

            Agent-Information Option 82, length 18: 

              Circuit-ID SubOption 1, length 6: ^@^D^@^@^@^C

              Remote-ID SubOption 2, length 8: ^@^F^@M-^^^^]YM-^

            END Option 255, length 0

09:57:27.101623 00:50:56:ae:be:10 > 00:00:0c:07:ac:00, ethertype IPv4 (0x0800), length 381: (tos 0x0, ttl 64, id 62282, offset 0, flags [DF], proto UDP (17), length 367)

    10.123.0.9.bootps > 10.123.4.41.bootps: [bad udp cksum 0x1a94 -> 0xcaaa!] BOOTP/DHCP, Reply, length 339, xid 0xcc58406, Flags [none] (0x0000)

          Your-IP 10.123.4.45

This means the device is gets an address from "# 10.123.4.40/29 Subnet".

          Gateway-IP 10.123.4.41

          Client-Ethernet-Address 00:18:48:02:6e:a0

          Vendor-rfc1048 Extensions

            Magic Cookie 0x63825363

            DHCP-Message Option 53, length 1: ACK

            Server-ID Option 54, length 4: 10.123.0.9

            Lease-Time Option 51, length 4: 86400

            Subnet-Mask Option 1, length 4: 255.255.255.248

            BR Option 28, length 4: 10.123.4.55

            Time-Zone Option 2, length 4: -18000

            Default-Gateway Option 3, length 4: 10.123.4.49

The Class is defined in this subnet "# 10.123.4.48/29 Subnet" and as such inherits the gateway from here.

Nothing in the configuration tells the server which subnet to allocate addresses from, no allow or deny statements.

The server is free to select an address in any subnet according to its algorithms but the gataeway is taken from one specific subnet.

Solution:

1 - move all class definitions to the global level, they are global anyway, except for inheritance.

2 - use allow/deny statements to tell the server from which subnet is may allocate addresses to a specific class or unknown clients.

            Domain-Name Option 15, length 13: "rpd.sectv.com"

            Domain-Name-Server Option 6, length 4: 10.123.0.9

            Vendor-Option Option 43, length 10: 61.8.10.123.4.10.10.123.4.58

            Time-Server Option 4, length 4: 10.123.0.9

            Agent-Information Option 82, length 18: 

              Circuit-ID SubOption 1, length 6: ^@^D^@^@^@^C

              Remote-ID SubOption 2, length 8: ^@^F^@M-^^^^]YM-^

            END Option 255, length 0

Here is a copy of my dhcpd.conf:

#Global Options:   

        #Set the server to authoritative;

        authoritative;      

        option domain-name-servers 10.123.0.9;

        option log-servers 10.123.0.9;

        option ntp-servers 10.123.0.9;

        option time-servers 10.123.0.9;

        local-address 10.123.0.9;

        #Time Offset

        option time-offset -18000;

        #Lease time

        default-lease-time 86400;

        max-lease-time 172800;

        #Time zone

        option PCode code 100 = text;

        option TCode code 101 = text;

        option PCode "”EST5EDT4,M3.2.0/02:00,M11.1.0/02:00";

        option TCode "America/New_York”";

        #Remote Phy Stuff

       # option CCAPCore code 43 = string;

#        option iNode-manager code 43 = string;

        option space VCM;

        option VCM.ccap_cores code 61 = { array of ip-address };

        default-lease-time 86400;

        max-lease-time 172800;

# Use this to enble / disable dynamic dns updates globally.

 #       ddns-updates        on;

 #       ddns-update-style interim;

 #       ddns-rev-domainname "in-addr.arpa";

 #       deny declines;

 #       deny bootp;

        #allow client-updates;

 #       key dhcpupdate {

  #              algorithm hmac-md5;

  #              secret iY+hMAmhBJvhxc82gX8Vgg==;

  #      }

  #      zone sectv.com. {

  #              primary 10.0.40.5;

  #              key dhcpupdate;

  #      }

   #     zone 10.123.in-addr.arpa. {

   #     primary 10.0.40.5;

   #     key dhcpupdate;

   #     }

# Use this to send dhcp log messages to a different log file (you also

# have to hack syslog.conf to complete the redirection).

log-facility local7;

#10.123.0.0/24 Subnet - Management

subnet 10.123.0.0 netmask 255.255.255.0 {

#No options or ranges defined - No DHCP

}

# 10.123.4.40/29 Subnet

subnet 10.123.4.40 netmask 255.255.255.248 {

        range 10.123.4.42 10.123.4.46;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.41;

        option broadcast-address 10.123.4.47;

#        class "CiscoRPD" {

#                match if option vendor-class-identifier="RPD";

                vendor-option-space VCM;

                option VCM.ccap_cores 10.123.4.10, 10.123.4.58;

                option domain-name "rpd.sectv.com";

#        }

#        class "CiscoiNode"{

#                match if option vendor-class-identifier="Cisco.iNode.oib.1.0";

#                option iNode-manager 01:04:0a:7b:00:0a;

#                option tftp-server-name "10.123.0.9";

#                option bootfile-name "inode.bin";

#                option domain-name "inode.sectv.com";

#        }

}

# 10.123.4.48/29 Subnet

subnet 10.123.4.48 netmask 255.255.255.248 {

        range 10.123.4.50 10.123.4.54;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.49;

        option broadcast-address 10.123.4.55;

        class "CiscoRPD" {

                match if option vendor-class-identifier="RPD";

                vendor-option-space VCM;

                option VCM.ccap_cores 10.123.4.10, 10.123.4.58;

                option domain-name "rpd.sectv.com";

        }

 #       class "CiscoiNode"{

 #               match if option vendor-class-identifier="Cisco.iNode.oib.1.0";

 #               option iNode-manager 01:04:0a:7b:00:0a;

 #               option tftp-server-name "10.123.0.9";

 #               option bootfile-name "inode.bin";

 #               option domain-name "inode.sectv.com";

 #       }

}

 # 10.123.4.56/29 Subnet

subnet 10.123.4.56 netmask 255.255.255.248 {

        range 10.123.4.58 10.123.4.62;

        option subnet-mask              255.255.255.248;

        option domain-search "sectv.com";

        option routers 10.123.4.57;

        option broadcast-address 10.123.4.63;

}

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users

_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users