Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Return ignore during dhcprequest for unknown subnets
(Jan-Philipp Snizek)
2. Re: Return ignore during dhcprequest for unknown subnets
(Darren Ankney)
----------------------------------------------------------------------
Message: 1
Date: Tue, 4 Jun 2024 06:12:50 +0000
From: Jan-Philipp Snizek <jan-philipp.sni...@business.uzh.ch>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Return ignore during dhcprequest for unknown subnets
Message-ID: <33a3a9aa-2213-4c66-8616-17f2a9251...@business.uzh.ch>
Content-Type: text/plain; charset="utf-8"
Hi
Isc-dhcpd ignores dhcprequest from clients that come from an unknown segment.
In the logs it looks like this:
DHCPREQUEST for 10.65.1.179 from MAC:ADDR via 10.65.0.1: ignored (unknown
subnet).
What I get from kea-dhcp4 is this:
ERROR [kea-dhcp4.bad-packets/435270.139990395717376] DHCP4_PACKET_NAK_0001
[hwtype=1 MAC:ADDR], cid=[MAC:ADDR], tid=0x52eec91a: failed to select a subnet
for incoming packet, src 10.65.0.1, type DHCPREQUEST
ERROR [kea-dhcp4.bad-packets/435270.139990395717376] DHCP4_PACKET_NAK_0001
[hwtype=1 MAC:ADDR], cid=[MAC:ADDR], tid=0x52eec91b: failed to select a subnet
for incoming packet, src 10.65.0.1, type DHCPDISCOVER
Kea sends dhcpnak to clients from subnets it is not configured to serve. If the
same client keeps coming back, it will not get an IP address. This is what is
happening.
It would be very helpful if kea would ignore these requests, much like isc-dhcp
does. Is it possible to configure this?
I am aware of dhcp helpers. There would be no such logs if we had dhcp helpers
in our network. Currently, we don?t. Our network guys work (and the hardware
vendor) work on it.
Thanks,
Philipp
-------------- next part --------------
An HTML attachment was scrubbed...
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20240604/873836d5/attachment-0001.htm>
------------------------------
Message: 2
Date: Tue, 4 Jun 2024 05:47:20 -0400
From: Darren Ankney <darren.ank...@gmail.com>
To: Users of ISC DHCP <dhcp-users@lists.isc.org>
Subject: Re: Return ignore during dhcprequest for unknown subnets
Message-ID:
<CAKabWHhfYE5nZQVjg9uYceD1dg-_CT-Y=9nyc8vg1nywnmy...@mail.gmail.com>
Content-Type: text/plain; charset="UTF-8"
Hi Philipp,
You would probably get more responses about kea on kea-users:
https://lists.isc.org/mailman/listinfo/kea-users
That being said, In your Kea configuration, do you have this?
"authoritative": true
If so, either remove it or explicitly set it false: "authoritative": false
See here for further details:
https://kea.readthedocs.io/en/kea-2.4.1/arm/dhcp4-srv.html#authoritative-dhcpv4-server-behavior
Thank you,
Darren Ankney
On Tue, Jun 4, 2024 at 2:13?AM Jan-Philipp Snizek
<jan-philipp.sni...@business.uzh.ch> wrote:
>
> Hi
>
>
>
> Isc-dhcpd ignores dhcprequest from clients that come from an unknown segment.
> In the logs it looks like this:
>
>
>
> DHCPREQUEST for 10.65.1.179 from MAC:ADDR via 10.65.0.1: ignored (unknown
> subnet).
>
>
>
> What I get from kea-dhcp4 is this:
>
>
>
> ERROR [kea-dhcp4.bad-packets/435270.139990395717376] DHCP4_PACKET_NAK_0001
> [hwtype=1 MAC:ADDR], cid=[MAC:ADDR], tid=0x52eec91a: failed to select a
> subnet for incoming packet, src 10.65.0.1, type DHCPREQUEST
>
> ERROR [kea-dhcp4.bad-packets/435270.139990395717376] DHCP4_PACKET_NAK_0001
> [hwtype=1 MAC:ADDR], cid=[MAC:ADDR], tid=0x52eec91b: failed to select a
> subnet for incoming packet, src 10.65.0.1, type DHCPDISCOVER
>
>
>
> Kea sends dhcpnak to clients from subnets it is not configured to serve. If
> the same client keeps coming back, it will not get an IP address. This is
> what is happening.
>
> It would be very helpful if kea would ignore these requests, much like
> isc-dhcp does. Is it possible to configure this?
>
>
>
> I am aware of dhcp helpers. There would be no such logs if we had dhcp
> helpers in our network. Currently, we don?t. Our network guys work (and the
> hardware vendor) work on it.
>
>
>
> Thanks,
>
> Philipp
>
> --
> ISC funds the development of this software with paid support subscriptions.
> Contact us at https://www.isc.org/contact/ for more information.
>
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
Subject: Digest Footer
_______________________________________________
ISC funds the development of this software with paid support subscriptions.
Contact us at https://www.isc.org/contact/ for more information.
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 186, Issue 1
******************************************
