On 25/04/17 08:41, Alin Năstac wrote:

>> At the DHCPDISCOVER stage, both the server and the client are supposed
>> to check if an address in in use. The server sends an ICMP echo request
>> and checks there's no answer. The client sends an ARP who-has request.
>> These checks should be enough to avoid address-stealing, but it's also
>> best not to overlap address ranges configured for DHCP allocation with
>> addresses of non-DHCP configured hosts.
> 
> Unfortunately dnsmasq does not send ICMP echo requests when DHCP
> discovery packet carries an OPTION_REQUESTED_IP, see DHCPDISCOVER case
> in file rfc2131.c starting from line 990:
> ...
>           else if (opt && address_available(context, addr,
> tagif_netid) && !lease_find_by_addr(addr) &&
>                    !config_find_by_address(daemon->dhcp_conf, addr))
>             mess->yiaddr = addr;
> 

That's the bug here, I think. I was worried that a client sending a
DHCPDISCOVER when it thinks it knows that address, might respond to ICMP
pings, but at least for ISC dhclient on Linux, that's not the case.

Patch is here, and was much more trouble than it should have been: the
code really didn't consider this case.

http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=5ce3e76fbf89e942e8c54ef3e3389facf0d9067a

It's still the case that addresses used by statically configured host on
a network should not be in the dhcp-range configured into that network's
DHCP server.


Cheers,

Simon.


_______________________________________________
Dnsmasq-discuss mailing list
Dnsmasq-discuss@lists.thekelleys.org.uk
http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss

Reply via email to