Re: [Kea-users] KEA handling malformed packets
Francis, I did experiment loaded bootp hook and it worked with following DEBUG message: kea4 | DEBUG BOOTP_PACKET_OPTIONS_SKIPPED an error unpacking an option, caused subsequent options to be skipped: Option parse failed. Tried to parse 161 bytes from 158-byte long buffer. However rest of processing was succeded and device became online. Is this something stable, that can be trusted to work with on some production environment ? Thanks! pon., 1 gru 2025 o 16:44 Francis Dupont napisaĆ(a): > Something which perhaps works: load the other standard hook which unpacks/ > parses incoming packets and handles lenient pasrsing: the bootp hook. > It will throw on malformed packets: not a very good thing as hooks are not > supposed to throw but the exception is caught and processing continues with > the partially parsed packet. BTW I am interested by this experiment so > if it works or not can you answer to this message? > > Thanks > > Francis Dupont > > PS: the bootp hook must be loaded before the lease query hook: they are > called > in the order they are configured / loaded. > -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. [email protected]
Re: [Kea-users] KEA handling malformed packets
Something which perhaps works: load the other standard hook which unpacks/ parses incoming packets and handles lenient pasrsing: the bootp hook. It will throw on malformed packets: not a very good thing as hooks are not supposed to throw but the exception is caught and processing continues with the partially parsed packet. BTW I am interested by this experiment so if it works or not can you answer to this message? Thanks Francis Dupont PS: the bootp hook must be loaded before the lease query hook: they are called in the order they are configured / loaded. -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. [email protected]
Re: [Kea-users] KEA handling malformed packets
Marcin Jurczuk writes: > I have lab system with isc-dhcp-server and kea installed. > I stuck on issue of handling malformed packets. > ISC-DHCP handles them flawlesly yet kea throws weird error: > DEBUG DHCP4_LEASE_QUERY_PACKET_UNPACK_FAILED failed to parse query from > 10.0.0.1 to 172.16.0.10, received over interface ens18, reason: Option > parse failed. Tried to parse 161 bytes from 158-byte long buffer. > > This is not LEASE QUERY packet at all. => when you load the lease query hook the unpack/parsing is performed by the hook because it is the right place to intercept lease query messages. Outside the log which is a bit different the lease query hook does not apply lenient parsing even when enabled: this is a known defect described in the #4105 ticket which is currently in backlog (i.e. waiting for someone to request it to be fixed). > pcap shows this is malformed packet > where option125 length reported by CableModem is just wrong. > Below is wireshark text about exactly that packet that causes problem - it > was captured on dhcpd server. => so Kea is right in complaining about the packet to be malformed > To emphasise - turning off kea, starting isc-dhcp - and modem gets IP, > turning off isc-dhcp enabling kea - I'm getting this error and modem is not > getting IP. => you have at least 4 solutions: - to get client fixed (I am afraid this can't be done...) - fix packets on the flight (not so easy) - move the lease query service to another box and enable linient parsing: if it is not critical to not step parsing at the malformed option this should fix your problem - make #4105 to be addresseed (unfortunately could take time as the next release is scheduled for next year...). Thanks Francis Dupont -- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. [email protected]
