On Wed, Jul 05, 2017 at 04:37:39PM +0200, Reyk Floeter wrote: > Hi, > > landry@ sees many log messages 'DHCPINFORM from xx but ciaddr yy is > not consistent with actual address' in a setup where dhcpd runs behind > dhcrelay. > > The code in dhcpd's dhcpinform() seems wrong - it assumes that ciaddr > (the client IP) is identical to the packet source address and it > doesn't consider a relay, indicated by giaddr (gateway). > > I looked at isc-dhcpd code and, omg my eyes are bleeding, it seems to > handle DHCPINFORM from relayed clients with giaddr set. > > So it seems that dhcpd never accepted DHCPINFORM from clients behind a > relay, and the diff below changes it and stops the log spam. But it > also changes behavior, so it needs some testing and maybe feedback > from DHCP experts (prodding krw). > > Comments?
Can' find anything that says this would be wrong. I have no way to test. .... Ken > > Reyk > > Index: usr.sbin/dhcpd/dhcp.c > =================================================================== > RCS file: /cvs/src/usr.sbin/dhcpd/dhcp.c,v > retrieving revision 1.56 > diff -u -p -u -1 -1 -p -r1.56 dhcp.c > --- usr.sbin/dhcpd/dhcp.c 24 Apr 2017 14:58:36 -0000 1.56 > +++ usr.sbin/dhcpd/dhcp.c 5 Jul 2017 14:23:12 -0000 > @@ -519,23 +519,23 @@ void > dhcpinform(struct packet *packet) > { > struct lease lease; > struct iaddr cip; > struct subnet *subnet; > > /* > * ciaddr should be set to client's IP address but > * not all clients are standards compliant. > */ > cip.len = 4; > - if (packet->raw->ciaddr.s_addr) { > + if (packet->raw->ciaddr.s_addr && !packet->raw->giaddr.s_addr) { > if (memcmp(&packet->raw->ciaddr.s_addr, > packet->client_addr.iabuf, 4) != 0) { > log_info("DHCPINFORM from %s but ciaddr %s is not " > "consistent with actual address", > piaddr(packet->client_addr), > inet_ntoa(packet->raw->ciaddr)); > return; > } > memcpy(cip.iabuf, &packet->raw->ciaddr.s_addr, 4); > } else > memcpy(cip.iabuf, &packet->client_addr.iabuf, 4); >