On Wed, Jul 05, 2017 at 04:37:39PM +0200, Reyk Floeter wrote:
> Hi,
>
> landry@ sees many log messages 'DHCPINFORM from xx but ciaddr yy is
> not consistent with actual address' in a setup where dhcpd runs behind
> dhcrelay.
>
> The code in dhcpd's dhcpinform() seems wrong - it assumes that ciaddr
> (the client IP) is identical to the packet source address and it
> doesn't consider a relay, indicated by giaddr (gateway).
>
> I looked at isc-dhcpd code and, omg my eyes are bleeding, it seems to
> handle DHCPINFORM from relayed clients with giaddr set.
>
> So it seems that dhcpd never accepted DHCPINFORM from clients behind a
> relay, and the diff below changes it and stops the log spam. But it
> also changes behavior, so it needs some testing and maybe feedback
> from DHCP experts (prodding krw).
>
> Comments?
Can' find anything that says this would be wrong. I have no way to
test.
.... Ken
>
> Reyk
>
> Index: usr.sbin/dhcpd/dhcp.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/dhcpd/dhcp.c,v
> retrieving revision 1.56
> diff -u -p -u -1 -1 -p -r1.56 dhcp.c
> --- usr.sbin/dhcpd/dhcp.c 24 Apr 2017 14:58:36 -0000 1.56
> +++ usr.sbin/dhcpd/dhcp.c 5 Jul 2017 14:23:12 -0000
> @@ -519,23 +519,23 @@ void
> dhcpinform(struct packet *packet)
> {
> struct lease lease;
> struct iaddr cip;
> struct subnet *subnet;
>
> /*
> * ciaddr should be set to client's IP address but
> * not all clients are standards compliant.
> */
> cip.len = 4;
> - if (packet->raw->ciaddr.s_addr) {
> + if (packet->raw->ciaddr.s_addr && !packet->raw->giaddr.s_addr) {
> if (memcmp(&packet->raw->ciaddr.s_addr,
> packet->client_addr.iabuf, 4) != 0) {
> log_info("DHCPINFORM from %s but ciaddr %s is not "
> "consistent with actual address",
> piaddr(packet->client_addr),
> inet_ntoa(packet->raw->ciaddr));
> return;
> }
> memcpy(cip.iabuf, &packet->raw->ciaddr.s_addr, 4);
> } else
> memcpy(cip.iabuf, &packet->client_addr.iabuf, 4);
>
