On Wed, Jul 05, 2017 at 04:37:39PM +0200, Reyk Floeter wrote:
> Hi,
> 
> landry@ sees many log messages 'DHCPINFORM from xx but ciaddr yy is
> not consistent with actual address' in a setup where dhcpd runs behind
> dhcrelay.
> 
> The code in dhcpd's dhcpinform() seems wrong - it assumes that ciaddr
> (the client IP) is identical to the packet source address and it
> doesn't consider a relay, indicated by giaddr (gateway).
> 
> I looked at isc-dhcpd code and, omg my eyes are bleeding, it seems to
> handle DHCPINFORM from relayed clients with giaddr set.
> 
> So it seems that dhcpd never accepted DHCPINFORM from clients behind a
> relay, and the diff below changes it and stops the log spam.  But it
> also changes behavior, so it needs some testing and maybe feedback
> from DHCP experts (prodding krw).
> 
> Comments?

Can' find anything that says this would be wrong. I have no way to
test.

.... Ken

> 
> Reyk
> 
> Index: usr.sbin/dhcpd/dhcp.c
> ===================================================================
> RCS file: /cvs/src/usr.sbin/dhcpd/dhcp.c,v
> retrieving revision 1.56
> diff -u -p -u -1 -1 -p -r1.56 dhcp.c
> --- usr.sbin/dhcpd/dhcp.c     24 Apr 2017 14:58:36 -0000      1.56
> +++ usr.sbin/dhcpd/dhcp.c     5 Jul 2017 14:23:12 -0000
> @@ -519,23 +519,23 @@ void
>  dhcpinform(struct packet *packet)
>  {
>       struct lease lease;
>       struct iaddr cip;
>       struct subnet *subnet;
>  
>       /*
>        * ciaddr should be set to client's IP address but
>        * not all clients are standards compliant.
>        */
>       cip.len = 4;
> -     if (packet->raw->ciaddr.s_addr) {
> +     if (packet->raw->ciaddr.s_addr && !packet->raw->giaddr.s_addr) {
>               if (memcmp(&packet->raw->ciaddr.s_addr,
>                   packet->client_addr.iabuf, 4) != 0) {
>                       log_info("DHCPINFORM from %s but ciaddr %s is not "
>                           "consistent with actual address",
>                           piaddr(packet->client_addr),
>                           inet_ntoa(packet->raw->ciaddr));
>                       return;
>               }
>               memcpy(cip.iabuf, &packet->raw->ciaddr.s_addr, 4);
>       } else
>               memcpy(cip.iabuf, &packet->client_addr.iabuf, 4);
> 

Reply via email to