OpenBSD Journal

DHCP Oddness

Contributed by jose on from the whacky-behavior dept.

Scott writes: "This problem only recently popped up on a box running OpenBSD 3.3 that nats and firewalls and redirects for a small office network, sharing a DSL line. Maybe 2 months ago the internet connection started regularly going down--a restart of the box would fix it and so would restarting dhclient (though we wouldn't get a NEW IP address). I've since identified that the connection goes down exactly every 7 days, on tuesday mornings at 8am and then again at 8:30am--and then it will stay up until the next tuesday. This has happened without fail for the past 5 weeks. My dhclient.conf is pretty standard (just supersede domain-name stuff)--any suggestions as to what's going on?"

(Comments are closed)


Comments
  1. By Alejandro Belluscio () baldusi_NOTWORKING@hotmail.com on mailto:baldusi_NOTWORKING@hotmail.com

    DHCP uses port UDP 69/8 to renew the connection. If you are somehow filtering outgoing or incoming UDP 68/9 then it times out.

    Comments
    1. By Michael () on http://e.molioner.dk/

      dhclient talks directly with the NIC (bpf), IIRC, and thus cannot get blocked by pf rules (though I'm not sure if this has changed recently.

      I had a strange problem around 3.2-3.3 where my machine after an undefined amount of time (over a week at least) would stop forwarding packets. Reloading the pf ruleset would fix things. However, after around 41 days (this happened two or three times for me), reloading pf rulesets did not help and tcpdump showed no outgoing traffic. This _only_ occurred on the device on which NAT was performed. However, if I stopped dhclient and restarted it, it had no trouble in getting an address from my ISP.

      Wyrd. Never found out what was wrong. I upgraded to 3.3 after a while and then the problem never occurred again.

      Comments
      1. By Anonymous Coward () on

        Even if one could block with pf rules, and I am not saying one way or another, dhcp is not my forte'. But, even if one could block dhclient traffic with pf, then how would one ever get an address? He says he can successfully killand restart dhclient, thus killing the odds of this being right. Assuming it can even be done.

      2. By djm () on

        dhcp outbound packets can be filtered

      3. By Alejandro G. Belluscio () baldusi_NOTWORKING@hotmail.com on mailto:baldusi_NOTWORKING@hotmail.com

        The way DHCP acquires an IP is through BGP4. But once it has an IP the renewal is through UDP.

      4. By dnns () dnns@noneofyourbusiness.nl on mailto:dnns@noneofyourbusiness.nl

        if you just have pf configured so that outgoing connections are permitted and keep state, you've nothing to do with pf.

        i found out two things. the first is /etc/mygate. so i wrote a script to check the gateway:

        #!/bin/sh

        # /etc/diffgate dnns@noneofyourbusiness.nl

        GATE_IP=`route show | grep link#1 | grep -v :: | awk '{ print $1 }'`
        GATE_IP=${GATE_IP%.*}
        GATE_IP=$GATE_IP.1
        MY_GATE=`cat /etc/mygate`

        if [ $MY_GATE != $GATE_IP ]; then
        echo $GATE_IP > $MY_GATE
        route add default $GATE_IP > /dev/null 2>&1
        fi

        i called this script /etc/diffgate, and then i put in /etc/rc.local the following:

        # diffgate
        if [ -x /etc/diffgate ]; then
        echo -n ' diffgate'; /etc/diffgate > /dev/null 2>&1
        fi

        and of course i need to do a "chmod +x /etc/diffgate && chown root:bin /etc/diffgate"

        second it can be that somebody's spoofing your ip. try to force to get a new lease.

  2. By Anonymous Coward () on

    Sounds to me that your ISP is giving you a lease time that dhclient is ignoring or not understanding. I had the same problem for quite some time with my cable ISP.

    The solution I figured was to ask the ISP for a specific lease time instead of just the default. Within your dhclient.conf, add the line:

    # is the number of seconds the lease
    # will stay active.
    send dhcp-lease-time ;

    Also check your ttyC0 or log files for any kind of errors dhclient may produce.

    Comments
    1. By Anonymous Coward () on

      Sorry! I used html tag like holders to show a variable in the last post.

      Admins: Maybe we should have a preview functionality? Also, when posting in plain text mode, maybe the post should be put in html pre tags, to avoid resolution of html tag like content?

      Anyway, here is the dhclient.conf addition idea again:

      # $seconds is the number of seconds the lease
      # will stay active.
      send dhcp-lease-time $seconds;

    2. By Scott () css@cap-press.com on mailto:css@cap-press.com

      I will try requesting a specific dhcp-lease-time--thanks for the advice. I probably won't know if it works or not for a couple days though.

      From my logs:

      Dec 2 07:54:45 myserver dhclient: DHCPREQUEST on fxp1 to 209.x.x.x port 67
      Dec 2 07:54:45 myserver dhclient: DHCPACK from 209.x.x.x
      Dec 2 07:54:45 myserver dhclient: bound to 4.x.x.x-- renewal in 7200 seconds.

      about 8 minutes later (08:02:55) the internet had gone down and someone triggered the dhclient restart script I wrote. No errors or anything from dhclient during that time. Weird.

      Comments
      1. By Anonymous Coward () on

        I have a similar problem with 3.3. Occasionally my connection goes down (about once a month or so) and I have to dhclient a new ip for the external interface. The weird thing is that if I restart the computer, the connection doesn't work. It only begins to function after I have run dhclient manually. Like I said, weird.

  3. By Anonymous Coward () on

    one is that the supersede statements don't always supersede the IPS settings (ie specifying my own dns doesn't work)

    I've also seen my ISP give me a new IP address and i don't get a new gateway. I have to delete the /etc/mygate file manually, reboot and hope that it works (sending hup to dhclient doesn't seem to do the trick)

    this is on a 3.3 stable box, and I had it with previous versions of obsd. I haven't upgraded my firewall to 3.4 yet so I don't know how that will react.

    Comments
    1. By Anonymous Coward () on

      1. Supercede domain name doesn't actually modify dns records, it just prevents your domain name from becoming something like: soemthing.nw.toledo.woh.rr.com
      Its only really useful if you have internal DNS running and want your router to know that you plan to refer to it. Or, you are incredably anal about the nameing of your machines and hate it when your isp tells your router to call itself some boring string of gibberish that only their net admin could love.

      2. IIRC, neither dhcpd nor dhclienbt can be hupped, you have to kill them and restart them.

      Comments
      1. By Anonymous Coward () on

        when I was referring to supersede, I meant the directive to specify domain-name-servers, not the host and domain-name options that you were referring to. In any case, the supersede options don't work for me.

        I hadn't heard that about dhclient not being able to be hupped, but that could explain why it never works for me :)

        Comments
        1. By Anonymous Coward () on

          check the man page for dhcpd, it explaisn (vaguely) why it canno be hupped.

  4. By Anonymous Coward () on

    The problem linked below was fixed sometime after 3.3
    dhclient bogus yiaddr

    Check your logs and see if you get any messages from your dhclient that wouldn't renew your lease. If so try updating dhcp on the machine or upgrade to 3.4

  5. By j0rd () on

    pebkac

    Comments
    1. By Scott () css@cap-press.com on mailto:css@cap-press.com

      Care to enlightment as to what this btkac is missing? ;)

  6. By Anonymous Coward () on

    It's possible that you ARE getting a new IP address when this happens...There is a bug in OpenBSD 3.3 (fixed in 3.4) where, when your IP address changes to another one in the same subnet, the machine still uses the old IP address for some things.

  7. By Ian McWilliam () i.mcwilliam@uws.edu.au on mailto:i.mcwilliam@uws.edu.au

    I see similar things happening here.
    3.3-stable
    ethernet Adsl line.
    NO DHCP configured (not needed).
    PPPOE, PPP and the tun driver are the potiental areas that need looking into.

    I see dropouts at similar times. Haven't had time to investigate or upgrade the box to 3.4 yet.

  8. By Anonymous Coward () on

    I'm using OpenBSD for firewall/NAT and using ISC's dhcp implementation (I needed some feature that OpenBSD's version didn't support). 3.3-stable fwiw...

    Periodically (every 6 weeks or to couple of months, haven't recorded) the system loses connectivity. Further investigation reveals that the routing table is blank. No routes and no IP addresses shown. A simple reboot clears the porblem, I always assumed it was DHCP failing to renew before the lease ran out.

    Any thoughts/ideas?

    Comments
    1. By Anonymous Coward () on

      Duh, should have mentioned it's i386 running ethernet to my cable modem....

Latest Articles

Credits

Copyright © - Daniel Hartmeier. All rights reserved. Articles and comments are copyright their respective authors, submission implies license to publish on this web site. Contents of the archive prior to as well as images and HTML templates were copied from the fabulous original deadly.org with Jose's and Jim's kind permission. This journal runs as CGI with httpd(8) on OpenBSD, the source code is BSD licensed. undeadly \Un*dead"ly\, a. Not subject to death; immortal. [Obs.]