misc/140935: FreeBSD patch makes dhclient not fully respect DHCP RFC 2131

Nicolas Fugier nicolas.fugier at sagem.com
Fri Nov 27 11:50:01 UTC 2009 

>Number:         140935
>Category:       misc
>Synopsis:       FreeBSD patch makes dhclient not fully respect DHCP RFC 2131
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Fri Nov 27 11:50:00 UTC 2009
>Closed-Date:
>Last-Modified:
>Originator:     Nicolas Fugier
>Release:        5.3
>Organization:
Sagem
>Environment:
FreeBSD desktop 5.3-RELEASE-p31 FreeBSD 5.3-RELEASE-p31 #5: Thu Jan  8 12:01:05 CET 2009     root at XXXXX:/usr/obj/usr/build/os/distrib/world/bsd/src/sys/MINIKERN-lru-dg  i386
>Description:
Hi,

According to DHCP RFC 2131 (Figure 5 page 34 http://www.ietf.org/rfc/rfc2131.txt), the following actions should be done by DHCP client when entering in RENEWING state:
 - Send Unicast DHCPREQUEST to DHCP server
 - If DHCPACK is received, then enter BOUND state
 - If T2 expires and no DHCPACK is received, then enter the REBINDING state by sending a broadcast DHCPREQUEST [1]
 - If DHCPNACK is received then enter INIT state by Halting Network.

The patch here: http://www.freebsd.org/cgi/cvsweb.cgi/ports/net/isc-dhcp31-server/files/patch-client%3A%3Adhclient.c?rev=1.1;content-type=text%2Fplain
introduces some modifications in this state machine, particularly in the [1] step:
 - If no packet is received within 10 seconds or if send function returned an error, then enter INIT state.

We found this issue because we do not store the DHCP-given default gateway in the routing table, for security reasons, and it happens that our host is sometimes on a network with DHCP relay. In this case, as no route to DHCP server is available (DHCP server is on another IP network), the unicast DHCPREQUEST fails (due to inexistant route), and DHCP client state goes to INIT state, which halts network (losing some application added routes).

I did not find any clue about the reasons of the mentionned modifications of the patch.
I consider it as a bug as it breaks DHCP client state machine but I may be wrong.

Best regards,
>How-To-Repeat:

>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:

More information about the freebsd-bugs mailing list