debugging on the DHCP server
Meike Stone
meike.stone at googlemail.com
Fri Jul 18 15:21:43 UTC 2014
2014-07-15 8:48 GMT+02:00 Peter Rathlev <peter at rathlev.dk>:
> On Mon, 2014-07-14 at 12:09 +0200, Meike Stone wrote:
>> is it possible, to log each DHCP transaction for debugging with
>> options (of my choice) in athe logfile?
>
> Probably. The log statement, just like in the example you yourself gave,
> is a good guess.
>
>> All possible Clientsmessages
>> - DHCPDISCOVER
>> - DHCPREQUEST
>> - DHCPDECLINE
>> - DHCPRELEASE
>> - DHCPINFORM
>>
>> and the Serveranswers
>> - DHCPOFFER
>> - DHCPACK
>> - DHCPNAK
>
> If you need to analyze each of these packets by themselves then tcpdump
> or similar is your best bet.
>
> What stops you from using tcpdump? You mention 3000 clients. Even with a
> lease-time of just an hour your shouldn't see more than 1500
> transactions per hour, which should be much less than 10000 packets per
> hour. That should translate to probably less than 5 MB per hour, a
> trivial amount of storage in these days.
>
> Run tcpdump in a `screen` session with a rotating buffer that gets
> overwritten:
>
> screen -S dhcp-sniff
>
> and inside the screen session, if you have 2G to spare:
>
> tcpdump -w rotating-sniff.pcap. -C 100 -W 20 -Z root \
> \( port 67 or port 68 \)
>
Thanks for that hint!
>
> But why is it not satisfying? Are you missing information? Does it not
> work at all? Something third?
Yes, but in conjunction with the logfile, I have both, the statements
from the dhcpd (ddns, ping, dhcpfo,.. ) _and_ the dhcp packages sorted
chronological order.
Thanks ...
Meike
More information about the dhcp-users
mailing list