Client got wrong gateway
Rui Mao
maorui2k at 163.com
Fri Feb 24 01:23:24 UTC 2017
Hi,
I installed a Ubuntu 16.04 and configured isc-dhcp-server 4.3.3 as
DHCP/BOOTp server. But the iPXE didn't got correct gateway from it.
The DHCP server is 10.210.0.11, and the client is in another VLAN which
gateway is 10.211.0.1.
I captured Ethernet packages by tcpdump, and also used a Windows Server 2012
for comparison. It seems ISC-DHCP-Server sent a wrong gateway.
Is this a configuration issue or a bug of ISC-DHCP-Server?
Here is the screen capture.
The DHCP configuration I used.
# DHCP Server Configuration file\n#see
/usr/share/doc/dhcp*/dhcpd.conf.sample
# This file was created by FOG
#Definition of PXE-specific options
# Code 1: Multicast IP Address of bootfile
# Code 2: UDP Port that client should monitor for MTFTP Responses
# Code 3: UDP Port that MTFTP servers are using to listen for MTFTP requests
# Code 4: Number of seconds a client must listen for activity before trying
# to start a new MTFTP transfer
# Code 5: Number of seconds a client must listen before trying to restart
# a MTFTP transfer
option space PXE;
option PXE.mtftp-ip code 1 = ip-address;
option PXE.mtftp-cport code 2 = unsigned integer 16;
option PXE.mtftp-sport code 3 = unsigned integer 16;
option PXE.mtftp-tmout code 4 = unsigned integer 8;
option PXE.mtftp-delay code 5 = unsigned integer 8;
option arch code 93 = unsigned integer 16;
use-host-decl-names on;
ddns-update-style interim;
ignore client-updates;
# Specify subnet of ether device you do NOT want service.
# For systems with two or more ethernet devices.
# subnet 136.165.0.0 netmask 255.255.0.0 {}
subnet 10.210.0.0 netmask 255.255.255.0{
authoritative;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.210.0.20 10.210.0.200;
default-lease-time 21600;
max-lease-time 43200;
option routers 10.210.0.1;
option domain-name-servers 10.210.0.11;
next-server 10.210.0.11;
class "Legacy" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00000";
filename "undionly.kkpxe";
}
class "UEFI-32-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00002";
filename "i386-efi/ipxe.efi";
}
class "UEFI-32-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00006";
filename "i386-efi/ipxe.efi";
}
class "UEFI-64-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00007";
filename "ipxe.efi";
}
class "UEFI-64-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00008";
filename "ipxe.efi";
}
class "UEFI-64-3" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00009";
filename "ipxe.efi";
}
class "SURFACE-PRO-4" {
match if substring(option vendor-class-identifier, 0, 32) =
"PXEClient:Arch:00007:UNDI:003016";
filename "ipxe7156.efi";
}
class "Apple-Intel-Netboot" {
match if substring(option vendor-class-identifier, 0, 14) =
"AAPLBSDPC/i386";
option dhcp-parameter-request-list 1,3,17,43,60;
if (option dhcp-message-type = 8) {
option vendor-class-identifier "AAPLBSDPC";
if (substring(option vendor-encapsulated-options, 0, 3) =
01:01:01) {
# BSDP List
option vendor-encapsulated-options
01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:4
6:4f:47;
filename "ipxe.efi";
}
}
}
}
subnet 10.211.0.0 netmask 255.255.255.0{
authoritative;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.211.0.20 10.211.0.200;
default-lease-time 21600;
max-lease-time 43200;
option routers 10.211.0.1;
option domain-name-servers 10.210.0.11;
next-server 10.210.0.11;
class "Legacy" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00000";
filename "undionly.kkpxe";
}
class "UEFI-32-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00002";
filename "i386-efi/ipxe.efi";
}
class "UEFI-32-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00006";
filename "i386-efi/ipxe.efi";
}
class "UEFI-64-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00007";
filename "ipxe.efi";
}
class "UEFI-64-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00008";
filename "ipxe.efi";
}
class "UEFI-64-3" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00009";
filename "ipxe.efi";
}
class "SURFACE-PRO-4" {
match if substring(option vendor-class-identifier, 0, 32) =
"PXEClient:Arch:00007:UNDI:003016";
filename "ipxe7156.efi";
}
class "Apple-Intel-Netboot" {
match if substring(option vendor-class-identifier, 0, 14) =
"AAPLBSDPC/i386";
option dhcp-parameter-request-list 1,3,17,43,60;
if (option dhcp-message-type = 8) {
option vendor-class-identifier "AAPLBSDPC";
if (substring(option vendor-encapsulated-options, 0, 3) =
01:01:01) {
# BSDP List
option vendor-encapsulated-options
01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:4
6:4f:47;
filename "ipxe.efi";
}
}
}
}
subnet 10.212.0.0 netmask 255.255.255.0{
authoritative;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.212.0.20 10.212.0.200;
default-lease-time 21600;
max-lease-time 43200;
option routers 10.212.0.1;
option domain-name-servers 10.210.0.11;
next-server 10.210.0.11;
class "Legacy" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00000";
filename "undionly.kkpxe";
}
class "UEFI-32-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00002";
filename "i386-efi/ipxe.efi";
}
class "UEFI-32-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00006";
filename "i386-efi/ipxe.efi";
}
class "UEFI-64-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00007";
filename "ipxe.efi";
}
class "UEFI-64-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00008";
filename "ipxe.efi";
}
class "UEFI-64-3" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00009";
filename "ipxe.efi";
}
class "SURFACE-PRO-4" {
match if substring(option vendor-class-identifier, 0, 32) =
"PXEClient:Arch:00007:UNDI:003016";
filename "ipxe7156.efi";
}
class "Apple-Intel-Netboot" {
match if substring(option vendor-class-identifier, 0, 14) =
"AAPLBSDPC/i386";
option dhcp-parameter-request-list 1,3,17,43,60;
if (option dhcp-message-type = 8) {
option vendor-class-identifier "AAPLBSDPC";
if (substring(option vendor-encapsulated-options, 0, 3) =
01:01:01) {
# BSDP List
option vendor-encapsulated-options
01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:4
6:4f:47;
filename "ipxe.efi";
}
}
}
}
subnet 10.213.0.0 netmask 255.255.255.0{
authoritative;
option subnet-mask 255.255.255.0;
range dynamic-bootp 10.213.0.20 10.213.0.200;
default-lease-time 21600;
max-lease-time 43200;
option routers 10.213.0.1;
option domain-name-servers 10.210.0.11;
next-server 10.210.0.11;
class "Legacy" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00000";
filename "undionly.kkpxe";
}
class "UEFI-32-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00002";
filename "i386-efi/ipxe.efi";
}
class "UEFI-32-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00006";
filename "i386-efi/ipxe.efi";
}
class "UEFI-64-1" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00007";
filename "ipxe.efi";
}
class "UEFI-64-2" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00008";
filename "ipxe.efi";
}
class "UEFI-64-3" {
match if substring(option vendor-class-identifier, 0, 20) =
"PXEClient:Arch:00009";
filename "ipxe.efi";
}
class "SURFACE-PRO-4" {
match if substring(option vendor-class-identifier, 0, 32) =
"PXEClient:Arch:00007:UNDI:003016";
filename "ipxe7156.efi";
}
class "Apple-Intel-Netboot" {
match if substring(option vendor-class-identifier, 0, 14) =
"AAPLBSDPC/i386";
option dhcp-parameter-request-list 1,3,17,43,60;
if (option dhcp-message-type = 8) {
option vendor-class-identifier "AAPLBSDPC";
if (substring(option vendor-encapsulated-options, 0, 3) =
01:01:01) {
# BSDP List
option vendor-encapsulated-options
01:01:01:04:02:80:00:07:04:81:00:05:2a:09:0D:81:00:05:2a:08:69:50:58:45:2d:4
6:4f:47;
filename "ipxe.efi";
}
}
}
}
ISC-DHCP-Server packet, captured by tcpdump:
[code]15:20:07.562620 IP (tos 0x0, ttl 63, id 65239, offset 0, flags [none],
proto UDP (17), length 448)
10.211.0.1.67 > 10.210.0.11.67: [udp sum ok] BOOTP/DHCP, Request from
00:e0:4c:69:3b:17, length 420, hops 1, xid 0x542d2231, secs 18, Flags
[Broadcast] (0x8000)
Gateway-IP 10.211.0.1
Client-Ethernet-Address 00:e0:4c:69:3b:17
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
MSZ Option 57, length 2: 1472
ARCH Option 93, length 2: 0
NDI Option 94, length 3: 1.2.1
Vendor-Class Option 60, length 32:
"PXEClient:Arch:00000:UNDI:002001"
User-Class Option 77, length 4:
instance#1: ERROR: malformed option
Parameter-Request Option 55, length 22:
Subnet-Mask, Default-Gateway, Domain-Name-Server, LOG
Hostname, Domain-Name, RP, Vendor-Option
Vendor-Class, TFTP, BF, Option 119
Option 128, Option 129, Option 130, Option 131
Option 132, Option 133, Option 134, Option 135
Option 175, Option 203
T175 Option 175, length 57:
177.5.1.16.236.129.104.235.3.1.0.0.23.1.1.34.1.1.22.1.1.19.1.1.20.1.1.17.1.1
.39.1.1.25.1.1.41.1.1.16.1.2.33.1.1.21.1.1.24.1.1.38.1.1.18.1.1
Client-ID Option 61, length 7: ether 00:e0:4c:69:3b:17
GUID Option 97, length 17: 0.0.2.0.3.0.4.0.5.0.6.0.7.0.8.0.9
Server-ID Option 54, length 4: 10.210.0.11
Requested-IP Option 50, length 4: 10.211.0.20
0x0000: 4500 01c0 fed7 0000 3f11 65a5 0ad3 0001 E.......?.e.....
0x0010: 0ad2 000b 0043 0043 01ac aa05 0101 0601 .....C.C........
0x0020: 542d 2231 0012 8000 0000 0000 0000 0000 T-"1............
0x0030: 0000 0000 0ad3 0001 00e0 4c69 3b17 0000 ..........Li;...
0x0040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0060: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0070: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0080: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0090: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0100: 0000 0000 0000 0000 6382 5363 3501 0339 ........c.Sc5..9
0x0110: 0205 c05d 0200 005e 0301 0201 3c20 5058 ...]...^....<.PX
0x0120: 4543 6c69 656e 743a 4172 6368 3a30 3030 EClient:Arch:000
0x0130: 3030 3a55 4e44 493a 3030 3230 3031 4d04 00:UNDI:002001M.
0x0140: 6950 5845 3716 0103 0607 0c0f 112b 3c42 iPXE7........+<B
0x0150: 4377 8081 8283 8485 8687 afcb af39 b105 Cw...........9..
0x0160: 0110 ec81 68eb 0301 0000 1701 0122 0101 ....h........"..
0x0170: 1601 0113 0101 1401 0111 0101 2701 0119 ............'...
0x0180: 0101 2901 0110 0102 2101 0115 0101 1801 ..).....!.......
0x0190: 0126 0101 1201 013d 0701 00e0 4c69 3b17 .&.....=....Li;.
0x01a0: 6111 0000 0200 0300 0400 0500 0600 0700 a...............
0x01b0: 0800 0936 040a d200 0b32 040a d300 14ff ...6.....2......
15:20:07.562955 IP (tos 0x0, ttl 64, id 55711, offset 0, flags [DF], proto
UDP (17), length 328)
10.210.0.11.67 > 10.211.0.1.67: [bad udp cksum 0x16f6 -> 0xb719!]
BOOTP/DHCP, Reply, length 300, hops 1, xid 0x542d2231, secs 18, Flags
[Broadcast] (0x8000)
Your-IP 10.211.0.20
Server-IP 10.210.0.11
Gateway-IP 10.211.0.1
Client-Ethernet-Address 00:e0:4c:69:3b:17
file "undionly.kkpxe"
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 10.210.0.11
Lease-Time Option 51, length 4: 20780
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 10.210.0.1
Domain-Name-Server Option 6, length 4: 10.210.0.11
0x0000: 4500 0148 d99f 4000 4011 4a55 0ad2 000b E..H.. at .@.JU....
0x0010: 0ad3 0001 0043 0043 0134 16f6 0201 0601 .....C.C.4......
0x0020: 542d 2231 0012 8000 0000 0000 0ad3 0014 T-"1............
0x0030: 0ad2 000b 0ad3 0001 00e0 4c69 3b17 0000 ..........Li;...
0x0040: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0050: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0060: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0070: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0080: 0000 0000 0000 0000 756e 6469 6f6e 6c79 ........undionly
0x0090: 2e6b 6b70 7865 0000 0000 0000 0000 0000 .kkpxe..........
0x00a0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00b0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00c0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00d0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00e0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x00f0: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0100: 0000 0000 0000 0000 6382 5363 3501 0536 ........c.Sc5..6
0x0110: 040a d200 0b33 0400 0051 2c01 04ff ffff .....3...Q,.....
0x0120: 0003 040a d200 0106 040a d200 0bff 0000 ................
0x0130: 0000 0000 0000 0000 0000 0000 0000 0000 ................
0x0140: 0000 0000 0000 0000 ........
Windows Server 2012 packet, captured by Wireshark:
Frame 4: 342 bytes on wire (2736 bits), 342 bytes captured (2736 bits) on
interface 0
Ethernet II, Src: SuperMic_32:38:54 (0c:c4:7a:32:38:54), Dst:
HuaweiTe_f5:1d:41 (48:46:fb:f5:1d:41)
Internet Protocol Version 4, Src: 10.210.0.11, Dst: 10.211.0.1
User Datagram Protocol, Src Port: 67, Dst Port: 67
Bootstrap Protocol (Offer)
Message type: Boot Reply (2)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 0
Transaction ID: 0xdb98d333
Seconds elapsed: 0
Bootp flags: 0x8000, Broadcast flag (Broadcast)
Client IP address: 0.0.0.0
Your (client) IP address: 10.211.0.50
Next server IP address: 10.210.0.11
Relay agent IP address: 10.211.0.1
Client MAC address: RealtekS_69:3b:17 (00:e0:4c:69:3b:17)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Offer)
Length: 1
DHCP: Offer (2)
Option: (1) Subnet Mask
Length: 4
Subnet Mask: 255.255.255.0
Option: (58) Renewal Time Value
Option: (59) Rebinding Time Value
Option: (51) IP Address Lease Time
Option: (54) DHCP Server Identifier
Length: 4
DHCP Server Identifier: 10.210.0.11
Option: (3) Router
Length: 4
Router: 10.211.0.1
Option: (6) Domain Name Server
Length: 4
Domain Name Server: 10.210.0.11
Option: (255) End
Padding: 0000000000000000000000000000
0000 48 46 fb f5 1d 41 0c c4 7a 32 38 54 08 00 45 00 HF...A..z28T..E.
0010 01 48 61 c0 40 00 80 11 00 00 0a d2 00 0b 0a d3 .Ha. at ...........
0020 00 01 00 43 00 43 01 34 16 f6 02 01 06 00 db 98 ...C.C.4........
0030 d3 33 00 00 80 00 00 00 00 00 0a d3 00 32 0a d2 .3...........2..
0040 00 0b 0a d3 00 01 00 e0 4c 69 3b 17 00 00 00 00 ........Li;.....
0050 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0060 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0070 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0080 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0090 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00a0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00b0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00d0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00e0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
00f0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0100 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 ................
0110 00 00 00 00 00 00 63 82 53 63 35 01 02 01 04 ff ......c.Sc5.....
0120 ff ff 00 3a 04 00 00 01 2c 3b 04 00 00 02 0d 33 ...:....,;.....3
0130 04 00 00 02 58 36 04 0a d2 00 0b 03 04 0a d3 00 ....X6..........
0140 01 06 04 0a d2 00 0b ff 00 00 00 00 00 00 00 00 ................
0150 00 00 00 00 00 00 ......
Best regards,
Rui Mao
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20170224/1ebdd741/attachment-0001.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: image002.jpg
Type: image/jpeg
Size: 28006 bytes
Desc: not available
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20170224/1ebdd741/attachment-0001.jpg>
More information about the dhcp-users
mailing list