duplicate leases problem

Thu Nov 30 14:42:30 UTC 2006

gunhan.ataseven at vgregion.se wrote:

>We are using Novell Zenworks 7, w= here the clients (Dell) upon start
>allwaysdoes a pxe boot, loads a linux kernel from a server and then
>restarts and loads win xp. The dhcp server is 3.05rc3 in a failover
>configuration.
>
>The subnet declarations look like this,
>
>subnet 138.233.165.128 netmask 255.255.255.128 {
>    default-lease-time 3600;
>    max-lease-time 86400;
>    option routers 138.233.165.254;
>    deny duplicates;   one-lease-per-client true;
>    pool {
>      failover peer "foo";
>      deny dynamic bootp clients;
>      range 13= 8.233.165.141 138.233.165.251;
>    }
>}
>
>
>I use the "deny" and "one-lease.." option only in the subnet declarations.
>My questions are.
>
>1. Will the server allways hand out 2 adresses if the client uses
>differentclient identifiers, regardless of the above mentioned options in
>my subnet declaration?

As I read the man page, the server will still hand out a second 
address, but will 'recover' the first address.

>2. I can see in the log that the server has identified duplicates, is that
>the same thing as preparing to offer that adress to another client before
>lease expiration? Or does it just conclude that there is a duplicate
>without doing anything about it?
>This is the message i get,
>dhcpd: uid lease 138.233.180.55 for client 00:13:72:d0:6b:b7 is duplicate
>on 138.233.180.0/25

It's not something I've used myself, but I would conclude from the 
man page that any leases other than the one being requested will be 
released internally by the server - that would normally mean changing 
them to an expired state.

>3. I get the feeling the option one-lease-per-client true; is kind of
>pointless here, but i have it there anyway. According to the man file i
>shouldn't need it to solve this particular problem, or do i? I have tried
>without it too, no difference.

I don't think you need it, it 'solves' a different problem - eg 
laptop moving between subnets.

>4. I was convinced that the "deny duplicates" option would solve the
>problem, am i doing something wrong in the config file, do i use it the
>wrong way?
>
>The bottom line is, the client allways grabs 2 adresses upon start, and the
>second adress is not available until it has expired, resulting in ip adress
>shortage on some subnets. The only solution right now is to use really
>short lease times.

As I read it, the client will still get two addresses during boot, 
but one of them will be freed by the server. This does not mean that 
the address WILL be reused, merely that it CAN be reused if required.

Some time ago there was a patch that changed the servers behaviour 
regarding client-ids. Essentially, the problem you have is that from 
the servers viewpoint it is dealing with two clients - because 
different client-ids mean different clients (that's what the RFC 
requires IIRC). The patch did something like : if there is no 
client-id supplied, then insert the mac address to match the Windows 
behaviour. I don't know if it's still around or not.

Looking ahead, I believe version 3.1 will allow the admin to change 
the client keying mechanism, so whilst it will have a default the 
same as now which is pick-first-value(client-id, hardware), you will 
be able to change it if your needs dictate - so you could ignore 
client-id altogether by just using hardware.