DHCP and 2 subnets
Simon Hobson
dhcp1 at thehobsons.co.uk
Mon Apr 7 07:37:46 UTC 2008
Chris Arnold wrote:
> > That sounds pretty standard. What is logged when a 192.168.123.x
>> client gets the wrong address ? Also, it may be worth using a sniffer
>> (like wireshark) to see what packets are being passed on the networks
>> concerned.
>
>This gets logged to the dhcp server:
>Apr 6 22:12:51 mail dhcpd: DHCPDISCOVER from 00:0b:db:c8:f1:71 (Izabella) via
>eth1
>Apr 6 22:12:51 mail dhcpd: DHCPDISCOVER from 00:0b:db:c8:f1:71 (Izabella) via
>192.168.123.2
Your networks are not separate - the above request from the same
client was received twice, once via the relay agent, and again direct
via the attached network. Go and check your setup because this
shouldn't be the case - you don't have both subnets connected to one
switch do you ?
>Apr 6 22:12:51 mail dhcpd: DHCPREQUEST for 192.168.124.144 (192.168.124.1)
>from 00:0b:db:c8:f1:71 (Izabella) via 192.168.123.2: ignored (not
>authoritative).
And this is your second problem, your server is not authoritative
(add a simple "authoritative;" statement to the top of your config) -
so it will not send a DHCP Nack message to a client that is asking
for an address that isn't valid (such as when it moves from one
subnet to another).
>Apr 6 22:12:51 mail dhcpd: ICMP Echo reply while lease 192.168.124.144 valid.
>Apr 6 22:12:51 mail dhcpd: Abandoning IP address 192.168.124.144: pinged
>before offer
>Apr 6 22:12:52 mail dhcpd: DHCPOFFER on 192.168.123.253 to 00:0b:db:c8:f1:71
>(Izabella) via 192.168.123.2
Right, and it DID make an offer for the right subnet.
>This seemed to me to "cached" somewhere so i restarted and this restart is the
>above log.
Leases are cached by the client, so provided it has persistent
storage, it can continue using a lease even across restarts until it
times out or a DHCP server says "Stop" (by sending a DHCP Nack in
response to a request).
You need to fix your network, and make your server authoritative -
making the server authoritative without fixing the network will
simply result in a fight where the client is given an address in one
subnet and immediately told to stop using it !
More information about the dhcp-users
mailing list