DHCP server serving out incorrect DNS for scope
Bracey, John
JBracey at csuchico.edu
Fri Aug 29 18:18:59 UTC 2008
Hello All:
Thought I'd see if I could pick your brains for a sec. Here's the
situation:
We have a college that uses the Campus provided DHCP, but their own DNS
servers. In the DHCP scope config for this college we override the DNS
servers that are configured in the global DHCP settings with the
colleges DNS servers (see configlet below signature). Server version is
Internet Systems Consortium DHCP Server V3.0.1.
The problem we're seeing is with the college's machines that are set to
hibernate. When the machines come out of hibernation our server is
serving them the wrong DNS settings (they get the global settings
instead of the scope defined settings).
The attached capture shows the sequence of what's happening, here's a
summary of what's happening in the capture.
Frame 7 - the client issues a DHCPDISCOVER to get an address.
Frame 8 - Our DHCP server replies to the DISCOVER with an OFFER
(including the correct DNS servers):
Option: (t=6,l=8) Domain Name Server
Option: (6) Domain Name Server
Length: 8
Value: 84F1070A84F1020C
IP Address: XXX.XXX.7.10
IP Address: XXX.XXX.2.12
Frame 9 - the client issues a DHCPINFORM, requesting further info from
the server.
Frame 10 - the server then replies to the INFORM request with an ACK,
which includes the WRONG DNS settings:
Option: (t=6,l=8) Domain Name Server
Option: (6) Domain Name Server
Length: 8
Value: 84F1420684F1500A
IP Address: XXX.XXX.66.6
IP Address: XXX.XXX.80.10
Frame 11 - the client issues another DHCPINFORM to the server.
Frame 12 - the server replies once again to the client with an ACK
containing the wrong DNS servers.
So, initially the server responds with the correct DNS information, and
then replies to the subsequent INFORM requests with the wrong DNS
information. If they do a manual release/renew they pick up the correct
DNS settings from DHCP, as well as when they reboot the machine totally.
It's just coming out of hibernation that's the problem.
Any insight would be greatly appreciated.
Thanks.
*********************************************************
John K. Bracey, Sr. Network Analyst
NTA Change Management Group Chair
Communications Services / Network Operations
California State University, Chico
530-898-5400
*********************************************************
P Please consider the environment before printing this email.
#
# Vlan#XXX - college .7
# 1/11/2008
#
group #"college-XXX"
{
allow unknown-clients;
subnet XXX.XXX.7.0 netmask 255.255.255.0
{
option routers XXX.XXX.7.1;
pool {
option routers XXX.XXX.7.1;
option domain-name "college.csuchico.edu";
option domain-name-servers XXX.XXX.7.10, XXX.XXX.2.12;
option netbios-name-servers XXX.XXX.7.10;
#failover peer "dhcp";
deny dynamic bootp clients;
range XXX.XXX.7.40 XXX.XXX.7.254;
}
}
}
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20080829/02d6cd31/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dhcp-issue.rtf
Type: application/rtf
Size: 30000 bytes
Desc: dhcp-issue.rtf
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20080829/02d6cd31/attachment.rtf>
More information about the dhcp-users
mailing list