DHCP problem

[SirDice]

The leases are set as

default-lease-time 86400

They should not expire. And still, even if they expire, I should get a new one if I disable and re-enable the NIC

It should actually renew the lease at half the lease time. So something isn't working correctly. The lease doesn't appear to expire as the clients still have the correct IP address. It's just that they can't access the gateway any more for some reason. At least that's what I understood of the situation.

 

[usdmatt]

If nothing can communicate with the server at all after 5-10 minutes then it suggests issues with the server itself. I'm reluctant to start suggesting server/nic problems though as we have very little real troubleshooting information to go on and I suspect you may just be getting things into a mess.

It makes no sense for a machine to get DHCP correctly, work, and then stop 10 minutes later. That does not look like a DHCP problem.

What does the output of ifconfig eth1 look like on the server?
What does the output of the same command (with the correct interface of course, or ipconfig on Windows) look like once a machine has booted and got an IP address?
Does the output of the above command on the client change when they lose connectivity (i.e. do they still appear to have a valid address when it stops working)?
Do all hosts lose connectivity to the server or just some?

I'm starting to come to the same conclusion as posters in this very similar thread (viewtopic.php?f=7&t=32039&start=25), that if this is a real network with users on, you should just get someone in who knows what they're doing, that can actually deploy a properly designed, working network.

 

[wblock@]

I was thinking leases expiring and the default route somehow being lost or wrong when the new lease is obtained. And agreed that a second, rogue DHCP server somewhere on the network can produce some effects like that.

 

[kpa]

Is there any packet filtering done on the interface? If so post the rules please.

 

[hac3ru]

Okay I'm back. Sorry for the delay...

I installed a FreeBSD OS on a virtual machine, same pf.conf, same ipfw.rules, same dhcpd.conf. I added some other virtual workstations into the network and it all worked flawlessly....?!

I trashed the aliases.
Now the dhcpd.conf is looking clean, like this:

#
# Options
#
default-lease-time 86400;
max-lease-time 86400;
min-lease-time 86400;
ddns-update-style none;
log-facility local3;    # Note: syslog-ng filters by program
#
# Network options
#
shared-network camin
{
    authoritative;
    option domain-name "c3.campus.utcluj.ro";
    option domain-name-servers 193.226.6.229, 193.226.5.151, 193.226.6.233, 217.73.173.3, 193.226.5.33, 8.8.8.8;
    #option domain-name-servers 193.226.6.229;
    subnet 172.23.0.0 netmask 255.255.240.0
    {
#       pool
#       {
#           max-lease-time 300;
#           min-lease-time 150;
#           range 172.23.14.10 172.23.15.240;
#           allow unknown-clients;
#       }
        range 172.23.14.10 172.23.15.240;
        option routers 172.23.0.1;
        option subnet-mask 255.255.240.0;
        option broadcast-address 172.23.15.255;
    }
}
#
# Leases
#
include "/var/db/c3/dhcpd.conf";

I swapped to 172.23.0.0/24 network. I have tried to achieve this using a pool or the range directly but it did not work. Also, I changed the dhcp interface to bge1 so I'll post the output of ifconfig bge1

bge1: flags=88843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST,STATICARP> metric 0 mtu 1500
        options=8009b<RXCSUM,TXCSUM,VLAN_MTU,VLAN_HWTAGGING,VLAN_HWCSUM,LINKSTATE>
        ether 00:11:0a:e9:9b:5e
        inet 172.23.0.1 netmask 0xfffff000 broadcast 172.23.15.255
        inet6 fe80::211:aff:fee9:9b5e%bge1 prefixlen 64 scopeid 0x5
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (1000baseT <full-duplex,master>)
        status: active

The ipconfig on windows machines returns the proper IP, Mask, Gateway, DNS and all other informations on the NIC connected to that network...
I am getting an IP from 172.23.14.0/24 or 172.23.15.0/24 network but I am not able to communicate with 172.23.0.1 (FreeBSD server).
If a rogue DHCP server would release IP addresses, I should get some other IP (192.168.x.x usually) and the router's IP address as gateway, which I do not.

I am running no packet filtering at this moment. I changed pf.conf to

ext_if="em0"
int_if="bge1"

internal_net="172.23.0.0/20"
external_addr="10.134.168.54"

table <campus> { 172.22.0.0/21, 172.23.0.0/20, 172.24.0.0/21, 172.25.0.0/21 }
# NAT
nat on $ext_if from $internal_net to !<campus> -> $ext_if
# Pass all
pass all

Any other ideas?

Thank you for the struggle

Later edit:
STUPID STUPID STUPID STUPID!
I would have never think about this. It seems that the script that generates the .leases file, also generates an ARP file, which is loaded and the command ifconfig bge1 staticarp is loaded. The script is old and I was never curious enough (and to be honest I didn't think that one would create static ARP lists) to look for something like this.
I modified that into ifconfig bge1 -staticarp and it all works great now. Sorry for wasting your time but I think that we all learned something today )