systemd-networkd [DHCPServer] should send requested options also in DHCPOFFER #27471
Comments
|
(It's possible Linux has an issue by only looking at the DHCPOFFER for the DNS, but I think systemd-networkd also has an issue here, and then the 2 issues get intertwined together and create a "protocol misunderstanding".) |
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this issue
May 8, 2023
Some DHCP server implementations only send the important requested DHCP options in the final BOOTP reply (DHCPACK). One example is systemd-networkd. However, RFC2131, in section 4.3.1 states: > The server MUST return to the client: > [...] > o Parameters requested by the client, according to the following > rules: > > -- IF the server has been explicitly configured with a default > value for the parameter, the server MUST include that value > in an appropriate option in the 'option' field, ELSE I've reported the issue here: systemd/systemd#27471 Linux PNP DHCP client implementation only takes into account the DNS servers received in the first BOOTP reply (DHCPOFFER). This usually isn't an issue as servers are required to put the same values in the DHCPOFFER and DHCPACK. However, RFC2131, in section 4.3.2 states: > Any configuration parameters in the DHCPACK message SHOULD NOT > conflict with those in the earlier DHCPOFFER message to which the > client is responding. The client SHOULD use the parameters in the > DHCPACK message for configuration. When making Linux PNP DHCP client (cmdline ip=dhcp) interact with systemd-networkd DHCP server, an interesting "protocol misunderstanding" happens: Because DNS servers were only specified in the DHCPACK and not in the DHCPOFFER, Linux will not catch the correct DNS servers: in the first BOOTP reply (DHCPOFFER), it sees that there is no DNS, and sets as fallback the IP of the DHCP server itself. When the second BOOTP reply comes (DHCPACK), it's already too late: the kernel will not overwrite the fallback setting it has set previously. This patch makes the kernel overwrite its DNS fallback by DNS servers specified in the DHCPACK if any. Signed-off-by: Martin Wetterwald <martin@wetterwald.eu>
intel-lab-lkp
pushed a commit
to intel-lab-lkp/linux
that referenced
this issue
May 10, 2023
Some DHCP server implementations only send the important requested DHCP options in the final BOOTP reply (DHCPACK). One example is systemd-networkd. However, RFC2131, in section 4.3.1 states: > The server MUST return to the client: > [...] > o Parameters requested by the client, according to the following > rules: > > -- IF the server has been explicitly configured with a default > value for the parameter, the server MUST include that value > in an appropriate option in the 'option' field, ELSE I've reported the issue here: systemd/systemd#27471 Linux PNP DHCP client implementation only takes into account the DNS servers received in the first BOOTP reply (DHCPOFFER). This usually isn't an issue as servers are required to put the same values in the DHCPOFFER and DHCPACK. However, RFC2131, in section 4.3.2 states: > Any configuration parameters in the DHCPACK message SHOULD NOT > conflict with those in the earlier DHCPOFFER message to which the > client is responding. The client SHOULD use the parameters in the > DHCPACK message for configuration. When making Linux PNP DHCP client (cmdline ip=dhcp) interact with systemd-networkd DHCP server, an interesting "protocol misunderstanding" happens: Because DNS servers were only specified in the DHCPACK and not in the DHCPOFFER, Linux will not catch the correct DNS servers: in the first BOOTP reply (DHCPOFFER), it sees that there is no DNS, and sets as fallback the IP of the DHCP server itself. When the second BOOTP reply comes (DHCPACK), it's already too late: the kernel will not overwrite the fallback setting it has set previously. This patch makes the kernel overwrite its DNS fallback by DNS servers specified in the DHCPACK if any. Signed-off-by: Martin Wetterwald <martin@wetterwald.eu> Signed-off-by: David S. Miller <davem@davemloft.net>
|
I've changed the behavior on Linux side in net-next. The patch should probably land on Linux 6.5-rc1. |
yuwata
added a commit
to yuwata/systemd
that referenced
this issue
May 11, 2023
These options may not be necessary in DHCPOFFER message, but RFC allows to send them, and the kernel's DHCP client parses DNS servers only from DHCPOFFER message. Let's always send same options on offer and ack. See RFC 2131 section 4.3.1 (https://www.rfc-editor.org/rfc/rfc2131#section-4.3.1). Fixes systemd#27471.
|
Fix is waiting in #27607. |
yuwata
added a commit
to yuwata/systemd
that referenced
this issue
May 11, 2023
From RFC 2131 section 4.3.1 (https://www.rfc-editor.org/rfc/rfc2131#section-4.3.1): ---- The server MUST return to the client: - Parameters requested by the client, according to the following rules: -- IF the server has been explicitly configured with a default value for the parameter, the server MUST include that value in an appropriate option in the 'option' field, ---- The sentence is not only for ACK, but for all (positive) responses, that is DHCPOFFER and DHCPACK. Fixes systemd#27471.
bluca
pushed a commit
that referenced
this issue
May 13, 2023
From RFC 2131 section 4.3.1 (https://www.rfc-editor.org/rfc/rfc2131#section-4.3.1): ---- The server MUST return to the client: - Parameters requested by the client, according to the following rules: -- IF the server has been explicitly configured with a default value for the parameter, the server MUST include that value in an appropriate option in the 'option' field, ---- The sentence is not only for ACK, but for all (positive) responses, that is DHCPOFFER and DHCPACK. Fixes #27471.
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
systemd version the issue has been seen with
253
Used distribution
Arch Linux
Linux kernel version used
6.2.10-arch1-1
CPU architectures issue was seen on
x86_64
Component
systemd-networkd
Expected behaviour you didn't see
According to RFC2131, when a DHCP server is answering to a DHCPDISCOVER with a DHCPOFFER, it should:
So if a client requested DNS option in the DHCPDISCOVER for example, we should see this in the DHCPOFFER if systemd-networkd has a specific value to give for that parameter.
Unexpected behaviour you saw
There is a discrepancy between options provided in the DHCPOFFER and DHCPACK.
The DHCPACK lists much more options than its DHCPOFFER counterpart:
https://github.com/systemd/systemd/blob/main/src/libsystemd-network/sd-dhcp-server.c#L622-L630
So for example, Linux kernel PNP DHCP (cmdline with
ip=dhcp) fails to get the correct DNS server.This is because in Linux implementation, they only consider the DNS Server of the DHCPOFFER.
If the DHCPOFFER contains no DNS option, Linux will fall back to choosing the same IP as the DHCP Server.
https://github.com/torvalds/linux/blob/v6.2/net/ipv4/ipconfig.c#L1161-L1162
Steps to reproduce the problem
Configure systemd-networkd to be a DHCPServer and to distribute a DNS server different from the server itself.
Use a DHCP client which for at least one option, only cares if it's in the DHCPOFFER.
For example, the Linux kernel built-in DHCP client during boot:
And with
ip=dhcpin the command line.For DNS option, it will only care if it's present in the DHCPOFFER. If it was not present, it will set it to be equal to the IP of the DHCP Server, even if the value comes later in the DHCPACK.
Additional program output to the terminal or log subsystem illustrating the issue
The text was updated successfully, but these errors were encountered: