[Dnsmasq-discuss] Failure to respond to DHCPDISCOVER messages after changed time on router

Simon Kelley simon at thekelleys.org.uk
Thu Apr 16 21:20:03 BST 2015


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

I can't reproduce this simply by moving the system clock backwards, so
I'm going to need more information about exactly what's going on when
you see this occur.

Cheers,

Simon.


On 15/04/15 23:30, John Knight wrote:
> After thinking about this a little more, lease renew is generally 
> initiated by the clients, so I don't think this would work.  What
> if there was an API that would take the old time and the new time
> and pass it to dnsmasq so that it could come up with a delta time
> and then adjust all of the leases it has under its control?  I
> think this would work.  However, I am not sure why it stops
> responding to DHCCPDISCOVER.  After updating the leases, perhaps
> dnsmasq needs to be restarted as well to put it into a good state.
> 
> John
> 
> 
> Hi,
> 
> 
> We discovered that a change in the router's time via NTP will
> cause dnsmasq to stop answering DHCPDISCOVER.  In the wan.cap, NTP
> server gives an earlier time to the DUT and cause the dhcp server
> to stop working (ie. Answering DHCPDISCOVER)
> 
> Our DUT's time is Aug 5, 2015 16:19:22.575786000, but NTP server 
> provides Aug 5, 2015 16:00:19.588536000 which is about 19 mins
> before the DUT's time. Thus the dhcp server stop to work until
> 19mins later. During this 19 minute time period, dnsmasq does NOT
> answer dhcpdiscover or give out IP leases. After 19 minutes has
> expired, we see dnsmasq come back to life and begin answering
> dhcpdiscover messages again.
> 
> I realize that this is an abnormal scenario, but we need to
> safeguard against this kind of failure.  It is showing up in our
> testing.  One thought on preventing this would be to in effect do a
> lease renew after the time has changed on the router.  I am not
> sure how to cause dnsmasq to refresh all of it's leases?  Or should
> we be more forceful and force expiration of the leases and restart
> dnsmasq?  Any suggestions on how to best handle this scenario?
> 
> One concern we have too is security.  If the NTP messages are 
> hijacked and the time is changed, it could cause dnsmasq to stop 
> functioning thus affecting the router's users.  So, I think its 
> necessary that we address this.  Hopefully someone has some 
> recommendations on how to deal with this.
> 
> Regards,  John
> 
> 
> 
> 
> 
> 
> 
> __________________________________________________________________ 
> Confidential This e-mail and any files transmitted with it are the 
> property of Belkin International, Inc. and/or its affiliates, are 
> confidential, and are intended solely for the use of the
> individual or entity to whom this e-mail is addressed. If you are
> not one of the named recipients or otherwise have reason to believe
> that you have received this e-mail in error, please notify the
> sender and delete this message immediately from your computer. Any
> other use, retention, dissemination, forwarding, printing or
> copying of this e-mail is strictly prohibited. Pour la version
> fran?aise: http://www.belkin.com/email-notice/French.html F?r die
> deutsche ?bersetzung:
> http://www.belkin.com/email-notice/German.html 
> __________________________________________________________________
> 
> 
> 
> _______________________________________________ Dnsmasq-discuss 
> mailing list Dnsmasq-discuss at lists.thekelleys.org.uk 
> http://lists.thekelleys.org.uk/mailman/listinfo/dnsmasq-discuss
> 

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.22 (GNU/Linux)

iEYEARECAAYFAlUwGXMACgkQKPyGmiibgrc+jgCcCdmjvt5AJ8INqnhnd4NWbm1n
084AmgJ1+kM/MSdPPPAk0qFsXbk2yJU8
=lUgV
-----END PGP SIGNATURE-----



More information about the Dnsmasq-discuss mailing list