<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
</head>
<body>
<p>On 4/19/23 13:35, 0zl wrote:<br>
</p>
<blockquote type="cite"
cite="mid:b9e37111-d922-bcc1-8996-f983594080ab@riseup.net">
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<p>On 4/19/23 11:38, Buck Horn wrote:<br>
</p>
<blockquote type="cite"
cite="mid:em9421c00f-4a64-46e6-b014-299fd90df356@user-pc">
<meta http-equiv="content-type" content="text/html;
charset=UTF-8">
<style>#xffcbed036da340a4b009f89cb76d76a0{
font-family:Tahoma;
font-size:12pt;
}</style>
<style id="css_styles" type="text/css">blockquote.cite { margin-left: 5px; margin-right: 0px; padding-left: 10px; padding-right:0px; border-left: 1px solid #cccccc }blockquote.cite2 {margin-left: 5px; margin-right: 0px; padding-left: 10px; padding-right:0px; border-left: 1px solid #cccccc; margin-top: 3px; padding-top: 0px; }a img { border: 0px; }li[style='text-align: center;'], li[style='text-align: right;'] { list-style-position: inside;}body { font-family: Tahoma; font-size: 12pt; }</style>
<div><br>
</div>
<div id="x4ec356ad6bce4a2">
<blockquote type="cite" class="cite2">
<div class="plain_line">Yes this is proxy ARP in <a
class="moz-txt-link-freetext"
href="https://en.wikipedia.org/wiki/Proxy_ARP"
moz-do-not-send="true">https://en.wikipedia.org/wiki/Proxy_ARP</a>.
HostAPd has an option called proxy_arp which setups up
proxy_arp with additional requirements to meet the Hotspot
2.0 standards. It comes built in with a couple of
snoopers, including a DHCP snooper to configure proxy_arp
without the need for additional software.</div>
<div class="plain_line"> </div>
<div class="plain_line">I've attached a pcap file, if you
need any more logs or information please let me know. Only
thing I've changed for this capture is setting the lease
time to 2m in order to make it faster for me to capture
this for you, in normal operation it was set to 8hours.</div>
<div class="plain_line"> </div>
<div class="plain_line">Note that the capture includes a ARP
probe from the ESP and no response, just keep in mind that
the WiFi router does in fact respond to it, it just
doesn't do so over that bridge port so it didn't get
captured on the gateway's end.</div>
</blockquote>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">I think your issue starts earlier:</div>
<div id="x4ec356ad6bce4a2">Your pcap indicates a failing lease
renewal.</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">Lines 12 to 18 show your ESP is
attempting to renew its DHCP lease through 10.46.109.1 after
~62 seconds as expected (about half the 120secs leasetime) -
but those requests seem to never have received a reply.</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">In absence of a reply from the
known DHCP server, lines 19 to 27 then show your ESP to send
renewal requests to the broadcast address.</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">As those are not answered either,
your ESP finally releases its expired lease (line 28).</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">It then initiates DHCP negotiation
for a completely new lease, by broadcasting for DHCP
servers, and it's only then that ARP probing would prompt it
to DHCPDECLINE.</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">
<div>
<div id="x4ec356ad6bce4a2">But I'd have expected dnsmasq
to have extended your ESP's existing lease straight for
the first DHCPREQUEST for renewal (line 12).</div>
</div>
</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">This would suggest that dnsmasq has
not received or ignored both those DHCPREQUESTs for renewal
as well as the DHCPRELEASE, which could explain both the
failed renewal as well as the offending DHCPDECLINEs.</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">Are you splitting your network,
e.g. into several VLANs?</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">It would be interesting to see what
dnsmasq has been logging for that exchange, to verify
whether and how dnsmasq would have received those
DHCPREQUESTs for renewal.</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
<div id="x4ec356ad6bce4a2">Kind regards,</div>
<div id="x4ec356ad6bce4a2">Buck</div>
<div id="x4ec356ad6bce4a2"><br>
</div>
</div>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Dnsmasq-discuss mailing list
<a class="moz-txt-link-abbreviated moz-txt-link-freetext" href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk" moz-do-not-send="true">Dnsmasq-discuss@lists.thekelleys.org.uk</a>
<a class="moz-txt-link-freetext" href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss" moz-do-not-send="true">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a></pre>
</blockquote>
<p>Some good news, it turns out my firewall was dropping any
incoming DHCP message that was not a broadcast (only
255.255.255.255 was getting in) causing this problem.</p>
<p>You could consider this problem solved.</p>
<p>Sorry for all the noise and concern for nothing.<br>
</p>
<br>
<fieldset class="moz-mime-attachment-header"></fieldset>
<pre class="moz-quote-pre" wrap="">_______________________________________________
Dnsmasq-discuss mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Dnsmasq-discuss@lists.thekelleys.org.uk">Dnsmasq-discuss@lists.thekelleys.org.uk</a>
<a class="moz-txt-link-freetext" href="https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss">https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss</a>
</pre>
</blockquote>
<p>I declared victory too soon. NOT SOLVED.</p>
<p>If the ESP was reconnecting and the ARP entry was still in cache,
it will refuse to connect HOWEVER renewal is now solved.<br>
</p>
</body>
</html>