[Dnsmasq-discuss] dnsmasq 2.78 is failing to respond to dhcpv6 requests forwarded via relay agent
Simon Kelley
simon at thekelleys.org.uk
Thu Jan 10 21:51:26 GMT 2019
Thanks for the offer. I think there may be a simpler answer, worth
trying first.
Looking back through the git history, this looks like a bug introduced
into 2.78 by the patches for security problems found by Google, in 2017.
It was fixed for 2.79, by patch
http://thekelleys.org.uk/gitweb/?p=dnsmasq.git;a=commit;h=499d8dde2b1a216eab9252ee500cc31b8c2b2974
So, first either move to 2.79 (or preferably 2.80) or apply that patch.
If that doesn't fix it, we'll go for debugging.
Cheers,
Simon.
On 10/01/2019 12:18, Sandeep K M wrote:
> Hi Simon,
>
> Thanks again for the response.
>
> I will be happy to be your tester :)
>
> Its fairly a simple setup with two hosts and a switch. I can create this
> any time you want.
>
> Please provide me the instructions. I am using dnsmasq version 2.78.
>
> Thanks
> -Sandeep
>
> On Wed, Jan 9, 2019 at 10:33 PM Simon Kelley <simon at thekelleys.org.uk
> <mailto:simon at thekelleys.org.uk>> wrote:
>
> On 04/01/2019 06:25, Sandeep K M wrote:
> > Hi Simon,
> >
> > Thanks a lot for your prompt reply.
> >
> > Attached are the packet captures:
> >
> > 1. Packets exchanged between client and relay (client-relay.pcap)
> > 2. Packets exchanged between relay and server (relay-server.pcap)
> > 3. strace of dnsmasq (dnsmasq.trace)
> >
> > Please let me know if any other information is required.
> >
> > I am not an expert in reading pcap's or strace but I do see in the
> > attached strace i.e. dnsmasq.trace file that ""DHCPADVERTISE"
> message is
> > being written to the same interface from which it received the
> > "DHCPSOLICIT" packet. But still it is fails to go out of that
> interface.
> >
> > 06:04:09.371741 write(2, "DHCPADVERTISE(m1s1p7) 2020::14
> > 00:01:00:01:23:c1:b0:e2:00:50:56:bd:09:fb ", 73) = 73
> >
> > Any help on this would be greatly appreciated. Also is there any
> example
> > configuration of dnsmasq dhcpv6 working with relay ? Any reference
> would
> > be of great help.
> >
>
> I'm sure this was tested with a relay, but the current test harnesses
> here would take some work to get into a position to test this code, so
> I'm going to try and use you as a tester, if that's OK?
>
>
> Looking at the strace output, dnsmasq logs that it's sending a
> DHCPADVERTISE reply, but it never calls sendto() to actually send the
> packet. This is definitely a dnsmasq bug, and not something in your
> network that's causing the packet to get lost: it never gets sent.
>
>
> What's confusing me is that manually tracing the code paths from what's
> known to be working (log the DHCPADVERTISE) to the sendto() call that
> should send that packet, I can't see any reason why the code should
> fail.
>
> Are you in a position to run dnsmasq under gdb and step through the
> relevant code? I can give you detailed instructions on where to set
> breakpoints and where the reply packet could be getting lost. The path
> is maybe 50 lines.
>
> Staring at the code has found me one bug, but it's not relevant in this
> case. (The code to avoid copying an RFC6939 link address option in a
> relay request to the reply to the relay actually sends a zero-length
> option, instead of eliding it entirely.)
>
> Cheers,
>
> Simon.
>
>
>
>
More information about the Dnsmasq-discuss
mailing list