[Dnsmasq-discuss] Behavior on DHCP denied

0zl 0zl at riseup.net
Wed Apr 19 10:19:14 UTC 2023 

On 4/19/23 11:38, Buck Horn wrote:

>
>> Yes this is proxy ARP in https://en.wikipedia.org/wiki/Proxy_ARP. 
>> HostAPd has an option called proxy_arp which setups up proxy_arp with 
>> additional requirements to meet the Hotspot 2.0 standards. It comes 
>> built in with a couple of snoopers, including a DHCP snooper to 
>> configure proxy_arp without the need for additional software.
>> I've attached a pcap file, if you need any more logs or information 
>> please let me know. Only thing I've changed for this capture is 
>> setting the lease time to 2m in order to make it faster for me to 
>> capture this for you, in normal operation it was set to 8hours.
>> Note that the capture includes a ARP probe from the ESP and no 
>> response, just keep in mind that the WiFi router does in fact respond 
>> to it, it just doesn't do so over that bridge port so it didn't get 
>> captured on the gateway's end.
>
> I think your issue starts earlier:
> Your pcap indicates a failing lease renewal.
>
> Lines 12 to 18 show your ESP is attempting to renew its DHCP lease 
> through 10.46.109.1 after ~62 seconds as expected (about half the 
> 120secs leasetime) - but those requests seem to never have received a 
> reply.
>
> In absence of a reply from the known DHCP server, lines 19 to 27 then 
> show your ESP to send renewal requests to the broadcast address.
>
> As those are not answered either, your ESP finally releases its 
> expired lease (line 28).
>
> It then initiates DHCP negotiation for a completely new lease, by 
> broadcasting for DHCP servers, and it's only then that ARP probing 
> would prompt it to DHCPDECLINE.
>
> But I'd have expected dnsmasq to have extended your ESP's existing 
> lease straight for the first DHCPREQUEST for renewal (line 12).
>
> This would suggest that dnsmasq has not received or ignored both those 
> DHCPREQUESTs for renewal as well as the DHCPRELEASE, which could 
> explain both the failed renewal as well as the offending DHCPDECLINEs.
>
> Are you splitting your network, e.g. into several VLANs?
>
> It would be interesting to see what dnsmasq has been logging for that 
> exchange, to verify whether and how dnsmasq would have received those 
> DHCPREQUESTs for renewal.
>
> Kind regards,
> Buck
>
>
> _______________________________________________
> Dnsmasq-discuss mailing list
> Dnsmasq-discuss at lists.thekelleys.org.uk
> https://lists.thekelleys.org.uk/cgi-bin/mailman/listinfo/dnsmasq-discuss

I think your analysis is on point and no that network in particular is 
not split into several VLANs. The dnsmasq logs don't show anything 
special, what config should I set to make the logs more useful?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20230419/3f8f1b3f/attachment.htm>

More information about the Dnsmasq-discuss mailing list