[Dnsmasq-discuss] Behavior on DHCP denied

Geert Stappers stappers at stappers.nl
Wed Apr 19 16:12:35 UTC 2023


On Wed, Apr 19, 2023 at 04:32:46PM +0300, 0zl wrote:
> On 4/19/23 13:35, 0zl wrote:
> > On 4/19/23 11:38, Buck Horn wrote:
> > > Wed, Apr 19, 2023, 0zl wrote:
> > > >    .....
> > > > Note that the capture includes a ARP probe from the ESP and no
> > > > response, just keep in mind that the WiFi router does in fact
> > > > respond to it, it just doesn't do so over that bridge port so it
> > > > didn't get captured on the gateway's end.
> > > 
> > > I think your issue starts earlier:
> > > Your pcap indicates a failing lease renewal.
> > > 
> > > Lines 12 to 18 show your ESP is attempting to renew its DHCP lease
> > > through 10.46.109.1 after ~62 seconds as expected (about half the
> > > 120secs leasetime) - but those requests seem to never have received
> > > a reply.
> > > 
> > > In absence of a reply from the known DHCP server, lines 19 to 27
> > > then show your ESP to send renewal requests to the broadcast
> > > address.
> > > 
> > > As those are not answered either, your ESP finally releases its
> > > expired lease (line 28).
> > > 
> > > It then initiates DHCP negotiation for a completely new lease, by
> > > broadcasting for DHCP servers, and it's only then that ARP probing
> > > would prompt it to DHCPDECLINE.
> > > 
> > > But I'd have expected dnsmasq to have extended your ESP's existing
> > > lease straight for the first DHCPREQUEST for renewal (line 12).
> > > 
> > > This would suggest that dnsmasq has not received or ignored both
> > > those DHCPREQUESTs for renewal as well as the DHCPRELEASE, which
> > > could explain both the failed renewal as well as the offending
> > > DHCPDECLINEs.
> > > 
> > > Are you splitting your network, e.g. into several VLANs?
> > > 
> > > It would be interesting to see what dnsmasq has been logging for
> > > that exchange, to verify whether and how dnsmasq would have received
> > > those DHCPREQUESTs for renewal.
> > 
> > Some good news, it turns out my firewall was dropping any incoming DHCP
> > message that was not a broadcast (only 255.255.255.255 was getting in)
> > causing this problem.
> 
> I declared victory too soon. NOT SOLVED.
> 
> If the ESP was reconnecting and the ARP entry was still in cache, it will
> refuse to connect HOWEVER renewal is now solved.

OKay, tell us what is at _your_ side.

 * Overview
 * Configuration
 * Logging
 * What is on the wire   (  ".pcap" )



Groeten
Geert Stappers


P.S.

> > You could consider this problem solved.
> > Sorry for all the noise and concern for nothing.

Advice: Document to working setup
Request: Document it here, this mailinglist (archive)
-- 
Silence is hard to parse



More information about the Dnsmasq-discuss mailing list