Bug #16583
closed
DHCP server assigns dynamic IP address instead of static
0%
Description
I have configured static IP address for a specific MAC address.
Yet for some reason DHCP server keeps issuing dynamic IP address to the device for some reason.
Attaching DHCP packet capture with this issue.
Initially correct static IP address is issued.
Then apparently the device keeps requesting IP addresses due to detecting that it can't reach Internet due to firewall rules and eventually it gets dynamic IP address for some reason, which allows it to bypass firewall rules and access Internet.
Seems like a significant bug to me.
I commented earlier on already closed https://redmine.pfsense.org/issues/15956, suspect it is related to it, but looks like that issue is now ignored, hence a new one.
Files
Updated by Jim Pingle about 8 hours ago
- Status changed from New to Not a Bug
This is likely due to some client behavior, not the server, but this isn't the place to discuss and diagnose the issue. Start a forum thread to gather more information and this can be reopened with more accurate details if anything actionable is discovered.
Updated by Nazar Mokrynskyi about 7 hours ago
Jim Pingle wrote in #note-1:
This is likely due to some client behavior, not the server, but this isn't the place to discuss and diagnose the issue. Start a forum thread to gather more information and this can be reopened with more accurate details if anything actionable is discovered.
Come on, DHCP server issued dynamic IP address for MAC address that is clearly configured to static mapping.
How on earth is this possibly not a bug???
Switching to ISC DHCP server makes the problem instantly go away, it only happens with Kea DHCP server.
Captured pcap file and provided description is sufficient for you to easily reproduce it on your own. There is no more information needed here to act upon it.
So please don't reject legitimate and obvious bugs as vague "some client behavior".
Updated by Jim Pingle about 7 hours ago
ISC DHCP failed to follow the DHCP spec in several ways, so it exposes some more undesirable client problems and configuration quirks that never should have worked, but happened to work by luck.
The packet capture shows the client rejecting the first address it was assigned and requesting a new address, which the server denied, and then it sent a request with much different client identifiers than the initial request. This is likely causing it to fail to match something in your configuration you expect, which needs to be diagnosed on the forum.
If it's a bug, it's almost certainly upstream in Kea, not in the configuration, but again, that's something that needs to be hashed out on the forum, not here.