Bug #16583
closed
DHCP server assigns dynamic IP address instead of static
Added by Nazar Mokrynskyi 2 days ago.
Updated about 16 hours ago.
Description
I have configured static IP address for a specific MAC address.
Yet for some reason DHCP server keeps issuing dynamic IP address to the device for some reason.
Attaching DHCP packet capture with this issue.
Initially correct static IP address is issued.
Then apparently the device keeps requesting IP addresses due to detecting that it can't reach Internet due to firewall rules and eventually it gets dynamic IP address for some reason, which allows it to bypass firewall rules and access Internet.
Seems like a significant bug to me.
I commented earlier on already closed https://redmine.pfsense.org/issues/15956, suspect it is related to it, but looks like that issue is now ignored, hence a new one.
Files
- Status changed from New to Not a Bug
This is likely due to some client behavior, not the server, but this isn't the place to discuss and diagnose the issue. Start a forum thread to gather more information and this can be reopened with more accurate details if anything actionable is discovered.
Jim Pingle wrote in #note-1:
This is likely due to some client behavior, not the server, but this isn't the place to discuss and diagnose the issue. Start a forum thread to gather more information and this can be reopened with more accurate details if anything actionable is discovered.
Come on, DHCP server issued dynamic IP address for MAC address that is clearly configured to static mapping.
How on earth is this possibly not a bug???
Switching to ISC DHCP server makes the problem instantly go away, it only happens with Kea DHCP server.
Captured pcap file and provided description is sufficient for you to easily reproduce it on your own. There is no more information needed here to act upon it.
So please don't reject legitimate and obvious bugs as vague "some client behavior".
ISC DHCP failed to follow the DHCP spec in several ways, so it exposes some more undesirable client problems and configuration quirks that never should have worked, but happened to work by luck.
The packet capture shows the client rejecting the first address it was assigned and requesting a new address, which the server denied, and then it sent a request with much different client identifiers than the initial request. This is likely causing it to fail to match something in your configuration you expect, which needs to be diagnosed on the forum.
If it's a bug, it's almost certainly upstream in Kea, not in the configuration, but again, that's something that needs to be hashed out on the forum, not here.
Also available in: Atom
PDF
Updated by 
Updated by