WelcomeWelcome | FAQFAQ | DownloadsDownloads | WikiWiki

Author Topic: dnsmasq's DHCP server not exerting enough control over leases  (Read 2194 times)

Offline GNUser

  • Hero Member
  • *****
  • Posts: 1343
dnsmasq's DHCP server not exerting enough control over leases
« on: December 27, 2019, 01:08:03 PM »
The problem:
I'm confused as to why a laptop's wireless IP address (192.168.10.186, which was obtained via DHCP) is not shown in my TCL router's dnsmasq.leases file. I thought that all active DHCP leases should show up in dnsmasq.leases, no?

Some background:
DHCP client is dhclient running on my wife's Devuan laptop. In case it matters, wife suspends the laptop when she's not using it; she almost never reboots.

DHCP server is dnsmasq in my TCL 32-bit router. Router reboots daily; /opt/dnsmasq.leases survives reboots because my /opt is persistent.

Output of some commands run in wife's laptop:
Code: [Select]
eileen@vaio:~$ ifconfig wlan0
wlan0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST>  mtu 1500
        inet 192.168.10.186  netmask 255.255.255.0  broadcast 192.168.10.255
        inet6 fe80::ae0c:9ba9:e9b8:9667  prefixlen 64  scopeid 0x20<link>
        ether 78:dd:08:13:71:b6  txqueuelen 1000  (Ethernet)
        RX packets 128882  bytes 139743821 (133.2 MiB)
        RX errors 0  dropped 0  overruns 0  frame 0
        TX packets 83043  bytes 13800313 (13.1 MiB)
        TX errors 0  dropped 0 overruns 0  carrier 0  collisions 0

eileen@vaio:~$ cat /var/lib/NetworkManager/dhclient-cafaf256-78c4-4e73-a08d-ec9d613c9640-wlan0.lease
lease {
  interface "wlan0";
  fixed-address 192.168.10.186;
  option subnet-mask 255.255.255.0;
  option routers 192.168.10.1;
  option dhcp-lease-time 86400;
  option dhcp-message-type 5;
  option domain-name-servers 192.168.10.1;
  option dhcp-server-identifier 192.168.10.1;
  option interface-mtu 1500;
  option dhcp-renewal-time 43200;
  option broadcast-address 192.168.10.255;
  option dhcp-rebinding-time 75600;
  option host-name "vaio";
  renew 4 2019/12/26 11:47:21;
  rebind 4 2019/12/26 23:33:02;
  expire 5 2019/12/27 02:33:02;
}

eileen@vaio:~$ sudo grep dhclient /var/log/daemon.log
Dec 25 21:32:58 localhost NetworkManager[2227]: <info>  [1577327578.3988] dhcp-init: Using DHCP client 'dhclient'
Dec 25 21:32:59 localhost NetworkManager[2227]: <info>  [1577327579.7435] dhcp4 (wlan0): dhclient started with pid 2419
Dec 25 21:32:59 localhost dhclient[2419]: DHCPDISCOVER on wlan0 to 255.255.255.255 port 67 interval 7
Dec 25 21:33:02 localhost dhclient[2419]: DHCPREQUEST of 192.168.10.186 on wlan0 to 255.255.255.255 port 67
Dec 25 21:33:02 localhost dhclient[2419]: DHCPOFFER of 192.168.10.186 from 192.168.10.1
Dec 25 21:33:02 localhost dhclient[2419]: DHCPACK of 192.168.10.186 from 192.168.10.1
Dec 25 21:33:02 localhost dhclient[2419]: bound to 192.168.10.186 -- renewal in 33259 seconds.

Output of some commands run on my TCL router:

Code: [Select]
bruno@box:/opt$ cat /tmp/dnsmasq.conf
listen-address=192.168.10.1
dhcp-range=192.168.10.100,192.168.10.200,255.255.255.0,24h
dhcp-option-force=option:router,192.168.10.1
dhcp-option-force=option:dns-server,192.168.10.1
dhcp-host=b8:a1:75:cb:f1:fd,192.168.10.60
dhcp-host=a0:d3:c1:e1:e3:6f,192.168.10.7,infinite
dhcp-option-force=option:mtu,1500

bruno@box:/opt$ cat /opt/dnsmasq.leases
1577566593 90:b6:86:6b:e2:6a 192.168.10.158 android-b9fd9aad25c2781e 01:90:b6:86:6b:e2:6a
1577535804 98:f1:70:4f:4b:67 192.168.10.175 * 01:98:f1:70:4f:4b:67
1577561491 b8:a1:75:cb:f1:fd 192.168.10.60 * *
0 a0:d3:c1:e1:e3:6f 192.168.10.7 HPE1E36F 01:a0:d3:c1:e1:e3:6f
1577488003 00:26:b6:f6:06:cd 192.168.10.131 box *

I start dnsmasq on the router with this command:
Code: [Select]
dnsmasq -C /tmp/dnsmasq.conf

My interpretation of the above commands:

Wife's laptop last negotiated a lease on Christmas night, two days ago. Her laptop continues to use the negotiated IP address even though dnsmasq in my TCL router no longer has any record of the lease.

My goal:
For dnsmasq in my TCL router to have more control over leases. All client IP addresses should be associated with an active lease shown in router's dnsmasq.leases. How do I achieve this goal?

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11178
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #1 on: December 27, 2019, 01:40:16 PM »
Hi GNUser
Output of some commands run in wife's laptop:
Code: [Select]
eileen@vaio:~$ ifconfig wlan0
---~ SNIP ~----
  option host-name "vaio";
  renew 4 2019/12/26 11:47:21;
  rebind 4 2019/12/26 23:33:02;
  expire 5 2019/12/27 02:33:02;
}
---~ SNIP ~----
That seems to suggest your wifes laptop thinks its lease expired at 2:30 this morning.

Offline GNUser

  • Hero Member
  • *****
  • Posts: 1343
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #2 on: December 27, 2019, 05:02:28 PM »
Thanks. So the situation is worse than I thought. Not only does the DHCP server no longer have a record of this lease, the lease is actually expired. I can confirm that she's still connected to the internet via WiFi, still using the same address.

Is there a way to configure router to periodically check whether client leases are still good, and to force a renegotiation when it finds a client with an expired lease?
« Last Edit: December 27, 2019, 05:05:18 PM by GNUser »

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11178
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #3 on: December 27, 2019, 05:12:03 PM »
Hi GNUser
I'm not really familiar with the ins and outs of DHCP. Is it supposed to kick you off if your lease expires and you're still connected?
Or is it just supposed to insure the same address doesn't get assigned to two different interfaces.

Offline GNUser

  • Hero Member
  • *****
  • Posts: 1343
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #4 on: December 27, 2019, 05:22:06 PM »
I'm not very familiar with the ins and outs of DHCP, either. I thought that if a device is connected and its lease expires, then DHCP server would renegotiate a lease (preferably one for the same IP address). One or more of my assumptions must be wrong.

In the scenario I'm observing, it seems a DHCP client (wife's laptop) remains connected with a lease it knows is expired. This is not too alarming. What is alarming is that the DHCP server (my router) allows a client to remain connected even though the server has no record of a lease, expired or otherwise.
« Last Edit: December 27, 2019, 05:30:34 PM by GNUser »

Offline Rich

  • Administrator
  • Hero Member
  • *****
  • Posts: 11178
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #5 on: December 27, 2019, 05:34:34 PM »
Hi GNUser
... I thought that if a device is connected and its lease expires, then DHCP server would renegotiate a lease (preferably one for the same IP address).  ...
The fact that the laptop gets suspended may be coming into play. The DHCP server can't renegotiate a lease with a laptop that
won't answer.

Offline GNUser

  • Hero Member
  • *****
  • Posts: 1343
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #6 on: December 27, 2019, 05:55:14 PM »
Rich, I think you're absolutely right. The server probably does attempt to renegotiate a lease, but the attempt fails if laptop happens to be suspended at the time.

I created a shell script to run when her laptop resumes from suspend, /etc/pm/sleep.d/dhcp-renegotiate

Code: [Select]
#!/bin/sh

if [ "$1" = "resume" ]; then
    dhclient -r
    dhclient wlan0
fi

This seems to do the trick.

(I'm still alarmed that my router does not force a renegotiation when it detects a device with no lease or expired lease, but I'll let that go for now.)

Thanks, Rich!

Offline hiro

  • Hero Member
  • *****
  • Posts: 1217
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #7 on: December 29, 2019, 04:44:23 PM »
you're thinking of it the wrong way around.
the *client* has to renegotiate, not the server.
also, the *client* has to check if some given IP is already taken, regardless what the server says.
this is not a safety feature, it is assumed the clients will behave.

Offline GNUser

  • Hero Member
  • *****
  • Posts: 1343
Re: dnsmasq's DHCP server not exerting enough control over leases
« Reply #8 on: December 29, 2019, 05:50:22 PM »
Thanks, hiro. That's very helpful.

It seems the client makes most of the decisions, server mainly provides information that the client requests. I thought it worked the other way around, no wonder I was surprised.