Ubuntu
isc-dhcp package

dhclient-script flushes & re-adds an alias IP every time a lease is renewed

Bug #1183762 reported by markdv77
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
isc-dhcp (Ubuntu)
New
Undecided
Unassigned

Bug Description

The dhclient-script flushes & re-adds an alias IP every time a lease is renewed.

Why?

The alias IP in configured in dhclient.conf, which is read on startup.
Even if the configuration was altered some time after an initial BOUND|REBOOT state/event dhclient would not know about it at RENEW time.
So as far as I can tell "$alias_ip_address" is guaranteed to never change after the initial BOUND|REBOOT event/state therefore making it pointless to reconfigure it at every RENEW.

Now, the superfluous reconfiguration might appear to be harmless at first, but if the primary leased address is used to masquerade(iptables) connections it DOES hurt.
This is because when the secondary IP address is removed all connection tracking entries for the entire interface are flushed which can cause existing connections to be dropped/terminated.
Which is how I found out and am reporting this issue.... :(

Although I think I'm of the opinion that this iptables/conntrack behaviour is probably also sub-optimal (to say the least), this should not be used as an excuse to perform any unnecessary actions of which the side-effects (now or in the future) are unknown and possibly undesired.

If my reasoning is correct the following barely tested patch seems to work for m:

--- dhclient-script.orig-dist 2013-05-23 21:43:24.441696833 +0200
+++ dhclient-script 2013-05-24 12:13:36.966021941 +0200
@@ -235,7 +235,8 @@
             hostname "$new_host_name"
         fi

- if [ -n "$old_ip_address" ] && [ -n "$alias_ip_address" ] &&
+ if { [ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ] ;} &&
+ [ -n "$old_ip_address" ] && [ -n "$alias_ip_address" ] &&
            [ "$alias_ip_address" != "$old_ip_address" ]; then
             # alias IP may have changed => flush it
             ip -4 addr flush dev ${interface} label ${interface}:0
@@ -271,7 +272,8 @@
             done
         fi

- if [ -n "$alias_ip_address" ] &&
+ if { [ "$reason" = "BOUND" ] || [ "$reason" = "REBOOT" ] ;} &&
+ [ -n "$alias_ip_address" ] &&
            [ "$new_ip_address" != "$alias_ip_address" ]; then
             # separate alias IP given, which may have changed
             # => flush it, set it & add host route to it

Regards,
Mark.

Revision history for this message
markdv77 (markdv77) wrote :

Apparently the same problem was found and fixed in OpenSUSE in 2011:
https://bugzilla.novell.com/show_bug.cgi?id=700771

To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.