dhcp-server allows duplicate static-mapping for the same IP address
Closed, ResolvedPublicBUG
Actions

Assigned To

Authored By

	JeffWDH
	Nov 28 2023, 9:03 PM

Description

The config mode for the DHCP server will allow multiple static mappings pointing to same IP address.

Example:

$ config
[edit]
# set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test1 ip-address '192.168.0.220'
# set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test1 mac-address 'ff:ff:ff:ff:ff:ff'
# set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test2 ip-address '192.168.0.220'
# set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test2 mac-address 'dd:dd:dd:dd:dd:dd'
[edit]
# commit
[edit]
# run show config commands | grep Test
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test1 ip-address '192.168.0.220'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test1 mac-address 'ff:ff:ff:ff:ff:ff'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test2 ip-address '192.168.0.220'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test2 mac-address 'dd:dd:dd:dd:dd:dd'

Expected result: Commit should fail due to the duplicate address.

Details

Difficulty level: Unknown (require assessment)
Version: VyOS 1.5-rolling-202311210100
Why the issue appeared?: Will be filled on close
Is it a breaking change?: Unspecified (possibly destroys the router)
Issue type: Bug (incorrect behavior)

Related Objects
Search...

		Status	Subtype	Assigned	Task
		Resolved	BUG	sarthurdev	T5787 dhcp-server allows duplicate static-mapping for the same IP address
		Resolved	BUG	sarthurdev	T6079 dhcp: migration fails for duplicate static-mapping

Event Timeline

JeffWDH created this task.Nov 28 2023, 9:03 PM

pasik added a subscriber: pasik.Nov 28 2023, 9:34 PM

GurliGebis added a subscriber: GurliGebis.Nov 30 2023, 12:15 AM

Viacheslav added a project: VyOS 1.4 Sagitta.Dec 14 2023, 8:12 PM

SrividyaA added a subscriber: SrividyaA.Dec 15 2023, 11:10 AM

This also breaks the dhcp service once duplicate ip address configured for two mac-address, tested in version: 1.5-rolling-202312110024

[email protected]:~$ sudo systemctl status kea-dhcp4-server.service
× kea-dhcp4-server.service - Kea IPv4 DHCP daemon
     Loaded: loaded (/lib/systemd/system/kea-dhcp4-server.service; disabled; preset: enabled)
    Drop-In: /etc/systemd/system/kea-dhcp4-server.service.d
             └─override.conf
     Active: failed (Result: exit-code) since Fri 2023-12-15 10:55:43 UTC; 43min ago
   Duration: 168ms
       Docs: man:kea-dhcp4(8)
    Process: 60990 ExecStart=/usr/sbin/kea-dhcp4 -c /run/kea/kea-dhcp4.conf (code=exited, status=1/FAILURE)
   Main PID: 60990 (code=exited, status=1/FAILURE)
        CPU: 115ms

Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.445 INFO  [kea-dhcp4.dhcp4/60990.140479043000768] DHCP4_STARTING Kea DHCPv4 server version 2.2.0 (stable) starting
Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.452 INFO  [kea-dhcp4.hosts/60990.140479043000768] HOSTS_BACKENDS_REGISTERED the following host backend types are available: mysql postgresql
Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.454 INFO  [kea-dhcp4.dhcpsrv/60990.140479043000768] DHCPSRV_CFGMGR_SOCKET_TYPE_SELECT using socket type raw
Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.457 INFO  [kea-dhcp4.hooks/60990.140479043000768] HOOKS_LIBRARY_CLOSED hooks library /usr/lib/x86_64-linux-gnu/kea/hooks/libdhcp_lease_cmds.so >
Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.459 INFO  [kea-dhcp4.dhcpsrv/60990.140479043000768] DHCPSRV_CFGMGR_NEW_SUBNET4 a new subnet has been added to configuration: 192.0.2.0/24 with >
Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.461 ERROR [kea-dhcp4.dhcp4/60990.140479043000768] DHCP4_PARSER_FAIL failed to create or run parser for configuration element shared-networks: f>
Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.461 ERROR [kea-dhcp4.dhcp4/60990.140479043000768] DHCP4_CONFIG_LOAD_FAIL configuration error using file: /run/kea/kea-dhcp4.conf, reason: faile>
Dec 15 10:55:43 vpn.vyos.net kea-dhcp4[60990]: 2023-12-15 10:55:43.462 ERROR [kea-dhcp4.dhcp4/60990.140479043000768] DHCP4_INIT_FAIL failed to initialize Kea server: configuration error using file '/run/kea/kea>
Dec 15 10:55:43 vpn.vyos.net systemd[1]: kea-dhcp4-server.service: Main process exited, code=exited, status=1/FAILURE
Dec 15 10:55:43 vpn.vyos.net systemd[1]: kea-dhcp4-server.service: Failed with result 'exit-code'.

dhcp log:

Dec 15 12:05:05 kea-dhcp4[63393]: 2023-12-15 12:05:05.787 ERROR [kea-dhcp4.dhcp4/63393.139987328817600] DHCP4_PARSER_FAIL failed to create or run parser for configuration element shared-networks: failed to add new host using the HW address '50:0b:00:0c:00:00 and DUID '(null)' to the IPv4 subnet id '1' for the address 192.0.2.10: There's already a reservation for this address (/run/kea/kea-dhcp4.conf:52:5)

dmbaturin triaged this task as High priority.Jan 9 2024, 6:06 PM

sarthurdev changed the task status from Open to In progress.Jan 9 2024, 9:55 PM

sarthurdev claimed this task.

sarthurdev moved this task from Need Triage to In Progress on the VyOS 1.5 Circinus board.

1.5 PR: https://github.com/vyos/vyos-1x/pull/2785

1.4 PR: https://github.com/vyos/vyos-1x/pull/2794

sarthurdev moved this task from Need Triage to In Progress on the VyOS 1.4 Sagitta board.Jan 10 2024, 9:19 PM

Tested in latest 1.5-rolling-202401190024 release, the commit fails when duplicate static-mapping is configured as expected.

vyos@vyos# commit
[ service dhcp-server ]
Configured IP address for static mapping "Test2" already exists on
another static mapping

[[service dhcp-server]] failed
Commit failed

vyos@vyos# comp
[service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping]
+ Test2 {
+     ip-address "192.168.0.220"
+     mac "dd:dd:dd:dd:dd:dd"
+ }

[edit]
vyos@vyos# run sh conf comm | grep dhcp
set interfaces ethernet eth0 address 'dhcp'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test1 ip-address '192.168.0.220'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 static-mapping Test1 mac 'ff:ff:ff:ff:ff:ff'
set service dhcp-server shared-network-name LAN subnet 192.168.0.0/24 subnet-id '1'

sarthurdev closed this task as Resolved.Jan 21 2024, 12:48 PM

sarthurdev moved this task from In Progress to Finished on the VyOS 1.5 Circinus board.

sarthurdev moved this task from In Progress to Finished on the VyOS 1.4 Sagitta board.

Imo this shouldn't affect disabled mappings, but just if there are/going to be 2 active mapping with the same IP.

This is currently running me into migration-errors from 1.4-nightly-202312291108 to the rc3 (and the nightly-202401221542):

user@VyOS:~$ conf
WARNING: There was a config error on boot: saving the configuration now could overwrite data.
You may want to check and reload the boot config
[edit]
user@VyOS# 
[edit]
user@VyOS# load
Loading configuration from 'config.boot'
Load complete. Use 'commit' to make changes effective.
[edit]
user@VyOS# compare 
[service]
+ dhcp-server {
+     listen-address "192.168.100.1"
+     shared-network-name Server-DHCP {
+         authoritative
+         description "Server-DHCP"
+         name-server "192.168.100.1"
+         ntp-server "192.168.100.1"
+         subnet 192.168.100.0/28 {
+             default-router "192.168.100.1"
+             range pool1 {
+                 start "192.168.100.2"
+                 stop "192.168.100.14"
+             }
+             static-mapping proxmox {
+                 ip-address "192.168.100.2"
+                 mac-address "7c:83:34:bc:56:2f"
+             }
+             static-mapping proxmox-old {
+                 disable
+                 ip-address "192.168.100.2"
+                 mac-address "1c:83:41:32:1e:3b"
+             }
+         }
+     }
+     }
+ }

[edit]
user@VyOS# commit

Configured IP address for static mapping "proxmox-old" already exists on
another static mapping

[[service dhcp-server]] failed
Commit failed
[edit]

In my eyes this could break many configs / setups, as there are a lot of people that like to "archive their past configs" just like this. (Essentially just disabling config parts instead of deleting)

+1 on excluding disabled mappings

sarthurdev changed the status of subtask T6079: dhcp: migration fails for duplicate static-mapping from Open to Needs testing.Feb 28 2024, 11:48 PM

sarthurdev closed subtask T6079: dhcp: migration fails for duplicate static-mapping as Resolved.Mar 6 2024, 7:05 PM

dhcp-server allows duplicate static-mapping for the same IP addressClosed, ResolvedPublicBUGActions

Description

Details

Related ObjectsSearch...

Event Timeline

dhcp-server allows duplicate static-mapping for the same IP address
Closed, ResolvedPublicBUG
Actions

Related Objects
Search...