Skip Menu |
Report information
The Basics
Id: 33377
Status: resolved
Estimated: 12 hours (720 minutes)
Worked: 45 minutes
Users:
tmark: 20 minutes
Priority: 40/40
Queue: dhcp-public
People
Owner: Thomas Markwalder <tmark@isc.org>
Requestors: Rodney D Beede <rodney.d.beede@seagate.com>
Cc:
AdminCc:
Bug Information
Version Fixed: 4.4.0 4.3.6
Version Found: (no value)
Versions Affected: (no value)
Versions Planned: 4.3.6
Priority: P2 Normal
Severity: S2 Normal
CVSS Score: (no value)
CVE ID: (no value)
Component: (no value)
Area: bug
Attachments
image.png
Dates
Created:Thu, 02 May 2013 17:29:06 -0400
Updated:Wed, 21 Jun 2017 13:35:31 -0400
Closed:Wed, 21 Jun 2017 13:35:31 -0400

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History Show full headers
# Thu, 02 May 2013 17:29:06 -0400 Rodney D Beede <rodney.d.beede@seagate.com> - Ticket created [Reply] [Comment]
Subject: dhclient listening on two additional random UDP ports
Date: Thu, 2 May 2013 16:28:37 -0500
To: dhcp-bugs@isc.org
From: Rodney D Beede <rodney.d.beede@seagate.com>
Download (untitled) / with headers
text/plain 666B
Download (untitled) / with headers
text/html 992B
When I run dhclient it listens on the expected port 68.  However, in addition to that port it also listens on a high number random IPv4 port and IPv6 port (even if I specify -4 as an option).

Reading through the source code would make me think this is related to OMAPI somehow?

I tried this on Ubuntu Server 13.04 64-bit which came with dhclient version 4.2.4.  I also downloaded, compiled, and tried the latest version isc-dhclient-4.2.5-P1.  I get the same result.

I believe this is a bug.  Either it shouldn't be listening on these ports or it should be documented what they are used for.

Screenshots attached.Inline image 1

Inline image 2
Download image.png
image/png 12.7KiB

Image displayed inline above

Download image.png
image/png 17KiB

Image displayed inline above

# Thu, 02 May 2013 17:57:05 -0400 Rodney D Beede <rodney.d.beede@seagate.com> - Correspondence added [Reply] [Comment]
Subject: Re: [ISC-Bugs #33377] AutoReply: dhclient listening on two additional random UDP ports
Date: Thu, 2 May 2013 16:56:50 -0500
To: dhcp-bugs@isc.org
From: Rodney D Beede <rodney.d.beede@seagate.com>
Download (untitled) / with headers
text/plain 850B
Download (untitled) / with headers
text/html 1.1KiB
Also seen on Debian.




-------------------------------------------------------------------------
When I run dhclient it listens on the expected port 68.  However, in
addition to that port it also listens on a high number random IPv4 port and
IPv6 port (even if I specify -4 as an option).

Reading through the source code would make me think this is related to
OMAPI somehow?

I tried this on Ubuntu Server 13.04 64-bit which came with dhclient version
4.2.4.  I also downloaded, compiled, and tried the latest version
isc-dhclient-4.2.5-P1.  I get the same result.

I believe this is a bug.  Either it shouldn't be listening on these ports
or it should be documented what they are used for.

Screenshots attached.[image: Inline image 1]

[image: Inline image 2]


# Mon, 06 May 2013 11:46:32 -0400 Rodney D Beede <rodney.d.beede@seagate.com> - Correspondence added [Reply] [Comment]
Subject: Re: [ISC-Bugs #33377] AutoReply: dhclient listening on two additional random UDP ports
Date: Mon, 6 May 2013 10:46:04 -0500
To: dhcp-bugs@isc.org
From: Rodney D Beede <rodney.d.beede@seagate.com>
Download (untitled) / with headers
text/plain 1.6KiB
Download (untitled) / with headers
text/html 2.4KiB
It turns out the two random open ports are related to the dynamic DNS feature (NSUPDATE).

I modified the source code as per instructions at (http://forums.debian.net/viewtopic.php?f=10&t=95273) (forums.debian.net, dhclient UDP ports, 2013-02-01), recompiled, and reran with the random ports disappearing.


Bug Report:  Add into the documentation for dhclient that it has the NSUPDATE functionality which causes it to listen on the IPv4 and IPv6 ANY_ADDR interface on random UDP ports.

Additionally their should be a run-time configuration option that enables that behavior with it disabled by default.  A recompile should not be required to disable the ports.


On Thu, May 2, 2013 at 4:57 PM, Rodney D Beede via RT <dhcp-bugs@isc.org> wrote:
Also seen on Debian.

http://forums.debian.net/viewtopic.php?f=10&t=95273



-------------------------------------------------------------------------
> When I run dhclient it listens on the expected port 68.  However, in
> addition to that port it also listens on a high number random IPv4 port and
> IPv6 port (even if I specify -4 as an option).
>
> Reading through the source code would make me think this is related to
> OMAPI somehow?
>
> I tried this on Ubuntu Server 13.04 64-bit which came with dhclient version
> 4.2.4.  I also downloaded, compiled, and tried the latest version
> isc-dhclient-4.2.5-P1.  I get the same result.
>
> I believe this is a bug.  Either it shouldn't be listening on these ports
> or it should be documented what they are used for.
>
> Screenshots attached.[image: Inline image 1]
>
> [image: Inline image 2]
>
>


# Wed, 22 May 2013 09:44:18 -0400 Cathy Almond <cathya@isc.org> - Status changed from 'new' to 'open'
# Wed, 22 May 2013 09:44:33 -0400 Cathy Almond <cathya@isc.org> - Severity S2 Normal added
# Tue, 02 Sep 2014 17:47:03 -0400 Vicky Risk <vicky@isc.org> - Versions Planned 4.3.2 added
# Thu, 02 Oct 2014 00:47:09 -0400 Shawn Routhier <sar@isc.org> - FinalPriority changed from '50' to '60'
# Thu, 02 Oct 2014 00:47:09 -0400 Shawn Routhier <sar@isc.org> - Priority changed from '50' to '60'
# Thu, 02 Oct 2014 00:47:09 -0400 Shawn Routhier <sar@isc.org> - Priority P2 Normal added
# Mon, 23 Mar 2015 21:26:37 -0400 Shawn Routhier <sar@isc.org> - FinalPriority changed from '60' to '50'
# Mon, 23 Mar 2015 21:26:37 -0400 Shawn Routhier <sar@isc.org> - Priority changed from '60' to '50'
# Mon, 23 Mar 2015 21:26:37 -0400 Shawn Routhier <sar@isc.org> - TimeEstimated changed from (no value) to '720'
# Mon, 23 Mar 2015 21:26:37 -0400 Shawn Routhier <sar@isc.org> - Versions Planned 4.3.2 changed to 4.3.3
# Thu, 30 Jul 2015 00:54:52 -0400 Shawn Routhier <sar@isc.org> - Versions Planned 4.3.3 changed to 4.3.4
# Thu, 30 Jul 2015 01:35:30 -0400 Shawn Routhier <sar@isc.org> - Versions Planned 4.3.4 changed to 4.3.3
# Mon, 24 Aug 2015 17:32:39 -0400 Shawn Routhier <sar@isc.org> - Queue changed from #8 to #9
# Tue, 25 Aug 2015 06:34:09 -0400 Thomas Markwalder <tmark@isc.org> - Taken
# Tue, 25 Aug 2015 06:52:15 -0400 Thomas Markwalder <tmark@isc.org> - Given to Shawn Routhier <sar@isc.org>
# Tue, 25 Aug 2015 11:36:51 -0400 Shawn Routhier <sar@isc.org> - Correspondence added [Reply] [Comment]
Download (untitled) / with headers
text/plain 373B
We have now updated the dhclient and dhcpd man pages (section 8) to mention the two DDNS ports. We shall keep this ticket alive in order to track adding an option to enable or disable DDNS during run time. The changes to the docs will be released in the next release of the code - barring any problems this will be 4.3.3 and 4.1-ESV-R12. thank you for your report, shawn
# Tue, 25 Aug 2015 11:39:02 -0400 Shawn Routhier <sar@isc.org> - Queue changed from #9 to #8
# Tue, 25 Aug 2015 11:39:02 -0400 Shawn Routhier <sar@isc.org> - Untaken
# Fri, 02 Oct 2015 04:11:40 -0400 Cathy Almond <cathya@isc.org> - Versions Planned 4.3.3 changed to 4.3.4
# Thu, 21 Apr 2016 13:00:00 -0400 Shawn Routhier <sar@isc.org> - Versions Planned 4.3.4 changed to 4.3.5
# Wed, 30 Nov 2016 09:59:53 -0500 Thomas Markwalder <tmark@isc.org> - Versions Planned 4.3.5 changed to 4.3.6
# Tue, 14 Feb 2017 15:00:52 -0500 Thomas Markwalder <tmark@isc.org> - FinalPriority changed from '50' to '40'
# Tue, 14 Feb 2017 15:00:52 -0500 Thomas Markwalder <tmark@isc.org> - Priority changed from '50' to '40'
# Wed, 14 Jun 2017 06:56:51 -0400 Thomas Markwalder <tmark@isc.org> - Dependency on #45290: [PATCH] ISC-BUGS #33377 dhclient: Don't listen on ddns port by default. added
# Mon, 19 Jun 2017 15:27:21 -0400 Thomas Markwalder <tmark@isc.org> - Correspondence added [Reply] [Comment]
Download (untitled) / with headers
text/plain 809B
Hello Rodney: You'll be pleased to learn that we've addressed this issue in our upcoming maintenance release, 4.3.6 due out July 31st, and in 4.4.0 release date is TBD. We have modified the DDNS support initialization such that the DNS related ports will only be opened: 1. By the server (dhcpd) at startup if ddns-update-style is not "none" 2. By dhclient only when and if it first attempts to do an update 3. Never by dhcrelay. Prior to this all three always did the initialization at startup when DDNS support was compiled in. Thank you for reporting this issue to us. Typically we like to recognize our contributors by citing them in the release notes. If you would like to be so noted please respond with how you'd like to be identified. Sincerely, Thomas Markwalder ISC Software Engineering
# Mon, 19 Jun 2017 15:27:23 -0400 Thomas Markwalder <tmark@isc.org> - Status changed from 'open' to 'resolved'
# Mon, 19 Jun 2017 15:27:23 -0400 Thomas Markwalder <tmark@isc.org> - Taken
# Wed, 21 Jun 2017 12:56:51 -0400 Rodney D Beede <rodney.d.beede@seagate.com> - Correspondence added [Reply] [Comment]
To: dhcp-bugs@isc.org
Date: Wed, 21 Jun 2017 11:56:00 -0500
Subject: Re: [ISC-Bugs #33377] dhclient listening on two additional random UDP ports
From: "Rodney D Beede" <rodney.d.beede@seagate.com>
Download (untitled) / with headers
text/plain 1KiB
Download (untitled) / with headers
text/html 1.4KiB
Hello Thomas,

Thank you for the update on the change!

You may identify me as  "Rodney Beede"

Thanks again!

Rodney

On Mon, Jun 19, 2017 at 2:27 PM, Thomas Markwalder via RT <dhcp-bugs@isc.org> wrote:
Hello Rodney:

You'll be pleased to learn that we've addressed this issue in our upcoming maintenance release, 4.3.6 due out July 31st, and in 4.4.0 release date is TBD.

We have modified the DDNS support initialization such that the DNS related ports will only be opened:

1. By the server (dhcpd) at startup if ddns-update-style is not "none"
2. By dhclient only when and if it first attempts to do an update
3. Never by dhcrelay.

Prior to this all three always did the initialization at startup when DDNS support was compiled in.

Thank you for reporting this issue to us.  Typically we like to recognize our contributors by citing them in the release notes.  If you would like to be so noted please respond with how you'd like to be identified.

Sincerely,

Thomas Markwalder
ISC Software Engineering



# Wed, 21 Jun 2017 12:56:52 -0400 The RT System itself - Status changed from 'resolved' to 'open'
# Wed, 21 Jun 2017 13:35:31 -0400 Thomas Markwalder <tmark@isc.org> - Version Fixed 4.4.0 4.3.6 added
# Wed, 21 Jun 2017 13:35:31 -0400 Thomas Markwalder <tmark@isc.org> - Area bug added
# Wed, 21 Jun 2017 13:35:31 -0400 Thomas Markwalder <tmark@isc.org> - Worked 20 minutes 20 minutes
# Wed, 21 Jun 2017 13:35:31 -0400 Thomas Markwalder <tmark@isc.org> - Status changed from 'open' to 'resolved'
# Wed, 21 Jun 2017 13:35:31 -0400 Thomas Markwalder <tmark@isc.org> - Queue changed from #8 to dhcp-public
# Wed, 21 Jun 2017 13:35:31 -0400 Thomas Markwalder <tmark@isc.org> - Dependency by #24720: added
# Wed, 21 Jun 2017 13:35:31 -0400 Thomas Markwalder <tmark@isc.org> - Dependency by #43312: added