Report information
The Basics
Id:
47941
Status:
resolved
Priority:
Low/Low
Queue:
dhcp-public
People
BugTracker
Version Fixed:
(no value)
Version Found:
4.4.1
Versions Affected:
(no value)
Versions Planned:
(no value)
Priority:
P1 High
Severity:
(no value)
CVSS Score:
(no value)
CVE ID:
(no value)
Component:
(no value)
Area:
feature
Dates
Created:Thu, 12 Jul 2018 11:04:42 -0400
Updated:Tue, 18 Dec 2018 08:13:18 -0500
Closed:Tue, 18 Dec 2018 08:13:18 -0500

This bug tracker is no longer active.

Please go to our Gitlab to submit issues (both feature requests and bug reports) for active projects maintained by Internet Systems Consortium (ISC).

Due to security and confidentiality requirements, full access is limited to the primary maintainers.

History
  Thu, 12 Jul 2018 11:04:42 -0400 Cathy Almond <cathya@isc.org> - Ticket created
To: dhcp-public@isc.org
From: cathya@isc.org
Date: Thu, 12 Jul 2018 15:04:41 +0000
Subject: Extend 'ignore-client-uids' to include load-balancing lease allocation decisions

The ignore-client-uids option is supposed to make it easier to handle PXE-boot clients that would like the same IP address to be allocated to them during both boot phases, the first boot not providing a client uid (therefore being assigned a lease based solely on MAC address) and the second sending a client uid, and therefore being 'seen' as a new client. At present this mostly works, but there is (at least) one corner case: in a load-balancing situation, and where the lease initially granted has expired, the client DISCOVER might be load-balanced to the other failover peer because of 'on the fly' load balancing based on hashing the client identifier (mac or uid as appropriate), and thus still be given a different address. This can introduce some instability into the dual-boot IP address assignments. It would be better if, when 'ignore-client-uids' has been specified, that the hashing for load-balancing purposes also ignores client uids. (There may also be other locations in DHCP logic that could also benefit from this setting being observed but which haven't yet been identified).
Thu, 12 Jul 2018 11:05:32 -0400 Cathy Almond <cathya@isc.org> - Reference to https://support.isc.org/Ticket/Display.html?id=13059 added
Thu, 12 Jul 2018 11:19:15 -0400 Cathy Almond <cathya@isc.org> - Reference to https://support.isc.org/Ticket/Display.html?id=13048 added
  Wed, 08 Aug 2018 06:45:52 -0400 Cathy Almond <cathya@isc.org> - Correspondence added

Customer-suggested fix for this: --- paste --- From my perspective the "ignore-client-uids true;" should apply for the load-balancing decision as well, because in combination with failover the load balancing directly leads to a different IP for the same client (like if it were "false;"). Would it be OK to amend load_balance_mine() in server/failover.c oc = lookup_option(&dhcp_universe, packet->options, DHO_DHCP_CLIENT_IDENTIFIER); memset(&ds, 0, sizeof ds); if (oc && evaluate_option_cache(&ds, packet, NULL, NULL, packet->options, NULL, &global_scope, oc, MDL)) { hbaix = loadb_p_hash(ds.data, ds.len); data_string_forget(&ds, MDL); } else { hbaix = loadb_p_hash(packet->raw->chaddr, packet->raw->hlen); } So that it also checks for the oc = lookup_option(&server_universe, state->options, SV_IGNORE_CLIENT_UIDS); ... ??? (have not checked if this state is available at this point...) This SHOULD remove the problematic different load-balance decision when "ignore-client-uids true;" --- /paste ---
Wed, 08 Aug 2018 06:45:53 -0400 The RT System itself - Status changed from 'new' to 'open'
Wed, 26 Sep 2018 06:57:59 -0400 Thomas Markwalder <tmark@isc.org> - Status changed from 'open' to 'review'
Wed, 26 Sep 2018 06:57:59 -0400 Thomas Markwalder <tmark@isc.org> - Taken
Tue, 18 Dec 2018 08:13:18 -0500 Thomas Markwalder <tmark@isc.org> - Status changed from 'review' to 'resolved'