[Bug 1533631] Re: dhclient killed when DHCPv6 lease is out-of date

Fri Apr 1 16:50:36 UTC 2016

It seems there's a deficiency in isc-dhcp client that leads to this.
Fedora have been carrying a patch since 2013 that solves it by the
simple expedient of scanning the .lease file first for unexpired leases
before allocate an address.

See:

http://pkgs.fedoraproject.org/cgit/rpms/dhcp.git/commit/dhcp-honor-
expired.patch?h=f24&id=e83fb19c51765442d77fa60596bfdb2b3b9fbe2e

There's no sign that the Fedora devs creating this patch made any
attempt to upstream it. I'm going to follow-up with the ISC DHCP devs to
find out what their view is.

In the meantime I'm working with the Network Manager devs to develop an
acceptable band-aid solution to solve the immediate problem.

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1533631

Title:
  dhclient killed when DHCPv6 lease is out-of date

Status in NetworkManager:
  Confirmed
Status in isc-dhcp package in Ubuntu:
  In Progress
Status in network-manager package in Ubuntu:
  In Progress

Bug description:
  Network Manager summarily kills the IPv6 dhclient process when the
  DHCPv6 lease contained in the dhclient6-${UUID}.lease file is out-of
  date, leaving the IPv6 interface without a stateful IPv6 address, or,
  if the "require IPv6 address on this interface" option is enabled,
  causes NM to cycle continuously deactivating and reactivating the
  interface (including the IPv4 addresses).

  This is effectively a Denial Of Service. It can be trivially induced
  if, for example, the dhclient6-$(UUID}.lease file contains a lease
  that was issued before the user went away on vacation or the PC wasn't
  connected to the same network for a few days (depending on the lease
  renew/rebind/expiry times). Calculation on the old lease of

  start + preferred_lifetime < NOW

  triggers dhclient to 'DEPREFER6' the lease (withdraw the address
  record) and ask the DHCPv6 server for a new lease, but Network Manager
  will kill the dhclient because it only sees an 'EXPIRE6' state change.

  In summary, when the DHCPv6 state transitions from "bound" to
  "unknown" then "expire" to "done" Network Manager kills the 'dhclient'
  process before it has chance to request and bind a fresh lease, If
  'dhclient' is run manually with the same command-line options and
  allowed to continue running it correctly gains a new lease.

  Network Manager doesn't know how to handle "DEPREF6", which is sent
  from isc-dhcp dhclient to the helper script (set by "-sf" option).

  So it seems that to correctly solve this issue Network Manager must be
  taught how to handle DEPREF6.

  /var/log/syslog will show a message from dhclient of the form:

  dhclient: PRC: Address 2a02:8011:2007::2 depreferred.

To manage notifications about this bug go to:
https://bugs.launchpad.net/network-manager/+bug/1533631/+subscriptions