[Bug 1533631] Re: dhclient killed when DHCPv6 lease is out-of date

Jason C Daniels 1533631 at bugs.launchpad.net
Sun May 29 21:30:46 UTC 2016 

I'm getting DOS'd about 20 times a day as a result of this issue.

Could a "band-aid" shell script be whipped up by anyone in the know, to
physically purge the expired lease files periodically, and posted here?

I would gladly set such a script to run as a "cleanup service" or even
run it manually, while the proper fix is implemented.

Thanks,
Jason

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to isc-dhcp in Ubuntu.
https://bugs.launchpad.net/bugs/1533631

Title:
  dhclient killed when DHCPv6 lease is out-of date

Status in NetworkManager:
  Confirmed
Status in isc-dhcp package in Ubuntu:
  In Progress
Status in network-manager package in Ubuntu:
  In Progress

Bug description:
  Network Manager summarily kills the IPv6 dhclient process when the
  DHCPv6 lease contained in the dhclient6-${UUID}.lease file is out-of
  date, leaving the IPv6 interface without a stateful IPv6 address, or,
  if the "require IPv6 address on this interface" option is enabled,
  causes NM to cycle continuously deactivating and reactivating the
  interface (including the IPv4 addresses).

  This is effectively a Denial Of Service. It can be trivially induced
  if, for example, the dhclient6-$(UUID}.lease file contains a lease
  that was issued before the user went away on vacation or the PC wasn't
  connected to the same network for a few days (depending on the lease
  renew/rebind/expiry times). Calculation on the old lease of

  start + preferred_lifetime < NOW

  triggers dhclient to 'DEPREFER6' the lease (withdraw the address
  record) and ask the DHCPv6 server for a new lease, but Network Manager
  will kill the dhclient because it only sees an 'EXPIRE6' state change.

  In summary, when the DHCPv6 state transitions from "bound" to
  "unknown" then "expire" to "done" Network Manager kills the 'dhclient'
  process before it has chance to request and bind a fresh lease, If
  'dhclient' is run manually with the same command-line options and
  allowed to continue running it correctly gains a new lease.

  Network Manager doesn't know how to handle "DEPREF6", which is sent
  from isc-dhcp dhclient to the helper script (set by "-sf" option).

  So it seems that to correctly solve this issue Network Manager must be
  taught how to handle DEPREF6.

  /var/log/syslog will show a message from dhclient of the form:

  dhclient: PRC: Address 2a02:8011:2007::2 depreferred.

To manage notifications about this bug go to:
https://bugs.launchpad.net/network-manager/+bug/1533631/+subscriptions

More information about the foundations-bugs mailing list