Dhcp
ISC DHCP 客戶端不斷請求地址
突然間,我大學的網路凍結了,我們設法將問題隔離在 DHCP 埠上發送的大量 UDP 數據包上。經過仔細檢查,我們發現一些客戶端不斷向伺服器發送 DHCP 請求,儘管伺服器似乎做出了響應。我正在伺服器上粘貼系統日誌文件的範例(
$$ [client IP $$] 在所有條目中都相同,伺服器和客戶端 IP 在同一子網中)。非常奇怪的是,不僅有一個客戶端這樣做,甚至還有一個無線路由器,而且它今天才開始發生。沒有看到 isc-dhcp-server 已更新。任何幫助將不勝感激。
Feb 25 17:57:46 zeus dhcpd: DHCPRELEASE of [[client IP]] from 00:22:75:ea:e5:dc via eth1 (found) Feb 25 17:57:48 zeus dhcpd: message repeated 3 times: [ DHCPRELEASE of [[client IP]] from 00:22:75:ea:e5:dc via eth1 (found)] Feb 25 17:57:48 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:49 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:50 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:50 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:50 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:50 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:51 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:52 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPREQUEST for [[client IP]] ([[server IP]]) from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPACK on [[client IP]] to 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPDISCOVER from 00:22:75:ea:e5:dc via eth1 Feb 25 17:57:53 zeus dhcpd: DHCPOFFER on [[client IP]] to 00:22:75:ea:e5:dc via eth1
/var/lib/dhcp/dhcpd.leases 的內容:
lease [[client IP]] { starts 4 2016/02/25 16:06:25; ends 5 2016/02/26 16:06:25; cltt 4 2016/02/25 16:06:25; binding state active; next binding state free; rewind binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; } lease [[client IP]] { starts 4 2016/02/25 16:06:25; ends 5 2016/02/26 16:06:25; cltt 4 2016/02/25 16:06:25; binding state active; next binding state free; rewind binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; } lease [[client IP]] { starts 4 2016/02/25 16:06:26; ends 5 2016/02/26 16:06:26; cltt 4 2016/02/25 16:06:26; binding state active; next binding state free; rewind binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; } lease [[client IP]] { starts 4 2016/02/25 16:06:27; ends 4 2016/02/25 16:08:53; tstp 4 2016/02/25 16:08:53; cltt 4 2016/02/25 16:06:27; binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; } lease [[client IP]] { starts 4 2016/02/25 16:08:57; ends 5 2016/02/26 16:08:57; cltt 4 2016/02/25 16:08:57; binding state active; next binding state free; rewind binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; } lease [[client IP]] { starts 4 2016/02/25 16:08:57; ends 4 2016/02/25 16:08:57; tstp 4 2016/02/25 16:08:57; cltt 4 2016/02/25 16:08:57; binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; } lease [[client IP]] { starts 4 2016/02/25 16:08:57; ends 5 2016/02/26 16:08:57; cltt 4 2016/02/25 16:08:57; binding state active; next binding state free; rewind binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; } lease [[client IP]] { starts 4 2016/02/25 16:08:57; ends 4 2016/02/25 16:08:57; tstp 4 2016/02/25 16:08:57; cltt 4 2016/02/25 16:08:57; binding state free; hardware ethernet 00:22:75:ea:e5:dc; uid "\001\000\"u\352\345\334"; }
如果這些客戶端和 DHCP 伺服器之間的通信僅以一種方式進行,您可能會看到此行為。
請求通過伺服器,伺服器響應但客戶端永遠不會得到響應。所以一直在問。
我已經看到由於電纜損壞而發生這種情況。所以我要嘗試的第一件事是給其中一個客戶端一個適當的靜態 IP 地址,看看它是否可以真正 ping DHCP 伺服器並獲得響應。
作為解決網路功能的臨時解決方法,我建議為這些具有預定義 IP 地址的 MAC 添加靜態租約,形式為
host probably-infected { hardware ethernet 00:22:75:ea:e5:dc; fixed-address <SOME FIXED IP>; }
並繼續調查這些 MAC 出了什麼問題。