From nobody@FreeBSD.org  Sat Jan 19 12:15:09 2008
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 74AD016A41A
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 19 Jan 2008 12:15:09 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (www.freebsd.org [IPv6:2001:4f8:fff6::21])
	by mx1.freebsd.org (Postfix) with ESMTP id 59B5C13C465
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 19 Jan 2008 12:15:09 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by www.freebsd.org (8.14.2/8.14.2) with ESMTP id m0JCDirO089664
	for <freebsd-gnats-submit@FreeBSD.org>; Sat, 19 Jan 2008 12:13:44 GMT
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.14.2/8.14.1/Submit) id m0JCDiX5089663;
	Sat, 19 Jan 2008 12:13:44 GMT
	(envelope-from nobody)
Message-Id: <200801191213.m0JCDiX5089663@www.freebsd.org>
Date: Sat, 19 Jan 2008 12:13:44 GMT
From: Domagoj Hranjec <cab902_no_spam@yahoo.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: dhclient changes alias to address
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         119801
>Category:       bin
>Synopsis:       dhclient(8): dhclient changes alias to address
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Sat Jan 19 12:20:00 UTC 2008
>Closed-Date:    
>Last-Modified:  Sat Jan 19 13:12:35 UTC 2008
>Originator:     Domagoj Hranjec
>Release:        6.2-RELEASE-p9
>Organization:
>Environment:
FreeBSD spitfire.dionet.hr 6.2-RELEASE-p9 FreeBSD 6.2-RELEASE-p9 #0: Thu Nov 29 04:07:33 UTC 2007     root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  i386
>Description:
My FreeBSD machine works as a router/firewall/nat for my network. It has
2 IPs on one interface. I'm using DHCP client with alias defined in
/etc/dhclient.conf.

After dhclient renews lease it changes the order of addresses, hence alias
becomes network address (like this:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> mtu 1500
        options=8<VLAN_MTU>
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
        inet 88.207.8.120 netmask 0xfffffc00 broadcast 255.255.255.255
        ether 00:11:3b:0e:a7:2f
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
)

It has two unfortunate side effects:

1) ipnat-s 0/32 special keyword start to means alias (192.168.1.5), which
   means that all machines on the inside are cut-off from the Net
2) ddclient sends alias IP to DNS so the machine also cannot be identified
   from the outside

I've added tracing to /sbin/dhclient-script and tried to replicate the
problem with the help of my other machine (Debian etch) dhcp
2.0pl5-19.5etch2 server.

Unfortunately I haven't manage to repeat the problem. It went to
(FAIL->PREINIT->BOUND->RENEW+) cycles which correctly configured address
and alias. When I forced change of address on dhcp server side it went
through (EXPIRE->PREINIT->BOUND->RENEW+) cycles which also correctly
configured address and alias.

Then I've switch it again to my provider's dhcp server. It went through
(EXPIRE->PREINIT->BOUND) phase and correctly configured address and alias.
But when renew time came it (as usual) failed to renew but didn't went
through EXPIRE->PREINIT phase but directly (ARPSEND?)->(ARPCHECK?)->BOUND.
The problem is that in BOUND part of the code it checks is $old_ip_address
defined but although it should be, it isn't so the code don't clean-up
alias and address. After that it adds new address which overwrites the
old address but position it as alias. Afterwards it adds alias but as
previously it hasn't clean it, it's position stays the same: first, which
means, it's an address not an alias.

The fix can be made in dhclient-script, but the question remains: Why
dhclient didn't fill $old_ip_address? Why it didn't went through
EXPIRE->PREINIT? (Probably related with empty "$old_ip_address".)
>How-To-Repeat:
Configure DHCP with alias and wait for renew time.
>Fix:


>Release-Note:
>Audit-Trail:
>Unformatted:
