From nobody@FreeBSD.org  Mon Jul 30 15:14:26 2012
Return-Path: <nobody@FreeBSD.org>
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id B634F106566B
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 30 Jul 2012 15:14:26 +0000 (UTC)
	(envelope-from nobody@FreeBSD.org)
Received: from red.freebsd.org (red.freebsd.org [IPv6:2001:4f8:fff6::22])
	by mx1.freebsd.org (Postfix) with ESMTP id A108D8FC15
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 30 Jul 2012 15:14:26 +0000 (UTC)
Received: from red.freebsd.org (localhost [127.0.0.1])
	by red.freebsd.org (8.14.4/8.14.4) with ESMTP id q6UFEQst048833
	for <freebsd-gnats-submit@FreeBSD.org>; Mon, 30 Jul 2012 15:14:26 GMT
	(envelope-from nobody@red.freebsd.org)
Received: (from nobody@localhost)
	by red.freebsd.org (8.14.4/8.14.4/Submit) id q6UFEQgu048831;
	Mon, 30 Jul 2012 15:14:26 GMT
	(envelope-from nobody)
Message-Id: <201207301514.q6UFEQgu048831@red.freebsd.org>
Date: Mon, 30 Jul 2012 15:14:26 GMT
From: John Poznicek <johnpoz@gmail.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: dhclient uses low TTL of 16
X-Send-Pr-Version: www-3.1
X-GNATS-Notify:

>Number:         170279
>Category:       bin
>Synopsis:       dhclient(8) uses low TTL of 16
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    jhb
>State:          patched
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Mon Jul 30 15:20:09 UTC 2012
>Closed-Date:    
>Last-Modified:  Mon Apr 22 15:10:00 UTC 2013
>Originator:     John Poznicek
>Release:        8.3
>Organization:
none
>Environment:
freebsd# uname -a
FreeBSD freebsd.local.lan 8.3-RELEASE-p3 FreeBSD 8.3-RELEASE-p3 #0: Mon Jun 11 23:52:38 UTC 2012     root@i386-builder.daemonology.net:/usr/obj/usr/src/sys/GENERIC  i386

>Description:
dhclient uses by default ttl of 16, depending on isp this can prevent getting dhcp lease from dhcp server.

Helping user troubleshoot problem with freebsd based pfsense, user discovered that ttl of dhcp traffic was at 16, vs os default.

info can be found in this thread
http://forum.pfsense.org/index.php/topic,51803.0.html

Per packet.c in source, 
http://svnweb.freebsd.org/base/release/8.3.0/sbin/dhclient/packet.c?revision=234063&view=markup

p.ip_ttl = 16;

Verified this with tcpdump both on freebsd machine along with on dhcp server in local network.  TTL on dhcp traffic shows 16

10:09:51.512335 00:0c:29:9a:bc:8a (oui Unknown) > Broadcast, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)

With default dhclient user not able to get dhcp from his isp.  Using modified dhclient where packet.c p.ip_ttl changed 128 user was able to get IP from his ISP dhcp server.


>How-To-Repeat:
Request lease and check dhcp traffic for ttl.

10:09:51.512335 00:0c:29:9a:bc:8a (oui Unknown) > Broadcast, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 16, id 0, offset 0, flags [none], proto UDP (17), length 328)

>Fix:
Changed

p.ip_ttl = 16;

To be
p.ip_ttl = 128;

Ran make, used this new modified dhclient, verified via tcpdump that client was now setting ttl to 128

This allowed dhclient to obtain ip address from dhcp server.

10:04:47.893610 00:0c:29:9a:bc:8a (oui Unknown) > Broadcast, ethertype IPv4 (0x0800), length 342: (tos 0x10, ttl 128, id 0, offset 0, flags [none], proto UDP (17), length 328)




>Release-Note:
>Audit-Trail:

From: DutchDaemon - FreeBSD Forums Administrator <DutchDaemon@FreeBSD.org>
To: bug-followup@FreeBSD.org, johnpoz@gmail.com
Cc: thomas.mathiesen@linspes.no
Subject: Re: bin/170279: dhclient(8) uses low TTL of 16
Date: Mon, 22 Apr 2013 12:10:47 +0200

 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
 The below message was posted to the FreeBSD Forums -- please consider
 expediting this PR and keep the author copied in:
 
 - -------------------------------------------------------------------
 
 Dear FreeBSD community,
 
 Bug 170279 (default TTL of dhcp client is 16) is affecting all
 customers of the main fiber provider in Norway (Altibox). Their DHCP
 server is quite further than 16 hops away from the main population in
 Norway (eastern part).
 
 Using FreeBSD as a firewall is therefore not possible, unless you
 change the code by hand and recompile yourself.
 
 I would highly appreciate if the developers would prioritize fixing
 this bug (http://www.freebsd.org/cgi/query-pr.cgi?pr=170279).
 
 Kind regards, Med vennlig hilsen, Met vriendelijke groet,
 Thomas Mathiesen
 - -- 
 LinSpes.no
 Web: www.linspes.no - www.openerp.no - www.vtiger.no
 
 
 - -------------------------------------------------------------------
 
 (sorry if you get this twice, the first attempt bounced due to a
 mailto: tag being included.)
 
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (FreeBSD)
 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
 
 iQEcBAEBAgAGBQJRdQynAAoJEA9a9BMWOKcxC+IH/A6qVcuh4FINyfwxQiLEbGtG
 Y9+bXJxYu9epLgo8SwZX1yOzwKhsrt5RP3kf6+jGusiM1CNFYGTZC7G/hNRPyl61
 KUWZIPj0mOyrsl2qqyWZJhFyuTnjsKgWKJ8sOdDDsyyQtiatGhqfxF28NVGWMo9T
 kMni32IfXQlbSY5LvUqlyYVjXitlXIdOQzEg/MvMSSqcykyAf20k0JG/mMHmC+vY
 TIMdjPOgRaq47bYw7ii8BByW9UyYCf44zsERLiulM0gP0T9eK/KyQ0ZUDwbVLcLs
 kuDNbFsv7FR7ue434igiAgTzheUl5soZv4oqA8SEDFhuqeGXK3YSvLuRczSc108=
 =kf9J
 -----END PGP SIGNATURE-----

From: DutchDaemon - FreeBSD Forums Administrator <DutchDaemon@FreeBSD.org>
To: bug-followup@FreeBSD.org, thomas.mathiesen@linspes.no
Cc:  
Subject: Re: bin/170279: dhclient(8) uses low TTL of 16
Date: Mon, 22 Apr 2013 12:50:32 +0200

 -----BEGIN PGP SIGNED MESSAGE-----
 Hash: SHA1
 
 Cc addresses are not part of the Followup PR, so adding this to
 include it explicitly.
 
 
 -----BEGIN PGP SIGNATURE-----
 Version: GnuPG v2.0.19 (FreeBSD)
 Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
 
 iQEcBAEBAgAGBQJRdRX4AAoJEA9a9BMWOKcx3AwIAK9hB//99gM1DL4L1uXhRyE1
 6RtnpB0NY+FWPEYKhpBoDBVF2mo/gsnHLoDi/nirNjJ2hElgwEktXp1VkBVSs8hi
 w3fyBvZtDRFmk3EUhAci1zP/dpnxd08W5ZKZ+qdLDOZPur4xey/jMYBxs4GJVIPi
 IZ79oOiY95GRtqF9Tg4WqfRvEG3XvFKg4NLwwfcByIqCJAPnlqrnT7iN2Dzs7lJV
 OJeoCG6gmiKvJx9T1h95DIN5ogSg8QX1/xd5oHaFavZIqvYzZBRViV3cm4l23jqz
 nEHKIpaN9g5o38r94xkwH4qvjcR13rDTrLyQUH6ZU+Xs/uJ1Cahz49R6L2NgeTA=
 =PY4R
 -----END PGP SIGNATURE-----

From: John Baldwin <jhb@freebsd.org>
To: bug-followup@freebsd.org,
 johnpoz@gmail.com
Cc:  
Subject: Re: bin/170279: dhclient(8) uses low TTL of 16
Date: Mon, 22 Apr 2013 10:04:22 -0400

 FWIW, OpenBSD's version still fixes the TTL at 16.  The ISC dhcp client uses a 
 ttl of 128.
 
 Looking online it seems other clients also use 128, e.g. Microsoft's:
 
 http://www.google.com/url?sa=t&rct=j&q=&esrc=s&source=web&cd=6&cad=rja&ved=0CF8QFjAF&url=http%3A%2F%2Fsupport.microsoft.com%2Fkb%2F169289&ei=q0J1UfyvLcHD0QGr2YCoCA&usg=AFQjCNHVHJavHlqkEPoA4LIc16FOJPZy4w&bvm=bv.45512109,d.dmQ
 
 Given that, changing the default TTL to 128 seems fine.
 
 -- 
 John Baldwin
State-Changed-From-To: open->patched 
State-Changed-By: jhb 
State-Changed-When: Mon Apr 22 15:03:48 UTC 2013 
State-Changed-Why:  
Take this. 


Responsible-Changed-From-To: freebsd-bugs->jhb 
Responsible-Changed-By: jhb 
Responsible-Changed-When: Mon Apr 22 15:03:48 UTC 2013 
Responsible-Changed-Why:  
Take this. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=170279 

From: dfilter@FreeBSD.ORG (dfilter service)
To: bug-followup@FreeBSD.org
Cc:  
Subject: Re: bin/170279: commit references a PR
Date: Mon, 22 Apr 2013 15:02:40 +0000 (UTC)

 Author: jhb
 Date: Mon Apr 22 15:02:32 2013
 New Revision: 249766
 URL: http://svnweb.freebsd.org/changeset/base/249766
 
 Log:
   Use a higher TTL (128) for DHCP packets.  This matches the ISC DHCP client.
   
   PR:		bin/170279
   MFC after:	1 week
 
 Modified:
   head/sbin/dhclient/packet.c
 
 Modified: head/sbin/dhclient/packet.c
 ==============================================================================
 --- head/sbin/dhclient/packet.c	Mon Apr 22 13:02:41 2013	(r249765)
 +++ head/sbin/dhclient/packet.c	Mon Apr 22 15:02:32 2013	(r249766)
 @@ -128,7 +128,7 @@ assemble_udp_ip_header(unsigned char *bu
  	ip.ip_len = htons(sizeof(ip) + sizeof(udp) + len);
  	ip.ip_id = 0;
  	ip.ip_off = 0;
 -	ip.ip_ttl = 16;
 +	ip.ip_ttl = 128;
  	ip.ip_p = IPPROTO_UDP;
  	ip.ip_sum = 0;
  	ip.ip_src.s_addr = from;
 _______________________________________________
 svn-src-all@freebsd.org mailing list
 http://lists.freebsd.org/mailman/listinfo/svn-src-all
 To unsubscribe, send any mail to "svn-src-all-unsubscribe@freebsd.org"
 
>Unformatted:
