1

I have problem on PC's (Windows 7) with two network interfaces, sometimes nic that is supposed to be in network 10.1.19.0 has address from 192.168.0.0

My networks: 192.168.0.0/24 with DHCP running on DrayTek router Vigor 2925.

10.1.19.0/24 with DHCP Debian isc-dhcp server.

Interface for 10.1.19.0 is configured with no gateway, because this network does not have access to Internet.

I observed that sometimes when dhcp server form 10.1.19.0 network is down or has network issue, nic that should have ip from 10.1.19.0 has ip from 192.168.0.0.

How I can block or diagnose this issue.

logs from isc-dhcp-server:

http://pastebin.com/3ZauGLZ4

Jun 14 07:19:35 my_server dhcpd: DHCPREQUEST for 192.168.0.17 from 74:ea:3a:83:cf:b5 via xenbr1: wrong network.
Jun 14 07:19:35 my_server dhcpd: DHCPNAK on 192.168.0.17 to 74:ea:3a:83:cf:b5 via xenbr1
Jun 14 07:21:40 my_server dhcpd: DHCPINFORM from 192.168.0.8 via xenbr1: unknown subnet for client address 192.168.0.8
Jun 14 07:21:43 my_server dhcpd: DHCPINFORM from 192.168.0.8 via xenbr1: unknown subnet for client address 192.168.0.8
Jun 14 07:22:26 my_server dhcpd: DHCPREQUEST for 192.168.0.8 from 74:ea:3a:83:fd:a1 via xenbr1: wrong network.
Jun 14 07:22:26 my_server dhcpd: DHCPNAK on 192.168.0.8 to 74:ea:3a:83:fd:a1 via xenbr1

/etc/default/isc-dhcp-server:

   20 #   Separate multiple interfaces with spaces, e.g. "eth0 eth1".
   21 INTERFACES="xenbr1"
   22 # INTERFACES="eth1"

ifconfig:

eth0      Link encap:Ethernet  HWaddr 14:da:e9:66:85:e5  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:14224698 errors:0 dropped:0 overruns:0 frame:0
          TX packets:882902 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:15747051719 (14.6 GiB)  TX bytes:584359127 (557.2 MiB)
          Interrupt:19 Base address:0xcc00 

eth1      Link encap:Ethernet  HWaddr 00:02:a5:e3:0a:a3  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15184095 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13885407 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:5372912765 (5.0 GiB)  TX bytes:2678449338 (2.4 GiB)

lo        Link encap:Local Loopback  
          inet addr:127.0.0.1  Mask:255.0.0.0
          UP LOOPBACK RUNNING  MTU:16436  Metric:1
          RX packets:23307 errors:0 dropped:0 overruns:0 frame:0
          TX packets:23307 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:93515531 (89.1 MiB)  TX bytes:93515531 (89.1 MiB)

vif1.0    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:2117 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11682370 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32 
          RX bytes:874471 (853.9 KiB)  TX bytes:13797253040 (12.8 GiB)

vif1.1    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:190 errors:0 dropped:0 overruns:0 frame:0
          TX packets:72686 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32 
          RX bytes:29044 (28.3 KiB)  TX bytes:7212594 (6.8 MiB)

vif2.0    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:7909 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11687161 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32 
          RX bytes:643422 (628.3 KiB)  TX bytes:13797510223 (12.8 GiB)

vif3.0    Link encap:Ethernet  HWaddr fe:ff:ff:ff:ff:ff  
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:4655 errors:0 dropped:0 overruns:0 frame:0
          TX packets:11682466 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:32 
          RX bytes:2234151 (2.1 MiB)  TX bytes:13793456963 (12.8 GiB)

xenbr0    Link encap:Ethernet  HWaddr 14:da:e9:66:85:e5  
          inet addr:192.168.0.94  Bcast:192.168.0.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:860530 errors:0 dropped:0 overruns:0 frame:0
          TX packets:638466 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:484505035 (462.0 MiB)  TX bytes:566073478 (539.8 MiB)

xenbr1    Link encap:Ethernet  HWaddr 00:02:a5:4b:0a:a3  
          inet addr:10.1.19.94  Bcast:10.1.19.255  Mask:255.255.255.0
          UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
          RX packets:15158508 errors:0 dropped:0 overruns:0 frame:0
          TX packets:13873282 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:0 
          RX bytes:5157245979 (4.8 GiB)  TX bytes:2677797862 (2.4 GiB)

/etc/dhcp/dhcpd.conf 

ddns-update-style none;

default-lease-time 600;
max-lease-time 900;

authoritative;

log-facility local7;

shared-network my_net
{
    subnet 10.1.19.0 netmask 255.255.255.0
    {
        # option routers 10.1.19.113;
        option broadcast-address 10.1.19.255;

        pool {
            range 10.1.19.60 10.1.19.89;

            allow unknown-clients;
        }    

        group
        {    
            deny unknown-clients;

            # user1
            host host1
            {    
                hardware ethernet 78:5A:33:83:CF:FA;
                fixed-address 10.1.19.2;
            }    


....
exxon
  • 83
  • 2
  • 11
  • Can you post your network diagram? – André Fernandes Jun 14 '16 at 10:58
  • Based on your comment on the answer below - check the `/etc/default/isc-dhcp-server` and make sure it is only set to listen on one interface. I take it the Debian server is connected to both networks too? – Drifter104 Jun 14 '16 at 11:41
  • Right this is Debian server, connected to both networks :). I updated my question with config details. – exxon Jun 14 '16 at 11:47
  • Are you sure about that separation of traffic. The log and the config do seem to suggest the traffic is coming in on xenbr1 – Drifter104 Jun 14 '16 at 11:51
  • No I am not, but how it is possible that isc-dhcp-server can give an ip adress that is not in dhcpd config? I don't have any network defined but 10.1.19.0 in dhcpd.conf – exxon Jun 14 '16 at 11:59
  • Ah sorry, I mis-read one of the lines in the question. Ok so just to make sure, can you check for this file `/etc/default/isc-dhcp-relay` – Drifter104 Jun 14 '16 at 13:06
  • I don't have this file in /etc/default ... – exxon Jun 14 '16 at 13:12

1 Answers1

2

Seems that you're trying to operate 2 IP networks over the same physical links without any logical separation between then (VLANs).

If your router doesn't support VLAN tagging, the only way to make this work is to physically isolate the two networks, for example plugging all the hosts/interfaces from network 10.1.19.0/24 into a switch (NOT the router) and your Debian DHCP server into the same switch.

Static IP addressing would also be an option in this case, if you don't have too many hosts.

André Fernandes
  • 959
  • 7
  • 24
  • The networks are separated (in theory), have different switches. The isc-dhcp-server in 10.1.19.0 has also two network interfaces - it must operates in two networks... is it possible that nic on PC that is destined for network 10.1.19.0 when has problem connecting to dhcp can obtain ip from dhcp server from 192.168.0.0 network? – exxon Jun 14 '16 at 11:14
  • DHCP is a link-layer protocol, which means your client has to be physically connected to the server giving out the IP addresses (could be in the same switch). A client will send a DHCP discover packet, and one or more servers may reply. In the simplest scenario, the client accepts the first (fastest) response. Are you sure your DrayTek router isn't plugged into the same switch/hub as your 10.1.19.x PC and debian server? If you could post your network diagram, it would probably shed some light on the problem. – André Fernandes Jun 15 '16 at 16:44