Bug 1757247

Summary:	DHCPv6 relay-fwd requests are ignored by dnsmasq
Product:	Red Hat Enterprise Linux 7	Reporter:	Harald Jensås <hjensas>
Component:	dnsmasq	Assignee:	Petr Menšík <pemensik>
Status:	CLOSED ERRATA	QA Contact:	Petr Sklenar <psklenar>
Severity:	high	Docs Contact:
Priority:	medium
Version:	7.9	CC:	bfournie, marjones, pemensik, pmosko, thozza
Target Milestone:	rc	Keywords:	AutoVerified, Regression, TestCaseProvided, Triaged
Target Release:	---
Hardware:	Unspecified
OS:	Unspecified
Whiteboard:
Fixed In Version:	dnsmasq-2.76-13.el7	Doc Type:	No Doc Update
Doc Text:		Story Points:	---
Clone Of:		Environment:
Last Closed:	2020-09-29 19:31:26 UTC	Type:	Bug
Regression:	---	Mount Type:	---
Documentation:	---	CRM:
Verified Versions:		Category:	---
oVirt Team:	---	RHEL 7.3 requirements from Atomic Host:
Cloudforms Team:	---	Target Upstream Version:
Embargoed:
Bug Depends On:
Bug Blocks:	1711384, 1780577

Description Harald Jensås 2019-09-30 23:42:19 UTC

Description of problem:
When trying to use ICS dhcrelay (or dnsmasq itself) to relay DHCPv6 info-req to a dnsmasq DHCP server the relay-fwd packages are ignored by dnsmasq.

Version-Release number of selected component (if applicable):
dnsmasq-2.76-9.el7.x86_64

How reproducible:
100%

Steps to Reproduce:
1. Install DHCP server with ipv6 address on eth1, and below dnsmasq.conf

[root@pxe-server ~]# ip6tables -F  # Drop the firewall, alternative open udp ports 546 and 547.

[root@pxe-server ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 
DEVICE=eth1
NAME=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
HOTPLUG=no
PEERDNS=no
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6ADDR=fd12:3456:789a:1::1/64

[root@pxe-server ~]# cat /etc/dnsmasq.conf 
port=0
interface=eth1

dhcp-range=set:ctlplane-subnet,fd12:3456:789a:1::aaaa,fd12:3456:789a:1::ffff,64,10m
dhcp-range=set:ctlplane-subnet2,fd12:3456:789a:2::aaaa,fd12:3456:789a:2::ffff,64,10m
# dhcp-option=tag:ctlplane-subnet,option6:3,[fd12:3456:789a:1::fffe]
dhcp-match=set:ipv6,option6:1
dhcp-userclass=set:ipxe6,iPXE
dhcp-option=tag:ipxe6,option6:bootfile-url,http://[fd12:3456:789a:1::1]:8000/inspector.ipxe
dhcp-option=tag:ipv6,option6:bootfile-url,tftp://[fd12:3456:789a:1::1]/ipxe.efi
dhcp-sequential-ip

2. Install radvd and dhcrelay node with ipv6 on eth1 and eth2. eth1 is on same L2 segment as eth1 on the dhcp server.

[root@dhcp6-relay ~]# ip6tables -F  # Drop the firewall, alternative open udp ports 546 and 547.

[root@dhcp6-relay ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth1 
DEVICE=eth1
NAME=eth1
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
HOTPLUG=no
PEERDNS=no
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6ADDR=fd12:3456:789a:1::2/64

[root@dhcp6-relay ~]# cat /etc/sysconfig/network-scripts/ifcfg-eth2
DEVICE=eth2
NAME=eth2
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=no
HOTPLUG=no
PEERDNS=no
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6ADDR=fd12:3456:789a:2::1/64

[root@dhcp6-relay ~]# cat /etc/radvd.conf 
interface eth1 {
  AdvSendAdvert on;
  AdvRASolicitedUnicast on;
  AdvManagedFlag off;
  AdvOtherConfigFlag on;
  prefix fd12:3456:789a:1::/64 {
  };
};

interface eth2 {
  AdvSendAdvert on;
  AdvRASolicitedUnicast on;
  AdvManagedFlag off;
  AdvOtherConfigFlag on;
  prefix fd12:3456:789a:2::/64 {
  };
};

[root@dhcp6-relay ~]# sysctl net.ipv6.conf.eth1.forwarding=1
[root@dhcp6-relay ~]# sysctl net.ipv6.conf.eth2.forwarding=1

[root@dhcp6-relay ~]# systemctl restart radvd

2.1. Start the DHCPv6 relay ...

[root@dhcp6-relay ~]#  dhcrelay -6 -d --no-pid -u eth1 -l eth2  

Actual results:
Dropped all unnecessary capabilities.
Internet Systems Consortium DHCP Relay Agent 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Bound to *:547
Listening on Socket/eth2
Sending on   Socket/eth2
Listening on Socket/eth1
Sending on   Socket/eth1
Setting hop count limit to 32 for interface eth1
Dropped all capabilities.
Relaying Solicit from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Information-request from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Solicit from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Information-request from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Solicit from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Information-request from fe80::5054:ff:fe50:f586 port 546 going up.

++ dnsmasq logs: (Nothing is logged)


Expected results:
Dropped all unnecessary capabilities.
Internet Systems Consortium DHCP Relay Agent 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Bound to *:547
Listening on Socket/eth2
Sending on   Socket/eth2
Listening on Socket/eth1
Sending on   Socket/eth1
Setting hop count limit to 32 for interface eth1
Dropped all capabilities.
Relaying Information-request from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Reply to fe80::5054:ff:fe50:f586 port 546 down.
Relaying Solicit from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Advertise to fe80::5054:ff:fe50:f586 port 546 down.
Relaying Request from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Reply to fe80::5054:ff:fe50:f586 port 546 down.
Relaying Release from fe80::5054:ff:fe50:f586 port 546 going up.
Relaying Reply to fe80::5054:ff:fe50:f586 port 546 down.


++ dnsmasq logs:
dnsmasq-dhcp: DHCPINFORMATION-REQUEST(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2 
dnsmasq-dhcp: DHCPSOLICIT(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2 
dnsmasq-dhcp: DHCPADVERTISE(eth1) fd12:3456:789a:2::aaab 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2 
dnsmasq-dhcp: DHCPREQUEST(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2 
dnsmasq-dhcp: DHCPREPLY(eth1) fd12:3456:789a:2::aaab 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2 
dnsmasq-dhcp: DHCPRELEASE(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2 


Additional info:
Compiling dnsmask from git, 2.80-75-ge710c34 fixes the problem.

git clone git://thekelleys.org.uk/dnsmasq.git 
cd dnsmasq/
make PREFIX=$HOME install

Comment 2 Harald Jensås 2019-10-01 07:24:55 UTC

This would most likely be fixed by applying:

commit 499d8dde2b1a216eab9252ee500cc31b8c2b2974
Author: yiwenchen <yiwenchen>
Date:   Wed Feb 14 22:26:54 2018 +0000

    Fix boundary for test introduced in 3e3f1029c9ec6c63e430ff51063a6301d4b2262
    
    This fixes breakage of  DHCPv6 relay.

diff --git a/src/rfc3315.c b/src/rfc3315.c
index c3c1c95..21fcd9b 100644
--- a/src/rfc3315.c
+++ b/src/rfc3315.c
@@ -216,9 +216,9 @@ static int dhcp6_maybe_relay(struct state *state, void *inbuff, size_t sz,
   
   for (opt = opts; opt; opt = opt6_next(opt, end))
     {
-      if (opt6_ptr(opt, 0) + opt6_len(opt) >= end) {
+      if (opt6_ptr(opt, 0) + opt6_len(opt) > end) 
         return 0;
-      }
+     
       int o = new_opt6(opt6_type(opt));
       if (opt6_type(opt) == OPTION6_RELAY_MSG)
        {

Comment 3 Harald Jensås 2019-10-01 12:15:47 UTC

Result when testing with: dnsmasq-2.76-2.el7.x86_64

Oct 01 14:09:26 pxe-server.lab.example.com dnsmasq[1345]: started, version 2.76 DNS disabled
Oct 01 14:09:26 pxe-server.lab.example.com dnsmasq[1345]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
Oct 01 14:09:26 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPv6, IP range fd12:3456:789a:2::aaaa -- fd12:3456:789a:2::ffff, lease time 10m
Oct 01 14:09:26 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPv6, IP range fd12:3456:789a:1::aaaa -- fd12:3456:789a:1::ffff, lease time 10m
Oct 01 14:09:47 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPINFORMATION-REQUEST(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2
Oct 01 14:10:48 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPSOLICIT(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2
Oct 01 14:10:48 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPADVERTISE(eth1) fd12:3456:789a:2::aaaa 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2
Oct 01 14:10:53 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPREQUEST(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2
Oct 01 14:10:53 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPREPLY(eth1) fd12:3456:789a:2::aaaa 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2
Oct 01 14:11:24 pxe-server.lab.example.com dnsmasq-dhcp[1345]: DHCPRELEASE(eth1) 00:04:c4:4d:7a:ed:13:a4:ad:49:ba:27:61:7c:ff:09:d1:b2


Result when testing with: dnsmasq-2.76-5.el7.x86_64

Oct 01 14:13:27 pxe-server.lab.example.com dnsmasq[1391]: started, version 2.76 DNS disabled
Oct 01 14:13:27 pxe-server.lab.example.com dnsmasq[1391]: compile time options: IPv6 GNU-getopt DBus no-i18n IDN DHCP DHCPv6 no-Lua TFTP no-conntrack ipset auth no-DNSSEC loop-detect inotify
Oct 01 14:13:27 pxe-server.lab.example.com dnsmasq-dhcp[1391]: DHCPv6, IP range fd12:3456:789a:2::aaaa -- fd12:3456:789a:2::ffff, lease time 10m
Oct 01 14:13:27 pxe-server.lab.example.com dnsmasq-dhcp[1391]: DHCPv6, IP range fd12:3456:789a:1::aaaa -- fd12:3456:789a:1::ffff, lease time 10m

Comment 20 errata-xmlrpc 2020-09-29 19:31:26 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Low: dnsmasq security and bug fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHSA-2020:3878