[Nagiosplug-devel] [ nagiosplug-Bugs-1090549 ] check_dhcp ignores DHCP replies

SourceForge.net noreply at sourceforge.net
Mon Jan 24 01:13:16 UTC 2005


Bugs item #1090549, was opened at 2004-12-24 09:21
Message generated for change (Comment added) made by reuben
You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1090549&group_id=29880

Category: None
Group: v1.3.0 beta3
Status: Open
Resolution: None
Priority: 5
Submitted By: L.C. (Laurentiu C. Badea) (wotevah)
Assigned to: Benoit Mortier (opensides)
Summary: check_dhcp ignores DHCP replies

Initial Comment:
check_dhcp ignores the DHCP replies apparently because
they are broadcast to 255.255.255.255.

<CLIENT>.bootpc > 255.255.255.255.bootps: BOOTP/DHCP,
Request from <mac>, length: 548, flags: [Broadcast]
<SERVER>.bootps > 255.255.255.255.bootpc: BOOTP/DHCP,
Reply, length: 420, flags: [Broadcast] (0x8000)

I believe the problem may be that recvfrom is not
expecting a possible broadcast packet in response, so
it ignores it. Relevant part from strace below:

sendto(3, <packet>, 548, 0, {sa_family=AF_INET,
sin_port=htons(67),
sin_addr=inet_addr("255.255.255.255")}, 16) = 548
time([1103833074])                      = 1103833074
time([1103833074])                      = 1103833074
select(4, [3], NULL, NULL, {2, 0})      = 1 (in [3],
left {1, 999000})
recvfrom(3, 0xfef67370, 548, 2, 0xfef67280, 0xfef67274)
= -1 EINVAL (Invalid argument)
recvfrom(3, 0xfef67370, 548, 0, 0xfef67280, 0xfef67274)
= -1 EINVAL (Invalid argument)

Client is Fedora Core 2 with
nagios-plugins-1.3.1-10.1.fc2.dag.
Server is Red Hat 9 with dhcp-3.0pl1-23.


----------------------------------------------------------------------

Comment By: Reuben Farrelly (reuben)
Date: 2005-01-24 22:12

Message:
Logged In: YES 
user_id=26209

Ok, some progress.

If I serve up DHCP from my cisco router with dhcpd off on my
server, check_dhcp works just fine:

[root at tornado ~]# /usr/lib/nagios/plugins/check_dhcp 
DHCP ok: Received 1 DHCPOFFER(s), max lease time = 86400 sec.

If I then turn dhcp off on the router and re-enable dhcpd on
my server, it fails again.  So it appears that running
check_dhcp from the same host as the dhcp server is a no-go,
at least in my case.........



----------------------------------------------------------------------

Comment By: Reuben Farrelly (reuben)
Date: 2005-01-24 22:02

Message:
Logged In: YES 
user_id=26209

I still experience the problem even with my iptables rules off:

[root at tornado nagiosplug]# iptables -L
Chain INPUT (policy ACCEPT)
target     prot opt source               destination         

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root at tornado nagiosplug]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target     prot opt source               destination         
DNAT       tcp  --  network.reub.net/16 !network.reub.net/16
tcp dpt:http to:192.168.0.3:3128 

Chain POSTROUTING (policy ACCEPT)
target     prot opt source               destination         

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
[root at tornado nagiosplug]#

Other possible ideas:
* I have two IP addresses, a main and a secondary IP address
on eth0(:0)
* My server which does the monitoring also does DHCP

If I can come up with anything I'll post here.



----------------------------------------------------------------------

Comment By: Reuben Farrelly (reuben)
Date: 2005-01-24 21:59

Message:
Logged In: YES 
user_id=26209

Firstly, can I confirm that sourceforge CVS has the most
current version?  Latest CVS has: $Id: check_dhcp.c,v 1.6
2004/12/30 00:41:39 opensides Exp $
I don't think your latest changes have made it into the
publically visible repo :(

Here's an strace:

[root at tornado nagiosplug]# strace
/usr/lib/nagios/plugins/check_dhcp 
execve("/usr/lib/nagios/plugins/check_dhcp",
["/usr/lib/nagios/plugins/check_dhcp"], [/* 22 vars */]) = 0
uname({sys="Linux", node="tornado", ...}) = 0
brk(0)                                  = 0x804e000
access("/etc/ld.so.preload", R_OK)      = -1 ENOENT (No such
file or directory)
open("/etc/ld.so.cache", O_RDONLY)      = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=39607, ...}) = 0
old_mmap(NULL, 39607, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7ff6000
close(3)                                = 0
open("/lib/libnsl.so.1", O_RDONLY)      = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\320D\7"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=97608, ...}) = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ff5000
old_mmap(0x4b071000, 88064, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4b071000
old_mmap(0x4b083000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x11000) = 0x4b083000
old_mmap(0x4b085000, 6144, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4b085000
close(3)                                = 0
open("/lib/libresolv.so.2", O_RDONLY)   = 3
read(3,
"\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0\360\343"...,
512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=81252, ...}) = 0
old_mmap(0x4b02c000, 75944, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4b02c000
old_mmap(0x4b03b000, 8192, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0xf000) = 0x4b03b000
old_mmap(0x4b03d000, 6312, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4b03d000
close(3)                                = 0
open("/lib/tls/libc.so.6", O_RDONLY)    = 3
read(3, "\177ELF\1\1\1\0\0\0\0\0\0\0\0\0\3\0\3\0\1\0\0\0
\277\353"..., 512) = 512
fstat64(3, {st_mode=S_IFREG|0755, st_size=1521596, ...}) = 0
old_mmap(0x4aea7000, 1215644, PROT_READ|PROT_EXEC,
MAP_PRIVATE|MAP_DENYWRITE, 3, 0) = 0x4aea7000
old_mmap(0x4afca000, 16384, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_DENYWRITE, 3, 0x123000) = 0x4afca000
old_mmap(0x4afce000, 7324, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x4afce000
close(3)                                = 0
old_mmap(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7ff4000
mprotect(0x4afca000, 8192, PROT_READ)   = 0
mprotect(0x4b03b000, 4096, PROT_READ)   = 0
mprotect(0x4b083000, 4096, PROT_READ)   = 0
mprotect(0x4aea3000, 4096, PROT_READ)   = 0
set_thread_area({entry_number:-1 -> 6, base_addr:0xb7ff46c0,
limit:1048575, seg_32bit:1, contents:0, read_exec_only:0,
limit_in_pages:1, seg_not_present:0, useable:1}) = 0
munmap(0xb7ff6000, 39607)               = 0
open("/usr/lib/locale/locale-archive", O_RDONLY|O_LARGEFILE) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=39591472, ...}) = 0
mmap2(NULL, 2097152, PROT_READ, MAP_PRIVATE, 3, 0) = 0xb7df4000
mmap2(NULL, 204800, PROT_READ, MAP_PRIVATE, 3, 0x1029) =
0xb7dc2000
brk(0)                                  = 0x804e000
brk(0x806f000)                          = 0x806f000
mmap2(NULL, 4096, PROT_READ, MAP_PRIVATE, 3, 0x1072) =
0xb7dc1000
close(3)                                = 0
socket(PF_INET, SOCK_DGRAM, IPPROTO_UDP) = 3
setsockopt(3, SOL_SOCKET, SO_REUSEADDR, [1], 4) = 0
setsockopt(3, SOL_SOCKET, SO_BROADCAST, [1], 4) = 0
setsockopt(3, SOL_SOCKET, SO_BINDTODEVICE,
"eth0\0\0\0\0\0\0\0\0\0\0\0\0\1\0\0\0\264\356\377\277\370"...,
32) = 0
bind(3, {sa_family=AF_INET, sin_port=htons(68),
sin_addr=inet_addr("0.0.0.0")}, 16) = 0
ioctl(3, SIOCGIFHWADDR, 0xbfffedd0)     = 0
time(NULL)                              = 1106556165
sendto(3,
"\1\1\6\0\34|\211\212\377\0\200\0\0\0\0\0\0\0\0\0\0\0\0"...,
548, 0, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("255.255.255.255")}, 16) = 548
time([1106556165])                      = 1106556165
time([1106556165])                      = 1106556165
select(4, [3], NULL, NULL, {2, 0})      = 0 (Timeout)
time([1106556167])                      = 1106556167
close(3)                                = 0
fstat64(1, {st_mode=S_IFCHR|0620, st_rdev=makedev(136, 2),
...}) = 0
mmap2(NULL, 4096, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7dc0000
open("/usr/share/locale/locale.alias", O_RDONLY) = 3
fstat64(3, {st_mode=S_IFREG|0644, st_size=2528, ...}) = 0
mmap2(NULL, 131072, PROT_READ|PROT_WRITE,
MAP_PRIVATE|MAP_ANONYMOUS, -1, 0) = 0xb7da0000
read(3, "# Locale name alias data base.\n#"..., 131072) = 2528
read(3, "", 131072)                     = 0
close(3)                                = 0
munmap(0xb7da0000, 131072)              = 0
open("/usr/share/nagios/locale/en_US/LC_MESSAGES/nagios-plugins.mo",
O_RDONLY) = -1 ENOENT (No such file or directory)
open("/usr/share/nagios/locale/en/LC_MESSAGES/nagios-plugins.mo",
O_RDONLY) = -1 ENOENT (No such file or directory)
write(1, "DHCP problem: No DHCPOFFERs were"..., 43DHCP
problem: No DHCPOFFERs were received.
) = 43
munmap(0xb7dc0000, 4096)                = 0
exit_group(2)                           = ?
[root at tornado nagiosplug]# 

Also:

[root at tornado nagiosplug]# /usr/lib/nagios/plugins/check_dhcp -v
DHCP socket: 3
Hardware address: 000d615e8bb3
DHCPDISCOVER to 255.255.255.255 port 67
DHCPDISCOVER XID: 842612958 (0x323940DE)
DHCDISCOVER ciaddr:  0.0.0.0
DHCDISCOVER yiaddr:  0.0.0.0
DHCDISCOVER siaddr:  0.0.0.0
DHCDISCOVER giaddr:  0.0.0.0
send_dhcp_packet result: 548




No (more) data received
Result=ERROR
Total responses seen on the wire: 0
Valid responses for this machine: 0
DHCP problem: No DHCPOFFERs were received.
[root at tornado nagiosplug]#



----------------------------------------------------------------------

Comment By: zyta2k (zyta2k)
Date: 2005-01-24 21:48

Message:
Logged In: YES 
user_id=544197

Wooooops :/

Shame on me =)
flushed all iptables rules and now it works...

The "strange thing" is:
dhcp is fully functional if I use the same rulebase !!

Here are the rules

---- schnippi ----

Chain INPUT (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination
RH-Firewall-1-INPUT  all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination

Chain RH-Firewall-1-INPUT (2 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere          
 icmp any
ACCEPT     ipv6-crypt--  anywhere             anywhere
ACCEPT     ipv6-auth--  anywhere             anywhere
ACCEPT     udp  --  anywhere             224.0.0.251       
 udp dpt:5353
ACCEPT     udp  --  anywhere             anywhere          
 udp dpt:ipp
ACCEPT     all  --  anywhere             anywhere          
 state RELATED,ESTABLISHED
ACCEPT     tcp  --  anywhere             anywhere          
 state NEW tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere          
 state NEW tcp dpt:ssh
REJECT     all  --  anywhere             anywhere          
 reject-with icmp-host-prohibited

---- schnappi ----

öm... no idea which rule stops the check_dhcp plug... :/

----------------------------------------------------------------------

Comment By: Stanley Hopcroft (stanleyhopcroft)
Date: 2005-01-24 15:57

Message:
Logged In: YES 
user_id=395628

Dear Folks,

I am perplexed about this problem.

1 the open socket won't ignore a broadcast reply with the
dhcp client port unless the reply is filtered by some kernel
packet filter (iptable on Linux ?), or there is a firewall
or router between the client and server. Given the PRs this
doesn't seem likely.

2 the failure is however consistent with L.C's (Laurentiu C.
Badea) PR showing EINVAL from the recvfrom call.

Please would either L.C., Rueben Farrelly or zyta2k do an
strace or equivalent (truss/ktrace ?) to show if recvfrom is
still returning -1/EINVAL from a CVS copy (not many changes
from L.C's report of the prob with the 1.3 plugins but its
nice to be sure)

EINVAL seems to suggest an argument problem but I can't
imagine what this may be - the parms seem fine.

Thank you.



----------------------------------------------------------------------

Comment By: Stanley Hopcroft (stanleyhopcroft)
Date: 2005-01-21 22:35

Message:
Logged In: YES 
user_id=395628

Thank you for a superb PR.

Unfortunately, this is unlikely to help you much but would
you please try the latest CVS (not tar ball) and post your
command invocation (changes have been made to get it to
build properly on Linux and FreeBSD - you seem to have done
this yourself).


On FreeBSD 4.10 and ISC dhcpd (V3.0.1rc14), it works Ok.

The reply to the discover should be a broadcast (methinks)
since the client has no ip.

Thanks for your help.



----------------------------------------------------------------------

Comment By: zyta2k (zyta2k)
Date: 2005-01-04 23:41

Message:
Logged In: YES 
user_id=544197

I can confirm the problem...

=== Verbose Output From Plugin ===
DHCP socket: 3
Hardware address: 00110a32c75e
DHCPDISCOVER to 255.255.255.255 port 67
DHCPDISCOVER XID: 1269450911 (0x4BAA489F)
DHCDISCOVER ciaddr:  0.0.0.0
DHCDISCOVER yiaddr:  0.0.0.0
DHCDISCOVER siaddr:  0.0.0.0
DHCDISCOVER giaddr:  0.0.0.0
send_dhcp_packet result: 548
No (more) data received
Result=ERROR
Total responses seen on the wire: 0
Valid responses for this machine: 0
DHCP problem: No DHCPOFFERs were received.

============= TCPDUMP ============
# tcpdump -vv dst port 68
tcpdump: listening on eth0, link-type EN10MB (Ethernet),
capture size 96 bytes
11:25:54.418410 IP (tos 0x0, ttl  63, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp01.foobar.com >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.121
          Server IP: dhcp01.foobar.com
          Gateway IP: 10.29.20.2
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
11:25:54.418675 IP (tos 0x0, ttl  62, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp01.foobar.com.bootps >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.121
          Server IP: dhcp01.foobar.com
          Gateway IP: 10.29.20.3
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
11:25:54.418975 IP (tos 0x0, ttl  63, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp02.foobar.com.bootps >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.143
          Server IP: dhcp02.foobar.com
          Gateway IP: 10.29.20.2
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
11:25:54.421156 IP (tos 0x0, ttl  62, id 0, offset 0, flags
[DF], proto 17, length: 341) dhcp02.foobar.com.bootps >
255.255.255.255.bootpc: BOOTP/DHCP, Reply, length: 313,
xid:0x4baa489f, secs:65280, flags: [Broadcast] (0x8000)
          Your IP: 10.29.20.143
          Server IP: dhcp02.foobar.com
          Gateway IP: 10.29.20.3
          Client Ethernet Address: 00:11:0a:32:c7:5e [|bootp]
4 packets captured
4 packets received by filter
0 packets dropped by kernel

========== MY SYSTEM =============
Distribution: Fedora Core 3
Kernel: 2.6.9
Glibc: 2.3.4
Plugin Version: CVS v 1.6 2004/12/30 00:41:39

hth
zyta2k

----------------------------------------------------------------------

Comment By: Reuben Farrelly (reuben)
Date: 2005-01-03 09:48

Message:
Logged In: YES 
user_id=26209

Still no go here either using bleeding edge CVS (on FC3):

sendto(3,
"\1\1\6\0\6\372\275\241\377\0\200\0\0\0\0\0\0\0\0\0\0\0"...,
548, 0, {sa_family=AF_INET, sin_port=htons(67),
sin_addr=inet_addr("255.255.255.255")}, 16) = 548
time([1104698558])                      = 1104698558
time([1104698558])                      = 1104698558
select(4, [3], NULL, NULL, {2, 0})      = 0 (Timeout)
time([1104698560])                      = 1104698560
close(3)                                = 0

Returns with "DHCP problem: No DHCPOFFERs were received." 
Meanwhile the DHCP server has seen the DHCPDISCOVER come in
and DHCPOFFER'ed an address to 255.255.255.255.bootpc

----------------------------------------------------------------------

Comment By: Benoit Mortier (opensides)
Date: 2005-01-03 07:42

Message:
Logged In: YES 
user_id=388184

Hi, 
 
could you test with the lastest cvs, and report your findings 
 
Thanks 

----------------------------------------------------------------------

You can respond by visiting: 
https://sourceforge.net/tracker/?func=detail&atid=397597&aid=1090549&group_id=29880




More information about the Nagiosplugin-devel mailing list