Bug 222899

Summary: After lease expiration dhclient-script mess up network
Product: Base System Reporter: Domagoj Hranjec <cab902>
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed DUPLICATE    
Severity: Affects Some People    
Priority: ---    
Version: 10.4-RELEASE   
Hardware: Any   
OS: Any   
See Also: https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=119801
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=231526

Description Domagoj Hranjec 2017-10-10 12:54:26 UTC 
Configuration is like this:
/etc/dhclient.conf:
alias {
        interface "rl0";
        fixed-address 192.168.1.5;
        option subnet-mask 255.255.255.0;
}

So, we have a dynamic address and fixed alias address.

So the interface looks like this:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2008<VLAN_MTU,WOL_MAGIC>
        ether xx:xx:xx:xx:xx:xx
        hwaddr xx:xx:xx:xx:xx:xx
        inet 192.168.0.11 netmask 0xffffff00 broadcast 192.168.0.255
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active

But, after the lease expires, dhclient-script renews lease, removes old dynamic address and adds the new one, at the end of the list. Now it looks like this:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2008<VLAN_MTU,WOL_MAGIC>
        ether xx:xx:xx:xx:xx:xx
        hwaddr xx:xx:xx:xx:xx:xx
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
        inet 192.168.0.11 netmask 0xffffff00 broadcast 192.168.0.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active

This has an unintended consequence, that the default route now goes through fixed alias interface, instead of dynamic interface. As the machine is the router, it messes up the access to the outside for the rest of the local network.

I propose a fix like this:
--- dhclient-script.orig        2017-10-09 18:46:39.912218000 +0200
+++ dhclient-script.new         2017-10-09 21:27:45.784826000 +0200
@@ -345,6 +345,7 @@
                add_new_routes
        fi
        if [ "$new_ip_address" != "$alias_ip_address" ]; then
+               delete_old_alias
                add_new_alias
        fi
        if is_default_interface; then

It will, in the RENEW phase, remove and add the alias, which will put it behind the dynamic address, like it's suppose to be:
rl0: flags=8843<UP,BROADCAST,RUNNING,SIMPLEX,MULTICAST> metric 0 mtu 1500
        options=2008<VLAN_MTU,WOL_MAGIC>
        ether xx:xx:xx:xx:xx:xx
        hwaddr xx:xx:xx:xx:xx:xx
        inet 192.168.0.11 netmask 0xffffff00 broadcast 192.168.0.255
        inet 192.168.1.5 netmask 0xffffff00 broadcast 192.168.1.255
        nd6 options=29<PERFORMNUD,IFDISABLED,AUTO_LINKLOCAL>
        media: Ethernet autoselect (100baseTX <full-duplex>)
        status: active
		
Now the default route will again go through the dynamic address.
Comment 1 Domagoj Hranjec 2017-10-17 13:53:24 UTC 

*** This bug has been marked as a duplicate of bug 119801 ***