Bug 241792

Summary: dhclient/dhclient-script: dhclient default route not working when given a /32 netmask
Product: Base System Reporter: sigsys
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Many People CC: bz, dch, emaste, pat
Priority: --- Keywords: patch
Version: 12.1-RELEASE   
Hardware: Any   
OS: Any   

Description sigsys 2019-11-07 21:44:40 UTC 
There's a certain VM where autoconfiguration via DHCP works with Linux but not FreeBSD.  I have no information on how this VM is setup apart that it's hosted with KVM/QEMU.

The DHCP server sends a lease with a /32 netmask.  This makes adding the default route fail since it is not reachable via any interface.  Linux's dhclient-script seem to usually have a special case for that and explicitly adds an interface route to the router's address.

FreeBSD's dhclient-script has a special case for when the router address is the same as the leased address, but not when it's a different address that doesn't fall in the interface's subnet.

With this change, DHCP just works on this VM:

Index: sbin/dhclient/dhclient-script
===================================================================
--- sbin/dhclient/dhclient-script	(revision 354408)
+++ sbin/dhclient/dhclient-script	(working copy)
@@ -173,6 +173,9 @@
			if [ "$new_ip_address" = "$router" ]; then
				route add default -iface $router >/dev/null 2>&1
			else
+				if [ "$new_subnet_mask" = "255.255.255.255" ]; then
+					route add "$router" -iface "$interface" >/dev/null 2>&1
+				fi
				route add default $router >/dev/null 2>&1
			fi
		fi
Comment 1 Dave Cottlehuber freebsd_committer freebsd_triage 2019-11-28 23:45:20 UTC 
I have seen this in Google Cloud, Packet.net and other infrastructures. In the first case Google patched their DHCP setup to accommodate this. In the past
I have manually overridden this using settings in dhclient.conf.

Patch seems reasonable to me.
Comment 2 Bjoern A. Zeeb freebsd_committer freebsd_triage 2019-11-29 00:47:35 UTC 
I thought Linux used to simply arp for an off-link gateway and then use it.

I've seen this elsewhere as well with recovery images and documentation, e.g., https://wiki.hetzner.de/index.php/Cloud_IP_static#FreeBSD for static configuration.

While I don't do much IPv4 anymore, it seems a proper workaround.  +1 on the idea of the change (not reviewed).
Comment 3 commit-hook freebsd_committer freebsd_triage 2022-10-05 10:25:59 UTC 
A commit in branch main references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=fd6ecc184dbc64b9b3f7866b34812fb93df62925

commit fd6ecc184dbc64b9b3f7866b34812fb93df62925
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-10-05 10:11:07 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-10-05 10:24:31 +0000

    dhclient-script: cope with /32 address leases

    On certain cloud platforms (Google Cloud, Packet.net and others) the
    DHCP server offers a /32 address. This makes adding the default route
    fail since it is not reachable via any interface. Linux's
    dhclient-script seem to usually have a special case for that and
    explicitly adds an interface route to the router's address.

    FreeBSD's dhclient-script already has a special case for when the router
    address is the same as the leased address. Now also add one for when
    it's a different address that doesn't fall in the interface's subnet.

    PR:             241792
    Event:          Aberdeen hackathon 2022
    Submitted by:   sigsys@gmail.com
    Reviewed by:    dch, kp, bz (+1 on the idea, not reviewed), thj
    MFC after:      1 week

 sbin/dhclient/dhclient-script | 4 ++++
 1 file changed, 4 insertions(+)
Comment 4 Pat Maddox 2022-10-05 18:28:02 UTC 
fwiw I have run 13.1 on GCP, AWS, and Vultr, all without networking issues. I didn’t use pre-built images that might accommodate this issue - on AWS and GCP I extracted base.txz and kernel.txz, and on Vultr I used an ISO disk install.

I can’t weigh in on the details of the patch, I can only point out that it might make assumptions that haven’t matched our experience running 13.1 on multiple cloud providers.
Comment 5 Dave Cottlehuber freebsd_committer freebsd_triage 2022-10-07 06:44:50 UTC 
Yes. I remember that Google had to make changes to accommodate this,
as have other cloud vendors. Having a working default network is always
handy.
Comment 6 commit-hook freebsd_committer freebsd_triage 2022-10-13 08:09:40 UTC 
A commit in branch stable/12 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=7ca75b93b9facd6dd0a733f25f577a1c9862a46b

commit 7ca75b93b9facd6dd0a733f25f577a1c9862a46b
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-10-05 10:11:07 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-10-13 07:56:50 +0000

    dhclient-script: cope with /32 address leases

    On certain cloud platforms (Google Cloud, Packet.net and others) the
    DHCP server offers a /32 address. This makes adding the default route
    fail since it is not reachable via any interface. Linux's
    dhclient-script seem to usually have a special case for that and
    explicitly adds an interface route to the router's address.

    FreeBSD's dhclient-script already has a special case for when the router
    address is the same as the leased address. Now also add one for when
    it's a different address that doesn't fall in the interface's subnet.

    PR:             241792
    Event:          Aberdeen hackathon 2022
    Submitted by:   sigsys@gmail.com
    Reviewed by:    dch, kp, bz (+1 on the idea, not reviewed), thj
    MFC after:      1 week

    (cherry picked from commit fd6ecc184dbc64b9b3f7866b34812fb93df62925)

 sbin/dhclient/dhclient-script | 4 ++++
 1 file changed, 4 insertions(+)
Comment 7 commit-hook freebsd_committer freebsd_triage 2022-10-13 08:09:42 UTC 
A commit in branch stable/13 references this bug:

URL: https://cgit.FreeBSD.org/src/commit/?id=80e991888d79e036c03461d8264eea08a1dc67d8

commit 80e991888d79e036c03461d8264eea08a1dc67d8
Author:     Kristof Provost <kp@FreeBSD.org>
AuthorDate: 2022-10-05 10:11:07 +0000
Commit:     Kristof Provost <kp@FreeBSD.org>
CommitDate: 2022-10-13 07:56:54 +0000

    dhclient-script: cope with /32 address leases

    On certain cloud platforms (Google Cloud, Packet.net and others) the
    DHCP server offers a /32 address. This makes adding the default route
    fail since it is not reachable via any interface. Linux's
    dhclient-script seem to usually have a special case for that and
    explicitly adds an interface route to the router's address.

    FreeBSD's dhclient-script already has a special case for when the router
    address is the same as the leased address. Now also add one for when
    it's a different address that doesn't fall in the interface's subnet.

    PR:             241792
    Event:          Aberdeen hackathon 2022
    Submitted by:   sigsys@gmail.com
    Reviewed by:    dch, kp, bz (+1 on the idea, not reviewed), thj
    MFC after:      1 week

    (cherry picked from commit fd6ecc184dbc64b9b3f7866b34812fb93df62925)

 sbin/dhclient/dhclient-script | 4 ++++
 1 file changed, 4 insertions(+)