Bug 16923 - DHCP without fixed IP address
DHCP without fixed IP address
Status: CLOSED FIXED
Product: UCS
Classification: Unclassified
Component: UMC - Computers
UCS 4.1
Other Linux
: P5 enhancement (vote)
: UCS 4.2
Assigned To: Philipp Hahn
Florian Best
: interim-2
: 24098 37832 (view as bug list)
Depends on: 48811
Blocks: 43337
  Show dependency treegraph
 
Reported: 2009-12-11 14:56 CET by Philipp Hahn
Modified: 2019-04-17 18:54 CEST (History)
6 users (show)

See Also:
What kind of report is it?: Bug Report
What type of bug is this?: 4: Minor Usability: Impairs usability in secondary scenarios
Who will be affected by this bug?: 2: Will only affect a few installed domains
How will those affected feel about the bug?: 3: A User would likely not purchase the product
User Pain: 0.137
Enterprise Customer affected?: Yes
School Customer affected?: Yes
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number: 2016052321000343, 2016083021000253, 2013081221083651, 2011101410001451
Bug group (optional):
Max CVSS v3 score:
hahn: Patch_Available+


Attachments
Your test in python (2.30 KB, text/plain)
2017-01-26 12:42 CET, Philipp Hahn
Details
Your test in shell (2.65 KB, text/plain)
2017-01-26 12:43 CET, Philipp Hahn
Details

Note You need to log in before you can comment on or make changes to this bug.
Description Philipp Hahn univentionstaff 2009-12-11 14:56:48 CET
Beim anlegen eines Computer-Objekt wird dessen MAC-Adresse erfasst. Im DHCP-Reiter kann dann eine Zuordnung von MAC-Adresse zu IP-Adresse angelegt werden, aber es besteht keine IMHO Möglichkeit, nur ein Host-Eintrag für die MAC-Adresse ohne IP-Adresse anzulegen. Dies ist für den Fall sinnvoll, wenn ein DHCP-Pool mit "allow known-clients;" betrieben werden soll: Dazu müssen passende "host ... { hardware ethernet MM:MM:AA:AA:CC:CC; }" existieren, aber die Zuordnung von IP-Adressen wird aus dem Pool getätigt.
Derzeit müssen solche Einträge über den DHCP-Wizard selber angelegt werden; ein Erzeugen im bzw. eine Übernahme der Daten aus dem Rechner-Wizard ist nicht möglich.
Comment 1 Philipp Hahn univentionstaff 2010-08-25 18:53:58 CEST
Das ist bereits möglich: Man kann nachträglich im DHCP-Wizard die feste-IP-Adresse wieder entfernen.
Comment 2 Philipp Hahn univentionstaff 2011-10-18 21:00:26 CEST
*** Bug 24098 has been marked as a duplicate of this bug. ***
Comment 3 Janis Meybohm univentionstaff 2013-08-14 15:25:52 CEST
Requested again via Ticket#2013081221083651
Comment 4 Philipp Hahn univentionstaff 2016-05-24 12:22:47 CEST
+1: Ticket#2016052321000343 — DHCP für Computer ohne feste IP
Comment 5 Nico Stöckigt univentionstaff 2016-08-30 15:09:52 CEST
+1: Ticket#2016083021000253 — DHCP für Computer ohne feste IP
Comment 6 Philipp Hahn univentionstaff 2016-10-24 10:09:45 CEST
git clone -b ucs/4.1-3+16923 /home/phahn/GIT2
Comment 7 Philipp Hahn univentionstaff 2016-11-21 06:14:59 CET
r74206 | Bug #16923 dhcp: make dhcpEntryZone a 3-tuple
r74205 | Bug #16923 udm: Handle optional complex values
r74204 | Bug #16923 dhcp: Allow empty value

Known issues:
- UMC has a combo-box for the "DHCP entry zone", where the IP address can be selected. Currently there is no "empty" entry - the address must be deleted by using backspace or delete
- Creating the "DHCP entry zone" is a mess: it's a 3-tuple (dhcp-service, IP, MAC) with some strange rules implemented several times in simpleComputer: While dhcp-service is always required, IP and MAC are guessed for "single IP" configurations. Currently this requires exactly one IP to be specified, while for "DHCP pool assignment" *no* IP address is required
Comment 8 Philipp Hahn univentionstaff 2016-11-21 06:17:14 CET
r74612 | Bug #16923 udm: Fix multi-IP to single-IP dns entries
r74611 | Bug #16923 udm: Fix updating dhcp entries (modify)
r74610 | Bug #16923 udm: Fix updating dhcp entries (rename,remove)
r74609 | Bug #16923 udm: Handle DHCP pool hosts
r74608 | Bug #16923 dhcp: Fix dhcp/host entry creation
Comment 9 Florian Best univentionstaff 2016-12-23 16:16:08 CET
*** Bug 37832 has been marked as a duplicate of this bug. ***
Comment 10 Florian Best univentionstaff 2016-12-23 16:21:31 CET
If I add a computers/ipmanagedclient via UMC and I assign a network the fields for IP Address / DNS / DHCP are autocompleted. If I then remove these entries in UMC ans create the object these values are set nevertheless.
Comment 11 Florian Best univentionstaff 2016-12-23 16:30:24 CET
management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py:2131: list comprehension redefines 'mac' from line 2047
→ This doesn't break anything, but you could change this into "_mac".
Comment 12 Philipp Hahn univentionstaff 2017-01-04 17:05:42 CET
(In reply to Florian Best from comment #10)
> If I add a computers/ipmanagedclient via UMC and I assign a network the
> fields for IP Address / DNS / DHCP are autocompleted. If I then remove these
> entries in UMC ans create the object these values are set nevertheless.

Not a regression - this is yet another bug in UMC:

1. In the old days there was not UMC, so the logic to assign the next IP from a network was implemented in the UDM computers modules as soon as the property "network" is set. (simplecomputer.__setitem__:2573)
The logic is still there, as it is required when you use the CLI.

2. Then the interactive UMC came along and implemented a feature like "hey, you chose the network, I will fetch a IP *before* commit and show you the IP". (univention-management-console-module-udm/umc/python/udm/__init__.py:675)
On commit both early IP and the chosen network are sent to the backend, where the logic to fetch a free address is disabled, because the address is *explicitly* set.

3. In your scenario you just delete the "address chosen by UMC", but still transmit the network, so the old logic kicks in again and picks one address for you.

 net="$(udm networks/network list|sed -ne 's/^DN: //p;T;q')" r=$RANDOM
 udm computers/ipmanagedclient create --set name=ip$r --set network="$net"
 udm computers/ipmanagedclient list --filter name=ip$r|grep ip:
 # ip: 10.200.17.41

4. You can easily demonstrate the UMC brokenness by opening UMC in two browser windows and creating two computer entries in parallel: UMC will pick the same IP for both entries; the faster user will succeed, the slower one will get message "IP address is already in use".


(In reply to Florian Best from comment #11)
> management/univention-directory-manager-modules/modules/univention/admin/
> handlers/__init__.py:2131: list comprehension redefines 'mac' from line 2047
> → This doesn't break anything, but you could change this into "_mac".

Not fixed.
Comment 13 Florian Best univentionstaff 2017-01-18 16:34:25 CET
OK: Fix
OK: Changelog
OK: For the UMC issue, that the empty-value in the IP field is not shown, I created Bug #43370
Comment 14 Florian Best univentionstaff 2017-01-18 16:57:51 CET
It's not possible to set an empty IP address value, because parsing fails in that case:
>>> univention.admin.syntax.dhcpEntry.parse(["cn=service1,dc=school,dc=local","","123569875671"])
Traceback (most recent call last):
  File "<stdin>", line 1, in <module>
  File "/usr/lib/pymodules/python2.7/univention/admin/syntax.py", line 2257, in parse
    return super(dhcpEntry, cls).parse(filter(None, [service, ip, mac]))
  File "/usr/lib/pymodules/python2.7/univention/admin/syntax.py", line 243, in parse
    p = s.parse(text)
  File "/usr/lib/pymodules/python2.7/univention/admin/syntax.py", line 2184, in parse
    return super(IP_AddressListEmpty, cls).parse(text) if text else ''
  File "/usr/lib/pymodules/python2.7/univention/admin/syntax.py", line 1037, in parse
    raise univention.admin.uexceptions.valueError(_("Not a valid IP address!"))
univention.admin.uexceptions.valueError: Not a valid IP address!


Caused by the filter:
  2257 »   »   return super(dhcpEntry, cls).parse(filter(None, [service, ip, mac]))
→ Why is the filtering done?
Comment 15 Florian Best univentionstaff 2017-01-18 17:00:56 CET
Also: If adding a dhcpEntry with a empty IP address the corresponding DHCP Host object is created with the ip address of the object.
Comment 16 Florian Best univentionstaff 2017-01-18 17:03:16 CET
(In reply to Florian Best from comment #15)
> Also: If adding a dhcpEntry with a empty IP address the corresponding DHCP
> Host object is created with the ip address of the object.
Ah, this is again only because I assigned a network object as well at the same time.
Comment 17 Philipp Hahn univentionstaff 2017-01-19 09:57:20 CET
(In reply to Florian Best from comment #14)
> It's not possible to set an empty IP address value, because parsing fails in
> that case:
> >>> univention.admin.syntax.dhcpEntry.parse(["cn=service1,dc=school,dc=local","","123569875671"])

Where is that (passing a 3-tuple with the middle-value being an empty string) done?

> Caused by the filter:
>   2257 »   »   return super(dhcpEntry, cls).parse(filter(None, [service, ip, mac]))
> → Why is the filtering done?

To implement something like (dhcp-service-dn, [[ip-address], mac-address]):
- dhcp-servide-dn must be given always
- mac-address is optional
- ip-adress is also optional, but only in combination with mac-address

It was a left over to handle the case, where not a 3-tuple was given. As that logic is implemented in the lines above, I removed the filter(None)

r75931 | Bug #16923 udm: Fix parsing of DHCP entry zone for computer objects

Package: univention-directory-manager-modules
Version: 12.0.11-7A~4.2.0.201701190933
Branch: ucs_4.2-0

QA:
 DN1 () { sed -ne 's/^DN: //p;T;q';}
 MAC () { od -A n -N 6 -t x2 /dev/random|tr -d ' ';}
 NET=192.0.2
 IP () { echo "$NET.$((2 + RANDOM % 253))";}
 lb="$(ucr get ldap/base)"
 s=$(udm dhcp/service list|DN1)"
 udm networks/network create --position "cn=networks,$lb" --set name="test" --set network="$NET.0" --set netmask=24 --set dhcpEntryZone="$s" --set ipRange="$NET.2 $NET.253"
 n="cn=test,cn=networks,$lb"

 # Let Network chose the IP
 mac="$(MAC)" h="l$RANDOM"
 udm computers/linux create --position "cn=computers,$lb" --set name="$h" --set mac="$mac" --set network="$n"
 udm dhcp/host list --superordinate "$s" --filter host="$h" | grep -F "fixedaddress: $NET."

 # Give explicit IP, but DHCP from Network
 ip="$(IP)" mac="$(MAC)" h="l$RANDOM"
 udm computers/linux create --position "cn=computers,$lb" --set name="$h" --set mac="$mac" --set ip="$ip" --set network="$n"
 udm dhcp/host list --superordinate "$s" --filter host="$h" | grep -F "fixedaddress: $ip"

 # Manual DHCP with dynamic IP from known-hosts-pool
 mac="$(MAC)" h="l$RANDOM"
 udm computers/linux create --position "cn=computers,$lb" --set name="$h" --set mac="$mac" --set dhcpEntryZone="$s $mac"
 udm dhcp/host list --superordinate "$s" --filter host="$h" | grep -F "fixedaddress: None"

 # Manual DHCP with fixed IP
 ip="$(IP)" mac="$(MAC)" h="l$RANDOM"
 udm computers/linux create --position "cn=computers,$lb" --set name="$h" --set mac="$mac" set ip="$ip" --set dhcpEntryZone="$s $ip $mac"
 udm dhcp/host list --superordinate "$s" --filter host="$h" | grep -F "fixedaddress: $ip"
Comment 18 Florian Best univentionstaff 2017-01-19 11:56:59 CET
(In reply to Philipp Hahn from comment #17)
> Where is that (passing a 3-tuple with the middle-value being an empty
> string) done?
It happens via UMC when Bug #43370 is fixed.
Comment 19 Florian Best univentionstaff 2017-01-19 12:58:27 CET
ucs-test (7.0.8-6):
r75939 | Bug #16923: add 66_udm-computers/32_all_roles_modification_ip_choosing

I added a test case for this.
See the commented out line.
The aRecord set via --set ip=foo is not set instead d the ip of the network is set as aRecord.
Comment 20 Philipp Hahn univentionstaff 2017-01-26 12:42:07 CET
(In reply to Florian Best from comment #19)
> ucs-test (7.0.8-6):
> r75939 | Bug #16923: add
> 66_udm-computers/32_all_roles_modification_ip_choosing
> 
> I added a test case for this.
> See the commented out line.
> The aRecord set via --set ip=foo is not set instead d the ip of the network
> is set as aRecord.

This is a bug in your test-case:
UDM/simplecomputer has some strange logic to "verify" the given IP address: it must be located within the given network; if it does not, it ignores the explicitly given IP address and asks the network to provide an address from the network instead.

management/univention-directory-manager-modules/modules/univention/admin/handlers/__init__.py:2583
> if not self['ip'] or \
>    len(self['ip']) < 3 or \
>    not self['ip'][0] or \
>    not univention.admin.ipaddress.ip_is_in_network(network_object['network'], network_object['netmask'], self['ip'][0]):
Comment 21 Philipp Hahn univentionstaff 2017-01-26 12:42:45 CET
Created attachment 8375 [details]
Your test in python
Comment 22 Philipp Hahn univentionstaff 2017-01-26 12:43:05 CET
Created attachment 8376 [details]
Your test in shell
Comment 23 Florian Best univentionstaff 2017-02-15 16:38:13 CET
Thank you! I replaced my test script with yours.
Comment 24 Stefan Gohmann univentionstaff 2017-04-04 18:30:05 CEST
UCS 4.2 has been released:
 https://docs.software-univention.de/release-notes-4.2-0-en.html
 https://docs.software-univention.de/release-notes-4.2-0-de.html

If this error occurs again, please use "Clone This Bug".