Univention Bugzilla – Bug 37689
UCS doesn't apply all DHCP options received
Last modified: 2015-06-04 18:55:31 CEST
We are having this problem now in UCS instances in Openstack. an external (non-UCS) DHCP server sends DHCP options like DNS and extra routes, but UCS only applies the addressing info (IP, mask, gateway, etc.) and ignores the rest (DNS and routes). I see the script in /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes, but either it doesn't run or it doesn't have any effect on the network configuration. root@ucsserver:~# cat /var/lib/dhcp/dhclient.eth0.leases lease { interface "eth0"; fixed-address 192.168.100.181; option subnet-mask 255.255.255.0; option dhcp-lease-time 86400; option dhcp-message-type 5; option domain-name-servers 10.114.138.89,192.168.240.14; option dhcp-server-identifier 192.168.100.2; option dhcp-renewal-time 43200; option rfc3442-classless-static-routes 32,10,114,138,51,192.168.100,254,32,10,114,138,89,192.168.100,254,32,10,170,226,87,192.168.100,254,24,192,168,210,192.168.100,254,24,192,168,240,192.168.100,254,32,169,254,169,254,192.168.100,2; option broadcast-address 192.168.100.255; option dhcp-rebinding-time 75600; option host-name "host-192.168.100-181"; option domain-name "openstacklocal"; renew 4 2015/02/05 02:30:57; rebind 4 2015/02/05 11:55:48; expire 4 2015/02/05 14:55:48; }
base/univention-network-manager/etc/dhcp/dhclient-exit-hooks.d/resolvconf uses "exit 0", which breaks anything: The file is "sourced" by /sbin/dhclient-script (not forked!), as this is required for re-writing the DHCP configuration by those scripts: $ grep -n exit etc/dhcp/dhclient-exit-hooks.d/resolvconf 33:test -z "$interface" && exit 0 115:exit 0 $ /sbin/dhclient-script 385 exit_with_hooks 0 141 exit_with_hooks() { 150 if ! run_hookdir /etc/dhcp/dhclient-exit-hooks.d "$@"; then 124 run_hookdir() { 132 run_hook $script "$@" || true 106 run_hook() { 113 . $script "$@" # ls -1 /etc/dhcp/dhclient-exit-hooks.d/* /etc/dhcp/dhclient-exit-hooks.d/debug /etc/dhcp/dhclient-exit-hooks.d/ntp /etc/dhcp/dhclient-exit-hooks.d/ntpdate /etc/dhcp/dhclient-exit-hooks.d/resolvconf /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes Trivial patch: diff --git a/branches/ucs-4.0/ucs-4.0-1/base/univention-network-manager/etc/dhcp/dhclient-exit-hooks.d/resolvconf b/branches/ucs-4.0/ucs-4.0-1/base/univention-network-manager/etc/dhcp/dhclient-exit-hooks.d/resolvconf index 7dd1a63..bce3aca 100755 --- a/branches/ucs-4.0/ucs-4.0-1/base/univention-network-manager/etc/dhcp/dhclient-exit-hooks.d/resolvconf +++ b/branches/ucs-4.0/ucs-4.0-1/base/univention-network-manager/etc/dhcp/dhclient-exit-hooks.d/resolvconf @@ -30,6 +30,7 @@ # /usr/share/common-licenses/AGPL-3; if not, see # <http://www.gnu.org/licenses/>. +( test -z "$interface" && exit 0 eval "$(univention-config-registry shell)" @@ -113,3 +114,4 @@ elif [ "$interface_type" = "dhcp" ]; then fi exit 0 +) After that everything works: ucr set \ dhcpd/options/rfc3442-classless-static-routes/121='array of integer 8' \ dhcpd/options/ms-classless-static-routes/249='array of integer 8' udm dhcp/service modify \ --dn "$(udm dhcp/service list | sed -ne 's/^DN: //p;T;q')" \ --append option='rfc3442-classless-static-routes 24,10,201,17,10,200,17,2;' # pfx/net------ router----- # number of octets per $net depends on $pfx={32,24,16,8,0} !!! Please note that any classless static route thus defines is only applied on the first BOUND (or REBOOT). If the setting is added or changes later on, it does NOT get applied. If this is required, the lease must be expired forcefully by denying the clients to re-use their previously assigned address. - For DHCP-Pools this can be done by the Allow/Deny policy. - for static assignments the address must be changed manually for all hosts. FYI: <https://ercpe.de/blog/pushing-static-routes-with-isc-dhcp-server>
r60077 | Bug #37689 Net: Fix sourced script using exit Patch applied Package: univention-network-manager Version: 6.0.0-2.103.201504221359 Branch: ucs_4.0-0 Scope: errata4.0-1 r60078 | Bug #37689 Net: Fix sourced script using exit YAML 2015-04-22-univention-network-manager.yaml QA: echo 'echo SUCCESS >>/tmp/37689'>/etc/dhcp/dhclient-exit-hooks.d/zz37689 will only log SUCCESS with the fixed package installed.
FYI: rfc3442-classless-static-routes also looks strange: 32 10,114,138,51 192.168.100,254 32 10,114,138,89 192.168.100,254 32 10,170,226,87 192.168.100,254 24,192,168,210 192.168.100,254 24 192,168,240 192.168.100,254 32 169,254,169,254 192.168.100.2 1. Is that last entry correct? 2. As the RFC3442 extension doesn't mix well with the default gateway mechanism, adding a '0,a,b,c,d' entry is recommended for setting the default gateway a.b.c.d
OK - i just tested, if /etc/dhcp/dhclient-exit-hooks.d/rfc3442-classless-routes is executed during boot with interfaces/eth0/type=dhcp OK - YAML
<http://errata.univention.de/ucs/4.0/184.html>