DHCP not working

lespaulstd · November 11, 2019, 8:30pm

Expected Behaviour:

DHCP working

Actual Behaviour:

DHCP not working, disabled DHCP from router already. Tested in both situations with router DHCP disabled and also router DHCP enabled and separated IP ranges

I've checked that dhcp ports are open in pihole VM:
PORT STATE SERVICE
53/udp open domain
67/udp open|filtered dhcps
68/udp open|filtered dhcpc

and also checked with dhcpdump that dhcp discover messages get the pihole, but there is no response from pihole's DHCP

##Current setup
Debian: Linux 4.19.0-6-amd64 #1 SMP Debian 4.19.67-2+deb10u1 (2019-09-20) x86_64 GNU/Linux
Proxmox: Linux 5.0.21-4-pve #1 SMP PVE 5.0.21-8 (Wed, 23 Oct 2019 17:49:13 +0200) x86_64 GNU/Linux

Debug Token:

xbh9er2c75

RamSet · November 12, 2019, 12:12am

try querying the DHCP server directly with this:

https://nmap.org/nsedoc/scripts/dhcp-discover.html

jfb · November 12, 2019, 1:45am

Please post an example DHCP request and transaction from /var/log/pihole.log

lespaulstd · November 12, 2019, 8:20pm

Thanks for your answers. I've tested with nmap:

$ sudo nmap -sU -p 67 --script=dhcp-discover 192.168.1.12
Starting Nmap 7.80 ( https://nmap.org ) at 2019-11-12 20:01 WET
Nmap scan report for 192.168.1.12
Host is up (0.0015s latency).

PORT   STATE         SERVICE
67/udp open|filtered dhcps
MAC Address: D2:71:05:32:2E:F7 (Unknown)

Nmap done: 1 IP address (1 host up) scanned in 5.65 seconds

And found this in /var/log/pihole.log:

Nov 12 20:01:07 dnsmasq-dhcp[493]: no address range available for DHCP request via ens18

So I've checked dnsdmasq-dhcp configuration where everything is just as shown in the pihole web interface:

###############################################################################
#  DHCP SERVER CONFIG FILE AUTOMATICALLY POPULATED BY PI-HOLE WEB INTERFACE.  #
#            ANY CHANGES MADE TO THIS FILE WILL BE LOST ON CHANGE             #
###############################################################################
dhcp-authoritative
dhcp-range=192.168.1.101,192.168.1.151,24h
dhcp-option=option:router,192.168.1.1
dhcp-leasefile=/etc/pihole/dhcp.leases
#quiet-dhcp

domain=localdomain

and the leasefile is empty, as expected since none of the addresses has been assigned.

Also, following troubleshooting advise from other threads in the forum, here is the result of netstat to verify the state of the ports:

$ sudo netstat -nltup | grep 'Proto\|:53 \|:67 \|:68 \|:80 \|:471'
Proto Recv-Q Send-Q Local Address           Foreign Address         State       PID/Program name    
tcp        0      0 127.0.0.1:4711          0.0.0.0:*               LISTEN      493/pihole-FTL      
tcp        0      0 0.0.0.0:80              0.0.0.0:*               LISTEN      428/lighttpd        
tcp        0      0 0.0.0.0:53              0.0.0.0:*               LISTEN      493/pihole-FTL      
tcp6       0      0 ::1:4711                :::*                    LISTEN      493/pihole-FTL      
tcp6       0      0 :::80                   :::*                    LISTEN      428/lighttpd        
tcp6       0      0 :::53                   :::*                    LISTEN      493/pihole-FTL      
udp        0      0 0.0.0.0:53              0.0.0.0:*                           493/pihole-FTL      
udp        0      0 0.0.0.0:67              0.0.0.0:*                           493/pihole-FTL      
udp        0      0 0.0.0.0:68              0.0.0.0:*                           483/dhcpcd          
udp6       0      0 :::53                   :::*                                493/pihole-FTL

RamSet · November 12, 2019, 8:35pm

Something is happening there.

This is how it's supposed to look:

It looks (on your side) like it didn't take the script, as that's what I see if I don't use the --script=dhcp-discover parameter.

Unfortunately I cannot replicate it and I've never encountered this before.

lespaulstd · November 12, 2019, 11:25pm

I thought it could be a firewall problem, but I can't find it. If I run a tcpdump in the pihole while sending a nmap query it seems that the DHCP request is received by the network interface:

$ sudo tcpdump -i ens18 -pvn port 67 and port 68
tcpdump: listening on ens18, link-type EN10MB (Ethernet), capture size 262144 bytes
23:13:48.686648 IP (tos 0x0, ttl 64, id 22248, offset 0, flags [DF], proto UDP (17), length 344)
    192.168.1.13.68 > 192.168.1.12.67: BOOTP/DHCP, Request from 56:2f:d2:84:10:d4, length 316, xid 0x9db54b7d, Flags [none]
	  Client-IP 192.168.1.13
	  Client-Ethernet-Address 56:2f:d2:84:10:d4
	  Vendor-rfc1048 Extensions
	    Magic Cookie 0x63825363
	    DHCP-Message Option 53, length 1: Inform
	    Parameter-Request Option 55, length 64: 
	      Option 252, Subnet-Mask, Time-Zone, Default-Gateway
	      Time-Server, IEN-Name-Server, Domain-Name-Server, LOG
	      CS, LPR-Server, IM, RL
	      Hostname, BS, DP, Domain-Name
	      SS, RP, EP, IPF
	      SRT, PF, RSZ, TTL
	      MTU-Timeout, MTU-Table, MTU, LSN
	      BR, MD, MS, Router-Discovery
	      RSA, Static-Route, UT, AT
	      IE, TT, KI, KG
	      YD, YS, NTP, Vendor-Option
	      Netbios-Name-Server, WDD, Netbios-Node, Netbios-Scope
	      XFS, XDM, Requested-IP, Lease-Time
	      OO, DHCP-Message, Server-ID, Parameter-Request
	      MSG, MSZ, RN, RB
	      Vendor-Class, Client-ID, BF, TFTP
	    Lease-Time Option 51, length 4: 1

However, there is no response. I enabled the -d option in nmap and it shows a TIMEOUT:

$ sudo nmap -sU -p 67 -d --script=dhcp-discover 192.168.1.12
Starting Nmap 7.70 ( https://nmap.org ) at 2019-11-12 23:22 WET
--------------- Timing report ---------------
  hostgroups: min 1, max 100000
  rtt-timeouts: init 1000, min 100, max 10000
  max-scan-delay: TCP 1000, UDP 1000, SCTP 1000
  parallelism: min 0, max 0
  max-retries: 10, host-timeout: 0
  min-rate: 0, max-rate: 0
---------------------------------------------
NSE: Using Lua 5.3.
NSE: Arguments from CLI: 
NSE: Loaded 1 scripts for scanning.
NSE: Script Pre-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 23:22
Completed NSE at 23:22, 0.00s elapsed
Initiating ARP Ping Scan at 23:22
Scanning 192.168.1.12 [1 port]
Packet capture filter (device ens18): arp and arp[18:4] = 0x562FD284 and arp[22:2] = 0x10D4
Completed ARP Ping Scan at 23:22, 0.20s elapsed (1 total hosts)
Overall sending rates: 9.90 packets / s, 415.82 bytes / s.
mass_rdns: Using DNS server 192.168.1.12
Initiating Parallel DNS resolution of 1 host. at 23:22
mass_rdns: 0.00s 0/1 [#: 1, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
Completed Parallel DNS resolution of 1 host. at 23:22, 0.00s elapsed
DNS resolution of 1 IPs took 0.00s. Mode: Async [#: 1, OK: 1, NX: 0, DR: 0, SF: 0, TR: 1, CN: 0]
Initiating UDP Scan at 23:22
Scanning pihole (192.168.1.12) [1 port]
Packet capture filter (device ens18): dst host 192.168.1.13 and (icmp or icmp6 or ((tcp or udp or sctp) and (src host 192.168.1.12)))
Completed UDP Scan at 23:22, 0.20s elapsed (1 total ports)
Overall sending rates: 9.79 packets / s, 274.15 bytes / s.
NSE: Script scanning 192.168.1.12.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 23:22
NSE: Starting dhcp-discover against 192.168.1.12:67.
NSE: [dhcp-discover 192.168.1.12:67] dhcp: Couldn't receive packet: TIMEOUT
NSE: [dhcp-discover 192.168.1.12:67] Couldn't send DHCP request: Couldn't receive packet: TIMEOUT
NSE: Finished dhcp-discover against 192.168.1.12:67.
Completed NSE at 23:22, 5.00s elapsed
Nmap scan report for pihole (192.168.1.12)
Host is up, received arp-response (-0.20s latency).
Scanned at 2019-11-12 23:22:27 WET for 5s

PORT   STATE         SERVICE REASON
67/udp open|filtered dhcps   no-response
| dhcp-discover: 
|_  ERROR: Couldn't receive packet: TIMEOUT
MAC Address: D2:71:05:32:2E:F7 (Unknown)
Final times for host: srtt: -200150 rttvar: 5000  to: 100000

NSE: Script Post-scanning.
NSE: Starting runlevel 1 (of 1) scan.
Initiating NSE at 23:22
Completed NSE at 23:22, 0.00s elapsed
Read from /usr/bin/../share/nmap: nmap-mac-prefixes nmap-payloads nmap-services.
Nmap done: 1 IP address (1 host up) scanned in 5.70 seconds
           Raw packets sent: 4 (112B) | Rcvd: 1 (28B)

On the other hand, as you said, if I try the same with the DHCP on the router I get:

$ sudo nmap -sU -p 67 --script=dhcp-discover 192.168.1.1
Starting Nmap 7.70 ( https://nmap.org ) at 2019-11-12 23:13 WET
Nmap scan report for 192.168.1.1
Host is up (-0.20s latency).

PORT   STATE SERVICE
67/udp open  dhcps
| dhcp-discover: 
|   DHCP Message Type: DHCPACK
|   Server Identifier: 192.168.1.1
|   Subnet Mask: 255.255.255.0
|   Router: 192.168.1.1
|   Domain Name Server: 80.58.61.250, 80.58.61.254
|_  NTP Servers: 10.22.192.1
MAC Address: 08:6A:0A:BD:6F:3C (Askey Computer)

jfb · November 12, 2019, 11:32pm

You might have success with a solution at a support page for your VM.

lespaulstd · November 13, 2019, 12:51am

I've just found the problem. I changed the IP of the pihole server after the installation. During this process, that include a pihole reconfiguration (pihole -r), there were two definitions of the interface definitions in the file /etc/dhcpd.conf

interface ens18
       static ip_address=192.168.21.82/22
       static routers=192.168.22.230
       static domain_name_servers=127.0.0.1
interface ens18
        static ip_address=192.168.1.12/22
        static routers=192.168.1.1
        static domain_name_servers=127.0.0.1

The first one was the one I had when I make the installation and the second the configuration I set after reconfigure, but with the network mask of the original configuration. I don't know if it was my mistake or a bug in the reconfiguration process.

With that configuration, network didn't work in the server, so I comented the old configuration and changed the mask, but instead of 24 I set it to 25, that worked for normal networking, but made the DHCP server fail.

Once I changed that network mask to 24 everything started to work as expected.

Thanks to all for your help.