Page MenuHomeVyOS Platform

dhclient fails to renew DHCP lease with VRF
Closed, DuplicatePublicBUG

Description

Router has OSPF and full Internet BGP tables set up over interfaces eth1-eth5 in the default VRF, and out of band management over eth0 in "mgmt" VRF.

set interfaces ethernet eth0 address 'dhcp'
set interfaces ethernet eth0 vrf 'mgmt'
set service ssh vrf 'mgmt'
set vrf name mgmt table '1000'

DHCP initially acquires the private management IP on eth0 just fine, but later fails to renew:

Jun 1 06:23:06 R2 dhclient[7032]: DHCPREQUEST for 10.77.1.163 on eth0 to 10.77.1.254 port 67
Jun 1 06:23:06 R2 dhclient[7032]: send_packet: Invalid argument
Jun 1 06:23:06 R2 dhclient[7032]: dhclient.c:2755: Failed to send 300 byte long packet over fallback interface.

The second and third line are the result of blackhole static route for rfc1918 addresses in the default VRF:

set protocols static route 10.0.0.0/8 blackhole distance '254'
(same for all other "bogon" prefixes that should not be seen on the public Internet)

and if that route is removed, only the first line appears. The DHCP renew requests to eth0 don't appear on the wire, even though a ssh session to the IP in "mgmt" VRF is still working. I suspect they try to go through the default VRF instead.

After many failed unicast DHCP requests, finally a broadcast is sent and it succeeds:

Jun 1 12:04:37 R2 dhclient[7032]: DHCPREQUEST for 10.77.1.163 on eth0 to 10.77.1.254 port 67
Jun 1 12:04:37 R2 dhclient[7032]: send_packet: Invalid argument
Jun 1 12:04:37 R2 dhclient[7032]: dhclient.c:2755: Failed to send 300 byte long packet over fallback interface.
Jun 1 12:04:50 R2 dhclient[7032]: DHCPREQUEST for 10.77.1.163 on eth0 to 255.255.255.255 port 67
Jun 1 12:04:50 R2 dhclient[7032]: DHCPACK of 10.77.1.163 from 10.77.1.254

Details

Version
1.3.1
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Bug (incorrect behavior)

Event Timeline

Hi @marekm - Hope you are well.

I am wondering if you have ever found a root cause for this. I believe I may be experiencing this in Vyos 1.4 rolling.

Many thanks. I think it was actually fixed earlier than 1.3.7 - I've been using VRF to allow SSH access only from a separate private management network, on a router that routes only public IP addresses (BGP, OSPF, PPPoE) otherwise, since about 1.3.5 or so.