Opened 2 years ago

Last modified 2 years ago

#4011 new defect

v6 server should handle out of range addresses properly

Reported by: tmark Owned by:
Priority: medium Milestone: Outstanding Tasks
Component: dhcp6 Version: git
Keywords: Cc:
CVSS Scoring: Parent Tickets:
Sensitive: no Defect Severity: N/A
Sub-Project: DHCP Feature Depending on Ticket:
Estimated Difficulty: 0 Add Hours to Ticket: 0
Total Hours: 0 Internal?: no

Description

This ticket grew out of #2615, which addresses the issue for the DHCPv4 server. I created this ticket to keep the scope manageable.

We need to ensure that the DHCPv6 server correctly handles attempts to renew, rebind, and release leases whose address/prefix is no longer in range. This includes ensuring that DNS updates (e.g. remove on release) is done when appropriate.

Subtickets

Change History (4)

comment:1 Changed 2 years ago by tmark

Testing shows that the v6 server is currently allowing a client to renew a lease whose address is no longer valid (out of pool). In order to address this we would need to do at
least the following:

1 - Add sanitization check in alloc_engine (near calls to getLeases6) to
detect out-of-pool addresses

2 - mark the lease as invalid by setting lifetime to zero, so the client
will recognize them as invalid in the response

  1. - examine places which use leases.empty(), these will have to take into

account present but invalid leases, prior to this, there would be none

  1. - the lease needs to be reclaimed - same as if they were released or

expired. This step should look at using lease reclamation method(s) once their implemented

comment:2 Changed 2 years ago by tmark

Also see ticket #4012, that ticket refers to step #4.

comment:3 Changed 2 years ago by hschempf

  • Milestone changed from Kea1.0 to DHCP Outstanding Tasks

comment:4 Changed 2 years ago by tomek

  • Milestone changed from DHCP Outstanding Tasks to Outstanding Tasks

Milestone renamed

Note: See TracTickets for help on using tickets.