Re: dhcpcd ignores netmask from server, installs /8 or /24 instead

[Roy Marples <roy%marples.name@localhost>]

On Friday 12 Dec 2014 15:51:20 John D. Baker wrote:
> I've been using NetBSD/sparc as a router/firewall for a long time.  My
> ADSL service provider uses DHCP for address assignment.  When I first
> started using ADSL, I was using ISC 'dhclient' and it worked quite well
> in exchange for having to do some fiddly bits in the "/etc/ifconfig.xxx"
> file.
> 
> In the netbsd-6 era, with 'dhcpcd' being the default mechanism for a
> simple "dhcp" configuration line, I figured I'd give it a try for handling
> the upstream connection to my ISP.  It has required even more fiddly
> business to make it work than its alternative.  At present, using
> netbsd-7, the most vexing problem is as follows:
> 
> Following an update and a reboot, 'dhcpcd' ignores the "/20" netmask
> presented by the ISP's DHCP server and instead installs the address with
> a "/8" netmask instead (the address assigned by the DHCP server would
> otherwise be a Class A were it not for the "/20" netmask).
> 
> This, naturally, cuts off vast swaths of T3h Intarw3bz (most notably
> Google) since my router then assumes they are on the same network and
> expects to get a response via ARP.
> 
> Using '/etc/rc.d/network restart' gets things working again, but it's
> still not right.  The ISP's DHCP server again issues a "/20" netmask,
> but this time, 'dhcpcd' installs a "/24" netmask instead.  It installs
> a route to the "/20" network along with the nearest "/24" network.
> 
> My ISP's upstream router is operating as a DHCP relay as the DHCP
> server is on an entirely different network from that presented by
> the upstream router.  Perhaps this causes confusion?

Possibly.
Can you email me a full tcpdump off the DHCP message so I can analyse it 
please?

> 
> My ISP seems to suffer prolonged outages of its upstream router, so
> when the lease expires, an IPv4LL/APIPA address is assigned and this
> also frequently has the wrong netmask (usually /24 instead of /16).
> 
> I don't know if this is architecture-dependent or not.  Perhaps I'll
> copy my firewall rules over to one of my Soekris net4501s and see how
> it behaves on an i386 system in place of the sparc system.  (I have a
> local patch to work around kern/49124 for -7/-current.)

I cannot replicate this on i386, a /20 is assigned fine from my local ISC dhcpd 
server using dhcpcd-6.6.5.

I suppose I cannot rule out any architectural problems and I don't have any 
big endian hardware to test on, but I've not heard of any problems with dhcpcd 
on these platforms.

Does anyone else on bigendian have a problem with dhcpcd and subnet masks?

Roy