Recurrent DHCPREQUEST Message in General Log

[rhubarb]

I am getting hundreds of these messages in my General Log.  This is not an address space that i use, and my WAN is a public IP that is nothing like this. 

2021-04-25T22:48:03   dhclient[77590]   DHCPREQUEST on igb0 to 172.19.57.123 port 67   
2021-04-25T22:47:49   dhclient[77590]   DHCPREQUEST on igb0 to 172.19.57.123 port 67   
2021-04-25T22:47:04   dhclient[77590]   DHCPREQUEST on igb0 to 172.19.57.123 port 67

igb0 is connected to the cable modem and has a public IP.

Does anyone know what is happening?

[priller]

I bet you are on Cox.  They use 172.19.x.x for their DHCP servers and self-install Walled Garden function.

Is this new service? 

If you are having any issues, like DHCP not renewing, you will need to allow DHCP for the RFC1918 space.

[Maurice]

It might be possible that your ISP's DHCP servers don't accept unicast requests. My ISP does that. It's harmless because OPNsense will eventually fall back to broadcasts, but you can get rid of it by switching the DHCP client configuration to 'Advanced' and pasting this into the 'Option Modifiers' field:

Code: [Select]

supersede dhcp-server-identifier 255.255.255.255
Cheers

Maurice

[rhubarb]

Yes it is Cox.

I did find this in the filter log:

2021-04-27T19:34:55   filterlog[14428]   105,,,0,ovpnc2,match,pass,out,4,0x10,,128,32852,0,none,17,udp,328,10.18.0.3,172.19.57.123,1528,67,308

It looks like it is passing through the VPN client and not to the WAN interface.  I wonder why I am not having address/connectivity issues.  (10.18.0.3 is the VPN issued IP)

Is this a bug?

[rhubarb]

Workaround: I applied a static route for the 172.19 address range to the WAN.  With that, success:

2021-04-27T20:37:26   dhclient[77590]   bound to [redacted] -- renewal in 43200 seconds.   
2021-04-27T20:37:26   dhclient[78460]   Creating resolv.conf   
2021-04-27T20:37:26   dhclient[77590]   DHCPACK from 172.19.57.123   
2021-04-27T20:37:26   dhclient[77590]   DHCPREQUEST on igb0 to 172.19.57.123 port 67

I need to know if this is a bug, or am I doing something wrong.

In short, the DHCP client is routing DHCP requests for the WAN interface over the gateway group and not the WAN.

Please advise.

[rhubarb]

Update: I found this.

https://bugzilla.redhat.com/show_bug.cgi?id=626427

This seems like the same problem, ten years earlier. Fortunately, it appears that dhclient reverts back to broadcasts in the native interface so it doesn’t cause a connection problem.