GNOME Bugzilla – Bug 705137
dhclient can DOS the local router (DHCP server) when NetworkManager fails
Last modified: 2013-08-13 20:55:47 UTC
It happened to me with a bug in 'pavlix/runtime'. NetworkManager crashed or otherwise failed at the beginning of DHCP process. The helper script returns 1 on error (it couldn't connect to NetworkManager dbus service for some reason) and dhclient reacts by immediately contacting the DHCP server and running the script again. This results in a loop that overhauls the DHCP server. In a typical setup where DHCP server is being run by a SOHO router, this can render the whole network unresponsive.
Created attachment 250469 [details] [review] Kill dhclient on fatal errors.
Could we just make the script always return success?
(In reply to comment #2) > Could we just make the script always return success? But then you're leaving dhclient running even if it can't work. I think the best think you can do on a fatal error is just exit. If we can tell dhclient to exit, even better, but I asked jpopelka and he didn't know about other exit codes and the documentation doesn't mention any.
If, however, we make the script only exit on certain events, then we can continue to let dhclient renew the lease and keep things working for a while at least. I'm just somewhat concerned that if this behavior is changed to the suggested patch, that if a user stops NetworkManager, then soon after (if their lease is almost up) dhclient will die, and the address will still be valid on the interface without anything left there to continue to renew it.
(In reply to comment #4) > If, however, we make the script only exit on certain events, Not sure what you mean. > then we can > continue to let dhclient renew the lease and keep things working for a while at > least. We're talking about fatal errors, here. Lease renewal doesn't help us as the kernel will remove the address anyway when dhclient's information doesn't get to NetworkManager. > I'm just somewhat concerned that if this behavior is changed to the > suggested patch, that if a user stops NetworkManager, then soon after (if their > lease is almost up) dhclient will die, NetworkManager should always kill its subdaemons to avoid unexpected problems e.g. after [security] updates. > and the address will still be valid on > the interface without anything left there to continue to renew it. Actually the current git master already sets the kernel address lifetime.
Once again DOSed by this bug with a crashed long-running NetworkManager. An updated patch in pavlix/master uses SIGTERM instead of SIGKILL as suggested by Thomas Haller.
^^ the branch name is pavlix/runtime ^^
The specific patch from pavlix/runtime was merged.