ISC DHCP server handing out the same IP address to multiple clients

jamie

I've got a pretty simple pfSense instance which is mostly just operating as a DHCP server. Recently I've noticed some strange behaviour, DHCP requests from VMs I run with unique MAC addresses are all being offered the same IP address.

I'm using the (now deprecated) ISC DHCP server. Here's a snippet of the DHCP log showing this behaviour. This snippet is taken when booting some newly deployed VMs up for the first time, which means these are MAC addresses that pfSense won't have seen requests from before.

Apr 10 16:11:01	dhcpd	53536	DHCPACK on 10.151.0.114 to 00:50:56:80:ee:42 (rpturn) via vmx2
Apr 10 16:11:01	dhcpd	53536	DHCPREQUEST for 10.151.0.114 (10.151.0.2) from 00:50:56:80:ee:42 (rpturn) via vmx2
Apr 10 16:11:01	dhcpd	53536	DHCPOFFER on 10.151.0.114 to 00:50:56:80:ee:42 (rpturn) via vmx2
Apr 10 16:11:01	dhcpd	53536	DHCPDISCOVER from 00:50:56:80:ee:42 (rpturn) via vmx2
Apr 10 16:10:56	dhcpd	53536	DHCPACK on 10.151.0.114 to 00:50:56:80:49:02 (rpturn) via vmx2
Apr 10 16:10:56	dhcpd	53536	DHCPREQUEST for 10.151.0.114 (10.151.0.2) from 00:50:56:80:49:02 (rpturn) via vmx2
Apr 10 16:10:56	dhcpd	53536	DHCPOFFER on 10.151.0.114 to 00:50:56:80:49:02 (rpturn) via vmx2
Apr 10 16:10:56	dhcpd	53536	DHCPDISCOVER from 00:50:56:80:49:02 (rpturn) via vmx2
Apr 10 16:10:54	dhcpd	53536	DHCPACK on 10.151.0.114 to 00:50:56:80:f5:da (rpturn) via vmx2
Apr 10 16:10:54	dhcpd	53536	DHCPREQUEST for 10.151.0.114 (10.151.0.2) from 00:50:56:80:f5:da (rpturn) via vmx2
Apr 10 16:10:54	dhcpd	53536	DHCPOFFER on 10.151.0.114 to 00:50:56:80:f5:da (rpturn) via vmx2
Apr 10 16:10:54	dhcpd	53536	DHCPDISCOVER from 00:50:56:80:f5:da (rpturn) via vmx2
Apr 10 16:10:49	dhcpd	53536	DHCPACK on 10.151.0.114 to 00:50:56:80:fc:5c (rpturn) via vmx2
Apr 10 16:10:49	dhcpd	53536	DHCPREQUEST for 10.151.0.114 (10.151.0.2) from 00:50:56:80:fc:5c (rpturn) via vmx2
Apr 10 16:10:49	dhcpd	53536	DHCPOFFER on 10.151.0.114 to 00:50:56:80:fc:5c (rpturn) via vmx2
Apr 10 16:10:49	dhcpd	53536	DHCPDISCOVER from 00:50:56:80:fc:5c (rpturn) via vmx2

I've taken a packet capture from the pfSense instance and it matches exactly what's shown in the log. pfSense is sending an offer of the same IP to all 4 requests - this obviously causes sadness as all 4 VMs boot up with the same IP address and we enter conflict hell!

I've tried completely clearing the DHCP leases using the button on the status page and that appears to have had no effect. I also have no static DHCP reservations at all either.

I saw this on 2.7.0 and have upgraded to 2.7.2 in hope that it might fix the issue but unfortunately it hasn't helped.

Is there any explanation for this behaviour and how to fix it or have I somehow stumbled across a bug?

serbus

Hello!

Same UUID?

John

SteveITS

@serbus said in ISC DHCP server handing out the same IP address to multiple clients:

Hello!

Same UUID?

I’m pretty sure there was a thread about this with cloned VMs in the past several months.

jamie

Thanks both. That has been the pointer I needed! Looking back in my pcaps, I do see that there is a "Client ID" set in all of the discovers and that it's the same in every one!

These VMs are not clones, they are unique OVA deploys. However, some further digging has unearthed that this OVA is based on Ubuntu which generates it's DHCP Client ID from /etc/machine-id which has mistakenly not been blanked in the OVA disk image! Easy enough bug to fix as it's an OVA we build.