CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


First, I hope you're all well and staying safe.
Second, I want to give a "heads up" that you should see more activity here shortly, and maybe a few cosmetic changes.
I'll post more details to the "Announcements" forum soon, so be on the lookout. -E

 

Page 2 of 2 FirstFirst 12
Results 21 to 30 of 30

Thread: DHCPD incorrectly handles tagged packages

  1. #21
    Join Date
    2013-03-05
    Posts
    58
    Rep Power
    8

    Default Re: DHCPD incorrectly handles tagged packages

    In R77.20.60 for the 14x0 the new DHCPD is included (4.3.5), for the 11x0 it is still the old one.

  2. #22
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,659
    Rep Power
    10

    Default Re: DHCPD incorrectly handles tagged packages

    Quote Originally Posted by peter42 View Post
    In R77.20.60 for the 14x0 the new DHCPD is included (4.3.5), for the 11x0 it is still the old one.
    sigh.. now what sucks. sorry to hear that. I'd guess they forgot to update the 1200R as well. That VPN VTI issue thats fixed in hfa 60 is my issue. Should have been in hfa 50 (or 51) but something got lost.

  3. #23
    Join Date
    2013-03-05
    Posts
    58
    Rep Power
    8

    Default Re: DHCPD incorrectly handles tagged packages

    Could you trigger the update please?

  4. #24
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,659
    Rep Power
    10

    Default Re: DHCPD incorrectly handles tagged packages

    Quote Originally Posted by peter42 View Post
    Could you trigger the update please?
    I'm buying a ticket to Israel right now. Once I land I will march right up to checkpoint HQ, demand to speak with the developer in question and promptly get my butt kicked by security. I may even luck out and find i'm at the wrong office and start the process over again.

    Maybe Phoneboy can be more productive?

  5. #25
    Join Date
    2013-03-05
    Posts
    58
    Rep Power
    8

    Default Re: DHCPD incorrectly handles tagged packages

    I understood from your post, that you are with CP - no worries.

  6. #26
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,659
    Rep Power
    10

    Default Re: DHCPD incorrectly handles tagged packages

    Quote Originally Posted by peter42 View Post
    I understood from your post, that you are with CP - no worries.
    No worries, i used to be tech support John, now i'm Ronin John! Have compiler, will travel.

  7. #27
    Join Date
    2005-08-14
    Location
    Gig Harbor, WA, USA
    Posts
    2,494
    Rep Power
    17

    Default Re: DHCPD incorrectly handles tagged packages

    Quote Originally Posted by peter42 View Post
    In R77.20.60 for the 14x0 the new DHCPD is included (4.3.5), for the 11x0 it is still the old one.
    Makes sense because R77.20.60 for the 1400 series supports IPv6 (why DHCPD was upgraded) but the 1100 series does not.
    Have you confirmed the bug is indeed fixed on the 1400 series with the upgraded DHCPD?

    Assuming it is fixed, and if you haven't already, please open a new SR and ask for a portfix.
    Please send me the SR in a PM, I will loop in the relevant R&D contacts.
    http://phoneboy.org
    Unless otherwise noted, views expressed are my own

  8. #28
    Join Date
    2013-03-05
    Posts
    58
    Rep Power
    8

    Default Re: DHCPD incorrectly handles tagged packages

    Quote Originally Posted by PhoneBoy View Post
    Makes sense because R77.20.60 for the 1400 series supports IPv6 (why DHCPD was upgraded) but the 1100 series does not.
    Have you confirmed the bug is indeed fixed on the 1400 series with the upgraded DHCPD?

    Assuming it is fixed, and if you haven't already, please open a new SR and ask for a portfix.
    Please send me the SR in a PM, I will loop in the relevant R&D contacts.
    I will have to test it, from the dhcpd version it should be fixed so.

    The 1100 did not show that bug directly as it has a different kernel.

  9. #29
    Join Date
    2013-03-05
    Posts
    58
    Rep Power
    8

    Default Re: DHCPD incorrectly handles tagged packages

    Yes it is fixed on the 1400 - I just tested it, the answer only comes, when the request is sent from the same VLAN.

  10. #30
    Join Date
    2011-08-02
    Location
    http://spikefishsolutions.com
    Posts
    1,659
    Rep Power
    10

    Default Re: DHCPD incorrectly handles tagged packages

    So i've seen some strange stuff with HFA 60 that i haven't seen before. I'm not officially saying it a HFA 60 issue, but i don't recall seeing this before.

    I have a strange MAC address showing up that is taking all hosts in my dhcp lease files that aren't used. I've started poking my diamond rep about it but frankly i've taxed him with much larger stuff.

    egrep 'hardware ethernet' /var/dhcpd.leases.br0 | sort -rn | uniq -c | sort -rn

    128 hardware ethernet 00:1c:7f:2f:b1:a2

    Strange thing is this matches a 1100. I do have a 1100 on the network and its not running hfa 60 but it also doesn't match this MAC (checked ip a output). That being said this MAC address doesn't show up anywhere on either boxes (btw the lease file is from my 750). I installed isc dhcp via apt and started running it in chroot and its not showing up anymore... uh.. strange.. oh and this MAC doesn't show up in the arp table (arp -an).

    in addition if i start a (with fwaccel off)

    tcpdump -ni br0 ether host 00:1c:7f:2f:b1:a2

    I haven't tried this on LAN1 yet.. i can only take not having dhcp for so long.

    then kill dhcpd (the checkpoint one, not the one i install) and let whatever the eff is restarting it (init??) nothing will show up in the packet capture.

    i'm bridging wifi to LAN1_Switch. Br0 is the bridge checkpoint created to do this.


    Oh one last thing.. i don't have any objects excluded from dhcp via that check box.
    Last edited by jflemingeds; 2017-09-01 at 16:35.

Page 2 of 2 FirstFirst 12

Similar Threads

  1. Convert DHCP scope reservations to Linux dhcpd.conf
    By Eddie_Norman in forum Beginner
    Replies: 0
    Last Post: 2016-12-01, 12:51
  2. Replies: 0
    Last Post: 2009-03-31, 11:41
  3. Replies: 1
    Last Post: 2009-03-03, 20:47
  4. ClusterXL incorrectly says interface is disconnected
    By jmcgrady in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 5
    Last Post: 2008-02-06, 20:23
  5. Smartmonitor reports HA incorrectly
    By jmcgrady in forum Clustering (Security Gateway HA and ClusterXL)
    Replies: 1
    Last Post: 2007-09-16, 10:03

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •