Overview

Kerio Control allows configuring advanced DHCP settings, such as lease time, DNS server, gateway, etc. In specific NAS or SMS gateway environments, DHCP lease interval may be requested too often, every <X> second, by the network device. Host logs may report the following errors:

  [30/Aug/2020 08:24:42] [IPv4] 10.0.202.28 [MAC] 00-11-32-63-dd-70 (ABC Incorporated)[Hostname] ssss-llll - IP address leased from DHCP

  [30/Aug/2020 08:24:47] [IPv4] 10.0.202.28 [MAC] 00-11-32-63-dd-70 (ABC Incorporated)[Hostname] ssss-llll - IP address leased from DHCP

This article provides explanations regarding the internal mechanism of Kerio Control DHCP server.

Information

DHCP service is the main component that processes DHCP messages and generates a response. It is registered as a service which is a UDP Service listening on port 67. The default lease time value is 4 days.

All leases are saved to /var/winroute/leases.cfg file every 10 seconds periodically.

All scopes are stored in DhcpScopes list inside /var/winroute/winroute.cfg file. The exclusions and reservations are located in DhcpExclusions and DhcpReservations lists respectively.

Control supports BOOTP protocol if DHCP > EnableDynamicBootp variable is set to 1 in winroute.cfg. Control checks message type in the received message and if the message type is not identified as a DHCP message type (DHCPDISCOVER, DHCPRELEASE, etc), then the message assumed to be a BOOTP message.

Leases are IPs given to machines/workstations but they expire when the lease limit is reached. The lease interval can be different values on DHCP server (Kerio Control) and DHCP clients (PCs connected to Kerio Control). Reservations are reserved for machines but not necessarily leased. Users can reserve a lease (given a machine but not reserved for it, can be given to another machine when the lease expires) from DHCP server.

The standard DHCP flow diagram is below

Example

The sample DHCP server logs output

  [07/Sep/2020 02:22:30] {dhcp} DHCP server [Transaction ID 0xD6AABB2A]: received DHCPREQUEST (renewing/rebinding) from 00-11-32-63-dd-70 (source ip = 10.0.202.28, requested address 10.0.202.28)

  [07/Sep/2020 02:22:30] {dhcp} DHCP address handler [Transaction ID 0xD6AABB2A]: found existing reservation for chaddr 00-11-32-63-dd-70 (reserved address = 10.0.202.28)

  [07/Sep/2020 02:22:30] {dhcp} DHCP address handler [Transaction ID 0xD6AABB2A]: found existing lease (from reservation) for chaddr 00-11-32-63-dd-70 (reserved address = 10.0.202.28)

  [07/Sep/2020 02:22:30] {dhcp} DHCP lease handler: lease modified (10.0.202.28, lease time = 1 day 00:00:00, Srd)

  [07/Sep/2020 02:22:30] {dhcp} DHCP lease handler: lease modified (10.0.202.28, lease time = 1 day 00:00:00, Srd)

  [07/Sep/2020 02:22:30] {dhcp} DHCP server [Transaction ID 0xD6AABB2A]: sending DHCPACK to 00-11-32-63-dd-70 (dest ip = 10.0.202.28)

Explanations

DHCP server was only responding to a DHCP request for lease renewal and rebinding sent by the devices (e.g 00-11-32-63-dd-70). Moreover, DHCP server always acknowledges the DHCP renewal and sends back a DHCPACK after confirming that the client has an existing lease. The DHCP client (NAS server in this case) was sending out multiple DHCPREQUESTs for no apparent reason.