DHCP expiration/renew issue

[kosztyua]

Hi,

I have the following issue. I'm using the Virtual DHCP to give clients addresses in a Local Bridge setup. The expiration is set to 3600. While some clients renew successfully the lease when the expiration time is over, some do not, according to the logs. Thus users can be connected and use the VPN even after their DHCP lease is expired and not renewed. Now the issue is, if a new user connects, it can get the IP originally leased to the first one. This results in IP addresses leased to userA to be leased to userB too, while both are connected.

After some experimentation it seems the softether client and openvpn tap can and will renew expired DHCP lease, but others do not (neither openvpn tun, l2tp, sstp). Is this some limitation of the clients? Could softether retain the DHCP re-lease until the session is open?

This is a serious issue in terms of legal, and a nightmare for maintenance.

Using latest 9529 server on Windows.

[kosztyua]

After reading DHCP specifications, I assume the Virtual DHCP does not follow some parts. Before offering the lease to the client, the DHCP server should probe the IP if it is available. I guess this probe is not done by Virtual DHCP and this allows leasing the IP to new users, even if the IP is actually in use. Any thoughts?

[GIANT_CRAB]

Don't use SecureNAT and Virtual DHCP. Use something like DNSMasq and configure it to use a local DHCP pool, sort of a better alternative with added benefits such as lower CPU load.

[kosztyua]

Thanks, figured this is going to be my solution in the end, external DHCP.
DNSmasq unfortunately will not do, my previous Linux issue (http://www.vpnusers.com/viewtopic.php?f=7&t=4390) is still not solved, trying to find good DHCP server for Windows, which is free and actually probes the offered IP if it is available.