Hi
Need your suggestions on what could have gone wrong in the following scenario
we have a solaris box running peacefully for the last couple of years,
Box runs a proprietary CMS server and bugzilla.
mysql , Apache , perl all have been built from source (for .
I am the admin of the box , this is more or less used by me alone ,
not many people have access let alone root access.
Solaris box has two network cards , one is not used another has IP
assigned by our corporate DHCP server.
our corporate DHCP server always assigns the same IP ( 172.18.33.58 )
based on MAC address.
This has been going on for the last few years without any issue.
Last Friday our box mysteriously tried to assign itself the IP of our
network gateway ( 172.18.32.1 ) and succeeded.
The result was almost a catastrophe , our entire office network was
down and for well over 3hrs no one knew what was happening.
when corporate team found out they immediately pulled the network plug
, my server was out of network and our office network was back to
normal.
my server logs indeed confirm server took the gateways IP .
How can this happen , if this behaviour is acceptable can any one
running *inx assign some arbitrary IP and bring the server / network
down.
Can I assign myself IP of my internet proxy and prevent everyone from
accessing network. The whole idea looks scary .
I have reproduced portions of dmesg here
------------------ dmesg logs --------
Jul 4 17:57:18 interwoven ip: [ID 876157 kern.warning] WARNING: node
00:15:62:9a:cb:c0 is using our IP address 172.018.032.0
01 on hme0
Jul 4 17:57:20 interwoven last message repeated 2 times
Jul 4 17:57:21 interwoven ip: [ID 567813 kern.warning] WARNING:
hme0:1 has duplicate address 172.018.032.001 (claimed by 00:
15:62:9a:cb:c0); disabled
Jul 4 17:57:28 interwoven iwovwfs: [ID 944797 kern.notice]
wfsdrv_detach: property unload-ok does not exist.
Jul 4 17:57:28 interwoven iwovwfs: [ID 926483 kern.notice]
wfsdrv_detach: NOT detaching instance.
Jul 4 17:57:30 interwoven iwovwfs: [ID 490704 kern.notice] wfsdrv:
_fini: property unload-ok does not exist.
Jul 4 17:57:30 interwoven iwovwfs: [ID 697986 kern.notice] wfsdrv:
_fini: NOT unloading device.
Jul 4 17:59:28 interwoven /sbin/dhcpagent[56]: [ID 778557
daemon.warning] configure_v4_lease: no IP broadcast specified for
hme0, making best guess
Jul 4 17:59:28 interwoven /sbin/dhcpagent[56]: [ID 793670
daemon.error] configure_bound: cannot add default router 172.18.32
.1 on hme0: File exists
Jul 4 18:00:16 interwoven /sbin/dhcpagent[56]: [ID 778557
daemon.warning] configure_v4_lease: no IP broadcast specified for
hme0, making best guess
Jul 4 18:00:16 interwoven /sbin/dhcpagent[56]: [ID 793670
daemon.error] configure_bound: cannot add default router 172.18.32
.1 on hme0: File exists
Jul 4 18:02:22 interwoven ip: [ID 636139 kern.notice] NOTICE:
recovered address 172.018.032.001 on hme0:1
Jul 4 18:02:22 interwoven ip: [ID 876157 kern.warning] WARNING: node
00:15:62:9a:cb:c0 is using our IP address 172.018.032.0
01 on hme0
Jul 4 18:07:27 interwoven ip: [ID 567813 kern.warning] WARNING:
hme0:1 has duplicate address 172.018.032.001 (claimed by 00:
15:62:9a:cb:c0); disabled
Jul 4 18:07:49 interwoven /sbin/dhcpagent[56]: [ID 778557
daemon.warning] configure_v4_lease: no IP broadcast specified for
hme0:1, making best guess
Jul 4 18:07:49 interwoven /sbin/dhcpagent[56]: [ID 293758
daemon.error] open_ip_lif: cannot bind v4 socket on hme0:1: Cannot
assign requested address
Jul 4 18:07:49 interwoven /sbin/dhcpagent[56]: [ID 623418
daemon.error] configure_bound: cannot set bound state on hme0:1: C
annot assign requested address
--------------dmesg logs -----------------
All along i was thinking if there is a duplicate IP in network , the
machine that tried to assign the existing IP will fail. In this case
gateway failed and my box succeeded.
It should have been other way round, my server should have failed ,
gateway box should have continued with the same IP.
Am I missing something here ?
regards
Kannan
