Hi, guys!
Today I noticed that my local NTP server is using two additional upstream servers which aren't specified in the system configuration…
6383 root 1084 S< /usr/sbin/ntpd -n -N -l -S /usr/sbin/ntpd-hotplug -p ntp01.oal.ul.pt -p ntp02.oal.ul.pt -p ntp03.oal.ul.pt -p ntp04.oal.ul.pt -p ntp05.oal.ul.pt -p ntp06.oal.ul.pt -p 213.205.64.133 -p 213.205.64.197
… now, those last two servers are being obtained by udhcpc, as we can see when executing ifstatus wan:
"data": {
"leasetime": 14400,
"ntpserver": "213.205.64.133 213.205.64.197",
"timezone": 0
}
After noticing this, I changed my WAN network configuration to…
config interface 'wan'
option ifname 'eth2'
option ipv6 '0'
option proto 'dhcp'
option peerdns '0'
option defaultreqopts '0'
option reqopts '1 3 15 50 51 54 58 59'
… and, sure enough, udhcpc only requests these specific options, as shown on this tcpdump capture:
15:36:06.369290 IP (tos 0x0, ttl 64, id 13144, offset 0, flags [DF], proto UDP (17), length 328)
a95-94-77-68.cpe.netcabo.pt.68 > a109-49-15-254.cpe.netcabo.pt.67: BOOTP/DHCP, Request from d8:58:d7:00:41:9b (oui Unknown), length 300, xid 0x5c727e04, Flags [none]
Client-IP a95-94-77-68.cpe.netcabo.pt
Client-Ethernet-Address d8:58:d7:00:41:9b (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
MSZ Option 57, length 2: 576
Parameter-Request Option 55, length 9:
Subnet-Mask, Default-Gateway, Domain-Name, Requested-IP
Lease-Time, Server-ID, RN, RB
Classless-Static-Route
Vendor-Class Option 60, length 12: "udhcp 1.30.1"
Hostname Option 12, length 12: "heimdall.lan"
15:36:06.377908 IP (tos 0x0, ttl 64, id 0, offset 0, flags [none], proto UDP (17), length 362)
a109-49-15-254.cpe.netcabo.pt.67 > a95-94-77-68.cpe.netcabo.pt.68: BOOTP/DHCP, Reply, length 334, hops 1, xid 0x5c727e04, Flags [none]
Client-IP a95-94-77-68.cpe.netcabo.pt
Your-IP a95-94-77-68.cpe.netcabo.pt
Gateway-IP a109-49-15-254.cpe.netcabo.pt
Client-Ethernet-Address d8:58:d7:00:41:9b (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: ACK
Subnet-Mask Option 1, length 4: 255.255.240.0
Default-Gateway Option 3, length 4: a95-94-79-254.cpe.netcabo.pt
Domain-Name Option 15, length 10: "netcabo.pt"
Lease-Time Option 51, length 4: 14400
Server-ID Option 54, length 4: a109-49-15-254.cpe.netcabo.pt
RN Option 58, length 4: 7200
RB Option 59, length 4: 12600
Time-Zone Option 2, length 4: 0
Time-Server Option 4, length 8: indhcp111a.nos.pt,indhcp111b.nos.pt
Domain-Name-Server Option 6, length 8: a212-113-191-130.cpe.netcabo.pt,62.169.70.160.rev.optimus.pt
LOG Option 7, length 4: a212-113-188-209.cpe.netcabo.pt
NTP Option 42, length 8: indhcp111a.nos.pt,indhcp111b.nos.pt
So, my question is, how do I stop the system from using DHCP options which weren't requested, even if the server chooses to send them?