[MX] Negative value reported in the output of 'show dhcp server binding'

  [KB31297] Show Article Properties


Summary:

When the MX is acting as a DHCP server, the lease expiration may be reported as a negative number.  This is most often seen when a client is in a selecting state and the client does not successfully complete the DHCP negotiation. 

Symptoms:

Here is an example of the binding information seen when the DHCP client is attempting to negotiate a lease, but the negotiation does not complete.

The remaining lease is at -217 seconds and the binding state is reported to be in Selecting.

lab@jovian-re0> show dhcp server binding
Nov 29 09:54:32

IP address     Session Id    Hardware address     Expires      State          Interface
88.91.0.5       4            44:37:e6:bc:38:73     -217        SELECTING      demux0.7000

Cause:

This can result under the following scenario:

  1. The CPE sends a DHCPv4 DISCOVER message.

  2. The BNG receives the DISCOVER message and creates a binding in SELECTING state. The expiration timer begins a countdown from the lease time.  A subscriber session is created and is placed in a Configured state.

    lab@jovian-re0> show dhcp server binding
    Nov 29 09:46:11

    IP address     Session Id    Hardware address     Expires     State        Interface
    88.91.0.5       4            44:37:e6:bc:38:73     284        SELECTING    demux0.7000


    lab@jovian-re0> show subscribers detail
    Nov 29 10:07:08
    Type: DHCP
    User Name: user.4437.e6bc.3873
    IP Address: 88.91.0.6
    IP Netmask: 255.255.0.0
    Logical System: default
    Routing Instance: default
    Interface: demux0.1073741828
    Interface type: Dynamic
    Interface Set: ge-0/3/9-100
    Underlying Interface: demux0.7000
    Dynamic Profile Name: dhcp
    Dynamic Profile Version: 1
    MAC Address: 44:37:e6:bc:38:73
    State: Configured                             <<<<<<
    Radius Accounting ID: 5
    Session ID: 5
    VLAN Id: 100
    Login Time: 2016-11-29 10:07:02 CET
    DHCP Options: len 34
    35 01 01 0c 0e 6d 61 72 69 61 6e 2d 64 65 73 6b 74 6f 70 37
    0d 01 1c 02 03 0f 06 77 0c 2c 2f 1a 79 2a

  3. The BNG replies with an OFFER message.

  4. The CPE does not receive the OFFER and will re-transmit a DISCOVER message.

  5. Upon receipt of the new DISCOVER message, the BNG refreshes the state of the existing session so it is not cleared. The lease timer is not refreshed, as a result the expiration will be decremented, eventually reporting a negative value.

If a new DISCOVER message is not received by the the BNG, the session is cleared after 2 minutes.

The scenario can be confirmed by monitoring traffic with 'monitor traffic interface <>'.

Solution:

The root cause of the DHCP negotiation process failing will need to be resolved in order to address the the negative value being reported by the expiration timer.

There is a configuration known that can be added that may mitigate the negative expiration timer.

set system services dhcp-local-server no-stale-timer-refresh


With this statement added to the configuration, the session will not be refreshed after receiving a new DISCOVER packet from CPE.  If the session is not established within 2 minutes it will be deleted along with the binding entry.

The default timer of two minutes for the session establishment can be changed with the following configuration:

set system services dhcp-local-server stale-timer 60  <-- with this command, it is set to 60 seconds

Related Links: