It happens with either a Debian or Rocky 9 container.
In the screenshot below during a container reboot, packets # 1-5 are the mac address of the container requesting a dhcp lease with the hostname of the container-host (anguille), followed by packets # 6-9 of the container requesting a dhcp lease with the correct hostname of the container.
The container-host has a static ipv4 address configured so can’t be doing this “by mistake”
And this is the DHCP4 traffic when just shutting down a container. The mac address is for the container being shut down, but the hostname belongs to the container-host.
22:13:13.058027 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 314)
0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:16:3e:7f:7e:5d, length 286, xid 0x5dafd88c, secs 1, Flags [none]
Client-Ethernet-Address 00:16:3e:7f:7e:5d
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Discover
Client-ID (61), length 7: ether 00:16:3e:7f:7e:5d
Parameter-Request (55), length 17:
Subnet-Mask (1), Time-Zone (2), Domain-Name-Server (6), Hostname (12)
Domain-Name (15), MTU (26), BR (28), Classless-Static-Route (121)
Default-Gateway (3), Static-Route (33), YD (40), YS (41)
NTP (42), Unknown (119), Classless-Static-Route-Microsoft (249), Unknown (252)
RP (17)
MSZ (57), length 2: 576
Hostname (12), length 8: "anguille"
22:13:13.073436 IP (tos 0x10, ttl 128, id 0, offset 0, flags [DF], proto UDP (17), length 356)
192.168.22.1.67 > 192.168.22.116.68: BOOTP/DHCP, Reply, length 328, xid 0x5dafd88c, Flags [none]
Your-IP 192.168.22.116
Client-Ethernet-Address 00:16:3e:7f:7e:5d
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Offer
Subnet-Mask (1), length 4: 255.255.255.0
Default-Gateway (3), length 4: 192.168.22.1
Domain-Name-Server (6), length 8: 192.168.22.17,192.168.22.36
Hostname (12), length 8: "anguille"
Domain-Name (15), length 14: "dom.example.com"
NTP (42), length 4: 192.168.22.1
Lease-Time (51), length 4: 7200
Server-ID (54), length 4: 192.168.22.1
Unknown (119), length 16: 74280811,1627743849,1953724675,1668246784
22:13:13.074837 IP (tos 0x0, ttl 64, id 0, offset 0, flags [DF], proto UDP (17), length 326)
0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:16:3e:7f:7e:5d, length 298, xid 0x5dafd88c, secs 1, Flags [none]
Client-Ethernet-Address 00:16:3e:7f:7e:5d
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: Request
Client-ID (61), length 7: ether 00:16:3e:7f:7e:5d
Parameter-Request (55), length 17:
Subnet-Mask (1), Time-Zone (2), Domain-Name-Server (6), Hostname (12)
Domain-Name (15), MTU (26), BR (28), Classless-Static-Route (121)
Default-Gateway (3), Static-Route (33), YD (40), YS (41)
NTP (42), Unknown (119), Classless-Static-Route-Microsoft (249), Unknown (252)
RP (17)
MSZ (57), length 2: 576
Requested-IP (50), length 4: 192.168.22.116
Server-ID (54), length 4: 192.168.22.1
Hostname (12), length 8: "anguille"
22:13:13.103346 IP (tos 0x10, ttl 128, id 0, offset 0, flags [DF], proto UDP (17), length 356)
192.168.22.1.67 > 192.168.22.116.68: BOOTP/DHCP, Reply, length 328, xid 0x5dafd88c, Flags [none]
Your-IP 192.168.22.116
Client-Ethernet-Address 00:16:3e:7f:7e:5d
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message (53), length 1: ACK
Subnet-Mask (1), length 4: 255.255.255.0
Default-Gateway (3), length 4: 192.168.22.1
Domain-Name-Server (6), length 8: 192.168.22.17,192.168.22.36
Hostname (12), length 8: "anguille"
Domain-Name (15), length 14: "dom.example.com"
NTP (42), length 4: 192.168.22.1
Lease-Time (51), length 4: 7200
Server-ID (54), length 4: 192.168.22.1
Unknown (119), length 16: 74280811,1627743849,1953724675,166824678