DHCP Relay to Forward Broadcast Offers
Gilbert Mendoza
gmendoza at gmail.com
Mon Aug 4 05:51:41 UTC 2008
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hey there, folks. I'm trying to do something a little atypical with
ISC's DHCP relay agent, and was hoping someone may be able to offer some
insight into a resolution.
The application is for VirtualBox guests behind a TAP interface. I am
using IP forwarding and proxy ARP on the host to allow the guests to
utilize the same address space as the hosts wireless network interface.
This works well, but currently is limited to static addressing for the
guests.
My goal is to allow a guest behind the TAP interface to pull an IP
across the host's wlan0 interface from the wireless networks DHCP
server, without having to create a completely different DHCP range that
would complicate the routing requirements on the local network.
Here's what I've done so far.
Scenario 1
DHCP Server: 192.168.1.1/24
Host wlan0: 192.168.1.3/24
Host tap0: None
IP forwarding and proxy ARP enabled.
DHCP Relay Agent: dhcrelay3 -d -i wlan0 -i tap0 192.168.1.1
Results:
DHCP discover messages are properly forwarded to the DHCP server on the
wlan0 interface. Packet captures show that when the tap0 interface is
not configured with an IP address, the giaddr field is left to it's
default 0.0.0.0. The DHCP server therefore reads this as a local
address space request, and responds with a DHCP offer in the form of a
Layer-2/3 broadcast. The relay service ignores this response and does
not forward it back over to the tap0 interface to the reach client.
Scenario 2
Host tap0: 192.168.1.150/32
All other values the same.
Results:
I configure the tap0 interface with a 32-bit mask host address to avoid
host routing issues, but more importantly, the relay agent will also use
this address as the giaddr value in the DHCP discover messages. These
messages are again forwarded as expected, however, because the tap0 IP
address falls within the same address space as the servers local subnet,
I think the DHCP server ignores messages from the relay agent. Packet
captures confirm no Offers are made by the server if the giaddr value is
an IP the DHCP server believes to be in the local subnet.
So I think I'm left with only a couple options.
1. Use some form of Policy Based Routing or iptables mangle rules that
can forward both broadcast and unicast DHCP requests across both
interfaces, thus eliminating the need for a relay agent. Suggestions
welcome.
2. Somehow have the dhcp relay service forward the DHCP broadcast Offer
messages to their respective interfaces and clients. Not sure if this
is a current feature or one that requires an enhancement request.
Ideas anyone? Thanks in advance.
- --
Gilbert Mendoza
PGP: 0x075DBCA9
Email: gmendoza at gmail.com
http://www.savvyadmin.com
https://launchpad.net/~gmendoza
https://wiki.ubuntu.com/GilbertMendoza
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iD8DBQFIlpjtBZd5UQddvKkRAjvwAJ4lZqYh+75rIcrqCQNeMYXfzmQwogCgmHwM
vUYTbzJl1kNVMmI+KV9Wic8=
=xUv/
-----END PGP SIGNATURE-----
More information about the dhcp-users
mailing list