Trying to grasp RFC 3011, using ISC DHCP and Cisco ASA

David W. Hankins David_Hankins at
Thu Dec 11 17:31:34 UTC 2008

On Thu, Dec 11, 2008 at 09:24:08AM -0800, David W. Hankins wrote:
> But that segues into the current problem; your giaddr is apparently
> an invalid value, not the address locating the DHCP relay agent.

Ok, this explanation is lame, let me try again.

A relay agent sets 'giaddr' to be it's own address, facing the client
whose packet it is passing on.

A server uses this value for two purposes;

1) To locate the right shared network, hence subnet(s), hence
   appropriate leases.

2) To direct its replies to the relay agent.

RFC's 3011 and 3527 give the relay agent a way to provide a hint for
the first, while continuing to use giaddr for the second.  It is
generally only used when the relay agent does not have a valid address
on the client-facing network, or where the relay agent would not be
normally reachable by the server using that address.

It appears to me that the giaddr value is -not- the relay agent's
address in your case, but is appropriate for locating leases.

Ash bugud-gul durbatuluk agh burzum-ishi krimpatul.
Why settle for the lesser evil?
David W. Hankins	"If you don't do it right the first time,
Software Engineer		     you'll just have to do it again."
Internet Systems Consortium, Inc.		-- Jack T. Hankins
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 194 bytes
Desc: not available
URL: <>

More information about the dhcp-users mailing list