R: Relay agent with dhcp server on same subnet

Autuori Gianluigi Autuori.Gianluigi.Wintime at ansaldobreda.it
Wed Nov 18 15:44:44 UTC 2009


Ok, but after packet 6  the client starts a new transaction...
regards
Gianluigi

-----Messaggio originale-----
Da: dhcp-users-bounces at lists.isc.org [mailto:dhcp-users-bounces at lists.isc.org] Per conto di Glenn Satchell
Inviato: mercoledì 18 novembre 2009 14.37
A: Users of ISC DHCP
Oggetto: Re: Relay agent with dhcp server on same subnet

> Hi,
> I have a simple network with one dhcp server (isc dhcp), one managged 
> switch and two clients.
>
>                       ___________
>                      |          4|------- Client 1 to sw port 4
> DHCPD  Server--------| Switch   6|------- Client 2 to sw port 6
> (192.168.1.30)       |___________|
>                     (192.168.1.101)
>
> I want to assign ip address according to switch ports whitch clients 
> are connected.
> So I set Relay Agent on switch to relaying to DHCPD  Server 
> (192.168.1.30) with Option-82.
> Then I configure DHCPD  Server like follow:
>
> class "port4" {
>     match (binary-to-ascii(16, 8, ":",option agent.circuit-id)); }
>
> subclass "port4" "b8:6:0:0:1:1:1:4";
>
> class "port6" {
>     match (binary-to-ascii(16, 8, ":",option agent.circuit-id)); }
>
> subclass "port6" "b8:6:0:0:1:1:1:6";
>
> subnet 192.168.1.0 netmask 255.255.255.0 {
>     pool {
> 	allow members of "port4";
> 	range 192.168.1.4 192.168.1.4;
>     }
>     pool {
> 	allow members of "port6";
> 	range 192.168.1.6 192.168.1.6;
>     }
> }
>
> Now I test this with only one client connected to the right port and I 
> obtain this traffic:
>
> No.     Time        Source                Destination           Protocol
> Info
>       1 0.000000    0.0.0.0               255.255.255.255       DHCP
> DHCP Discover - Transaction ID 0xeaa79f3f
>       2 0.005068    192.168.1.101         192.168.1.30          DHCP
> DHCP Discover - Transaction ID 0xeaa79f3f
>       3 0.005072    192.168.1.30          192.168.1.101         DHCP
> DHCP Offer    - Transaction ID 0xeaa79f3f
>       4 0.010307    192.168.1.101         192.168.1.4           DHCP
> DHCP Offer    - Transaction ID 0xeaa79f3f
>       5 0.010796    0.0.0.0               255.255.255.255       DHCP
> DHCP Request  - Transaction ID 0xeaa79f3f
>       6 0.010819    192.168.1.30          255.255.255.255       DHCP
> DHCP NAK      - Transaction ID 0xeaa79f3f
>       7 0.015958    192.168.1.101         192.168.1.30          DHCP
> DHCP Request  - Transaction ID 0xeaa79f3f
>       8 0.031054    192.168.1.30          192.168.1.101         DHCP
> DHCP ACK      - Transaction ID 0xeaa79f3f
>       9 0.035778    192.168.1.101         192.168.1.4           DHCP
> DHCP ACK      - Transaction ID 0xeaa79f3f
>
> as can you see there is a NAK (packet n°6) so the transaction fails.
> Can I configure DHCP Server to not send this NAK?

I think the NAK is ok. Packet 8 is dhcp sending ACK to relay agent, and packet 9 is switch sending ACK to client. That looks like success to me, unless the client then reuses the ACK?

You need to add one level of verboseness to the packet capture command to decode the dhcp protocol inside the packets. The client may be requesting an old IP address it had previously?

Also, a minor point, but you can do binary string comparisons. Just leave out the quotes around the colon separated hex digits, see the dhcp-eval man page, eg:

class "port4" {
    match option agent.circuit-id; }

subclass "port4" b8:6:0:0:1:1:1:4;

Or
class "port4" {
    match if option agent.circuit-id = b8:6:0:0:1:1:1:4; }

regards,
-glenn

> Thanks
> Gianluigi Autuori
>



_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users



--------------------------------------------------------------------------------
Questo messaggio e-mail e ogni documento ad esso eventualmente allegato puo' avere carattere riservato ed essere tutelato da segreto. Esso,comunque, e'
ad esclusivo utilizzo del destinatario in indirizzo. Qualora non foste il destinatario del messaggio vi preghiamo di volerci avvertire immediatamente per e-mail o telefono e di cancellare il presente messaggio e ogni eventuale allegato dal vostro sistema. E' vietata la duplicazione o l'utilizzo per qualunque fine del messaggio e di ogni allegato, nonche' la loro divulgazione, distribuzione o inoltro a terzi senza l'espressa autorizzazione del mittente. In ragione del mezzo di trasmissione utilizzato, il mittente non assume alcuna responsabilita' sulla segretezza/riservatezza delle informazioni contenute nel messaggio e nei relativi allegati. 

This e-mail and any file transmitted with it may contain material that is confidential, privileged and/or attorney work product for the sole use of the intended recipient. If you are not the intended recipient of this e-mail, please do not read it, notify us immediately by e-mail or by telephone and then delete this message and any file attached from your system. You should not copy or use it for any purpose, disclose the contents of the same to any other person or forward it without express permission.
Considering the means of transmission, we do not undertake any liability with respect to the secrecy and confidentiality of the information contained in this e-mail and its attachments.




More information about the dhcp-users mailing list