multiple interfaces dhcp relay with domain separation

Simon Hobson dhcp1 at thehobsons.co.uk
Fri Sep 15 17:53:15 UTC 2017


IMMO WETZEL <IMMO.WETZEL at adtran.com> wrote:

> Source net on eth1 should be served from Server A and eth2 from Server B. But currently only on daemon is able to run and would always send the relayed discover to all Servers..
> Usually not a problem in a controlled environment but it’s not. And even we 32 of these different Servers/networks its going to be worse. Also Security is an issue than.
>  
> Why not running the daemon twice with defined iu/id/server settings ?

I suspect the issue is down to assumptions made many years ago when networking was "simpler".

The relay agent MUST use raw sockets on the client side interface, and I AIUI it also uses raw sockets on the server side partly because "that's the way the networking was done", and partly because it allows the same interface to be easily used for both clients and server. Even without raw sockets, you would still only be able to use one instance as the ports used are fixed. Back when the current software was designed, these choices were logical - as I say, networking was "simpler".

To run multiple instances in the manner you want, you would need to have the agent a) use the hosts packet interface on the server side, and b) bind to a different address to resolve the fixed port problem.



More information about the dhcp-users mailing list