dhcp relay responses

Alan Batie alan at peak.org
Fri Jan 31 18:47:25 UTC 2020


OK, thanks!

On 1/30/20 11:26 PM, Simon Hobson wrote:
> Alan Batie <alan at peak.org> wrote:
>> We are setting up a private network with dhcp.  The router for the
>> private network is setup to relay dhcp to an external isc dhcpd server.
>> The requests to the dhcpd server come from the public address of the
>> router, however dhcpd is replying to the private address.  I don't see
>> anything in the docs for managing the replies.  We are trying to avoid
>> routing the private network even internally.  Are we out of luck?
> 
> Short answer: yes
> 
> Longer answer:
> There must be end to end IP connectivity between clients and server - without "broken" things like NAT in the way. Even if you worked around the problem with the relay, you'd find clients having problems later when they unicast a renewal request to the server and it unicasts a response directly to the client.
> 
> As to why the responses are sent to to private address of the relay ... That's because the server uses the GI Addr field in the relayed packet - firstly to select an appropriate address pool, and secondly to determine whete the response needs to be returned to. Thecrelay agent would then use the destination address of the packet to determine which locally connected interface to send the response out on.
> 
> So if the server can't receive & send packets from/to both the relay agent and clients directly - DHCP won't work.
> Up to you whether you relicate the server, tunnel packets to/from it, or something else ...
> 
> Simon
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
> 


-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4036 bytes
Desc: S/MIME Cryptographic Signature
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20200131/2a1c5d1e/attachment.bin>


More information about the dhcp-users mailing list