[Kea-users] kea answers to relay using giaddr instead of source address. any way to fix?
Jason Lixfeld
jason-kea at lixfeld.ca
Thu Sep 28 15:56:16 UTC 2017
> On Sep 28, 2017, at 8:16 AM, Sergey Klusov <_lion_2000 at mail.ru> wrote:
>
> On Чт 28.09.2017 16:54, Jason Lixfeld wrote:
>> If your relay supports RFC3527, it will reset giaddr to the IP of the relay’s outbound server facing interface instead of the IP of the relay’s inbound, client facing interface. It will also then encode the subnet of the interface that the packet arrived on at the relay into option 82 sub option 5.
>
> I've already configured agent to set it's giarrd to external address and also specified that address in subnet's "relay" setting.
> Still i need to use classes, because there will be tens of networks on this router, all of them dhcp-relayed to same kea server.
>
> Here is how i configure agent:
>
> /ip dhcp-relay
> add add-relay-info=yes\
> dhcp-server=x.x.x.90\
> disabled=no\
> interface=eoip-101\
> local-address=x.x.x.156\
> name=relay1\
> relay-info-remote-id=100.101.101.0
>
> that "relay-info-remote-id" could only be specified as ASCII string value, and it's seen by kea as relay4[2] option. But kea now cannot compare this option with string '100.101.101.0', only with it's hex value. Wich is working, but just not comfortable configuring.
If RFC3527 is supported on your Mikrotik, it could make this all much easier. Do you know if it is? If so, it should just work without a need to do classes or anything. Just a subnet declaration.
SubOption 5 below decodes to 172 31 255 0, so it seems that Kea supports it properly.
{
#"client-class" : "rgw01.lab",
"subnet": "172.31.255.0/28",
"valid-lifetime": 300,
"option-data": [
{
"name": "classless-static-routes",
"data": "18AC1800AC1FFF01"
}
],
"pools": [
{
"pool": "172.31.255.2 - 172.31.255.14"
}
]
}
11:43:31.016608 IP (tos 0x0, ttl 253, id 21231, offset 0, flags [none], proto UDP (17), length 361)
10.219.45.114.67 > 10.219.66.10.67: [udp sum ok] BOOTP/DHCP, Request from 00:01:47:dc:fa:5b, length 333, hops 1, xid 0x4ee7ebbc, Flags [none] (0x0000)
Gateway-IP 10.219.45.114
Client-Ethernet-Address 00:01:47:dc:fa:5b
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Client-ID Option 61, length 7: ether 00:01:47:dc:fa:5b
Parameter-Request Option 55, length 14:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, BR, Lease-Time, DHCP-Message
Server-ID, TFTP, NTP, Time-Zone
Option 120, Classless-Static-Route
Vendor-Class Option 60, length 10: "VOIP_2628A"
Agent-Information Option 82, length 50:
Circuit-ID SubOption 1, length 6: ^@^D^KM-=^BP
Remote-ID SubOption 2, length 11: ^A^Irgw01.lab
Unknown SubOption 151, length 15:
0x0000: 0076 6f69 702d 756e 7472 7573 7465 64
Unknown SubOption 5, length 4:
0x0000: ac1f ff00
Unknown SubOption 152, length 4:
0x0000: ac1f ff01
END Option 255, length 0
11:43:31.031137 IP (tos 0x0, ttl 64, id 30423, offset 0, flags [DF], proto UDP (17), length 373)
10.219.66.10.67 > 10.219.45.114.67: [bad udp cksum 0x86a4 -> 0x44bd!] BOOTP/DHCP, Reply, length 345, hops 1, xid 0x4ee7ebbc, Flags [none] (0x0000)
Your-IP 172.31.255.2
Gateway-IP 10.219.45.114
Client-Ethernet-Address 00:01:47:dc:fa:5b
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
Subnet-Mask Option 1, length 4: 255.255.255.240
Lease-Time Option 51, length 4: 300
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: 10.219.66.10
RN Option 58, length 4: 900
RB Option 59, length 4: 1800
Client-ID Option 61, length 7: ether 00:01:47:dc:fa:5b
Classless-Static-Route Option 121, length 8: (172.24.0.0/24:172.31.255.1)
Agent-Information Option 82, length 50:
Circuit-ID SubOption 1, length 6: ^@^D^KM-=^BP
Remote-ID SubOption 2, length 11: ^A^Irgw01.lab
Unknown SubOption 5, length 4:
0x0000: ac1f ff00
Unknown SubOption 151, length 15:
0x0000: 0076 6f69 702d 756e 7472 7573 7465 64
Unknown SubOption 152, length 4:
0x0000: ac1f ff01
END Option 255, length 0
11:43:31.041859 IP (tos 0x0, ttl 253, id 21235, offset 0, flags [none], proto UDP (17), length 373)
10.219.45.114.67 > 10.219.66.10.67: [udp sum ok] BOOTP/DHCP, Request from 00:01:47:dc:fa:5b, length 345, hops 1, xid 0x4ee7ebbc, Flags [none] (0x0000)
Gateway-IP 10.219.45.114
Client-Ethernet-Address 00:01:47:dc:fa:5b
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Request
Client-ID Option 61, length 7: ether 00:01:47:dc:fa:5b
Requested-IP Option 50, length 4: 172.31.255.2
Server-ID Option 54, length 4: 10.219.66.11
Parameter-Request Option 55, length 14:
Subnet-Mask, Default-Gateway, Domain-Name-Server, Hostname
Domain-Name, BR, Lease-Time, DHCP-Message
Server-ID, TFTP, NTP, Time-Zone
Option 120, Classless-Static-Route
Vendor-Class Option 60, length 10: "VOIP_2628A"
Agent-Information Option 82, length 50:
Circuit-ID SubOption 1, length 6: ^@^D^KM-=^BP
Remote-ID SubOption 2, length 11: ^A^Irgw01.lab
Unknown SubOption 151, length 15:
0x0000: 0076 6f69 702d 756e 7472 7573 7465 64
Unknown SubOption 5, length 4:
0x0000: ac1f ff00
Unknown SubOption 152, length 4:
0x0000: ac1f ff01
END Option 255, length 0
11:46:02.272355 IP (tos 0x0, ttl 64, id 41786, offset 0, flags [DF], proto UDP (17), length 363)
10.219.66.10.67 > 10.219.45.114.67: [bad udp cksum 0x869a -> 0xeb84!] BOOTP/DHCP, Reply, length 335, hops 1, xid 0x4ee7ebbc, Flags [none] (0x0000)
Client-IP 172.31.255.2
Your-IP 172.31.255.2
Gateway-IP 10.219.45.114
Client-Ethernet-Address 00:01:47:dc:fa:5b
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
Subnet-Mask Option 1, length 4: 255.255.255.240
Lease-Time Option 51, length 4: 300
DHCP-Message Option 53, length 1: ACK
Server-ID Option 54, length 4: 10.219.66.10
RN Option 58, length 4: 900
RB Option 59, length 4: 1800
Client-ID Option 61, length 7: ether 00:01:47:dc:fa:5b
Agent-Information Option 82, length 50:
Circuit-ID SubOption 1, length 6: ^@^D^KM-=^BP
Remote-ID SubOption 2, length 11: ^A^Irgw01.lab
Unknown SubOption 5, length 4:
0x0000: ac1f ff00
Unknown SubOption 151, length 15:
0x0000: 0076 6f69 702d 756e 7472 7573 7465 64
Unknown SubOption 152, length 4:
0x0000: ac1f ff01
END Option 255, length 0
More information about the Kea-users
mailing list