Send dhcp-users mailing list submissions to
dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.isc.org/mailman/listinfo/dhcp-users
or, via email, send a message with subject or body 'help' to
dhcp-users-requ...@lists.isc.org
You can reach the person managing the list at
dhcp-users-ow...@lists.isc.org
When replying, please edit your Subject line so it is more specific
than "Re: Contents of dhcp-users digest..."
Today's Topics:
1. Re: dhcp relay responses (Alan Batie)
----------------------------------------------------------------------
Message: 1
Date: Fri, 31 Jan 2020 10:47:25 -0800
From: Alan Batie <a...@peak.org>
To: dhcp-users@lists.isc.org
Subject: Re: dhcp relay responses
Message-ID: <8b19e6e7-154d-4ce9-976e-e04689fa3...@peak.org>
Content-Type: text/plain; charset="utf-8"; Format="flowed"
OK, thanks!
On 1/30/20 11:26 PM, Simon Hobson wrote:
> Alan Batie <a...@peak.org> wrote:
>> We are setting up a private network with dhcp. The router for the
>> private network is setup to relay dhcp to an external isc dhcpd server.
>> The requests to the dhcpd server come from the public address of the
>> router, however dhcpd is replying to the private address. I don't see
>> anything in the docs for managing the replies. We are trying to avoid
>> routing the private network even internally. Are we out of luck?
>
> Short answer: yes
>
> Longer answer:
> There must be end to end IP connectivity between clients and server - without
> "broken" things like NAT in the way. Even if you worked around the problem
> with the relay, you'd find clients having problems later when they unicast a
> renewal request to the server and it unicasts a response directly to the
> client.
>
> As to why the responses are sent to to private address of the relay ...
> That's because the server uses the GI Addr field in the relayed packet -
> firstly to select an appropriate address pool, and secondly to determine
> whete the response needs to be returned to. Thecrelay agent would then use
> the destination address of the packet to determine which locally connected
> interface to send the response out on.
>
> So if the server can't receive & send packets from/to both the relay agent
> and clients directly - DHCP won't work.
> Up to you whether you relicate the server, tunnel packets to/from it, or
> something else ...
>
> Simon
> _______________________________________________
> dhcp-users mailing list
> dhcp-users@lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4036 bytes
Desc: S/MIME Cryptographic Signature
URL:
<https://lists.isc.org/pipermail/dhcp-users/attachments/20200131/2a1c5d1e/attachment-0001.bin>
------------------------------
Subject: Digest Footer
_______________________________________________
dhcp-users mailing list
dhcp-users@lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users
------------------------------
End of dhcp-users Digest, Vol 136, Issue 1
******************************************
