Send dhcp-users mailing list submissions to dhcp-users@lists.isc.org
To subscribe or unsubscribe via the World Wide Web, visit https://lists.isc.org/mailman/listinfo/dhcp-users or, via email, send a message with subject or body 'help' to dhcp-users-requ...@lists.isc.org You can reach the person managing the list at dhcp-users-ow...@lists.isc.org When replying, please edit your Subject line so it is more specific than "Re: Contents of dhcp-users digest..." Today's Topics: 1. Re: dhcp relay responses (Alan Batie) ---------------------------------------------------------------------- Message: 1 Date: Fri, 31 Jan 2020 10:47:25 -0800 From: Alan Batie <a...@peak.org> To: dhcp-users@lists.isc.org Subject: Re: dhcp relay responses Message-ID: <8b19e6e7-154d-4ce9-976e-e04689fa3...@peak.org> Content-Type: text/plain; charset="utf-8"; Format="flowed" OK, thanks! On 1/30/20 11:26 PM, Simon Hobson wrote: > Alan Batie <a...@peak.org> wrote: >> We are setting up a private network with dhcp. The router for the >> private network is setup to relay dhcp to an external isc dhcpd server. >> The requests to the dhcpd server come from the public address of the >> router, however dhcpd is replying to the private address. I don't see >> anything in the docs for managing the replies. We are trying to avoid >> routing the private network even internally. Are we out of luck? > > Short answer: yes > > Longer answer: > There must be end to end IP connectivity between clients and server - without > "broken" things like NAT in the way. Even if you worked around the problem > with the relay, you'd find clients having problems later when they unicast a > renewal request to the server and it unicasts a response directly to the > client. > > As to why the responses are sent to to private address of the relay ... > That's because the server uses the GI Addr field in the relayed packet - > firstly to select an appropriate address pool, and secondly to determine > whete the response needs to be returned to. Thecrelay agent would then use > the destination address of the packet to determine which locally connected > interface to send the response out on. > > So if the server can't receive & send packets from/to both the relay agent > and clients directly - DHCP won't work. > Up to you whether you relicate the server, tunnel packets to/from it, or > something else ... > > Simon > _______________________________________________ > dhcp-users mailing list > dhcp-users@lists.isc.org > https://lists.isc.org/mailman/listinfo/dhcp-users > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/pkcs7-signature Size: 4036 bytes Desc: S/MIME Cryptographic Signature URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20200131/2a1c5d1e/attachment-0001.bin> ------------------------------ Subject: Digest Footer _______________________________________________ dhcp-users mailing list dhcp-users@lists.isc.org https://lists.isc.org/mailman/listinfo/dhcp-users ------------------------------ End of dhcp-users Digest, Vol 136, Issue 1 ******************************************