Today I tried updating my firewall (pfSense) to the newest version (from 23.05.1 to 23.09). While the update was successful, all client DHCP requests began to fail. I use DHCP relay on the firewall to handle DHCP on multiple VLANs, which had been working flawlessly for multiple years.
After some trouble shooting and packet comparisons, the only difference that I noticed was that the source port in the egress DHCP relay packet was static 67 in the previous version and random in the new update. Reverting the update fixed the issue. A search indicated that RFC 8357 allows the source port to be generalized for DHCP relay. I am using version 2.0.3 of Kea, which is a little old now. I will try to upgrade during an upcoming downtime window. In the meantime, what version of Kea implements RFC 8357? Until I can upgrade, are there any configuration options in 2.0.3 to handle relayed DHCP requests from ports other than 67? Best regards, Ben Monroe
-- ISC funds the development of this software with paid support subscriptions. Contact us at https://www.isc.org/contact/ for more information. To unsubscribe visit https://lists.isc.org/mailman/listinfo/kea-users. Kea-users mailing list Kea-users@lists.isc.org https://lists.isc.org/mailman/listinfo/kea-users
