Multiple dhcrelay setup causing multiple duplicate DHCP requests

Randall C Grimshaw rgrimsha at syr.edu
Mon Aug 16 12:35:05 UTC 2010 

I wondered a bit about the topology also and wondered about the relay agent behavior. We did see something similar to this when switches were half configured to supplement the dhcp packet with option 82 etc. In an environment where many edge switches 'see' the original broadcast dhcp packet, the number of matching packets multiplied to the giaddr 'helper' increased. It was not just a logging problem, but an actual multiplier of work required by the infrastructure.
Randy

-----Original Message-----
From: dhcp-users-bounces+rgrimsha=syr.edu at lists.isc.org [mailto:dhcp-users-bounces+rgrimsha=syr.edu at lists.isc.org] On Behalf Of Simon Hobson
Sent: Monday, August 16, 2010 7:44 AM
To: Users of ISC DHCP
Subject: Re: Multiple dhcrelay setup causing multiple duplicate DHCP requests

Can you sniff the network traffic and see exactly what's going on ?

You should be getting just ONE packet per client request per relay 
agent on the clients network. So normally you'd two packets per 
client request if you run two relay agents on a network.

I'm guessing you may be getting a broadcast storm - each relay agent 
is picking up relayed packets from the other and throwing them back 
again. Does dhcrelay us unicast or broadcast packets to the server ? 
I've not used dhcrelay myself, but in the man page it has :

>Bugs
>The relay agent should not relay packets received on a physical 
>network to DHCP servers on the same physical network - if they do, 
>the server will receive duplicate packets. In order to fix this, 
>however, the relay agent needs to be able to learn about the network 
>topology, which requires that it have a configuration file.

Also, can you elaborate on the network topology a bit. Looking back I 
see you gave the topology as :

>    [ dhcpd1 ]
>         |
>   eth0/vlan120
>  [ fw1/dhcrelay ]
>       eth5
>         |
>       eth5
>  [ fw2/dhcrelay ]
>   eth0/vlan120
>         |
>     [ dhcpd2 ]

That doesn't look right to me - you have two networks that are 
apparently on VLAN120. If it's the same VLAN120 in each case, then I 
think you may well have a loop as far as DHCP requests go.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.
_______________________________________________
dhcp-users mailing list
dhcp-users at lists.isc.org
https://lists.isc.org/mailman/listinfo/dhcp-users

More information about the dhcp-users mailing list