DHCP relay and multiple shared-network statements

Dánial Olsen DOL at ft.fo
Mon Nov 1 21:43:51 UTC 2010 

Hi,

I'm in the process of testing ISC DHCP server for usage with GPRS (GGSN) and I'm experiencing some issues.
The platform is OpenBSD 4.7 and I've compiled ISC DHCP version 4.2 from source (the setup has also been tested with 3.1.3 from the ports tree with same results).

My test setup is comprised of a Juniper router acting as dhcp relay (relay ip 10.102.8.33 (interface ip 10.100.1.1)).
Behind it are currently two vlans (192.168.220.0/24 and 10.124.0.0/24).
The DHCP server (ip 10.100.1.100/24) lives on an OSPF network with the Juniper.

Hopefully this ascii drawing illustrates the setup clearly enough:

apn1: 192.168.220.0 /24
--------------------\
                     \Juniper-----------DHCP server
                     /10.102.8.33       10.100.1.100
--------------------/
apn2: 10.124.0.0 /24


I've tested with serveral different configurations, but to keep things simple the following has proved somewhat successful:

####################################3
# dhcpd.conf
#
# Configuration file for ISC dhcpd
#
local-address 10.100.1.100;
ddns-update-style none;
authoritative;

subnet 10.100.1.0 netmask 255.255.255.0 {
}

shared-network apn1 {
        # Relay agent network
        subnet 10.102.8.0 netmask 255.255.255.0 {
        }

        subnet 192.168.220.0 netmask 255.255.255.0 {
                default-lease-time 86400;     # 1 day
                max-lease-time 2592000;       # 1 month

                range 192.168.220.10 192.168.220.50;
        }
}

shared-network apn2 {
        # Relay agent network
        subnet 10.102.8.0 netmask 255.255.255.0 {
        }

        subnet 10.124.0.0 netmask 255.255.255.0 {
                default-lease-time 86400;     # 1 day
                max-lease-time 2592000;       # 1 month

                range 10.124.0.1 10.124.0.50;
        }
}
####################################3

The problem here is that only second vlan is working (apn2), the first one gives a "wrong network" error.
If I put shared-network apn2 above apn1 then only apn1 is working!!!

# dhcpd -d -f vr2 
Internet Systems Consortium DHCP Server 4.2.0
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Wrote 4 leases to leases file.
Listening on BPF/vr2/00:00:24:ca:91:8a/10.100.1.0/24
Sending on   BPF/vr2/00:00:24:ca:91:8a/10.100.1.0/24
Sending on   Socket/fallback/fallback-net

DHCPDISCOVER from 00:01:02:03:04:05 via 10.102.8.33
DHCPOFFER on 10.124.0.1 to 00:01:02:03:04:05 via 10.102.8.33
DHCPREQUEST for 10.124.0.1 (10.100.1.100) from 00:01:02:03:04:05 via 10.102.8.33
DHCPACK on 10.124.0.1 to 00:01:02:03:04:05 via 10.102.8.33     <-------- apn2 is working

DHCPDISCOVER from 00:01:02:03:04:05 via 10.102.8.33
DHCPOFFER on 192.168.220.11 to 00:01:02:03:04:05 via 10.102.8.33
DHCPREQUEST for 192.168.220.11 (10.100.1.100) from 00:01:02:03:04:05 via 10.102.8.33: wrong network.
DHCPNAK on 192.168.220.11 to 00:01:02:03:04:05 via 10.102.8.33 <-------- apn1 is NOT working


I've tried putting subnet 10.102.8.0 outside both shared-networks but then neither are working.
I've tried having only one shared-network statement containing all three subnets, but that's not working as intended. Leases are handed out from the other subnet if the first one is full or client is otherwise rejected and that's not gonna work.


What's wrong with my setup?

--
Dánial

More information about the dhcp-users mailing list