DHCP Relay agent not forwarding messages to the client

Gero Palacio gero.palacio at gmail.com
Tue Jun 16 15:18:09 UTC 2015 

Hi There.

What I find odd is that according to section 5.3 of this document  IETF
Internet Draft - DHCP Failover Protocol
<https://tools.ietf.org/pdf/draft-ietf-dhc-failover-12.pdf> *only one* of
the servers should respond to the DHCP offer. The other should discard it.

I have tested this behavior with 2 computers connected on the same subnet
as the DHCP servers (so no relay agent involved) and it works as described.
Both servers receives the offer but only one of them responds with an
offer. This is also back up by RFC 3074 DHC Load Balancing Algorithm
<https://tools.ietf.org/html/rfc3074>:

*Section 4: *
The proposal maps the STID into a hash value using the function in section
6.  The resulting hash value can then be used to decide who
should respond to the request, or who the forwarding target should be.


So I don't why it's behaving the way it does when there's a relay agent
involved.

Thanks all for your help!
- Gerónimo.


El mar., 16 de jun. de 2015 a la(s) 10:28 a. m., Friesen, Don MTIC:EX <
Don.Friesen at gov.bc.ca> escribió:

>
>
> Yes, this is the expected and normal behavior.  Each server will reply
> with an address from its half of the pool. The machine that is receiving
> the offers will take the first offer to arrive and ignore the other.
>
>
>
> We have deployed remote DHCP served by relay for 20 years, and this is how
> it functions.
>
>
>
> The only annoyance with remote relay DHCP is that the NAK message is a
> local broadcast.
>
>
>
> *Don Friesen*
>
>
>
> *From:* dhcp-users-bounces at lists.isc.org [mailto:
> dhcp-users-bounces at lists.isc.org] *On Behalf Of *Patrick Trapp
> *Sent:* Tuesday, June 16, 2015 6:17 AM
>
>
> *To:* Users of ISC DHCP
>
> *Subject:* RE: DHCP Relay agent not forwarding messages to the client
>
>
>
> You'll want more experienced answers, I'm sure, but we are running a
> fair-sized network for our DHCP - I believe around 45000 devices and
> roughly 70 subnets. All of those devices find the DHCP servers via relay
> agents and we are using failover.
>
> We do generally see two DHCP offers - one from each server - when a device
> requests an address. I expected that behavior and saw no reason to be
> concerned with it. I still don't - I am under the impression that this is
> how the system is designed to work.
>
> It has worked fine for us in this fashion for years. We deployed this
> particular solution in 2007, but I believe it was used for other devices
> prior to that, so we have used this through several iterations of ISC-DHCP.
>
> Patrick
>  ------------------------------
>
> *From:* dhcp-users-bounces at lists.isc.org [dhcp-users-bounces at lists.isc.org]
> on behalf of Gero Palacio [gero.palacio at gmail.com]
> *Sent:* Monday, June 15, 2015 5:17 PM
> *To:* Users of ISC DHCP
> *Subject:* Re: DHCP Relay agent not forwarding messages to the client
>
> Hi Simon,
>
>
>
> Thanks for the reply, I did not know if it was a bug or the correct
> behavior.
>
> If I may, let me ask you a follow up question. Does DHCP relay works well
> with a pair of DHCP servers in failover mode?
>
> I've configured the relay agent described in my previous email to forward
> the messages to the pair of DHCP servers. Now everytime the relay agent
> forwards a discovery message from the host, I receive 2 dhcp offers, one
> from each server. As I've configured split to 128, only 1 server should
> reply with an offer.
>
> If I test the same configuration with hosts in the same subnet as the DHCP
> servers, the behavior is as expected. The DHCP servers *responds or
> ignores* the discovery messages according to the result of the hash based
> on the MAC address of the hosts.
>
> Any idea what might be the problem? Is it even a good idea to run a relay
> agent and a pair of DHCP servers in failover?
>
> Thanks!
> Gerónimo.
>
>
>
> On Mon, Jun 15, 2015 at 6:18 PM, Simon Hobson <dhcp1 at thehobsons.co.uk>
> wrote:
>
> Gero Palacio <gero.palacio at gmail.com> wrote:
>
> > CLIENT <---> [eth0] (relay agent) ROUTER-1  [eth1] <---> ROUTER-2 <--->
> DHCP Server
> >
> > The relay agent runs ONLY on the interface that faces the client, which
> is eth0: "dhcrelay -4 -i eth0 10.0.1.10"
> ...
> > Can anybody tell me if I'm doing something wrong? Is this a known bug?
>
> It's a known feature. You must also listen on eth1 in order to get the
> replies from the server - it's just the way the relay agent works.
>
> _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
>
>
>    _______________________________________________
> dhcp-users mailing list
> dhcp-users at lists.isc.org
> https://lists.isc.org/mailman/listinfo/dhcp-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20150616/2a913f0b/attachment-0001.html>

More information about the dhcp-users mailing list