Option 82 problem

Simon Hobson dhcp1 at thehobsons.co.uk
Fri Apr 17 17:03:52 UTC 2020 

Александр Сандецкий <alexander.sandetsky at gmail.com> wrote:

> I have a problem with option 82 configuration.

Actually, I suspect the thing you do not have a problem with is Option 82 !

> I have managed switch with IP 10.10.0.38 (managed VLAN 100). There is additional VLANs configured for clients: VLAN 3000 and 3010. There is option 82 and DHCP relay configured on the switch.
> 
> I have DHCP server placed in VLAN 3000 with IP 172.18.0.101
> 
> I want to DHCP server serves the VLAN 3010 (and other) on per-VLAN basis.

Does the ROUTER serving the VLANs have IP addresses in those VLANs ? Do you even have routing set up yet ? Note that a MANAGED SWITCH is not the same thing as a ROUTER - though you can get devices (typically called something like "Layer 3 switch") that include both functions. Without a router (or routing function built into the switch), what the VLAN config gives you is a stack of separate LANs - almost as though you had a stack of switches, one per LAN.
Before trying to sort out the DHCP - make sure you have the routing sorted. If you manually configure a client on the 3010 VLAN (I assume this will be an access port) in the 172.18.10.0/24, can it ping the server at 172.18.0.101 ? If not, fix that first; if it can, use traceroute and check that it is in fact routing via a router and not accidentally going direct (there are ways of making the cross-subnet traffic work other than routing it).

Summary : You will need a router configured with interfaces in VLAN 3000 and VLAN 3010, with IPs in the 172.18.0.0/24 and 172.18.10.0/24 subnets respectively. it will probably also have an interface on VLAN 100 in subnet 10.10.0.0/?? to allow you access to manage the switch.
When you have this working, and you configure the DHCP Relay agent, then things should "just work".

> The part of dhcpd.conf
> 
> class "VLAN3010" {
>         match if binary-to-ascii(10, 8, "", substring(option agent.circuit-id, 2, 2)) = "3010"
>     }
> 
> 
> subnet 172.18.10.0 netmask 255.255.255.0 {
>     option routers  172.18.0.1;
> 
>     pool {
>             range 172.18.10.51 172.18.10.250;
>             allow members of "VLAN3010";
>     }
> }

That is not how you serve VLANs. For the VLAN stated, all you need is :
subnet 172.18.10.0 netmask 255.255.255.0 {
    option routers  172.18.0.1;

    pool {
            range 172.18.10.51 172.18.10.250;
    }
}
When requests come from a relay agent in the 172.18.10.0/24 subnet, it will automagically select the right subnet and hand out a suitable address. Note that the relay agent does not have to be in the router, but it MUST have an IP address in the network it's serving - it's just that this is usually most conveniently done as an integral part of the routing.

> The server receives request as  
> DHCPDISCOVER from 2c:27:d7:b1:a2:85 via 10.10.0.38: network 10.10.0.0/24: no free leases

This suggests to me that you have not correctly configured your switch and router. For that client, you should NOT see a request coming from 10.10.0.0/24 subnet.

Simon

More information about the dhcp-users mailing list