dhcp relay responses

[Simon Hobson]

Alan Batie <alan at peak.org> wrote:
>We are setting up a private network with dhcp.  The router for the
>private network is setup to relay dhcp to an external isc dhcpd server.
>The requests to the dhcpd server come from the public address of the
>router, however dhcpd is replying to the private address.  I don't see
>anything in the docs for managing the replies.  We are trying to avoid
>routing the private network even internally.  Are we out of luck?

Short answer: yes

Longer answer:
There must be end to end IP connectivity between clients and server - without "broken" things like NAT in the way. Even if you worked around the problem with the relay, you'd find clients having problems later when they unicast a renewal request to the server and it unicasts a response directly to the client.

As to why the responses are sent to to private address of the relay ... That's because the server uses the GI Addr field in the relayed packet - firstly to select an appropriate address pool, and secondly to determine whete the response needs to be returned to. Thecrelay agent would then use the destination address of the packet to determine which locally connected interface to send the response out on.

So if the server can't receive & send packets from/to both the relay agent and clients directly - DHCP won't work.
Up to you whether you relicate the server, tunnel packets to/from it, or something else ...

Simon