Why leases are not renewed always via dhcp-relay ?
Sébastien CRAMATTE
s.cramatte at wanadoo.fr
Fri Jul 6 18:26:41 UTC 2007
David W. Hankins escribió:
> On Fri, Jul 06, 2007 at 04:27:41PM +0200, Sébastien CRAMATTE wrote:
>
>> It's very strange ?
>>
>
> No, this is RFC2131 documented behaviour. The easiest and best
> thing to do is to make sure the server and client can unicast to
> each other.
>
>
Might be an Iptables rules ? to block direct communication from client
to server ?
>> I want to force to use dhcp relay in every case ... I need option 82
>> datas so when a lease is renewed directly I loose these datas
>> Any ideas or configuration tips ?
>>
>
> If the option 82 contents do not change from packet to packet, then
> you can use the values that are 'cached' upon the lease state when
> the client last operated through a relay.
>
> This draft:
>
> http://www.ietf.org/internet-drafts/draft-ietf-dhc-server-override-04.txt
>
> which I think is working on becoming an RFC, was written for the case
> where the server and client can under no circumstances directly speak
> with one another (such as when the client is on a VPN the server can
> not access).
>
> The simple way to "do the same thing" is to configure a
> dhcp-server-identifier equal to the relay agent's address. Clients
> will unicast their renews to this address.
>
>
Do you mean to set "server-identifier" in dhcpd.conf to the my
dhcp-relay IP ?
> However, this makes every client RENEW look, to the server(s), like a
> REBIND. So multiple servers may well answer, and they may well answer
> with DHCPNAKs if they sense that the client is on the wrong subnet
> (which may be incorrect depending on how the packet reaches the relay
> and how the relay senses the interface the packet is received upon).
>
>
In these subnet I've got only 2 DNS redundant DHCP servers to assign my
public Ip's and servers are connected to switch using Vlan's
so no chance to join another DHCP server
More information about the dhcp-users
mailing list