Replies to request coming over a relay goes to relay's internal IP, not to original request's source IP

Simon Hobson dhcp1 at thehobsons.co.uk
Sat Oct 6 08:25:34 UTC 2012 

Oguz Yilmaz wrote:

>Dhcpd running on Linux gets a dhcp request over dhcrelay which is
>running on other remote machine.
>
>Oct  6 10:09:46 2012 dhcpd: DHCPDISCOVER from 00:1e:68:06:eb:37
>(oguz-U300) via 172.16.17.81
>
>tcpdump: listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
>10:35:01.112500 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF],
>proto: UDP (17), length: 328) 192.168.0.81.67 > 192.168.0.1.67:
>BOOTP/DHCP, Request from 00:1e:68:06:eb:37, length: 300, hops:1,
>xid:0xe378fc7e, flags: [none] (0x0000)
>           Gateway IP: 172.16.17.81
>           Client Ethernet Address: 00:1e:68:06:eb:37 [|bootp]
>
>
>It matches to a subnet and send reply. However reply does not go to
>the requesting dhcrelay external IP(192.168.0.81). Instead, it goes to
>the internal interface IP of machine running dhcrelay. And I think
>because of this remote machine running dhcrelay or the dhcrealy itself
>discarding packet.
>
>
>Oct  6 10:09:46 2012 dhcpd: DHCPOFFER on 172.16.17.11 to
>00:1e:68:06:eb:37 (oguz-U300) via 172.16.17.81
>
>10:35:02.050108 IP (tos 0x0, ttl  64, id 0, offset 0, flags [DF],
>proto: UDP (17), length: 328) 192.168.0.1.67 > 172.16.17.81.67:
>BOOTP/DHCP, Reply, length: 300, hops:1, xid:0xe378fc7e, flags: [none]
>(0x0000)
>           Your IP: 172.16.17.11
>           Gateway IP: 172.16.17.81
>           Client Ethernet Address: 00:1e:68:06:eb:37 [|bootp]
>
>
>Is this a normal behaviour?

Yes.
I'm not sure whether the server even considers the source address in 
the packets. If the client is local then it will spit the packet out 
of the local interface to which the client subnet is connected, if 
the client is remote then the packet is sent to the relay address.

The address the packet is sent to is what the relay agent should be 
using to determine which interface it has to send the packet out on 
to the client. Otherwise, it would need to keep a state table to keep 
track of what packets it had handled.

If your relay agent is not handling these return packets, then it's 
not working right.

Does your relay agent log anything for the return packets ?
Is there a firewall that could be dropping the packets ?

Ah, suddenly I remember - I don't use any relays these days, but IIRC 
the relay agent is required to listen on all interfaces it handles 
packets on - thus it needs to listen on the interface to which it 
connect with the server. I think.

-- 
Simon Hobson

Visit http://www.magpiesnestpublishing.co.uk/ for books by acclaimed
author Gladys Hobson. Novels - poetry - short stories - ideal as
Christmas stocking fillers. Some available as e-books.

More information about the dhcp-users mailing list