Upcoming Maintenance Alert:

The UBNT Community will be upgraded at 5pm MDT on April 25th. During this time the community forums will be set to read-only status.

Learn more

×
Reply
New Member
Posts: 4
Registered: ‎07-06-2014

DHCP Relay with upstream behind TUN interface

Hi there,

 

I am trying to implement DHCP relay on ER-X in a setup in which the DHCP downstream (LAN) interface is a VLAN on switch0 and the upstream server is behind overlay VPN on tun interface. However I came to understanding, that tun devices are not supported by dhcrelay3 used in background by EdgeOS/Vyatta.

 

https://lists.isc.org/pipermail/dhcp-hackers/2014-January/002050.html

 

Here is the relevant part of the configuration.

 

 switch switch0 {
     address X.Y.Z.1/24
     address X:Y:Z:W::1/64
     ipv6 {
         dup-addr-detect-transmits 1
         router-advert {
             cur-hop-limit 64
             link-mtu 0
             managed-flag false
             max-interval 600
             other-config-flag false
             prefix X:Y:Z:W::/64 {
                 autonomous-flag true
                 on-link-flag true
                 valid-lifetime 2592000
             }
             reachable-time 0
             retrans-timer 0
             send-advert true
         }
     }
     mtu 1500
     switch-port {
         interface eth0 {
         }
         interface eth2 {
         }
         interface eth3 {
         }
         interface eth4 {
         }
         vlan-aware disable
     }
     vif 50 {
         address X.Y.Z.W/27
         description ........
         firewall {
         }
         mtu 1500
     }
 }

tunnel tun10 {
address X.Y.Z.W/30
description .....
encapsulation gre
local-ip X.Y.Z.W
mtu 1414
multicast enable
remote-ip X.Y.Z.W
ttl 255
} dhcp-relay { interface switch0.50 interface tun10 relay-options { relay-agents-packets forward } server X.Y.Z.W }

 

However I have seen on my Cisco-based DHCP server that with this setup we received no DHCPDISCOVERs. After removing the tun interface from the setup, the DHCPDISCOVERs are delivered to DHCP server and DHCP server sends DHCPOFFERs - which don't seem to reach the destination - this may be related to the requirement of inserting the upstream interface in the interface list of DHCP relay config.

 

Trying this manually:

/usr/sbin/dhcrelay3 -d -i switch0.50 -i tun10 -c 10 -A 576 -m forward -a X.Y.Z.W

 

kills me off with message:

 

Internet Systems Consortium DHCP Relay Agent 4.1-ESV-R7
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Unsupported device type 778 for "tun10"

I also tried creating a bridge interface and attaching a /32 address on it, getting it in the routing process so the DHCP server knew the address and adding that as a interface to the DHCP relay configuration. No success - still no replies from DHCP server arriving at the DHCP client.

 

When run manually, the DHCP relay agent logs it forwards the packets from the client to the server, but no replies are seen in the debug output.

 

Any workarounds or actual solutions? Any plans on working on this issue in further releases?

Highlighted
Senior Member
Posts: 3,642
Registered: ‎03-24-2016
Kudos: 1047
Solutions: 441

Re: DHCP Relay with upstream behind TUN interface

Seems like the problem is in upstream iscdhcp

 

Workaround: On test bench I was succesfull with using dnsmasq build-in relay (I was at 1.9.1)

https://community.ubnt.com/t5/EdgeMAX/EdgeRouter-PoE-v1-7-0-DHCP-Relay-not-working-through-vti/m-p/1...

But when trying it in real life, it also failed.   I ended up with another device on LAN doing the relay

Reply