Hi OPNsense Team and Community,
after extensive testing and analysis in a production-like environment, I would like to raise awareness of a critical issue involving `dhcrelay` in combination with CARP.
==========================
🧩 Problem Description
==========================
When running OPNsense in HA with CARP and enabling the built-in `dhcrelay` service (BSD-based), the system exhibits unstable DHCP relay behavior:
- Both CARP nodes forward DHCPDISCOVER messages simultaneously
- Clients receive multiple DHCPOFFERs and DHCPACKs
- Race conditions: leases are refused or misconfigured
- Backup nodes forward traffic they shouldn't – even in BACKUP state
The issue stems from the fact that the current `dhcrelay` is not CARP-aware and cannot suppress itself when not the active node.
==========================
🧪 Workaround
==========================
Running `isc-dhcrelay` on a dedicated Linux VM eliminates the problem entirely:
- Only one instance is active
- Clean forwarding of DHCP across VLANs
- No duplicate traffic or race conditions
==========================
⚙️ Feature Request
==========================
I would like to propose:
1. Integrate `isc-dhcrelay` as an alternative in OPNsense (optional via GUI or plugin)
2. Allow selection between BSD-based and ISC-based relay
3. Eventually deprecate the BSD relay if it can't be made CARP-aware
Alternatively:
- Allow relay suppression on BACKUP via CARP hooks or devd triggers
- Document safe HA relay strategies within OPNsense
==========================
🧪 Test Environment
==========================
- OPNsense 24.1 / 24.7 (RC)
- CARP HA setup with shared VIP
- Central DHCP server (Windows / Kea)
- Relay on VLANs, reproducible issues with `tcpdump`
I'm happy to assist with logs, traces or help test future solutions.
Thank you for your great work on OPNsense!
Best regards,
Rookie24
https://github.com/opnsense/core/pull/8714