Show Posts
1
17.7 Legacy Series / DHCP relay across a NAT doesn't use correct GIADDR
« on: February 22, 2018, 08:28:42 pm »
I have a opnsense VM acting as a NAT for a lab environment, with a DHCP server sitting in the outside network. If I enable DHCP relay on the lab network, then the DHCP server gets requests as expected, except:
The source IP of the DHCP request is the outside interface of the opnsense 17.7.5 box, but the GIADDR inside the DHCP request is the inside interface IP of the opnsense. So the DHCP server (ISC DHCPd) tries to reply to that address and fails.
If I add a static route on the DHCP server for the 'hidden' LAN interface of the opnsense box, then the DHCP reply gets through, but that isn't correct!
The source IP of the DHCP request is the outside interface of the opnsense 17.7.5 box, but the GIADDR inside the DHCP request is the inside interface IP of the opnsense. So the DHCP server (ISC DHCPd) tries to reply to that address and fails.
If I add a static route on the DHCP server for the 'hidden' LAN interface of the opnsense box, then the DHCP reply gets through, but that isn't correct!