[SOLVED] Configuring OPNsense to Respond to DHCP Requests from ISC-DHCP-Relay

[_c_v_]

Hello everyone,

I have a specific configuration question regarding OPNsense and I'm hoping someone here can assist me. In my network setup, I have a separate device that is connected to the OPNsense via VPN. This device is running an ISC-DHCP-Relay.

The relay is successfully forwarding requests over the VPN to the OPNsense. However, I am having trouble getting OPNsense to respond to these DHCP requests from the ISC-DHCP-Relay device. Could anyone advise me on how to configure the integrated DHCP in OPNsense to accomplish this?

Thank you in advance for any help or suggestions you can provide.

[meyergru]

For ISC DHCPD, you must choose between a server that listens to broadcasts and one that can server routed requests over UDP port 67 (see https://linux.die.net/man/5/dhcpd.conf):

The local-address statement
local-address address;

This statement causes the DHCP server to listen for DHCP requests sent to the specified address, rather than requests sent to all addresses. Since serving directly attached DHCP clients implies that the server must respond to requests sent to the all-ones IP address, this option cannot be used if clients are on directly attached networks...it is only realistically useful for a server whose only clients are reached via unicasts, such as via DHCP relay agents.

Such servers are generally deployed in enterprise contexts only.

[_c_v_]

Thanks for the information. Does that mean OPNsense cannot be used as a central DHCP server in order to be able to supply DHCP relays via routed unicast?

[meyergru]

It could, but you would have to modify the configuration by hand because the scripts do not set the appropriate parameter and the GUI does is not design to allow it, either. Also, you would lose the ability to give out leases on the local interfaces.

[_c_v_]

Okay, thanks for the clarification and help.