OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • DHCP Realy don`t work
« previous next »
  • Print
Pages: [1]

Author Topic: DHCP Realy don`t work  (Read 1158 times)

hris

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
DHCP Realy don`t work
« on: July 12, 2022, 05:06:34 pm »
Dear Teams,

I Request your help with DHCP Relay on my opnsense router because the relay can`t work.

My configuration is : I download the opnsense vga 22.1 and installed in on a pc HP DC8200 small foarm factor, like use the integrated lan adapter of the pc for opnsense WAN port. I used 4-port lan adapter Inter PRO 100 on PCI express port of the this pc. I use only 1st port for lan. till here all is work normal. I create a vlans like:
10.20,30,50, 100 and 101 which i assign to em1 ->which is LAN.
I plugged the em.1 which is 1st port of my external lan adapter to layer2 switch HP pro curve with 24 ports. I setup all vlans on the switch as well. On the same switch i pugged my vmware host with his 2 lan adapters and install the vcenter and all is work i create a port groups with the same vlans on the vmware like i use a standard switch. Till here all is work as normal. After that i isntall server 2016 which is my AD, DNS, DHCP and is a primary DC. I installed the 2 vms with win10 PRO which i put into vlan30 which is workstations vlans and here comes the issue. when i setup the DHCP relay with the gude from the opnsense documentations, the relay is not work. I check everything all my routes are ok, vlans and etx i follow the opnsesne documentations for all settings.
Kindly please advice what i miss. I fight with this more than 10 day and can`t fix.
Thank you in advance.
Reagrds,
Hris

Logged

Patrick M. Hausen

  • Hero Member
  • *****
  • Posts: 6748
  • Karma: 568
    • View Profile
Re: DHCP Realy don`t work
« Reply #1 on: July 12, 2022, 07:16:01 pm »
Check with tcpdump what packets are flowing where.

Do you see DHCP requests coming in to the appropriate VLAN interface on OPNsense?
Do packets go out the interface to the server, i.e. are the requests relayed?
Do reply packets come in on the server interface?
Are reply packets relayed and sent out the VLAN with the clients?

The first of these steps that fails indicates where to look for a problem ...
Logged
Deciso DEC750
People who think they know everything are a great annoyance to those of us who do. (Isaac Asimov)

hris

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: DHCP Realy don`t work
« Reply #2 on: July 13, 2022, 09:32:05 pm »
Dear Pmhausen,

I follow your advice and make a packet capture.
In the attachment is the packet capture settings.
Packet results is shown below:

On the attachment mysettings.png can see the firewall rules for vlan10 and vlan60 and the DHCP relay settings.
On the attachment is the assigment of the interafces with vlans.
On the attachment DHCP is a scope setting for vlan 60 which is network 192.168.6.0/24.
DC and DHCP server role are installed on one vm server 2016 standard with static IP 192.168.1.2.

The Dhcp relay still not work i have no idea why, check a lot of articles but can`t find the solution.
 
Interface   Capture output
Serversvlan10
em1_vlan10   21:53:01.289761 IP (tos 0x0, ttl 64, id 41612, offset 0, flags [none], proto UDP (17), length 343)
    192.168.1.1.67 > 192.168.1.2.67: BOOTP/DHCP, Request from 00:50:56:8d:55:fe, length 315, hops 1, xid 0xc42b3cc5, Flags [none]
    192.168.1.1.67 > 192.168.1.2.67: BOOTP/DHCP, Request from 00:50:56:8d:55:fe, length 315, hops 1, xid 0xc42b3cc5, Flags [none]
    192.168.1.1.67 > 192.168.1.2.67: BOOTP/DHCP, Request from 00:50:56:8d:55:fe, length 315, hops 1, xid 0xc42b3cc5, secs 1024, Flags [none]
Serversvlan10
em1_vlan10        Gateway-IP 192.168.6.1
Serversvlan10
em1_vlan10        Client-Ethernet-Address 00:50:56:8d:55:fe
Serversvlan10
em1_vlan10        Vendor-rfc1048 Extensions
Serversvlan10
em1_vlan10          Magic Cookie 0x63825363
Serversvlan10
em1_vlan10          DHCP-Message Option 53, length 1: Discover
Serversvlan10
em1_vlan10          Client-ID Option 61, length 7: ether 00:50:56:8d:55:fe
Serversvlan10
em1_vlan10          Requested-IP Option 50, length 4: 192.168.6.10
Serversvlan10
em1_vlan10          Hostname Option 12, length 14: "VM1"
Serversvlan10
em1_vlan10          Vendor-Class Option 60, length 8: "MSFT 5.0"
Serversvlan10
em1_vlan10          Parameter-Request Option 55, length 14:
Serversvlan10
em1_vlan10            Subnet-Mask, Default-Gateway, Domain-Name-Server, Domain-Name
Serversvlan10
em1_vlan10            Router-Discovery, Static-Route, Vendor-Option, Netbios-Name-Server
Serversvlan10
em1_vlan10            Netbios-Node, Netbios-Scope, Option 119, Classless-Static-Route
Serversvlan10
em1_vlan10            Classless-Static-Route-Microsoft, Option 252
Serversvlan10
em1_vlan10          Agent-Information Option 82, length 12:
Serversvlan10
em1_vlan10            Circuit-ID SubOption 1, length 10: em1_vlan60
Serversvlan10
em1_vlan10   21:53:06.288080 IP (tos 0x0, ttl 64, id 6902, offset 0, flags [none], proto UDP (17), length 343)
Serversvlan10
em1_vlan10        Gateway-IP 192.168.6.1
Serversvlan10
em1_vlan10        Client-Ethernet-Address 00:50:56:8d:55:fe
Serversvlan10
em1_vlan10        Vendor-rfc1048 Extensions
Serversvlan10
em1_vlan10          Magic Cookie 0x63825363
Serversvlan10
em1_vlan10          DHCP-Message Option 53, length 1: Discover
Serversvlan10
em1_vlan10          Client-ID Option 61, length 7: ether 00:50:56:8d:55:fe
Serversvlan10
em1_vlan10          Requested-IP Option 50, length 4: 192.168.6.10
Serversvlan10
em1_vlan10          Hostname Option 12, length 14: "VM1"
Serversvlan10
em1_vlan10          Vendor-Class Option 60, length 8: "MSFT 5.0"
Serversvlan10
em1_vlan10          Parameter-Request Option 55, length 14:
Serversvlan10
em1_vlan10            Subnet-Mask, Default-Gateway, Domain-Name-Server, Domain-Name
Serversvlan10
em1_vlan10            Router-Discovery, Static-Route, Vendor-Option, Netbios-Name-Server
Serversvlan10
em1_vlan10            Netbios-Node, Netbios-Scope, Option 119, Classless-Static-Route
Serversvlan10
em1_vlan10            Classless-Static-Route-Microsoft, Option 252
Serversvlan10
em1_vlan10          Agent-Information Option 82, length 12:
Serversvlan10
em1_vlan10            Circuit-ID SubOption 1, length 10: em1_vlan60
Serversvlan10
em1_vlan10   21:53:11.022435 IP (tos 0x0, ttl 64, id 4998, offset 0, flags [none], proto UDP (17), length 343)
Serversvlan10
em1_vlan10        Gateway-IP 192.168.6.1
Serversvlan10
em1_vlan10        Client-Ethernet-Address 00:50:56:8d:55:fe
Serversvlan10
em1_vlan10        Vendor-rfc1048 Extensions
Serversvlan10
em1_vlan10          Magic Cookie 0x63825363
Serversvlan10
em1_vlan10          DHCP-Message Option 53, length 1: Discover
Serversvlan10
em1_vlan10          Client-ID Option 61, length 7: ether 00:50:56:8d:55:fe
Serversvlan10
em1_vlan10          Requested-IP Option 50, length 4: 192.168.6.10
Serversvlan10
em1_vlan10          Hostname Option 12, length 14: "VM1"
Serversvlan10
em1_vlan10          Vendor-Class Option 60, length 8: "MSFT 5.0"
Serversvlan10
em1_vlan10          Parameter-Request Option 55, length 14:
Serversvlan10
em1_vlan10            Subnet-Mask, Default-Gateway, Domain-Name-Server, Domain-Name
Serversvlan10
em1_vlan10            Router-Discovery, Static-Route, Vendor-Option, Netbios-Name-Server
Serversvlan10
em1_vlan10            Netbios-Node, Netbios-Scope, Option 119, Classless-Static-Route
Serversvlan10
em1_vlan10            Classless-Static-Route-Microsoft, Option 252
Serversvlan10
em1_vlan10          Agent-Information Option 82, length 12:
Serversvlan10
em1_vlan10            Circuit-ID SubOption 1, length 10: em1_vlan60
PCsvlan60
em1_vlan60   21:53:01.289692 IP (tos 0x0, ttl 128, id 48195, offset 0, flags [none], proto UDP (17), length 329)
PCsvlan60
em1_vlan60   
    0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:50:56:8d:55:fe, length 301, xid 0xc42b3cc5, Flags [none]
    0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:50:56:8d:55:fe, length 301, xid 0xc42b3cc5, Flags [none]
    0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request from 00:50:56:8d:55:fe, length 301, xid 0xc42b3cc5, secs 1024, Flags [none]
PCsvlan60
em1_vlan60        Client-Ethernet-Address 00:50:56:8d:55:fe
PCsvlan60
em1_vlan60        Vendor-rfc1048 Extensions
PCsvlan60
em1_vlan60          Magic Cookie 0x63825363
PCsvlan60
em1_vlan60          DHCP-Message Option 53, length 1: Discover
PCsvlan60
em1_vlan60          Client-ID Option 61, length 7: ether 00:50:56:8d:55:fe
PCsvlan60
em1_vlan60          Requested-IP Option 50, length 4: 192.168.6.10
PCsvlan60
em1_vlan60          Hostname Option 12, length 14: "VM1"
PCsvlan60
em1_vlan60          Vendor-Class Option 60, length 8: "MSFT 5.0"
PCsvlan60
em1_vlan60          Parameter-Request Option 55, length 14:
PCsvlan60
em1_vlan60            Subnet-Mask, Default-Gateway, Domain-Name-Server, Domain-Name
PCsvlan60
em1_vlan60            Router-Discovery, Static-Route, Vendor-Option, Netbios-Name-Server
PCsvlan60
em1_vlan60            Netbios-Node, Netbios-Scope, Option 119, Classless-Static-Route
PCsvlan60
em1_vlan60            Classless-Static-Route-Microsoft, Option 252
PCsvlan60
em1_vlan60   21:53:06.288016 IP (tos 0x0, ttl 128, id 48196, offset 0, flags [none], proto UDP (17), length 329)
PCsvlan60
em1_vlan60        Client-Ethernet-Address 00:50:56:8d:55:fe
PCsvlan60
em1_vlan60        Vendor-rfc1048 Extensions
PCsvlan60
em1_vlan60          Magic Cookie 0x63825363
PCsvlan60
em1_vlan60          DHCP-Message Option 53, length 1: Discover
PCsvlan60
em1_vlan60          Client-ID Option 61, length 7: ether 00:50:56:8d:55:fe
PCsvlan60
em1_vlan60          Requested-IP Option 50, length 4: 192.168.6.10
PCsvlan60
em1_vlan60          Hostname Option 12, length 14: "VM1"
PCsvlan60
em1_vlan60          Vendor-Class Option 60, length 8: "MSFT 5.0"
PCsvlan60
em1_vlan60          Parameter-Request Option 55, length 14:
PCsvlan60
em1_vlan60            Subnet-Mask, Default-Gateway, Domain-Name-Server, Domain-Name
PCsvlan60
em1_vlan60            Router-Discovery, Static-Route, Vendor-Option, Netbios-Name-Server
PCsvlan60
em1_vlan60            Netbios-Node, Netbios-Scope, Option 119, Classless-Static-Route
PCsvlan60
em1_vlan60            Classless-Static-Route-Microsoft, Option 252
PCsvlan60
em1_vlan60   21:53:11.022370 IP (tos 0x0, ttl 128, id 48197, offset 0, flags [none], proto UDP (17), length 329)
PCsvlan60
em1_vlan60        Client-Ethernet-Address 00:50:56:8d:55:fe
PCsvlan60
em1_vlan60        Vendor-rfc1048 Extensions
PCsvlan60
em1_vlan60          Magic Cookie 0x63825363
PCsvlan60
em1_vlan60          DHCP-Message Option 53, length 1: Discover
PCsvlan60
em1_vlan60          Client-ID Option 61, length 7: ether 00:50:56:8d:55:fe
PCsvlan60
em1_vlan60          Requested-IP Option 50, length 4: 192.168.6.10
PCsvlan60
em1_vlan60          Hostname Option 12, length 14: "VM-1"
PCsvlan60
em1_vlan60          Vendor-Class Option 60, length 8: "MSFT 5.0"
PCsvlan60
em1_vlan60          Parameter-Request Option 55, length 14:
PCsvlan60
em1_vlan60            Subnet-Mask, Default-Gateway, Domain-Name-Server, Domain-Name
PCsvlan60
em1_vlan60            Router-Discovery, Static-Route, Vendor-Option, Netbios-Name-Server
PCsvlan60
em1_vlan60            Netbios-Node, Netbios-Scope, Option 119, Classless-Static-Route
PCsvlan60
em1_vlan60            Classless-Static-Route-Microsoft, Option 252
« Last Edit: July 13, 2022, 09:35:09 pm by hris »
Logged
  • Print
Pages: [1]
« previous next »
  • OPNsense Forum »
  • English Forums »
  • General Discussion »
  • DHCP Realy don`t work
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2024 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy     | XHTML | RSS | WAP2