DHCP in Layer 3 networks

[putt1ck]

I realise a variant of this topic has come up before, but is there a reason that the DHCP server is limited to providing addresses in the interface subnet? It's reasonably common practice in networks to have per subnet VLANs and then use "IP helper" configurations to relay DHCP requests to a central service - often a firewall outside of Windows AD setups.

If this is something that OPNsense will never provide in the UI, will a manual edit of the DHCP conf survive reboots/upgrades?

All input welcome.

[bartjsmit]

To me, OPNsense DHCP falls in the 'replace ISP router' end of its engineering spectrum. Any LAN complex enough to outgrow it will have a more robust DHCP solution, or should have one at least.

Bart...

[putt1ck]

More robust than the firewall, without which >90% of the services a modern organisation is dependent on to function are not available?

[bartjsmit]

Indeed, where LOB applications are on prem and DHCP is a clustered service offering four nines and above. 

[putt1ck]

Most organisation can't function without the firewall (even non-Internet using organisations can have LOB servers in their own firewall segment), but that's an aside - would a UI patch that allowed advanced config of DHCP be accepted, or would it be better as a plugin?

[mimugmail]

I realise a variant of this topic has come up before, but is there a reason that the DHCP server is limited to providing addresses in the interface subnet? It's reasonably common practice in networks to have per subnet VLANs and then use "IP helper" configurations to relay DHCP requests to a central service - often a firewall outside of Windows AD setups.

If this is something that OPNsense will never provide in the UI, will a manual edit of the DHCP conf survive reboots/upgrades?

All input welcome.

You can jump to the devel version and use freeradius devel plugin. It'll offer a dhcp service just for this use-case.