Does DHCP relay have a bug??

Started by bigops, January 08, 2022, 08:01:53 AM

Previous topic - Next topic
Print
Go Down Pages1
User actions
January 08, 2022, 08:01:53 AM
I have configured one of the interfaces in OPNSense as DHCP relay.  Even thought the IP address is leased successfully the ISC-DHCP-Server complains that the request is not coming from correct network.  I did a Packet capture and it seems that the same request is being sent by OPNsene with some packets having the relay info and some other without the relay server info.  Is this a bug .  I am attaching the wireshark captures which shows the issue
January 09, 2022, 02:33:47 PM #1
what is whose address in your captures ?
is Append circuit ID option is set in relay configuration page?
January 10, 2022, 06:06:24 AM #2
The 172.17.12.130 is the DHCP server and the relay agent is supposed to be 172.17.15.254 which is the Layer 3 interface of the VLAN.  Do not expect to see 192.168.0.1 as an agent as it is only a transport VLAN.  The append circuit id is not configured
January 10, 2022, 05:22:52 PM #3
got it, thanks. have you tried excluding "192.168.0.1" interface from Relay "Interface(s)"?
January 12, 2022, 05:49:15 PM #4
I have not seen an option to specifically exclude the interface from the Relay in OpnSense.  But in the Relay configuration page only the VLAN interface has been configured as a Relay agent
January 15, 2022, 11:53:20 AM #5
sorry, don't quite understand.. so what exactly is specified in the "Interface(s)"?
January 16, 2022, 07:20:57 AM #6
The screenshot of the config.  The expectation is the since the Relay is configured only on the Media interface the DHCP server should receive it from there.  But it receives a relay from Routed uplink interface also as a relay agent
January 16, 2022, 08:07:35 AM #7
If you see the WAN IP as source there is some Nat there?
I think circuit ID should be active so DHCP looks inside the packets for subnet
January 16, 2022, 08:55:07 AM #8
hm. may be Routed_Uplink gets into the settings because of the routes.
if you look for "dhcrelay" in System: Diagnostics: Activity what interfaces listed in dhcrelay command?
(dhcrelay uses old syntax. without '-iu' "-id" for upstrean\downstream)
January 17, 2022, 04:49:39 PM #9
Interestingly the dhrelay lists all interfaces except the WAN interfaces even though the config says only to use a single interface.  (See attached screenshot).

Maybe this is where the issue is?
January 18, 2022, 05:57:43 PM #10
QuoteMaybe this is where the issue is?
possible (imho to more accurately determine outgoing and incoming interfaces, it is better to use "-iu" and "-id"options. May be you can check this by disabling the relay in the GUI and running it in the shell with the necessary options). but I lost track again: I rather expected to see vlan interfaces in the line
Print
Go Up Pages1
User actions