dhcrelay or route issue
Hello,
I want to build up a system with several separated networks, but with a common
administration, i.e. I want to have a single DHCP for all subnets. I'm using
Debian Sarge.
Browsing the net I found that dhcrelay might be the solution to install on my
router. But the test using a toy system here was not successful. Here's the
tcpdump showing the problem:
tcpdump -i any port bootpc or port bootps
tcpdump: listening on any
15:47:56.536181 172.16.1.12.bootpc > 255.255.255.255.bootps: xid:0x1010000
secs:19 flags:0x8000 [|bootp]
15:47:56.536633 surtur.mgr.bootps > adept.mgr.bootps: (request) xid:0x1010000
secs:19 flags:0x8000 G:172.16.2.1 ether 0:9:5b:68:19:fb [|bootp] (DF)
15:47:56.537171 adept.mgr.bootps > 172.16.2.1.bootps: (reply) xid:0x1010000
secs:19 flags:0x8000 Y:ymir.mgr S:adept.mgr G:172.16.2.1 ether
0:9:5b:68:19:fb [|bootp] (DF)
Okay, ymir.mgr (172.16.2.12) is the WLAN access point who somehow defaults to
some old IP 172.16.1.12, surtur (172.16.1.121) is the router running dhcrelay
and adept is my dhcp server. As can be seen, the access point sends a DHCP
request, which is relayed to adept. Adept answers to the 172.16.2.1 interface
of surtur with the correct lease, but the interface does not send it to ymir.
By the way, the scenario does not change, if ymir claims to be 0.0.0.0 instead
of 172.16.1.12.
surtur:~# route -n
Kernel IP Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
255.255.255.255 0.0.0.0 255.255.255.255 UH 0 0 0 eth1
172.16.2.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
172.16.1.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
127.0.0.0 0.0.0.0 255.0.0.0 U 0 0 0 lo
0.0.0.0 172.16.1.4 0.0.0.0 UG 0 0 0 eth1
adept:~# route -n
Kernel IP Routentabelle
Ziel Router Genmask Flags Metric Ref Use Iface
172.16.2.0 172.16.1.121 255.255.255.0 UG 0 0 0 eth0
172.16.0.0 0.0.0.0 255.255.252.0 U 0 0 0 eth0
0.0.0.0 172.16.1.4 0.0.0.0 UG 0 0 0 eth0
For some reason I can ping both 172.16.1.121 and 172.16.2.1 from surtur, but I
can only ping 172.16.1.121 from adept. Which is strange, because I've
disabled the firewall and of course allow forwarding:
surtur:~# iptables -vL
Chain INPUT (policy ACCEPT 4031 packets, 435K bytes)
pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 3816 packets, 562K bytes)
pkts bytes target prot opt in out source destination
surtur:~# cat /proc/sys/net/ipv4/ip_forward
1
And for completeness:
surtur:~# ifconfig
eth0 Protokoll:Ethernet Hardware Adresse 00:C0:26:00:F2:E9
inet Adresse:172.16.2.1 Bcast:0.0.0.255 Maske:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:133742 errors:12 dropped:0 overruns:0 frame:0
TX packets:189002 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:38211077 (36.4 MiB) TX bytes:148625101 (141.7 MiB)
Interrupt:11 Basisadresse:0xfc00
eth1 Protokoll:Ethernet Hardware Adresse 00:C0:26:00:F3:89
inet Adresse:172.16.1.121 Bcast:0.0.0.255 Maske:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1268377 errors:0 dropped:0 overruns:0 frame:0
TX packets:1196440 errors:0 dropped:0 overruns:0 carrier:0
Kollisionen:0 Sendewarteschlangenlänge:1000
RX bytes:282831696 (269.7 MiB) TX bytes:222460280 (212.1 MiB)
Interrupt:5 Basisadresse:0xf400
This gives rise to two questions:
1) Why can the interface eth0 aka 172.16.2.1 not be reached from adept?
2) Is there a way to configure dhcrelay to make the DHCP server to reply to
172.16.1.121, i.e. the interface where dhcrelay relayed the request to?
Help appreciated,
- lars.
Reply to: