pfSense Support Subscription

Author Topic: DHCRELAY Issues  (Read 1404 times)

0 Members and 1 Guest are viewing this topic.

Offline CoinTos

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
DHCRELAY Issues
« on: June 19, 2012, 03:48:44 pm »
Hi all,

I can't get dhcprelay in pfsense 2.0.1, configured in the web gui, to acknowledge the dhcp request. I have tried everything I can think of, first the firewall was blocking it, no problem, added an "allow any" rule on OPT1 for testing. DHCRELAY still doesn't report that it recieves the request, at this point I am just looking for pfsense to tell me it at least received the request and tried to forward it.

Anybody have it working?

I really would like to learn how to get the relay to work. Worst case, since this is just a home network/playground, I can bypass pfsense relay and run a direct dhcp server network line to the switch. The point of this is just to place my wifi on a separate subnet with it own domain prefix.

Thanks in advance.

Offline wallabybob

  • Hero Member
  • *****
  • Posts: 5262
  • Karma: +0/-0
    • View Profile
Re: DHCRELAY Issues
« Reply #1 on: June 19, 2012, 04:25:30 pm »
Have you verified OPT1 is receiving DHCP requests to relay? (Packet capture or firewall log could verify.)

Offline CoinTos

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: DHCRELAY Issues
« Reply #2 on: June 20, 2012, 03:37:34 pm »
So as you suggested, I packet captured under full on OPT1 and I can see the multiple BOOTP/DHCP requests but dhcrelay doesn't reply. dhcreply is running in the process list and it set through the web gui to monitor OPT1 only and relay to dhcp server's ip. I must be missing something.

Offline cmb

  • Administrator
  • Hero Member
  • *****
  • Posts: 6333
  • Karma: +0/-0
    • LinkedIn
    • Twitter
    • View Profile
    • Chris Buechler
Re: DHCRELAY Issues
« Reply #3 on: June 20, 2012, 07:42:23 pm »
dhcrelay in itself doesn't reply. You're seeing the traffic ingress, so next check the egress interface to verify it's leaving, headed to the DHCP server. My guess is it is (as it's basically impossible to set it up wrong unless you're relaying to the wrong IP), and your DHCP server isn't responding. Usually that would be because it isn't configured with a scope on the relayed interface's subnet.

Offline CoinTos

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: DHCRELAY Issues
« Reply #4 on: June 21, 2012, 11:52:08 am »
OK, I am getting some where now. You are correct the problem now lies with the dhcp server. So I tried opening udp ports 67 and 68 on that server incase it's firewall was blocking the relay, even though broadcast dhcp works, no dice. Is there anything special to do with dhcpd for receiving the unicast forward?

Offline cmb

  • Administrator
  • Hero Member
  • *****
  • Posts: 6333
  • Karma: +0/-0
    • LinkedIn
    • Twitter
    • View Profile
    • Chris Buechler
Re: DHCRELAY Issues
« Reply #5 on: June 21, 2012, 03:07:46 pm »
Shouldn't be anything you have to do on the DHCP server other than add a scope for that additional network.

Offline CoinTos

  • Newbie
  • *
  • Posts: 11
  • Karma: +0/-0
    • View Profile
Re: DHCRELAY Issues
« Reply #6 on: June 21, 2012, 03:30:10 pm »
Hmmmm... OK I have that set in my dhcpd.conf so some firewall rule on the server running dhcpd is blocking it from either sending or receiving the request. Thanks for all your help, I will have to continue to poke at this one.

Edit:

Got it to work, not exactly quite sure how yet. I did end up changing the listening ethernet port as 2 of 4 are on the same subnet/switch and deleting the dhcp ports firewall rule and it just started working. Thanks again for the help and direction.
« Last Edit: June 21, 2012, 05:24:38 pm by CoinTos »