Wrong destination port in reply to DHCP relay
Alan DeKok
aland at deployingradius.com
Tue Mar 26 13:24:42 CET 2013
Бен Томпсон wrote:
> I have an issue with an installation of FreeRADIUS 2.2.0 configured
> for DHCP, and I am seeing a problem where FreeRADIUS is replying to
> the wrong port on the DHCP relay.
>
> The request comes in like this :-
>
> Received DHCP-Discover of id de6dc6f2 from 10.77.1.254:68 to 10.0.0.1:67
>
> But the the server replys like this :-
>
> Sending DHCP-Offer of id de6dc6f2 to 10.77.1.254:68
Most UDP protocols swap the src/dst ports when replying to a packet.
DHCP is... different.
> The problem is that the relay is expecting the reply on port 67, so I
> am getting an ICMP port unreachable message back and the DHCP offer is
> lost.
>
> I found a similar thread from 2008 which says that this was fixed:
> http://lists.freeradius.org/pipermail/freeradius-users/2008-June/029146.html
That's a long time ago.
> However, this is quite a while ago and I guess that lots of things
> have changed, so I would be grateful if someone could verify the
> current v2.2.0 code for me to check that the fix is in there.
I'm not sure.
Most relays *should* use port 67 as the source and destination port
for sending packets. That way the code will Just Work.
In your case, the relay is using port 68 as the source port.
I've pushed a fix to the v2.x.x. branch. If you set:
Packet-Dst-Port = 67,
The reply will be sent there. That's a temporary work-around until an
automatic" fix can be created.
Alan DeKok.
More information about the Freeradius-Users
mailing list