DHCP relay IP and gateway IP, possible bad logic?
Alan DeKok
aland at deployingradius.com
Mon Mar 4 21:59:51 CET 2013
Phil Mayers wrote:
> Second, "reply to giaddr" is mandated in the DHCP spec; are you *sure*
> you have "other DHCP servers" which "reply to source ip"? Which servers?
The issue is that giaddr serves two purposes. In the request, it
indicates that the server MUST send the reply to that IP.
In the reply, it means that the client sends the NEXT request to the
giaddr.
ASCII art helps:
client --> 1 NAS 2 ---> server
The client sends broadcast packets to the NAS, using a private network
The NAS unicasts them FROM NAS address "2" to the server, using giaddr
= 2. NAS address "2" and the server are on a public network.
The server knows that the NAS has a private address. So it sends the
unicast answer back to NAS address 2", with giaddr = NAS address "1".
The NAS broadcasts (or unicasts) this response back to the client.
On a renew, the client unicasts the packet to NAS address "1", which
forwards it to the server using address "2", and giaddr ==2.
And the whole process starts again.
I think I know have a handle on DHCP and RADIUS. My head is getting
full...
Alan DeKok.
More information about the Freeradius-Users
mailing list