Wrong destination port in reply to DHCP relay
Бен Томпсон
b.thompson at latera.ru
Tue Mar 26 16:02:22 CET 2013
2013/3/26 Alan DeKok <aland at deployingradius.com>:
> Бен Томпсон wrote:
>> I have an issue with an installation of FreeRADIUS 2.2.0 configured
>> for DHCP, and I am seeing a problem where FreeRADIUS is replying to
>> the wrong port on the DHCP relay.
>>
>> The request comes in like this :-
>>
>> Received DHCP-Discover of id de6dc6f2 from 10.77.1.254:68 to 10.0.0.1:67
>>
>> But the the server replys like this :-
>>
>> Sending DHCP-Offer of id de6dc6f2 to 10.77.1.254:68
>
> Most UDP protocols swap the src/dst ports when replying to a packet.
> DHCP is... different.
>
>> The problem is that the relay is expecting the reply on port 67, so I
>> am getting an ICMP port unreachable message back and the DHCP offer is
>> lost.
>>
>> I found a similar thread from 2008 which says that this was fixed:
>> http://lists.freeradius.org/pipermail/freeradius-users/2008-June/029146.html
>
> That's a long time ago.
>
>> However, this is quite a while ago and I guess that lots of things
>> have changed, so I would be grateful if someone could verify the
>> current v2.2.0 code for me to check that the fix is in there.
>
> I'm not sure.
>
> Most relays *should* use port 67 as the source and destination port
> for sending packets. That way the code will Just Work.
>
> In your case, the relay is using port 68 as the source port.
>
> I've pushed a fix to the v2.x.x. branch. If you set:
>
> Packet-Dst-Port = 67,
>
> The reply will be sent there. That's a temporary work-around until an
> automatic" fix can be created.
Many Thanks
More information about the Freeradius-Users
mailing list