Freeradius DHCP IP pool and not correct port for DHCP
Thomas Bru
tbru at afone.com
Thu Apr 3 18:15:24 CEST 2014
Hello Alan
You're true and your explanations are very usefull.
The IAD has no problem because it did what I programmed.
But there are not solution to this source-nat problem.
The problem will always appear on the DHCP renewal and I can't do any thing on this IAD.
I will used the DHCP request sended at 87,5% of the lease time for workaround this.
Thanks you for your explanations and your help.
Thomas
>> When the renewal DHCP packets are send using unicast, my client try to
>> reach FreeRadius. he send DHCP request using his IP address with source
>> port 68 and the freeradius IP Address with destinatio port 67.
>> My IAD source pat the flow using a dynamic random port.
> That is not how DHCP works.
> DHCP clients use a source port of 68. DHCP relays use a source port
of 67.
> Your IAD (whatever that is) is broken. Replace it with something that
does DHCP properly.
>> I don't understand why Freeradius will not reply to the initial source
>> port ?
> Because DHCP is insane. The replies do *not* cause the src/dst ports
to be swapped, as with every other UDP protocol.
>>> 3) This packet trace is not evidently the first requests, but a renewal?
>> You're true, i see the problem only on the renewal (When 50% of the
>> lease time have been reached).
> Then look at the packet traces to see how the first request is different from the renewal.
Alan DeKok.
More information about the Freeradius-Users
mailing list