DHCP relay - wrong interface for relayed packet
Paul Thornton
paul at prt.org
Thu Jul 7 17:07:33 UTC 2022
On 07/07/2022 17:43, Matthew Newton wrote:
> On 07/07/2022 17:37, Paul Thornton wrote:
>> That then exposed another issue - more relating to the original patch
>> to change the destination port relayed to. Of course, when I send to
>> port 1067, the upstream DHCP server sends the reply on 1067 - which
>> the relay isn't listening on. So the OFFER goes into the void.
>
> Ah - I noticed this the first time, but wasn't sure if it actually
> mattered (any "normal" protocol would flip the src/dest ports, right?
> but we are talking DHCP here...)
>
>> I think the proper fix for that is to ensure that the relay is
>> listening on any alternative port; but my knowledge of the inner
>> workings of the
>
> What happens if you just add a listen{} section on port 1067?
So close - but no cigar. The relay now gets the OFFER and passes it on
- to the incorrect destination port.
Sending DHCP-Offer Id 29d33634 from 0.0.0.0:1067 to 255.255.255.255:1067
Of course, another horrible hack might be "If I'm processing an OFFER or
an ACK, and it comes in on the alternative port, please send it back to
the originl client on port 68". Or is it meant to be 67. As you say,
we're talking DHCP...
Paul.
More information about the Freeradius-Users
mailing list