3. DHCP forwarding
It is all very well to have a DHCP server in the same VLAN, but if you have
different VLANs or network segments separated by a router, you'll need a forwarder
on the router to get your DHCP request at the DHCP server. We'll implement the
forwarder on a network further away.
3.1. The basic network set-up
Between the DHCP server xenial1 and the possible client xenial3 there are now two
routers. We'll set them up in static routing; this will avoid routing messages to
apear in out wireshark traces.
For R1:
interface Ethernet0/1 ip address 10.168.65.1 255.255.255.0 no shut ! interface Ethernet0/3 ip address 10.168.64.1 255.255.255.0 no shut ! ip route 0.0.0.0 0.0.0.0 10.168.64.2
and for R2:
interface Ethernet0/0 ip address 10.168.63.1 255.255.255.0 no shut ! interface Ethernet0/3 ip address 10.168.64.2 255.255.255.0 no shut ! ip route 0.0.0.0 0.0.0.0 10.168.64.1
Now you should be able to ping xenial1 (10.168.65.101) from R2.
3.2. Normal DHCP
If you are in the same L2-network, you can do a DHCP request. Precise2 is in the
same L2 network.
vagrant@xenial64:~$ ifconfig eth1 eth1 Link encap:Ethernet HWaddr 02:00:00:00:00:02 BROADCAST MULTICAST MTU:1500 Metric:1 RX packets:0 errors:0 dropped:0 overruns:0 frame:0 TX packets:0 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:0 (0.0 B) TX bytes:0 (0.0 B) vagrant@xenial64:~$ sudo dhclient eth1 vagrant@xenial64:~$ ifconfig eth1 eth1 Link encap:Ethernet HWaddr 02:00:00:00:00:02 inet addr:10.168.65.5 Bcast:10.168.65.255 Mask:255.255.255.0 inet6 addr: fe80::ff:fe00:2/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:9 errors:0 dropped:0 overruns:0 frame:0 TX packets:6 errors:0 dropped:0 overruns:0 carrier:0 collisions:0 txqueuelen:1000 RX bytes:1040 (1.0 KB) TX bytes:1012 (1.0 KB) vagrant@xenial64:~$ ping -c1 10.168.65.1 PING 10.168.65.1 (10.168.65.55) 56(84) bytes of data. 64 bytes from 10.168.65.55: icmp_req=1 ttl=64 time=0.029 ms --- 10.168.65.1 ping statistics --- 1 packets transmitted, 1 received, 0% packet loss, time 0ms rtt min/avg/max/mdev = 0.029/0.029/0.029/0.000 ms vagrant@xenial64:~$
3.3. DHCP forwarding
If you now try a
dhclient eth1
on xenial3, you'll get no reply. This is because the broadcast that xenial3 does gets stopped
at the router. DHCP Discovers are not routed; they can't be. The destination is 255.255.255.255 and the
source is 0.0.0.0. We'll need some translation to convert this broadcast to a unicast.
On Cisco, there is an IP helper. This relays broadcasts to a helper address. This is protocol
independent, so it works for all sorts of broadcasts, and therefore with DHCP.
Configure the router to relay the DHCP requests. This is done on the interface
so for R2 in this configuration:
interface e0/0 ip helper-address 10.168.65.101
Finally, we start a
dhclient eth1
on prcecise3. Verifying with
ifconfig
we see that eth1 now has the IP address 10.168.65.222, just as we expected.
To see what the helper does, we start a wireshark trace on the link between R1 and R2.
First the discover:
We see an UDP packet with the source 10.168.65.1 (the router interface that has the relay on it)
and the destination 10.168.65.101 (the DHCP server). This is effectively a unicast version of
the original broadcast. In the information of the Bootstrap Protocol, we see that the client IP is
still 0.0.0.0 and we see the mac-id.
As a reply, we see the DHCP offer:
Now the source is the DHCP server and the destination is the interface that does the relay. The
relay agent will send the answer to the DHCP client.
1
|
sept 2016
|
creation
|
2
|
verified
|
2018-04-29
|
3
|
upgraded to xenial
|
2020-02-04
|