Page MenuHomeVyOS Platform

dhcp-relay-agent uses "physical" IP instead of vrrp IP
Open, Requires assessmentPublicBUG

Description

Steps to reproduce:

configure interface and vrrp

set interfaces ethernet eth1 vif 92 address '192.168.112.14/31'
set high-availability vrrp group v92 interface 'eth1.92'
set high-availability vrrp group v92 no-preempt
set high-availability vrrp group v92 priority '110'
set high-availability vrrp group v92 virtual-address '172.18.92.1/24'
set high-availability vrrp group v92 vrid '4'

my router owns both ip's on same interface eth1.92, because I am not using rfc3768-compatibility

[email protected]:~$ show interfaces ethernet eth1 vif 92
[email protected]: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether 00:50:56:bc:ff:21 brd ff:ff:ff:ff:ff:ff
    inet 192.168.112.14/31 scope global eth1.92
       valid_lft forever preferred_lft forever
    inet 172.18.92.1/24 scope global eth1.92
       valid_lft forever preferred_lft forever

then configure dhcp-relay

set service dhcp-relay interface 'eth1.92'

When tcpdumping the dhcp-relay packets, I can see that the vyos router is sending with the "wrong" relay-agent-address, it is using 192.168.112.14.

Now, the problem, is that there is no subnet scope defined on the dhcp-server that uses 192.168.112.14/31.
If the dhcp-relay-agent-address would have been the vrrp-IP 172.18.92.1, the server would understand which dhcp-scope to use.

Details

Difficulty level
Unknown (require assessment)
Version
1.3.0-epa3
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Unspecified (please specify)

Event Timeline

I don't see any option like "source address"
https://manpages.debian.org/testing/isc-dhcp-relay/dhcrelay.8.en.html

From your configuration, you explicitly set the ethernet interface. I don't know an easy solution for it.

set service dhcp-relay interface 'eth1.92'

Just want to know, did you try rfc3768-compatibility?

Just want to know, did you try rfc3768-compatibility?

It probably works that way.
Unfortunately that breaks other parts of our setup.

@sever https://kea.readthedocs.io/en/kea-2.0.1/arm/dhcp4-srv.html#using-a-specific-relay-agent-for-a-subnet

Kea supports this.

It seems like ICS is concentrating their development on Kea DHCP server instead. Could that be something to be replaced in 1.4?

From ISC webpage:

ISC DHCP offers a complete open source solution for implementing DHCP servers, relay agents, and clients.

...

The client and relay portions of ISC DHCP are no longer maintained.

ISC has developed a new DHCP server, Kea, which we intend to eventually replace ISC DHCP in most server implementations. We recommend that new implementers use Kea and implement ISC DHCP only if Kea does not meet their needs. The Kea distribution does not currently include either a client or a relay.