I am currently having an issue using DHCP relay between different routing-instances. The DHCP-client sends DHCP DISCOVER message to routing-instance zone-CLIENT-vrf interface ae0.100, where dhcp-relay is configured and relays the packet to DHCP-server with IP address 192.168.2.8 in routing-instance zone-SERVER-VRF. The DHCP-server then sends DHCP OFFER message to routing-instance zone-SERVER-vrf interface ae0.200, where dhcp-relay is configured to forward-only-replies, but drops the packet with the error message "BOOTPREPLY could not find client table entry"
Here is the configuration:
version 15.1X49-D30.3;
system {
processes {
dhcp-service {
traceoptions {
file dhcp_logfile size 10m;
level all;
flag all;
}
}
}
}
security {
policies {
from-zone zone-CLIENT to-zone zone-SERVER {
policy dhcp-client-access {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
from-zone zone-SERVER to-zone zone-CLIENT {
policy dhcp-server-access {
match {
source-address any;
destination-address any;
application any;
}
then {
permit;
}
}
}
security-zone zone-CLIENT {
host-inbound-traffic {
system-services {
ping;
dhcp;
}
}
interfaces {
ae0.100;
}
}
security-zone zone-SERVER {
host-inbound-traffic {
system-services {
ping;
dhcp;
}
}
interfaces {
ae0.200;
}
}
}
}
interfaces {
ae0 {
flexible-vlan-tagging;
aggregated-ether-options {
minimum-links 1;
link-speed 10g;
}
unit 100 {
vlan-id 100;
family inet {
address 192.168.1.254/24;
}
}
}
unit 200 {
vlan-id 200;
family inet {
address 192.168.2.254/24;
}
}
}
policy-options {
policy-statement from_zone-CLIENT {
term term1 {
from {
instance zone-CLIENT-vrf;
route-filter 192.168.1.0/24 exact;
}
then accept;
}
}
policy-statement from_zone-SERVER {
term term1 {
from {
instance zone-SERVER-vrf;
route-filter 192.168.2.0/24 exact;
}
then accept;
}
}
}
routing-instances {
zone-CLIENT-vrf {
instance-type virtual-router;
interface ae0.100;
routing-options {
instance-import from_zone-SERVER;
}
forwarding-options {
dhcp-relay {
forward-only;
server-group {
dhcp-servers {
192.168.2.8;
}
}
active-server-group dhcp-servers;
group all {
interface ae0.100;
}
}
}
}
zone-SERVER-vrf {
instance-type virtual-router;
interface ae0.200;
routing-options {
instance-import from_zone-CLIENT;
}
forwarding-options {
dhcp-relay {
forward-only-replies;
}
}
}
}
vlans {
zone-CLIENT {
vlan-id 100;
}
zone-SERVER {
vlan-id 200;
}
}
Using traceoptions, the following results are reported:
Feb 7 09:54:15.700837 [MSTR][DEBUG] jdhcpd_io_reader: Entered
Feb 7 09:54:15.700877 [MSTR][DEBUG] jdhcpd_packet_new: PACKET - Allocated new v4 packet 0x9dd9a00
Feb 7 09:54:15.700895 [MSTR][INFO] jdhcpd_io_recv_pkt: recvmsg() l3_ifindex: 290
Feb 7 09:54:15.700911 [MSTR][NOTE] jdhcpd_io_reader: Recv DHCP packet on logical-system default, routing-instance zone-CLIENT-vrf, if ae0.100 size 300
Feb 7 09:54:15.700932 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP from == 0.0.0.0, port == 68 ]--
Feb 7 09:54:15.700944 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP size == 300, op == 1 ]--
Feb 7 09:54:15.700955 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP flags == 8000 ]--
Feb 7 09:54:15.700967 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP htype == 1, hlen == 6 ]--
Feb 7 09:54:15.700978 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP hops == 0, xid == 7b12a9d3 ]--
Feb 7 09:54:15.700990 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP secs == 768, flags == 8000 ]--
Feb 7 09:54:15.701002 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP ciaddr == 0.0.0.0 ]--
Feb 7 09:54:15.701014 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP yiaddr == 0.0.0.0 ]--
Feb 7 09:54:15.701026 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP siaddr == 0.0.0.0 ]--
Feb 7 09:54:15.701038 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP giaddr == 0.0.0.0 ]--
Feb 7 09:54:15.701057 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP chaddr == 00 50 56 94 2f c4 00 00 00 00 00 00 00 00 00 00 ]--
Feb 7 09:54:15.701068 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP sname == ]--
Feb 7 09:54:15.701079 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ DHCP/BOOTP file == ]--
Feb 7 09:54:15.701092 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ OPTION code 53, len 1, data DHCP-DISCOVER ]--
Feb 7 09:54:15.701107 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ OPTION code 61, len 7, data 01 00 50 56 94 2f c4 ]--
Feb 7 09:54:15.701122 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ OPTION code 12, len 10, data 74 65 73 74 2d 77 32 30 31 36 ]--
Feb 7 09:54:15.701137 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ OPTION code 60, len 8, data 4d 53 46 54 20 35 2e 30 ]--
Feb 7 09:54:15.701154 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ OPTION code 55, len 13, data 01 03 06 0f 1f 21 2b 2c 2e 2f 79 f9 fc ]--
Feb 7 09:54:15.701166 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] --[ OPTION code 255, len 0 ]--
Feb 7 09:54:15.701182 [MSTR][DEBUG] client_key_compose: Composing key (0x9dd9c00) for cid_l 0, cid NULL, mac 00 50 56 94 2f c4, htype 1, subnet 192.168.1.254, ifindx 0, opt82_l 0, opt82 NULL
Feb 7 09:54:15.701195 [MSTR][DEBUG] client_key_compose: Successfully composed CK_TYPE_HW_ADDR_ON_SUBNET (2) client key object.
Feb 7 09:54:15.701208 [MSTR][DEBUG] client_key_print: key_type CK_TYPE_HW_ADDR_ON_SUBNET (2): subnet 192.168.1.254, MAC htype 1, Addr 00 50 56 94 2f c4
Feb 7 09:54:15.701220 [MSTR][DEBUG] client_key_print: key_type CK_TYPE_HW_ADDR_ON_SUBNET (2) other fields: subnet 192.168.1.254, ifindex 0, opt82_len 0, -)
Feb 7 09:54:15.701234 [MSTR][NOTE] jdhcpd_packet_handle: RECEIVE DISCOVER: stats_safd 0x0 , safd 0x9dd9000 ae0.100
Feb 7 09:54:15.701247 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_process_forward_only_or_drop: Safd ae0.100 in routing context default:zone-CLIENT-vrf - forward only or drop processing
Feb 7 09:54:15.701260 [MSTR][DEBUG][default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_process_forward_only_or_drop: Action matches forward-only-to-rc
Feb 7 09:54:15.701271 [MSTR][DEBUG][default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_process_forward_only_or_drop: Safd ae0.100 in routing context default:zone-CLIENT-vrf - config action forward packet DISCOVER
Feb 7 09:54:15.701285 [MSTR][DEBUG][default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_process_forward_only_or_drop: Result of forward-only: packet_consumed Yes, packet_dropped No, message_type DISCOVER
Feb 7 09:54:15.701300 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_process_forward_only_or_drop: Forward-only-to-rc locally (no jump)
Feb 7 09:54:15.701318 [MSTR][DEBUG][default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_add_interface_or_option82: Added option-82 len 8 (sub opt 1, len 8): 61 65 30 3a 32 30 30 35
Feb 7 09:54:15.701330 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_relay_forward_only_packet: Using server group dhcp-servers, with 1 DHCP server(s) on interface ae0.100
Feb 7 09:54:15.701343 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_forward_only_is_flow_based: enhanced broadband edge enabled: FALSE
Feb 7 09:54:15.701355 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_forward_only_is_flow_based: ifs = 0x9dcfe00 , ifs->flags = 0x3, SUS_FLAGS_FLOW_BASED = 0x1000
Feb 7 09:54:15.701367 [MSTR][INFO] jdhcpd_io_send_packet_legacy: Packet will be sent from routing context 27
Feb 7 09:54:15.701619 [MSTR][INFO] [default:zone-CLIENT-vrf][RLY][INET][ae0.100] jdhcpd_io_send_packet_legacy: DHCP PDU from 192.168.1.254 to 192.168.2.8 port 67 out interface 290 len 312
Feb 7 09:54:15.701641 [MSTR][DEBUG] jdhcpd_packet_free: PACKET - Freeing v4 packet 0x9dd9a00
Feb 7 09:54:15.702117 [MSTR][DEBUG] jdhcpd_io_reader: Entered
Feb 7 09:54:15.702138 [MSTR][DEBUG] jdhcpd_packet_new: PACKET - Allocated new v4 packet 0x9dd9a00
Feb 7 09:54:15.702153 [MSTR][INFO] jdhcpd_io_recv_pkt: recvmsg() l3_ifindex: 131
Feb 7 09:54:15.702166 [MSTR][NOTE] jdhcpd_io_reader: Recv DHCP packet on logical-system default, routing-instance zone-SERVER-vrf, if ae0.200 size 307
Feb 7 09:54:15.702182 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP from == 192.168.2.8, port == 67 ]--
Feb 7 09:54:15.702194 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP size == 307, op == 2 ]--
Feb 7 09:54:15.702206 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP flags == 8000 ]--
Feb 7 09:54:15.702218 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP htype == 1, hlen == 6 ]--
Feb 7 09:54:15.702229 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP hops == 0, xid == 7b12a9d3 ]--
Feb 7 09:54:15.702240 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP secs == 0, flags == 8000 ]--
Feb 7 09:54:15.702253 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP ciaddr == 0.0.0.0 ]--
Feb 7 09:54:15.702265 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP yiaddr == 192.168.1.100 ]--
Feb 7 09:54:15.702277 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP siaddr == 192.168.2.8 ]--
Feb 7 09:54:15.702289 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP giaddr == 192.168.1.254 ]--
Feb 7 09:54:15.702308 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP chaddr == 00 50 56 94 2f c4 00 00 00 00 00 00 00 00 00 00 ]--
Feb 7 09:54:15.702319 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP sname == ]--
Feb 7 09:54:15.702330 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ DHCP/BOOTP file == ]--
Feb 7 09:54:15.702342 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 53, len 1, data DHCP-OFFER ]--
Feb 7 09:54:15.702355 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 1, len 4, data ff ff ff 00 ]--
Feb 7 09:54:15.702369 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 58, len 4, data 00 05 46 00 ]--
Feb 7 09:54:15.702382 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 59, len 4, data 00 09 3a 80 ]--
Feb 7 09:54:15.702396 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 51, len 4, data 00 0a 8c 00 ]--
Feb 7 09:54:15.702409 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 54, len 4, data ac 11 04 08 ]--
Feb 7 09:54:15.702422 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 3, len 4, data ac 11 05 fe ]--
Feb 7 09:54:15.702437 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 6, len 8, data ac 11 04 08 ac 11 04 09 ]--
Feb 7 09:54:15.702455 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 15, len 15, data 64 6d 7a 2e 64 65 76 6c 6e 6b 2e 6e 65 74 00 ]--
Feb 7 09:54:15.702475 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] --[ OPTION code 255, len 0 ]--
Feb 7 09:54:15.702488 [MSTR][DEBUG][default:zone-SERVER-vrf][RLY][INET][ae0.200] jdhcpd_find_client_from_server_pdu: Using yiaddr from BOOTPREPLY for lookup
Feb 7 09:54:15.702503 [MSTR][DEBUG] client_key_compose: Composing key (0x9dd9c00) for cid_l 0, cid NULL, mac 00 50 56 94 2f c4, htype 1, subnet 192.168.1.254, ifindx 0, opt82_l 0, opt82 NULL
Feb 7 09:54:15.702515 [MSTR][DEBUG] client_key_compose: Successfully composed CK_TYPE_HW_ADDR_ON_SUBNET (2) client key object.
Feb 7 09:54:15.702529 [MSTR][DEBUG] client_key_print: key_type CK_TYPE_HW_ADDR_ON_SUBNET (2): subnet 192.168.1.254, MAC htype 1, Addr 00 50 56 94 2f c4
Feb 7 09:54:15.702540 [MSTR][DEBUG] client_key_print: key_type CK_TYPE_HW_ADDR_ON_SUBNET (2) other fields: subnet 192.168.1.254, ifindex 0, opt82_len 0, -)
Feb 7 09:54:15.702555 [MSTR][INFO] [default:zone-SERVER-vrf][RLY][INET][ae0.200] jdhcpd_process_forward_only_or_drop: Safd ae0.200 in routing context default:zone-SERVER-vrf - forward only or drop processing
Feb 7 09:54:15.702568 [MSTR][DEBUG][default:zone-SERVER-vrf][RLY][INET][ae0.200] jdhcpd_process_forward_only_or_drop: Result of forward-only: packet_consumed No, packet_dropped No, message_type OFFER
Feb 7 09:54:15.702580 [MSTR][DEBUG][default:zone-SERVER-vrf][RLY][INET][ae0.200] jdhcpd_process_forward_only_or_drop: Packet not consumed, returning to caller for disposal
Feb 7 09:54:15.702592 [MSTR][NOTE] [default:zone-SERVER-vrf][RLY][INET][ae0.200] jdhcpd_packet_handle: BOOTPREPLY could not find client table entry
Feb 7 09:54:15.702602 [MSTR][DEBUG] jdhcpd_packet_free: PACKET - Freeing v4 packet 0x9dd9a00