Junos
Highlighted
Junos

DHCP Relay between virtual-router instances - DHCP REQUEST packet returns to caller for disposal

[ Edited ]
‎11-21-2019 11:43 PM

Hi all,

 

looking for some help with understanding more on how DHCP Relay works between routing-instances virtual-router. having an issue where client sitting in a routing instance isn't getting an IP from DHCP in the default/master (inet.0) table.

 

simple topology: 

Client (vlan 10) -> irb.10 in virtual-router: red <-- route-leak --> irb.20 in inet.0 (default) -> irb.20 -> DHCP server

 

when a static IP was added to the client, everything is reachable, so routing, config of policy-options, routing-instance is good. same config (with different addressing of course) in several other sites worked. the only difference between the working ones and non-working one, is Windows 2008 R2 DHCP vs 2012 R2. Read here that 2008 did not like Option 82. This here shows the issue more likely to be on Junos rather than Windows as it is running with 2012 R2.

 

After reading Understanding DHCP Option 82 and it says "If DHCP option 82 is enabled on a VLAN or bridge domain, then when a network device—a DHCP client—that is connected to the VLAN or bridge domain on an untrusted interface sends a DHCP request, the switching device inserts information about the client's network location into the packet header of that request."

However, from dhcp_logfile the switch actually adds Option 82 even without it being configured:

Nov 22 13:26:30.584463 [MSTR][DEBUG][default:red][RLY][INET][irb.10] jdhcpd_add_interface_or_option82: Added option-82 len 22 (sub opt 1, len 22): 49 52 42 2d 69 72 62 2e 37 36 39 3a 67 65 2d 30 2f 30 2f 31 2e 30

And looking more into the file, the other difference between the working and non-working is, the working one will strip Option 82 on the DHCP-Offer back to client

Nov 22 13:26:30.593064 [MSTR][INFO] [default:default][RLY][INET][irb.20] jdhcpd_process_forward_only_or_drop: Safd irb.20 in routing context default:default - forward only or drop processing
Nov 22 13:26:30.593134 [MSTR][DEBUG][default:default][RLY][INET][irb.20] jdhcpd_option_strip_relay_info: Removing option-82
Nov 22 13:26:30.593187 [MSTR][DEBUG][default:default][RLY][INET][irb.20] jdhcpd_option_strip_relay_info: Length of option 82 = 26 bytes
Nov 22 13:26:30.593237 [MSTR][DEBUG][default:default][RLY][INET][irb.20] jdhcpd_option_strip_relay_info: Moving 2 bytes, which were after option 82 and parse again

and with the non-working did not:

Nov 21 12:50:12.770673 [MSTR][INFO] [default:default][RLY][INET][irb.20] jdhcpd_process_forward_only_or_drop: Safd irb.20 in routing context default:default - forward only or drop processing
Nov 21 12:50:12.770741 [MSTR][DEBUG][default:default][RLY][INET][irb.20] jdhcpd_process_forward_only_or_drop: Result of forward-only: packet_consumed No, packet_dropped No, message_type OFFER
Nov 21 12:50:12.770795 [MSTR][DEBUG][default:default][RLY][INET][irb.20] jdhcpd_process_forward_only_or_drop: Packet not consumed, returning to caller for disposal
Nov 21 12:50:12.770846 [MSTR][NOTE] [default:default][RLY][INET][irb.20] jdhcpd_packet_handle: BOOTPREPLY could not find client table entry

 

Is the issue with Option 82? Am i looking at the correct area?

Any pointers are welcome. Thanks in advance.

2 REPLIES 2
Highlighted
Junos

Re: DHCP Relay between virtual-router instances - DHCP REQUEST packet returns to caller for disposal

‎11-22-2019 01:06 PM

Hi z3phyr,

 

  Could you share the configuration for your routing instance?

 

 If using routing instance with DHCP relay, you may want to include the foward-only option to move the traffic between routing instances. When using forward-only, all overrides expect trust-option-82 option will be ignored.

 

 Example:

set routing-instances MyInstance forwarding-options dhcp-relay forward-only routing-instance default (default is the main routing instance name)

https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/forward-o...

Junos

Re: DHCP Relay between virtual-router instances - DHCP REQUEST packet returns to caller for disposal

‎11-24-2019 08:15 PM

Hi 

 

Yep the configuration is all good from what i can see.

> show configuration forwarding-options
dhcp-relay {
    forward-only-replies;
}

> show configuration routing-instances virtual-router-red { instance-type virtual-router; interface irb.20; routing-options { instance-import blue-routes; } forwarding-options { dhcp-relay { forward-only { routing-instance default; } server-group { DHCP-Server1 { 192.168.1.1; } } active-server-group DHCP-Servers; group DHCP-VLANs { interface irb.20; } } } }

There are multiple sites using the same configuration and the others worked, just not this one particular one. The DHCP server is seeing the DHCP-DISCOVER packet and the IRB on the routing-instance is seeing the DHCP-OFFER. But packet capture on the interface the client is connected does not see the DHCP-OFFER.

 

Regards,
Jason Chia

Feedback