SRX Services Gateway
SRX Services Gateway

SRX Branch Office relaying DHCP that has externally set Option 82

‎07-17-2015 07:50 AM

We have some wireless hardware that can proxy any DHCP requests it sees and tacks on an option 82 record that identifies the endpoint. When this DHCP packet hits the router it is dropped. The logs say "Do not trust Packet with Option-82, discarding"

forwarding-options {
    dhcp-relay {
        server-group {
            dhcpservers {
                1.2.3.4;
                1.2.3.5;
            }
        }
        group dhcp-test {
            active-server-group dhcpservers;
            interface vlan.10;
        }
    }
}

I have also tried using the simpler bootp handler which also dropped the DHCP packet. Is there a way to relay these?

4 REPLIES 4
SRX Services Gateway

Re: SRX Branch Office relaying DHCP that has externally set Option 82

‎07-19-2015 10:05 PM

Hello ,

 

Can you try the following confirguration : http://kb.juniper.net/InfoCenter/index?page=content&id=KB15755&smlogin=true .

 

make sure the DHCP services are enabled on the Client connecting and server connecting interfaces .


Thanks,
Sam

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too .....
SRX Services Gateway

Re: SRX Branch Office relaying DHCP that has externally set Option 82

‎07-21-2015 11:17 AM

Here's the new config

forwarding-options {
    helpers {
        bootp {
            server 64.79.51.243;
            maximum-hop-count 15;
            interface {
                vlan.10;
            }
        }
    }
}

Packets are still being dropped

> show dhcp relay statistics
Packets dropped:
    Total                      163
    dhcp-service total         163

Messages received:
    BOOTREQUEST                0
    DHCPDECLINE                0
    DHCPDISCOVER               0
    DHCPINFORM                 0
    DHCPRELEASE                0
    DHCPREQUEST                0

Messages sent:
    BOOTREPLY                  0
    DHCPOFFER                  0
    DHCPACK                    0
    DHCPNAK                    0
    DHCPFORCERENEW             0

Here's the log

Jul 21 13:05:51 [DEBUG] jdhcpd_io_reader: jdhcpd_io_reader: Entered
Jul 21 13:05:51 [NOTE]  jdhcpd_packet_info_new: successful malloc of new_pkt !!
Jul 21 13:05:51 [NOTE]  jdhcpd_packet_info_new: successful malloc of buff !!
Jul 21 13:05:51 [DEBUG] jdhcpd_io_recv_pkt: recvmsg() l3_ifindex: 72
Jul 21 13:05:51 [DEBUG][default:default][RLY][INET][vlan.10] jdhcpd_io_reader: Recv DHCP packet on logical-system default, routing-instance default, if vlan.10 size 331
Jul 21 13:05:51 [NOTE] [default:default][RLY][INET][vlan.10] jdhcpd_packet_handle: Received packet, dst address -1
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP   from == 0.0.0.0, port == 68 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP   size == 331, op == 1 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP  flags == 0 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP  htype == 1, hlen == 6 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP   hops == 0, xid == 7b010872 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP   secs == 33, flags == 0000 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP ciaddr == 0.0.0.0 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP yiaddr == 0.0.0.0 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP siaddr == 0.0.0.0 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP giaddr == 0.0.0.0 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP chaddr == 00 f7 6f 6e 4b 12 00 00 00 00 00 00 00 00 00 00 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP  sname ==  ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ DHCP/BOOTP   file ==  ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code  53, len   1, data DHCP-DISCOVER ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code  55, len   9, data 01 03 06 0f 77 5f fc 2c 2e ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code  57, len   2, data 05 dc ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code  61, len   7, data 01 00 f7 6f 6e 4b 12 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code  51, len   4, data 00 76 a7 00 ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code  12, len  12, data 61 70 62 62 2d 73 69 6c 69 63 6f 6e ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code  82, len  29, data 01 06 0a 00 3e b1 2b f4 02 06 0a 00 3e b1 f8 32 09 0b 00 00 00 a1 06 13 04 01 02 00 0a ]--
Jul 21 13:05:51 [INFO] [default:default][RLY][INET][vlan.10] --[ OPTION code 255, len   0 ]--
Jul 21 13:05:55 jdhcpd_authd_connect: Error connecting to authd, will retry: 9 - System call failed
Jul 21 13:05:55 jdhcpd_authd_retry: authd connect retry scheduled  

And, actually, dhcp relaying doesn't work at all in this new configuration. I disabled the setting of Option 82 on the wireless gear and the request is still being dropped.

SRX Services Gateway
Solution
Accepted by topic author zimage
‎08-26-2015 01:27 AM

Re: SRX Branch Office relaying DHCP that has externally set Option 82

‎07-21-2015 01:04 PM

I ran:

restart dhcp

and all is now well. 

SRX Services Gateway

Re: SRX Branch Office relaying DHCP that has externally set Option 82

‎07-21-2015 09:47 PM

Hello ,

 

Thanks for the update .


Thanks,
Sam

Please Mark My Solution Accepted if it Helped, Kudos are Appreciated too .....