[c-nsp] Setting relay agent IP on 4500
Jason Lixfeld
jason at lixfeld.ca
Mon Jul 31 10:38:49 EDT 2017
> On Jul 29, 2017, at 4:12 AM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
>
> On 28/07/17 22:12, Jason Lixfeld wrote:
>> Hi all,
>>
>> I’ve got a 4500 Sup7L-E running 15.2(2) acting as a DHCP relay with
>> clients directly connected to it. The client interfaces on this
>> relay are in VRFs, and the helper is in the global table.
>>
>> The issue is the 4500 stamps the relay agent IP in the DISCOVER as
>> being the incoming interface IP where the DISCOVER was received,
>
> By relay agent IP do you mean giaddr in the bootp header?
Yup. Wireshark decodes that as “Relay Agent IP address”.
> If so, this is required - that's how DHCP servers discover the source subnet.
Agreed. However, if the relay is configured to use option 82 sub option 5 (RFC3527), the relay can overwrite the giaddr to an IP that is reachable by the DHCP server (typically the egress interface instead of the ingress interface). The relay would also inserts the link subnet into the option 5 field, and the server uses that value to select the subnet it should allocate from, instead of using giaddr to signal that.
> You'd need support at the DHCP server side to map giaddr to a different reply IP.
>
> I believe ISC dhcpd lacks this but the newer Kea might have it?
> _______________________________________________
> cisco-nsp mailing list cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
More information about the cisco-nsp
mailing list