Leandro <
[hidden email]> wrote:
> 1) Even when DHCPDARGS="eth0" is on dhcpd.conf
On dhcpd.conf, or in whatever config file your distro uses (/etc/default/isc-dhcp-server on Debian systems) to configure command line arguments ?
> Im still seeing dhcpd listening on all interfaces:
> [root@centos86_64 dhcp]# netstat -ulpn
> Active Internet connections (only servers)
> Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
> udp 0 0 0.0.0.0:67 0.0.0.0:* 1207/dhcpd
I see that on my systems too
> In fact dhcpd answer for requests coming from other intefaces.
But it ignores the interfaces it's not configured to listen on.
> 2)How do I achieve make dhcpd listen on specific interface ?
Specify them as arguments on the command line that starts the daemon - typically by configuring a list in a config file used by the startup script(s).
> 3) Is it mandatory to create an empty subnet declaration even for interface that has nothing to do with dhcp service? management interface for instance.
No
> 4)Using Wireshark can not find the gi-addr parameter.
> Is it possible that wireshark shows it as "Relay agent IP addrees" under bootp flags ?
Yes
> 5)Sniffing DORA sequence between my dhcpd server and relay agent I founded strange behavior (for me).
> discover is sent from relay wan ip to server ip
> offer is sent from server ip to relay agent lan ip
> request is sent from relay wan ip to server ip
> ack is sent from server to relay agent lan ip.
>
> Is this normal ?
> I was expecting only communication between relay agent wan ip and server ip.
> Now , for this to work I had to add both routes on my server (wan and lan prefixes).
You should have both routes in place anyway - otherwise you are storing up more "interesting problems" for yourself somewhere down the line !
Without looking (relevant systems and my "DHCP Bible"* are at work), I suspect what you see is correct.
The relay agent picks up a broadcast packet from the client, adds the GI-Addr, then sends it by unicast to the server. Since that packet is sent as a normal packet using normal routing rules etc, I suspect that in the absence of the daemon doing some work to specify a specific address, the source address of the packet will be the primary address of the egress interface.
When the server replies, it sends the packet with a destination address set to whatever was in GI-Addr of the request packet. That's how the relay agent knows which network the packet is destined for.
* I recommend "The DHCP Handbook" by Ralph Droms and Ted Lemon.
It has a wealth of information, including detailed but very readable explanations of how all this works, and why it's done that way (mostly for historical compatibility with the already existing BOOTP relay agents).
Either edition will do for this level of networking, I believe edition 2 adds stuff on failover.
_______________________________________________
dhcp-users mailing list
[hidden email]
https://lists.isc.org/mailman/listinfo/dhcp-users
Locked
