Project

General

Profile

Actions

Bug #10339

closed

dhcp relay does'nt work behind ipsec network beacuse wangw bridge

Added by sezer h over 4 years ago. Updated over 4 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
DHCP Relay
Target version:
-
Start date:
03/12/2020
Due date:
% Done:

0%

Estimated time:
Plus Target Version:
Release Notes:
Affected Version:
Affected Architecture:
All

Description

hi everyone,

i trying to use dhcprelay behind ipsec.

the pfsense dosent know dhcp relay ip address beacuse ipaddress behind the ipsec interfaces.

#interfaces.inc
$_gb = exec("/sbin/route -n get -{$family} " . escapeshellarg($ipaddress) . " | /usr/bin/awk '/interface/ { print \$2; };'", $output);

like output

10.1.1.30 pppoe0

dhcp relay error log.
Mar 12 14:40:23 dhcrelay If you think you have received this message due to a bug rather
Mar 12 14:40:23 dhcrelay Unsupported device type 53 for "pppoe0"
Mar 12 14:40:23 dhcrelay For info, please visit https://www.isc.org/software/dhcp/
Mar 12 14:40:23 dhcrelay All rights reserved.
Mar 12 14:40:23 dhcrelay Copyright 2004-2018 Internet Systems Consortium.

Actions #1

Updated by Jim Pingle over 4 years ago

  • Project changed from pfSense Packages to pfSense
  • Category set to DHCP Relay
  • Status changed from New to Rejected
  • Affected Version deleted (2.4.5)

There isn't enough information here for a coherent bug report, and it doesn't look like a new or unique issue that we can do anything about. Post on the forum to discuss your problem first.

DHCP Relay is unlikely to work with IPsec when run on the firewall -- run DHCP relay on your local L2/switch instead.
DHCP Relay isn't going to work on PPPoE (which is what your error is) -- that isn't something we can fix, it's a limitation of the DHCP relay daemon itself.
DHCP Relay attaching to interfaces it probably shouldn't has already been solved in #9466

Actions #2

Updated by sezer h over 4 years ago

hi again,

my configuration like below

wangw pppoe
dhcprelay host 10.1.1.1
dhcprelay host 10.1.1.2

but these ipadress behind ipsec network then when i save button click dhcprelay command output like

/usr/local/sbin/dhcrelay -i igb2.64 -i pppoe0 -a -m replace 10.1.1.1 10.1.1.2

and then relay doesn't work

system logs
----------------------------------------------------------------------------------------------
Mar 12 12:38:43 dhcrelay Unsupported device type 53 for "pppoe0"
Mar 12 12:38:43 dhcrelay For info, please visit https://www.isc.org/software/dhcp/
Mar 12 12:38:43 dhcrelay All rights reserved.
Mar 12 12:38:43 dhcrelay Copyright 2004-2018 Internet Systems Consortium.
Mar 12 12:38:43 dhcrelay Internet Systems Consortium DHCP Relay Agent 4.4.1
Mar 12 12:34:24 dhcrelay exiting.

after that i default code is as below

    foreach ($srvips as $srcidx => $srvip) {
        $destif = guess_interface_from_ip($srvip);
        if (!empty($destif)) {
            $dhcrelayifs[] = $destif;
        }
    }
    $dhcrelayifs = array_unique($dhcrelayifs);

    /* fire up dhcrelay */
    if (empty($dhcrelayifs)) {
        log_error(gettext("No suitable interface found for running dhcrelay!"));
        return; /* XXX */
    }

    $cmd = "/usr/local/sbin/dhcrelay -i " . implode(" -i ", $dhcrelayifs);

    if (isset($dhcrelaycfg['agentoption'])) {
        $cmd .= " -a -m replace";
    }

    $cmd .= " " . implode(" ", $srvips);
    echo $cmd;
    die();
    mwexec($cmd);
    unset($cmd);


and then i just added unset for pppoe

    foreach ($srvips as $srcidx => $srvip) {
        $destif = guess_interface_from_ip($srvip);
        if (!empty($destif)) {
            $dhcrelayifs[] = $destif;
        }
    }
    $dhcrelayifs = array_unique($dhcrelayifs);

    /* fire up dhcrelay */
    if (empty($dhcrelayifs)) {
        log_error(gettext("No suitable interface found for running dhcrelay!"));
        return; /* XXX */
    }

    unset($dhcrelayifs[1]);   //<-------------

    $cmd = "/usr/local/sbin/dhcrelay -i " . implode(" -i ", $dhcrelayifs);

    if (isset($dhcrelaycfg['agentoption'])) {
        $cmd .= " -a -m replace";
    }

    $cmd .= " " . implode(" ", $srvips);
    echo $cmd;
    die();
    mwexec($cmd);
    unset($cmd);

the command out put like below after that dhcprelay does work

/usr/local/sbin/dhcrelay -i igb2.64 -a -m replace 10.16.16.30 10.16.16.29

Actions

Also available in: Atom PDF