Bug #8444
closed
ovpnc as upstream dhcp relay interface
0%
Description
Not directly related to Bug 8443, but has something in common:
Following setup to pass DHCP relay requests via Openvpn:
DHCP client <---> LAN DHCP relay on pfsense <----> OpenVPN Tun <----> another pfsense as ovpn server <----> DHCP server (with settings fro remote client)
Ovpnc on system with dhcp relay is serving as relay upstream interface. DHCP discovers are passed from relay to remote DHCP server and DHCP offers come back to ovpnc interface. But they not appear on LAN where DHCP client is connected. PCAP of ovpnc interface is attached
Tried explicitly set ovpnc as upstream interface:
[2.4.3-RELEASE][admin@pfSense.localdomain]/root: /usr/local/sbin/dhcrelay -i vmx1 -iu ovpnc1 10.0.13.1
Requesting: vmx1 as upstream: Y downstream: Y
Requesting: ovpnc1 as upstream: Y downstream: N
...........
Unsupported device type 23 for "ovpnc1"
It looks like DHCP relay doesn't want to accept dhcp messages from ovpnc.
Files
Updated by Steve Wheeler about 6 years ago
This appears to be the expected behaviour as isc-dhcpd cannot bind to adapters with no MAC address.
However you can workaround it by using TAP interfaces but still routing across the tunnel.
#INC-3057
Updated by Jim Pingle about 6 years ago
- Status changed from New to Not a Bug
- Assignee set to Jim Pingle
- Target version deleted (
2.4.4)
Yeah that does appear to be a limitation. For a site to site, tap should work the same as tun in most cases though, so it should be a good workaround. It can work as a routed setup, doesn't need to be bridged or do anything crazy. Just switch from tun to tap and keep everything else the same in most setups.
Slightly more overhead for carrying the L2 info but otherwise no difference.