[Dnsmasq-discuss] dnsmasq dhcp relay not relaying response from upstream to client

Bino Oetomo bino at jogjacamp.co.id
Sat Jun 26 04:52:10 UTC 2021


Dear Geert Stappers
I really apprecate your help

On Sat, Jun 26, 2021 at 4:12 AM Geert Stappers <stappers at stappers.nl> wrote:

> On Fri, Jun 25, 2021 at 11:30:18AM +0700, Bino Oetomo wrote:
>
> > My question is:
> > I'm sure that freeradius sent the response,
>
> Carefull ...
>


> > but how to know if dnsmasq is receiving that response?
>
>   ... use networksniffer at **server** to verify that
>        the network packets actual do leave 'freeradius'
>        at the correct network interface.
>
> Next step will be netsniffing at the DHCP relay computer.
>
> I'm not good in network sniffing.
I take another root...
Try with isc-dhcp-relay : dhcrelay -d -i enp0s9 enp0s8 -id enp0s9 -iu
enp0s8 10.10.254.1
And at the client I got :
Listening on LPF/enp0s8/08:00:27:84:51:1b
Sending on   LPF/enp0s8/08:00:27:84:51:1b
Sending on   Socket/fallback
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 8
DHCPOFFER of 10.10.253.3 from 10.10.253.1
DHCPREQUEST for 10.10.253.3 on enp0s8 to 255.255.255.255 port 67
DHCPACK of 10.10.253.3 from 10.10.253.1
bound to 10.10.253.3 -- renewal in 3295 seconds.

So I'm pretty sure the FreeRadius sent the response and reach the
dhcp-relay node.


https://en.wikipedia.org/wiki/Network_Packet_Sniffer
>
>
> > my dnsmasq configuration
> >
> > port=0
> > interface=enp0s9
> > log-dhcp
> > dhcp-relay=10.10.253.1,10.10.254.1
>
> Manual page dnsmasq snippet:
>    --dhcp-relay=<local address>,<server address>[,<interface]
>
> So the 'dhcp-relay=10.10.253.1,10.10.254.1' looks good ...
>
>
> I edited it to --> dhcp-relay=10.10.253.1,10.10.254.1,enp0s8
enp0s8 is facing freeradius.
This is tcpdump  at the relay :

11:42:41.275012 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request
from 08:00:27:84:51:1b, length 300
11:42:41.275324 IP 10.10.253.1.67 > 10.10.254.1.67: BOOTP/DHCP, Request
from 08:00:27:84:51:1b, length 300
11:42:41.433288 IP 10.10.254.1.67 > 10.10.253.1.67: BOOTP/DHCP, Reply,
length 301
11:42:45.558901 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request
from 08:00:27:84:51:1b, length 300
11:42:45.559148 IP 10.10.253.1.67 > 10.10.254.1.67: BOOTP/DHCP, Request
from 08:00:27:84:51:1b, length 300
11:42:45.721512 IP 10.10.254.1.67 > 10.10.253.1.67: BOOTP/DHCP, Reply,
length 301
11:42:56.982058 IP 0.0.0.0.68 > 255.255.255.255.67: BOOTP/DHCP, Request
from 08:00:27:84:51:1b, length 300
11:42:56.982472 IP 10.10.253.1.67 > 10.10.254.1.67: BOOTP/DHCP, Request
from 08:00:27:84:51:1b, length 300
11:42:57.113442 IP 10.10.254.1.67 > 10.10.253.1.67: BOOTP/DHCP, Reply,
length 301

Againt, I'm pretty sure that freeradius sent the response and it reach the
relay.

But, still got the same conndition and client side

root at bakalandebian:~# dhclient -d enp0s8
Internet Systems Consortium DHCP Client 4.4.1
Copyright 2004-2018 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/enp0s8/08:00:27:84:51:1b
Sending on   LPF/enp0s8/08:00:27:84:51:1b
Sending on   Socket/fallback
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 3
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 3
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 4
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 11
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 13
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 7
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 14
DHCPDISCOVER on enp0s8 to 255.255.255.255 port 67 interval 5
No DHCPOFFERS received.
No working leases in persistent database - sleeping.

Yes isc-dhcp-relay works, but I need to stick with dnsmasq since I need to
take care about IPXE.

> So kindly please help me to fix this problem
>
> That was recieved as
>
>   Kindly help me with diagnosing a problem.
>
>
> Already started   :-)
>
>
> I Apologize for my bad english

Sincerely
-bino-
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.thekelleys.org.uk/pipermail/dnsmasq-discuss/attachments/20210626/610b5951/attachment-0001.htm>


More information about the Dnsmasq-discuss mailing list