Tuesday, January 8, 2013

DHCP forwarding with a relay server

What if you have several local networks and you don't want a DHCP server on each? Don't worry about that! You only need a single DHCP server and many DHCP relay servers forwarding the requests to it.

I'll explain how to configure both servers using an example of two networks, on which is the main DHCP server, and, on which is the DHCP relay server, as shown in this figure:

Network map

The main DHCP server is an Ubuntu 12.04 precise and the DHCP relay server is a Debian 6.0.5 squeeze. The packages you need to install are:
  • The DHCP server: isc-dhcp-server
  • The DHCP relay server: isc-dhcp-relay
You are supposed to configure the main DHCP server for its own network and, in addition, you'll have to configure it for the other network(s). In my example, the end of the /etc/dhcp/dhcp.conf file looks like this:

option domain-name "local.net";
subnet netmask {
  option routers;
  option domain-name-servers,;
subnet netmask {
  option routers;

This is a very basic configuration and you might want to include more directives for your own networks.

When installing the package isc-dhcp-relay, the setup process will start automatically and it will modify the file /etc/default/isc-dhcp-relay. However, in case you might want to change something later, here's the content of the file for my example:

# Defaults for isc-dhcp-relay initscript
# sourced by /etc/init.d/isc-dhcp-relay
# installed at /etc/default/isc-dhcp-relay by the maintainer scripts

# This is a POSIX shell fragment

# What servers should the DHCP relay forward requests to?

# On what interfaces should the DHCP relay (dhrelay) serve DHCP requests?

# Additional options that are passed to the DHCP relay daemon?

You can specify many DHCP servers to relay to of the interface on which to bind for requests. Just read the man page for more information.

After the changes and restarting both DHCP servers, the clients in the same network as the DHCP relay server should be able to requests an IP address (try with sudo ifup eth0 on the client):

Listening on LPF/eth0/08:00:27:2b:4c:c3
Sending on   LPF/eth0/08:00:27:2b:4c:c3
Sending on   Socket/fallback
DHCPDISCOVER on eth0 to port 67 interval 4
DHCPREQUEST on eth0 to port 67
bound to -- renewal in 248 seconds.

Notice that the IP address was offered by the DHCP relay server, not the main DHCP server.

Now the interface is configured (type sudo ifconfig eth0 on the client):

eth0      Link encap:Ethernet  HWaddr 08:00:27:2b:4c:c3  
          inet addr:  Bcast:  Mask:
          inet6 addr: fe80::a00:27ff:fe2b:4cc3/64 Scope:Link
          RX packets:49 errors:0 dropped:0 overruns:0 frame:0
          TX packets:102 errors:0 dropped:0 overruns:0 carrier:0
          collisions:0 txqueuelen:1000 
          RX bytes:8373 (8.1 KiB)  TX bytes:17609 (17.1 KiB)

Just for curiosity, look at the end of the syslog on the main DHCP server and you will read something similar to this:

Jan  7 20:40:30 odin dhcpd: DHCPDISCOVER from 08:00:27:2b:4c:c3 via
Jan  7 20:40:30 odin dhcpd: DHCPOFFER on to 08:00:27:2b:4c:c3 via
Jan  7 20:40:30 odin dhcpd: DHCPREQUEST for ( from 08:00:27:2b:4c:c3 via
Jan  7 20:40:30 odin dhcpd: DHCPACK on to 08:00:27:2b:4c:c3 via
Jan  7 20:44:38 odin dhcpd: DHCPREQUEST for from 08:00:27:2b:4c:c3 via vboxnet0
Jan  7 20:44:38 odin dhcpd: DHCPACK on to 08:00:27:2b:4c:c3 via vboxnet0

Once again, it's the DHCP relay server who made the request on the client's behalf.

No comments:

Post a Comment