DHCP address allcoated is not coming from a DHCP range matching the RelayAgent's IP address

Help
2013-05-01
2013-10-28
  • Laurent Lesle
    Laurent Lesle
    2013-05-01

    I have setup a network with multiple VLAN and I want to get an IP address based on the VLAN the desktop belongs to.
    The IP subnet I am using is 172.27.144/21 and is subneted into
    172.27.144.0/24 for VLAN 1000
    172.27.145.0/24 for VLAN 1100
    ...
    172.27.149.0/24 for VLAN 2800
    172.27.150.0/24 for VLAN 2900

    My Windows OpenDHCP server (version 1.58 build 1035) is listening on 172.27.149.100
    I have setup on the Cisco the DHCP relay and for each subnet I have an IP defined to act as the relay address.
    OpenDHCP IP address: 172.27.149.100/24
    Cisco IP address on VLAN 1000: 172.27.144.5/24
    Cisco IP address on VLAN 2900: 172.27.149.5/24

    Everyting is working fine. I can get IP addressses from my desktop.

    My issue is OpenDHPC does not match properly the RelayAgent IP with the DHCP scope and therefore returns an IP address that is not for the correct range.

    Here from the logs when I moved the desktop from VLAN 2900 to 1000:

    "
    DHCP Range: 172.27.150.10-172.27.150.200/255.255.255.0
    DHCP Range: 172.27.144.10-172.27.144.200/255.255.255.0
    ...
    DHCPREQUEST for 00:50:56:bc:cd:2a (VENUS) from RelayAgent 172.27.150.5 received
    Host 00:50:56:bc:cd:2a (VENUS) allocated 172.27.150.10 for 35000 seconds
    DHCPREQUEST for 00:50:56:bc:cd:2a (VENUS) from RelayAgent 172.27.144.5 received
    Host 00:50:56:bc:cd:2a (VENUS) allocated 172.27.150.10 for 35000 seconds
    "
    The second request should have returned 172.27.144.10.

    I have noticed that when the desktop send the DHCP DISCOVER when moved to the VLAN 1000 it includes it previous address that he received in the VLAN 2900 (RequestedIPAddress: 172.27.150.10 - Type 50)

    I tried to add the option FilterSubnetSelection but it does not change that behavior. also played with SubnetSelectionOption and TargetRelayAgent with no luck

    My config ranges are:
    [RANGE_SET]

    VLAN 1000

    DHCPRange=172.27.144.10-172.27.144.200
    SubnetMask=255.255.255.0
    DomainServer=172.27.149.100
    Router=172.27.144.1
    FilterSubnetSelection=172.27.144.5

    [RANGE_SET]

    VLAN 2900

    DHCPRange=172.27.150.10-172.27.150.200
    SubnetMask=255.255.255.0
    DomainServer=172.27.149.100
    Router=172.27.150.1
    FilterSubnetSelection=172.27.150.5

    Am I missing a setting somewhere?

     
  • jowag12
    jowag12
    2013-10-28

    I can confirm these findings. When a PC is refreshing its previous IP with just a request (without discover) the OpenDHCP server assinges the IP even though it did receive it from a relay agent that should serve another range. I also tested all avalable options for Filtering and target relay server which did not help.
    This is a major problem for PCs that are moving from one VLAN to another (e.g. due to 802.1x). The expected behavior is that the DHCP server NACKs the DHCP request where the range does not match the relay address, forcing the PC to restart DHCP with a new discover.

    Unfortunately this is a major drawback for me using the program which so far did work very well.