Page MenuHomeVyOS Platform
Create Task
Maniphest T5004

DHCP-Relay potential bug. Static configurations of DHCP-Relay Interfaces
Needs testing, NormalPublicBUG
Actions

Assigned To
None
Authored By
kevin.roberts.sealingtech
Feb 13 2023, 6:02 PM
Tags
Referenced Files
F3918667: image.png
Nov 30 2023, 6:59 AM
F3918665: image.png
Nov 30 2023, 6:59 AM
F3918663: image.png
Nov 30 2023, 6:59 AM
F3918661: image.png
Nov 30 2023, 6:59 AM
F3918656: image.png
Nov 30 2023, 6:59 AM
F3917966: image.png
Nov 29 2023, 1:35 PM
F3917964: image.png
Nov 29 2023, 1:35 PM
F3917962: image.png
Nov 29 2023, 1:35 PM
View All 11 Files
Subscribers
a.hajiyev
kevin.roberts.sealingtech
n.fort
pasik
Viacheslav
Maintainers

Description

Hello, hope you are doing well today. I noticed this bug while doing a small proof of concept and couldn't find any references to it in your documentation. Please forgive me if this is duplicative, I don't navigate the "bug report" space very often.

Quick Summary:
I believe DHCP-Relay configurations hardcode the "Relay Agent IP Address" field in their configuration at the time of initial configuration. If you change an interface or VIF IP after setting up DHCP Relay, the old interface IP will still be sent as the "Relay Agent IP Address" unless you re-do the DHCP-Relay configuration. Its possible that this is expected behavior, but it seems to me like it could be unexpected and/or easily fixable as well.

Steps to reproduce:
--Configure an interface with an IP address
--Configure DHCP Relay on that interface
--Commit your changes
--Reconfigure the original interface from step 1 to a different IP
--Commit your changes
--Perform a PCAP on DHCP Discover traffic and you should still see the original IP address vs the updated in the "Relay Agent IP Address" field

set interfaces ethernet eth1 vif 4050 address '192.168.51.1/24'
set service dhcp-relay interface 'eth1.4050'
commit
delete interfaces ethernet eth1 vif 4050 address '192.168.51.1/24'
set interfaces ethernet eth1 vif 4050 address '192.168.50.1/24'

Troubleshooting Steps I took:
Restart DHCP Relay-Agent (did not resolve)
Administratively shut down interface and re-enable (did not resolve)
Remove the DHCP relay line and then re-apply (delete service dhcp-relay interface 'eth1.4050' set service dhcp-relay interface 'eth1.4050')

Removing the DHCP Relay line and re-applying solved this issue. This leads me to believe that the DHCP-relay configuration is hardcoded to an interface's IP at the time of configuration. Notably I did NOT do a restart of the entire system.

Suggested Actions:
Unfortunately I don't know enough about coding to suggest a technical fix, or to perform the fix myself. However, my theory is that this configuration hardcodes the IP address at the time of DHCP-Relay configuration and does not change it.

Maybe you could adjust the way the DHCP-Relay configuration works to read dynamically from interfaces (at least during service start and shut down).

Alternatively, you could make a note in the documentation that if you reconfigure any DHCP Relay interfaces you must re-configure the dhcp-relay configuration as well to make them update. https://docs.vyos.io/en/equuleus/configuration/service/dhcp-relay.html

Its a pretty little thing, but it messed me up for an hour or two trying to figure out why my DHCP wasn't working. Best of luck, vyOS is a great product 👍🏻

Version Information (I compiled from source a few months ago I think):
run show version Version:          VyOS LTS 1.3.2
Release train:    equuleus Built by:         [email protected]
Built on:         Wed 09 Nov 2022 23:18 UTC
Build UUID:       e0f8f761-5fdc-4c99-8b90-90827f9d694a
Build commit ID:  d44942002692c6 Architecture:     x86_64
Boot via:         installed image

Details

Difficulty level
Unknown (require assessment)
Version
VyOS LTS 1.3.2 - vyos-1.4-rolling-202302140317
Why the issue appeared?
Will be filled on close
Is it a breaking change?
Unspecified (possibly destroys the router)
Issue type
Internal change (not visible to end users)

Related Objects

Event Timeline

kevin.roberts.sealingtech created this task.Feb 13 2023, 6:02 PM
pasik added a subscriber: pasik.Feb 13 2023, 6:46 PM
n.fort added a subscriber: n.fort.EditedFeb 13 2023, 6:53 PM

Can you provide this configuration on both setups:

show config comm | grep relay

# And route to relay server
show ip route <relay_server>
kevin.roberts.sealingtech added a comment.Feb 13 2023, 7:23 PM
In T5004#142577, @n.fort wrote:

Can you provide this configuration on both setups:

show config comm | grep relay

# And route to relay server
show ip route <relay_server>

Unfortunately, I no longer have the setup handy but I am 99% sure the routing was all fine after I adjusted the interface (I checked it at the time but didn't document). Everything was directly connected to the router and I was able to ping between the networks. The dchp-relay configs were this:

set service broadcast-relay
set service dhcp-relay interface 'eth1.4045'
set service dhcp-relay interface 'eth1.4050'
set service dhcp-relay relay-options
set service dhcp-relay server '192.168.45.5'

Also have a PCAP attached if that helps.

DHCPExport.pcap2 KBDownload

n.fort added a comment.Feb 14 2023, 3:18 PM

I can confirm this behavior, which occurs when changing IP address on listening interface (where dhcp-discover is captured).
Issue present in 1.3.2 .
It's also present in latest vyos-1.4-rolling-202302140317, regardless if old interface syntax is used, or if new upstream-interfces plus listen-interface commands are used.

n.fort changed the task status from Open to Confirmed.Feb 14 2023, 3:19 PM
n.fort added a project: VyOS 1.4 Sagitta.
n.fort changed Version from VyOS LTS 1.3.2 to VyOS LTS 1.3.2 - vyos-1.4-rolling-202302140317.
n.fort added a comment.Feb 14 2023, 5:37 PM

In Both version, restarting relay service solved the issue:

sudo systemctl restart isc-dhcp-relay
kevin.roberts.sealingtech added a comment.Feb 14 2023, 5:53 PM

FYI When I was troubleshooting I used:

restart dhcp relay-agent

and it did not resolve. Not sure if that does something different than the full systemctl service restart that you did in your example.

n.fort mentioned this in T4601: dhcp : relay agent IP address issue..Feb 14 2023, 6:36 PM
n.fort added a comment.Feb 14 2023, 6:44 PM

Thanks Keving: https://vyos.dev/T5009

syncer edited projects, added VyOS 1.3 Equuleus (1.3.5); removed VyOS 1.3 Equuleus.Aug 27 2023, 12:09 AM
a.hajiyev added a subscriber: a.hajiyev.Nov 29 2023, 1:35 PM

Tested in VyOS 1.4-rolling-202311100309

image.png (439×773 px, 31 KB)

DHCP Server configurations:

set interfaces ethernet eth0 address '172.17.17.5/24'
set protocols static route 10.1.0.0/24 next-hop 172.17.17.6
set protocols static route 10.2.0.0/24 next-hop 172.17.17.6

set service dhcp-server listen-address '172.17.17.5'
set service dhcp-server shared-network-name VyOS-1.4-1 subnet 10.1.0.0/24 default-router '10.1.0.1'
set service dhcp-server shared-network-name VyOS-1.4-1 subnet 10.1.0.0/24 lease '8000'
set service dhcp-server shared-network-name VyOS-1.4-1 subnet 10.1.0.0/24 range 0 start '10.1.0.5'
set service dhcp-server shared-network-name VyOS-1.4-1 subnet 10.1.0.0/24 range 0 stop '10.1.0.50'
set service dhcp-server shared-network-name VyOS-1.4-2 subnet 10.2.0.0/24 default-router '10.2.0.1'
set service dhcp-server shared-network-name VyOS-1.4-2 subnet 10.2.0.0/24 lease '8000'
set service dhcp-server shared-network-name VyOS-1.4-2 subnet 10.2.0.0/24 range 0 start '10.2.0.5'
set service dhcp-server shared-network-name VyOS-1.4-2 subnet 10.2.0.0/24 range 0 stop '10.2.0.50'

DHCP Relay configurations:

set interfaces ethernet eth0 address '172.17.17.6/24'
set interfaces ethernet eth1 vif 11 address '10.1.0.1/24'
set interfaces ethernet eth1 vif 12 address '10.2.0.1/24'

set service dhcp-relay listen-interface 'eth1.11'
set service dhcp-relay listen-interface 'eth1.12'
set service dhcp-relay relay-options relay-agents-packets 'discard'
set service dhcp-relay server '172.17.17.5'
set service dhcp-relay upstream-interface 'eth0'

Checking:

image.png (661×1 px, 101 KB)

image.png (654×1 px, 100 KB)

Resetting new IP addresses for the interface and resetting dhcp relay-agent:

[email protected]# delete interfaces ethernet eth1 vif 11 address
[edit]
[email protected]# delete interfaces ethernet eth1 vif 12 address
[edit]
[email protected]# set interfaces ethernet eth1 vif 11 address '10.1.0.11/24'
[edit]
[email protected]# set interfaces ethernet eth1 vif 12 address '10.2.0.11/24'
[edit]
[email protected]# commit
[edit]
[email protected]# run restart dhcp relay-agent
[edit]

Checking:

image.png (807×1 px, 118 KB)

image.png (684×1 px, 110 KB)

Note: Relay agent IP address changed after the restart dhcp relay-agent command

a.hajiyev added a comment.Nov 30 2023, 6:59 AM

Tested in VyOS 1.3.4

image.png (371×806 px, 24 KB)

DHCP Server configurations (VyOS version 1.4):

set interfaces ethernet eth0 address '172.17.17.5/24'
set protocols static route 10.11.0.0/24 next-hop 172.17.17.7
set protocols static route 10.12.0.0/24 next-hop 172.17.17.7

set service dhcp-server listen-address '172.17.17.5'
set service dhcp-server shared-network-name VyOS-1.3-1 subnet 10.11.0.0/24 default-router '10.11.0.1'
set service dhcp-server shared-network-name VyOS-1.3-1 subnet 10.11.0.0/24 lease '8000'
set service dhcp-server shared-network-name VyOS-1.3-1 subnet 10.11.0.0/24 range 0 start '10.11.0.5'
set service dhcp-server shared-network-name VyOS-1.3-1 subnet 10.11.0.0/24 range 0 stop '10.11.0.50'
set service dhcp-server shared-network-name VyOS-1.3-2 subnet 10.12.0.0/24 default-router '10.12.0.1'
set service dhcp-server shared-network-name VyOS-1.3-2 subnet 10.12.0.0/24 lease '8000'
set service dhcp-server shared-network-name VyOS-1.3-2 subnet 10.12.0.0/24 range 0 start '10.12.0.5'
set service dhcp-server shared-network-name VyOS-1.3-2 subnet 10.12.0.0/24 range 0 stop '10.12.0.50'

DHCP Relay configurations (VyOS version 1.3.4):

set interfaces ethernet eth0 address '172.17.17.7/24'
set interfaces ethernet eth1 vif 11 address '10.11.0.1/24'
set interfaces ethernet eth1 vif 12 address '10.12.0.1/24'

set service dhcp-relay interface 'eth0'
set service dhcp-relay interface 'eth1.11'
set service dhcp-relay interface 'eth1.12'
set service dhcp-relay relay-options relay-agents-packets 'discard'
set service dhcp-relay server '172.17.17.5'

Checking:

image.png (798×1 px, 84 KB)

image.png (801×1 px, 91 KB)

Resetting new IP addresses for the interface and resetting dhcp relay-agent:

vyos@DHCP-Relay-1-3# delete interfaces ethernet eth1 vif 11 address
[edit]
vyos@DHCP-Relay-1-3# delete interfaces ethernet eth1 vif 12 address
[edit]                                                                                
vyos@DHCP-Relay-1-3# set interfaces ethernet eth1 vif 11 address '10.11.0.11/24'
[edit]
vyos@DHCP-Relay-1-3# set interfaces ethernet eth1 vif 12 address '10.12.0.11/24'
[edit]
vyos@DHCP-Relay-1-3# commit
[edit]
vyos@DHCP-Relay-1-3# run restart dhcp relay-agent
[edit]

Checking:

image.png (801×1 px, 91 KB)

image.png (802×1 px, 109 KB)

Note: Same as the 1.4 version the relay agent IP address changed after the restart dhcp relay-agent command

syncer edited projects, added VyOS 1.3 Equuleus (1.3.6); removed VyOS 1.3 Equuleus (1.3.5).Dec 17 2023, 11:36 PM
Viacheslav changed the task status from Confirmed to Needs testing.Jan 20 2024, 11:52 AM
Viacheslav triaged this task as Normal priority.
Viacheslav added a subscriber: Viacheslav.

Was this fixed?

syncer edited projects, added VyOS 1.3 Equuleus (1.3.7); removed VyOS 1.3 Equuleus (1.3.6).Feb 10 2024, 9:17 AM