Dhcp Relaying; Setting Up A Dhcp Relayer - D-Link DFL-260E User Manual
Network security firewall netdefendos version 2.27.03
Hide thumbs
Also See for DFL-260E:
- Reference manual (948 pages) ,
- Log reference manual (652 pages) ,
- User manual (589 pages)
Table of Contents
Advertisement
5.3. DHCP Relaying
5.3. DHCP Relaying
The DHCP Problem
With DHCP, clients send requests to locate the DHCP server(s) using broadcast messages.
However, broadcasts are normally only propagated across the local network. This means that the
DHCP server and client always need to be on the same physical network. In a large Internet-like
network topology, this means there would have to be a different DHCP server on every network.
This problem is solved by the use of a DHCP relayer.
The DHCP Relayer Solution
A DHCP relayer takes the place of the DHCP server in the local network and acts as the link
between the client and a remote DHCP server. It intercepts requests coming from clients and relays
them to the DHCP server. The DHCP server then responds to the relayer, which forwards the
response back to the client. DHCP relayers use the TCP/IP Bootstrap Protocol (BOOTP) to
implement this relay functionality. For this reason DHCP relayers are sometimes referred to as
BOOTP relay agents.
The Source IP of Relayed DHCP Traffic
For relayed DHCP traffic, the option exists in NetDefendOS to use the interface on which it listens
as the source interface for forwarded traffic or alternatively the interface on which it sends out the
forwarded request.
Although all NetDefendOS interfaces are core routed (that is to say, a route exists by default that
routes interface IP addresses to Core) for relayed DHCP requests this core routing does not apply.
Instead, the interface is the source interface and not core.
Example 5.4. Setting up a DHCP Relayer
This example allows clients on NetDefendOS VLAN interfaces to obtain IP addresses from a DHCP server. It is
assumed the NetDefend Firewall is configured with VLAN interfaces vlan1 and vlan2 that use DHCP relaying, and
the DHCP server IP address is defined in the NetDefendOS address book as ip-dhcp. NetDefendOS will add a
route for the client when it has finalized the DHCP process and obtained an IP.
Command-Line Interface
1.
Add the VLAN interfaces vlan1 and vlan2 that should relay to an interface group called ipgrp-dhcp:
gw-world:/> add Interface InterfaceGroup ipgrp-dhcp
2.
Add a DHCP relayer called vlan-to-dhcpserver:
gw-world:/> add DHCPRelay vlan-to-dhcpserver Action=Relay
Web Interface
Adding VLAN interfaces vlan1 and vlan2 that should relay to an interface group named as ipgrp-dhcp:
1.
Go to Interface > Interface Groups > Add > InterfaceGroup
2.
Now enter:
Members=vlan1,vlan2
TargetDHCPServer=ip-dhcp
SourceInterface=ipgrp-dhcp
AddRoute=Yes
ProxyARPInterfaces=ipgrp-dhcp
235
Chapter 5. DHCP Services
- Quick Links:
- The Web Interface
- The Cli
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
