DHCP Relay through RED Tunnel

Question

I am trying to setup DHCP relay for a RED Device. Is this possible because I can't get it to work. I am running SFOS 18.5.1 MR-1-Build326 
 
 172.16.10.13 is the IP address for my Windows Server DHCP. 
 
 I ran packet capture on the device and it shows the requests arriving but it would appear they are being blocked 
 
 If I assign myself a static on the laptop I am using for testing behind the RED say, 172.16.15.20, then I can ping the server 172.16.10.13 and i can also ping the laptop from the server, so i am fairly sure that the routing is correct. Seems like the firewall is blocking the traffic but I can't figure out why.

BeEf · Answer

Hi Kevin,

I also had some of these issues with migrated RED devices from SG. Somehow it works if you first use the integrated DHCP Server and switch back.
I was not able to fully understand and resolve the issue.

- There might be asysnchronic routing and/or missing firewall rules involved.
- Look for dropped packets on the CLI and try to figure out what happens!
- Also consider the way back and NAT issues. The commucation is UDP. There might be timeouts in the session awareness if the DHCP server is on the WAN.
- The behaviour might be different when you use a single bridged network for all reads instead a single network per RED (my faulting scenario).
- Do an explicit deny rule and switch on logging and see what packets are dropped on the end.

There is also some DHCP Option where you can set on the server and an magic ip 1234 - both ot them influence how the packets are actually handled.

Regards,
BeEf

DHCP Relay through RED Tunnel

Top Replies