DHCP Forwarder/DHCP Relay

Adam1986 · March 2, 2021, 12:19pm

Good afternoon,

Wondered if someone could help me?

I usually use DNSMasq for DHCP, but I have a site to site VPN with OpenWRT routers at two homes.

Have a Windows Server at either site, and I am looking at running Windows DHCP in Failover and would be keen to be able to dish out a split scope from both DHCP servers.

Both homes use their own subnets (192.168.0.0/24 & 192.168.1.0/24).

My understanding is i need to put some sort of DHCP Forwarder/Relay on OpenWRT and disable DHCP on DNSMasq, but I am not too sure where to go from here. Am i able to specifiy multiple forwarders for both Windows DHCP servers?

iplaywithtoys · March 2, 2021, 2:41pm

dnsmasq can act as a DHCP relay, with the "--dhcp-relay" option - see https://dnsmasq.org/docs/dnsmasq-man.html

However, I'm not sure how that would be exposed or managed by OpenWRT.

Instead, I see that OpenWRT does have an optional package called "isc-dhcp-relay-ipv4", which might be of use here.

Adam1986 · March 2, 2021, 3:11pm

Yes I am a little unsure on the DNSMasq front too, although that looks like it would be the best option as the manual does seem to imply that it multiple servers can be specificed.

Hopefully someone else will come along with better knoweledge than me on this one.

I think i'd struggling installing the isc-dhcp-relay due to lack of space on the OpenWRT devices.

Adam1986 · March 4, 2021, 10:48am

Just thought I'd give an update to say I've managed to get this working.

I updated to the latest OpenWRT build prior to doing all of this, as I'd read somewhere that DHCP Relay wasnt working in DNSMasq until a really recent version. I was on 19.07.2 previously, so it was a year old.

At first I couldn't get this working via DNSMasq, and I even tried the isc-dhcp-delay package, I could see the discovers and offers coming into the DHCP server on the subnet at the other end of the site to site VPN but their were no acks.

I did a bit more digging with the DNSMasq configuration and the trick that actually got this working was to remove the following lines from /etc/config/dhcp:

config dhcp 'lan'
	option interface 'lan'
	option ignore '1'

Leaving this as just ignore interface just seemed to completely ignore any DHCP discovery completely sent out on the network that would essentially hit the router.

I then added the following to /etc/dnsmasq.conf

dhcp-relay=192.168.0.1,192.168.1.4
dhcp-relay=192.168.0.1,192.168.0.4

The 1st IP is the IP address of the OpenWRT router, and then 2nd IP is the DHCP server.

So far have tested in load balanced DHCP and this works perfectly, also setting to just a standby failover DHCP works perfect too and if you stop the service on one server the other one just takes over as expected.

system · March 14, 2021, 10:48am

This topic was automatically closed 10 days after the last reply. New replies are no longer allowed.