Zdravim,
mam problem s tim, ze ISC DHCP server se snazi nabidnout IP ze spatneho subnetu 201.201.202.109 pri relayi giaddr 192.168.220.1:
Jun 2 11:22:42 mgmt dhcpd: DHCPDISCOVER from 00:15:65:13:62:67 via 192.168.220.1
Jun 2 11:22:42 mgmt dhcpd: DHCPOFFER on 201.201.202.85 to 00:15:65:13:62:67 via 192.168.220.1
Dulezite info: 201.201.x.x/24 jsou INTERNI subnety, relikt z minulych dob, migruje se to v ramci moznosti na RFC1918.
Konfigurace:
DHCP server: Debian Jessie, isc-dhcp-server version: 4.2.4-7 (virtualni stroj na XENu)
DHCP server IP: 201.201.201.240
DHCP Relay: Cisco 3560g
DHCP Relay IP: 192.168.220.1 (vlan)
Cisco 3560g IP: 201.201.201.1 (primary IP)
Cilovy subnet: 192.168.220.0/24
/etc/dhcp/dhcpd.conf:
shared-network domain.tld {
...
subnet 201.201.202.0 netmask 255.255.255.0 {
option domain-name "domain.cz";
option domain-name-servers 201.201.201.3,201.201.201.240;
option broadcast-address 201.201.202.255;
range 201.201.202.85 201.201.202.199;
option routers 201.201.202.3;
option subnet-mask 255.255.255.0;
default-lease-time 28800;
max-lease-time 32400;
}
...
#voip-internal
subnet 192.168.220.0 netmask 255.255.255.0 {
option domain-name "domain.tld";
option domain-name-servers 201.201.201.238,201.201.201.240;
option broadcast-address 192.168.220.255;
option routers 192.168.220.1;
option subnet-mask 255.255.255.0;
option ntp-servers 201.201.201.238,201.201.201.240;
default-lease-time 28800;
max-lease-time 32400;
}
}
DHCP server route table:
192.168.220.0/24 via 201.201.201.1 dev eth0
201.201.201.0/24 dev eth0 proto kernel scope link src 201.201.201.240
Cisco 3560g route table:
C 201.201.201.0/24 is directly connected, Vlan1
C 192.168.220.0/24 is directly connected, Vlan220
Debug dhcp server:
09:54:11.535148 IP (tos 0x0, ttl 255, id 13775, offset 0, flags [none], proto UDP (17), length 576)
192.168.220.1.bootps > 201.201.201.240.bootps: [udp sum ok] BOOTP/DHCP, Request from 00:15:65:13:62:67 (oui Unknown), length 548, hops 1, xid 0x8caa6b7a, secs 100, Flags [none] (0x0000)
Gateway-IP 192.168.220.1
Client-Ethernet-Address 00:15:65:13:62:67 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Discover
Client-ID Option 61, length 7: ether 00:15:65:13:62:67
Vendor-Class Option 60, length 12: "udhcp 1.10.3"
MSZ Option 57, length 2: 576
Parameter-Request Option 55, length 14:
Subnet-Mask, Time-Zone, Default-Gateway, Time-Server
Domain-Name-Server, LOG, Hostname, Domain-Name
BR, NTP, TFTP, BF
Vendor-Option, Option 120
09:54:11.535396 IP (tos 0x0, ttl 64, id 61270, offset 0, flags [DF], proto UDP (17), length 328)
201.201.201.240.bootps > 192.168.220.1.bootps: [bad udp cksum 0x31aa -> 0xc2c5!] BOOTP/DHCP, Reply, length 300, hops 1, xid 0x8caa6b7a, secs 100, Flags [none] (0x0000)
Your-IP 201.201.202.109
Gateway-IP 192.168.220.1
Client-Ethernet-Address 00:15:65:13:62:67 (oui Unknown)
Vendor-rfc1048 Extensions
Magic Cookie 0x63825363
DHCP-Message Option 53, length 1: Offer
Server-ID Option 54, length 4: 201.201.201.240
Lease-Time Option 51, length 4: 28800
Subnet-Mask Option 1, length 4: 255.255.255.0
Default-Gateway Option 3, length 4: 201.201.202.3
Domain-Name-Server Option 6, length 8: 201.201.201.238,201.201.201.240
Domain-Name Option 15, length 9: "domain.tld"
BR Option 28, length 4: 201.201.202.255
Debug Cisco 3560g:
001766: DHCPD: setting giaddr to 192.168.220.1.
001767: DHCPD: BOOTREQUEST from 0100.1565.1362.67 forwarded to 201.201.201.240.
001768: DHCPD: forwarding BOOTREPLY to client 0015.6513.6267.
001769: DHCPD: creating ARP entry (201.201.202.109, 0015.6513.6267).
001770: DHCPD: unicasting BOOTREPLY to client 0015.6513.6267 (201.201.202.109).
Netusi nekdo, kde je zakopany pes?
Diky, MP
1 Odpovědí
1796 Zhlédnutí