Cannot get IP address from DHCP server on VLAN-aware bridge

General questions
1

Hi,

I’m trying to configure a VLAN-aware bridge, but I couldn’t get clients to obtain IP address from DHCP server. My configuration is shown below. If I connect the client to eth2/3/4 it can get IP address 192.168.3.x from the DHCP server, but if I connect to eth5 the client can’t get an IP address. There is no entry in dhcpd log and monitor traffic interface eth5 shows the client repeatedly sending DHCP request with no reply at all:

19:49:32.031215 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from xx:xx:xx:xx:xx:xx (oui Unknown), length 300
19:49:35.859017 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from xx:xx:xx:xx:xx:xx (oui Unknown), length 300
19:49:39.862225 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from xx:xx:xx:xx:xx:xx (oui Unknown), length 300

But if I manually assign an IP address 192.168.4.x and gateway 192.168.4.1 on the client, the connection works fine. Is there something I missed in the configuration?

My config:

interfaces {
    bridge br0 {
        address 192.168.3.1/24
        description LAN
        enable-vlan
        member {
            interface eth2 {
                allowed-vlan 30
                native-vlan 1
            }
            interface eth3 {
                allowed-vlan 30
                native-vlan 1
            }
            interface eth4 {
                allowed-vlan 30
                native-vlan 1
            }
            interface eth5 {
                native-vlan 30
            }
        }
        vif 30 {
            address 192.168.4.1/24
            description Guest
        }
    }
    ethernet eth2 {
        hw-id xx:xx:xx:xx:xx:xc
    }
    ethernet eth3 {
        hw-id xx:xx:xx:xx:xx:xd
    }
    ethernet eth4 {
        hw-id xx:xx:xx:xx:xx:xe
    }
    ethernet eth5 {
        hw-id xx:xx:xx:xx:xx:xf
    }
}
service {
    dhcp-server {
        hostfile-update
        shared-network-name Guest1 {
            subnet 192.168.3.0/24 {
                default-router 192.168.3.1
                lease 86400
                name-server 61.139.2.69
                name-server 218.6.200.139
                range 0 {
                    start 192.168.3.100
                    stop 192.168.3.199
                }
            }
        }
        shared-network-name Guest2 {
            subnet 192.168.4.0/24 {
                default-router 192.168.4.1
                lease 86400
                name-server 61.139.2.69
                name-server 218.6.200.139
                range 0 {
                    start 192.168.4.100
                    stop 192.168.4.199
                }
            }
        }
    }
}
2

To figure it out try static/directly connected route
And which version?

3

Could you please explain what you mean by “static/directly connected route”?
If I manually assign the IP and gateway on the client everything works fine (I can access the router, other hosts on the different subnets and the Internet). The only problem is no IP can be obtained by DHCP.
If I disable VLAN on the bridge, everything works fine too including DHCP.
I’m using version 1.3 (1.3-rolling-202211051234) built by following this.

4

Order of operation?
If you first create vlan30 scope, commit, and then create vif30, this scope might not work untill next dhcp service restart

5

Hi ,

Based on your configuration, it should work if you configure correctly the trunk ports ( eth2/eth3/eth4) should receive the traffic tagged, untagged on eth5 (from the client perspective)

vyos@vyos:~$ show configuration commands | match "bridge|dhcp"
set interfaces bridge br0 address '192.168.3.1/24'
set interfaces bridge br0 description 'LAN'
set interfaces bridge br0 enable-vlan
set interfaces bridge br0 member interface eth0 allowed-vlan '30'
set interfaces bridge br0 member interface eth0 native-vlan '1'
set interfaces bridge br0 member interface eth1 allowed-vlan '30'
set interfaces bridge br0 member interface eth1 native-vlan '1'
set interfaces bridge br0 member interface eth3 native-vlan '30'
set interfaces bridge br0 vif 30 address '192.168.4.1/24'
set interfaces bridge br0 vif 30 description 'guest'
set service dhcp-server hostfile-update
set service dhcp-server shared-network-name Guest1 subnet 192.168.3.0/24 default-router '192.168.3.1'
set service dhcp-server shared-network-name Guest1 subnet 192.168.3.0/24 lease '86400'
set service dhcp-server shared-network-name Guest1 subnet 192.168.3.0/24 name-server '61.139.2.69'
set service dhcp-server shared-network-name Guest1 subnet 192.168.3.0/24 name-server '218.6.200.139'
set service dhcp-server shared-network-name Guest1 subnet 192.168.3.0/24 range 0 start '192.168.3.100'
set service dhcp-server shared-network-name Guest1 subnet 192.168.3.0/24 range 0 stop '192.168.3.199'
set service dhcp-server shared-network-name Guest2 subnet 192.168.4.0/24 default-router '192.168.4.1'
set service dhcp-server shared-network-name Guest2 subnet 192.168.4.0/24 lease '86400'
set service dhcp-server shared-network-name Guest2 subnet 192.168.4.0/24 name-server '61.139.2.69'
set service dhcp-server shared-network-name Guest2 subnet 192.168.4.0/24 name-server '218.6.200.139'
set service dhcp-server shared-network-name Guest2 subnet 192.168.4.0/24 range 0 start '192.168.4.100'
set service dhcp-server shared-network-name Guest2 subnet 192.168.4.0/24 range 0 stop '192.168.4.199'
vyos@vyos:~$
vyos@vyos:~$ show dhcp server leases
IP address     Hardware address    State    Lease start          Lease expiration     Remaining    Pool    Hostname
-------------  ------------------  -------  -------------------  -------------------  -----------  ------  ----------
192.168.4.100  00:50:79:66:68:06   active   2022/12/26 19:59:13  2022/12/27 19:59:13  23:50:31     Guest2  VPCS1
192.168.4.101  50:00:00:07:00:00   active   2022/12/26 20:07:04  2022/12/27 20:07:04  23:58:22     Guest2  vyos

I suggest avoiding using VLAN 1 to use dhcp requests, it also is used by bridge messages (stp , etc) .