DHCP-Relay Problems

Good day to all. I’ve been running into issues with the dhcp-relay service for a couple of months now. Every time I upgrade beyond version 1.4-rolling-2023019920218 I cannot get a wan IP address from my provider.

I keep getting the message “Discarding packet received on interface that has no IPv4 Address assigned.” Even with the dhcp-relay service disabled, I cannot get a WAN address.

Any thoughts?

Could you please share your configuration and your current running version.

$ show configuration command | strip-private
$ show version

Please take packet capture at dhcp client interface and at the dhcp relay server listening interface

set firewall group interface-group LAN interface 'bond0.2'
set firewall group interface-group LAN interface 'bond0.3'
set firewall group interface-group LAN interface 'bond0.4'
set firewall group interface-group LAN interface 'bond0.5'
set firewall group interface-group LAN interface 'bond0.6'
set firewall group interface-group LAN interface 'bond0.7'
set firewall group interface-group LAN interface 'bond0.11'
set firewall group interface-group LAN interface 'bond0.14'
set firewall group interface-group MANAGEMENT interface 'bond0.11'
set firewall group interface-group RADIUS interface 'bond0.2'
set firewall group interface-group WAN interface 'bond0.4000'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.2.0/24'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.3.0/24'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.4.0/24'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.5.0/24'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.6.0/24'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.7.0/24'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.11.0/24'
set firewall group network-group NET-INSIDE-v4 network 'xxx.xxx.14.0/24'
set firewall ipv4 forward filter rule 10 action 'jump'
set firewall ipv4 forward filter rule 10 jump-target 'CONN_FILTER'
set firewall ipv4 forward filter rule 100 action 'jump'
set firewall ipv4 forward filter rule 100 inbound-interface group 'WAN'
set firewall ipv4 forward filter rule 100 jump-target 'OUTSIDE-IN'
set firewall ipv4 input filter default-action 'drop'
set firewall ipv4 input filter rule 10 action 'jump'
set firewall ipv4 input filter rule 10 jump-target 'CONN_FILTER'
set firewall ipv4 input filter rule 20 action 'jump'
set firewall ipv4 input filter rule 20 destination port '22'
set firewall ipv4 input filter rule 20 jump-target 'VyOS_MANAGEMENT'
set firewall ipv4 input filter rule 20 protocol 'tcp'
set firewall ipv4 input filter rule 21 action 'jump'
set firewall ipv4 input filter rule 21 destination port '1812'
set firewall ipv4 input filter rule 21 jump-target 'RADIUS'
set firewall ipv4 input filter rule 21 protocol 'udp'
set firewall ipv4 input filter rule 22 action 'jump'
set firewall ipv4 input filter rule 22 destination port '1813'
set firewall ipv4 input filter rule 22 jump-target 'RADIUS'
set firewall ipv4 input filter rule 22 protocol 'udp'
set firewall ipv4 input filter rule 30 action 'drop'
set firewall ipv4 input filter rule 30 inbound-interface group 'WAN'
set firewall ipv4 input filter rule 30 recent count '5'
set firewall ipv4 input filter rule 30 recent time 'second'
set firewall ipv4 input filter rule 30 state 'new'
set firewall ipv4 input filter rule 31 action 'accept'
set firewall ipv4 input filter rule 31 icmp type-name 'echo-request'
set firewall ipv4 input filter rule 31 protocol 'icmp'
set firewall ipv4 input filter rule 31 state 'new'
set firewall ipv4 input filter rule 50 action 'accept'
set firewall ipv4 input filter rule 50 source address 'xxx.xxx.0.0/8'
set firewall ipv4 name CONN_FILTER default-action 'return'
set firewall ipv4 name CONN_FILTER rule 10 action 'accept'
set firewall ipv4 name CONN_FILTER rule 10 state 'established'
set firewall ipv4 name CONN_FILTER rule 10 state 'related'
set firewall ipv4 name CONN_FILTER rule 20 action 'drop'
set firewall ipv4 name CONN_FILTER rule 20 state 'invalid'
set firewall ipv4 name OUTSIDE-IN default-action 'drop'
set firewall ipv4 name RADIUS default-action 'return'
set firewall ipv4 name RADIUS rule 30 action 'accept'
set firewall ipv4 name RADIUS rule 30 inbound-interface group 'RADIUS'
set firewall ipv4 name VyOS_MANAGEMENT default-action 'return'
set firewall ipv4 name VyOS_MANAGEMENT rule 15 action 'accept'
set firewall ipv4 name VyOS_MANAGEMENT rule 15 inbound-interface group 'MANAGEMENT'
set interfaces bonding bond0 member interface 'eth2'
set interfaces bonding bond0 member interface 'eth3'
set interfaces bonding bond0 mtu '9000'
set interfaces bonding bond0 vif 2 address 'xxx.xxx.2.1/24'
set interfaces bonding bond0 vif 2 description 'MANAGEMENT'
set interfaces bonding bond0 vif 3 address 'xxx.xxx.3.1/24'
set interfaces bonding bond0 vif 3 address 'xxxx:xxxx:c041:3::1/64'
set interfaces bonding bond0 vif 3 description 'LAN'
set interfaces bonding bond0 vif 4 address 'xxx.xxx.4.1/24'
set interfaces bonding bond0 vif 5 address 'xxx.xxx.5.1/24'
set interfaces bonding bond0 vif 5 description 'VM'
set interfaces bonding bond0 vif 6 address 'xxx.xxx.6.1/24'
set interfaces bonding bond0 vif 6 description 'GAMING'
set interfaces bonding bond0 vif 7 address 'xxx.xxx.7.1/24'
set interfaces bonding bond0 vif 7 address 'xxxx:xxxx:c041:7::1/64'
set interfaces bonding bond0 vif 7 description 'DMZ'
set interfaces bonding bond0 vif 8 address 'xxx.xxx.8.1/24'
set interfaces bonding bond0 vif 8 description 'DHCP'
set interfaces bonding bond0 vif 9
set interfaces bonding bond0 vif 11 address 'xxx.xxx.11.1/24'
set interfaces bonding bond0 vif 11 address 'xxxx:xxxx:c041:11::1/64'
set interfaces bonding bond0 vif 11 description 'LAN'
set interfaces bonding bond0 vif 14 address 'xxx.xxx.14.1/24'
set interfaces bonding bond0 vif 14 description 'NAS'
set interfaces bonding bond0 vif 14 mtu '9000'
set interfaces bonding bond0 vif 4000 address 'dhcp'
set interfaces bonding bond0 vif 4000 address 'dhcpv6'
set interfaces bonding bond0 vif 4000 dhcpv6-options pd 1 interface bond0.3 sla-id '3'
set interfaces bonding bond0 vif 4000 dhcpv6-options pd 1 interface bond0.7 sla-id '7'
set interfaces bonding bond0 vif 4000 dhcpv6-options pd 1 interface bond0.11 sla-id '11'
set interfaces bonding bond0 vif 4000 dhcpv6-options pd 1 length '60'
set interfaces ethernet eth0 hw-id 'xx:xx:xx:xx:xx:2b'
set interfaces ethernet eth0 offload gro
set interfaces ethernet eth0 offload gso
set interfaces ethernet eth0 offload rfs
set interfaces ethernet eth0 offload rps
set interfaces ethernet eth0 offload sg
set interfaces ethernet eth0 offload tso
set interfaces ethernet eth1 hw-id 'xx:xx:xx:xx:xx:70'
set interfaces ethernet eth2 hw-id 'xx:xx:xx:xx:xx:70'
set interfaces ethernet eth2 offload gro
set interfaces ethernet eth2 offload gso
set interfaces ethernet eth2 offload rfs
set interfaces ethernet eth2 offload rps
set interfaces ethernet eth2 offload sg
set interfaces ethernet eth2 offload tso
set interfaces ethernet eth2 ring-buffer rx '4096'
set interfaces ethernet eth2 ring-buffer tx '4096'
set interfaces ethernet eth3 hw-id 'xx:xx:xx:xx:xx:71'
set interfaces ethernet eth3 offload gro
set interfaces ethernet eth3 offload gso
set interfaces ethernet eth3 offload rfs
set interfaces ethernet eth3 offload sg
set interfaces ethernet eth3 offload tso
set interfaces ethernet eth3 ring-buffer rx '4096'
set interfaces ethernet eth3 ring-buffer tx '4096'
set interfaces loopback lo
set nat destination rule 1 description 'Port Forward Plex'
set nat destination rule 1 destination port '32400'
set nat destination rule 1 inbound-interface group 'WAN'
set nat destination rule 1 protocol 'tcp'
set nat destination rule 1 translation address 'xxx.xxx.3.253'
set nat destination rule 53 description 'Redirect Google DNS'
set nat destination rule 53 destination address 'xxx.xxx.8.8'
set nat destination rule 53 destination port '53'
set nat destination rule 53 inbound-interface group 'LAN'
set nat destination rule 53 protocol 'tcp_udp'
set nat destination rule 53 translation address 'xxx.xxx.7.14'
set nat destination rule 54 description 'Redirect Google DNS'
set nat destination rule 54 destination address 'xxx.xxx.4.4'
set nat destination rule 54 destination port '53'
set nat destination rule 54 inbound-interface group 'LAN'
set nat destination rule 54 protocol 'tcp_udp'
set nat destination rule 54 translation address 'xxx.xxx.7.15'
set nat source rule 2 outbound-interface group 'WAN'
set nat source rule 2 protocol 'all'
set nat source rule 2 source address 'xxx.xxx.2.0/24'
set nat source rule 2 translation address 'masquerade'
set nat source rule 3 outbound-interface group 'WAN'
set nat source rule 3 protocol 'all'
set nat source rule 3 source address 'xxx.xxx.3.0/24'
set nat source rule 3 translation address 'masquerade'
set nat source rule 4 outbound-interface group 'WAN'
set nat source rule 4 protocol 'all'
set nat source rule 4 source address 'xxx.xxx.4.0/24'
set nat source rule 4 translation address 'masquerade'
set nat source rule 5 outbound-interface group 'WAN'
set nat source rule 5 protocol 'all'
set nat source rule 5 source address 'xxx.xxx.5.0/24'
set nat source rule 5 translation address 'masquerade'
set nat source rule 6 outbound-interface group 'WAN'
set nat source rule 6 protocol 'all'
set nat source rule 6 source address 'xxx.xxx.6.0/24'
set nat source rule 6 translation address 'masquerade'
set nat source rule 7 outbound-interface group 'WAN'
set nat source rule 7 protocol 'all'
set nat source rule 7 source address 'xxx.xxx.7.0/24'
set nat source rule 7 translation address 'masquerade'
set nat source rule 8 outbound-interface group 'WAN'
set nat source rule 8 protocol 'all'
set nat source rule 8 source address 'xxx.xxx.8.0/24'
set nat source rule 8 translation address 'masquerade'
set nat source rule 11 outbound-interface group 'WAN'
set nat source rule 11 protocol 'all'
set nat source rule 11 source address 'xxx.xxx.11.0/24'
set nat source rule 11 translation address 'masquerade'
set nat source rule 14 outbound-interface group 'WAN'
set nat source rule 14 protocol 'all'
set nat source rule 14 source address 'xxx.xxx.14.0/24'
set nat source rule 14 translation address 'masquerade'
set protocols static route xxx.xxx.0.0/8 blackhole
set protocols static route xxx.xxx.0.0/12 blackhole
set protocols static route xxx.xxx.0.0/16 blackhole
set qos interface bond0.4000 egress 'COMCAST'
set qos policy cake COMCAST bandwidth '11400kbit'
set qos policy cake COMCAST description 'COMCAST QOS Outbound'
set qos policy cake COMCAST flow-isolation flow
set qos policy cake COMCAST flow-isolation nat
set service dhcp-relay listen-interface 'bond0.2'
set service dhcp-relay listen-interface 'bond0.3'
set service dhcp-relay listen-interface 'bond0.4'
set service dhcp-relay listen-interface 'bond0.6'
set service dhcp-relay listen-interface 'bond0.7'
set service dhcp-relay listen-interface 'bond0.11'
set service dhcp-relay server 'xxx.xxx.8.4'
set service dhcp-relay upstream-interface 'bond0.8'
set service ntp allow-client xxxxxx 'xxx.xxx.0.0/0'
set service ntp allow-client xxxxxx '::/0'
set service ntp allow-client xxxxxx 'xxx.xxx.2.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.3.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.4.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.5.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.6.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.7.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.8.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.11.0/24'
set service ntp allow-client xxxxxx 'xxx.xxx.14.0/24'
set service ntp listen-address 'xxx.xxx.7.1'
set service ntp server xxxxx.tld pool
set service ssh listen-address 'xxx.xxx.2.1'
set system config-management commit-revisions '100'
set system conntrack expect-table-size '10485760'
set system conntrack hash-size '10485760'
set system conntrack log icmp new
set system conntrack log other new
set system conntrack log tcp new
set system conntrack log udp new
set system conntrack modules ftp
set system conntrack modules h323
set system conntrack modules nfs
set system conntrack modules pptp
set system conntrack modules sip
set system conntrack modules sqlnet
set system conntrack modules tftp
set system conntrack table-size '10485760'
set system conntrack timeout icmp '10'
set system conntrack timeout other '600'
set system conntrack timeout tcp close '10'
set system conntrack timeout tcp close-wait '30'
set system conntrack timeout tcp established '600'
set system conntrack timeout tcp fin-wait '30'
set system conntrack timeout tcp last-ack '30'
set system conntrack timeout tcp syn-recv '30'
set system conntrack timeout tcp syn-sent '30'
set system conntrack timeout tcp time-wait '30'
set system conntrack timeout udp other '600'
set system conntrack timeout udp stream '600'
set system console device ttyS0 speed '115200'
set system domain-name xxxxxx
set system host-name xxxxxx
set system ip arp table-size '32768'
set system ip disable-directed-broadcast
set system ip multipath layer4-hashing
set system ipv6 multipath layer4-hashing
set system ipv6 neighbor table-size '32768'
set system login user xxxxxx authentication encrypted-password xxxxxx
set system login user xxxxxx authentication encrypted-password xxxxxx
set system name-server 'xxx.xxx.9.11'
set system name-server 'xxx.xxx.112.11'
set system name-server 'xxxx:xxxx::11'
set system name-server 'xxxx:xxxx::fe:11'
set system option performance 'throughput'
set system sysctl parameter kernel.core_uses_pid value '1'
set system sysctl parameter kernel.sysrq value '0'
set system sysctl parameter vm.swappiness value '1'
set system sysctl parameter vm.vfs_cache_pressure value '50'
set system syslog global facility all level 'all'
set system syslog global facility local7 level 'debug'
set system syslog host xxx.xxx.7.252 facility all level 'all'
set system syslog host xxx.xxx.7.252 protocol 'tcp'
set system syslog user xxxxxx facility all level 'all'
set system time-zone 'US/n user xxxxxx authentication encrypted-password xxxxxx
set system login user xxxxxx authentication encrypted-password xxxxxx
set system name-server 'xxx.xxx.9.11'
set system name-server 'xxx.xxx.112.11'
set system name-server 'xxxx:xxxx::11'
set system name-server 'xxxx:xxxx::fe:11'
set system option performance 'throughput'
set system sysctl parameter kernel.core_uses_pid value '1'
set system sysctl parameter kernel.sysrq value '0'
set system sysctl parameter vm.swappiness value '1'
set system sysctl parameter vm.vfs_cache_pressure value '50'
set system syslog global facility all level 'all'
set system syslog global facility local7 level 'debug'
set system syslog host xxx.xxx.7.252 facility all level 'all'
set system syslog host xxx.xxx.7.252 protocol 'tcp'
set system syslog user xxxxxx facility all level 'all'
set system time-zone 'US/Central'Central'
Version:          VyOS 1.4-rolling-202312150222
Release train:    sagitta

Built by:         deussomnus1@gmail.com
Built on:         Fri 15 Dec 2023 02:22 UTC
Build UUID:       f128a091-10e7-435f-bef1-9671054f259b
Build commit ID:  a59689ec005681

Architecture:     x86_64
Boot via:         installed image
System type:      bare metal

Hardware vendor:  To Be Filled By O.E.M.
Hardware model:   B450M-HDV R4.0
Hardware S/N:     To Be Filled By O.E.M.
Hardware UUID:    1059a1a8-7045-0000-0000-000000000000

Copyright:        VyOS maintainers and contributors

How should I send the pcaps to you? I have them for the WAN interface and the DHCP listening interface.

MOD Edit: I have formatted the config to be more readable - @tjh