DHCP relay via tunnel GRE interface does not work

Hello there,

I’m running a VM with ‘VyOS 1.2.6-S1’ and have problems by relaying DHCP via a gre tunnel (l3).

My VM in short:
eth0: ‘uplink’
eth1: routed interface with DHCP clients
tun0: GRE tunnel via which I want to relay DHCP packets towards a proper DHCP server
"set service dhcp-relay server ‘1.2.3.4’ " is configured an DHCP is reachable via tun0
No filters applied for eth1/tun0.

I tested 2 scenarios and checked in/out packets with tcpdump.

Test case1: two dhcp-relay interfaces

set service dhcp-relay interface ‘eth1’
set service dhcp-relay interface ‘tun0’

  • DHCP discovers are received at eth1
  • no DHCP packets are leaving tun0

Test case2: only one dhcp-relay interface

set service dhcp-relay interface ‘eth1’

  • DHCP discovers are received at eth1
  • DHCP packets are relayed via tun0 with source IP of tun0 and destination IP 1.2.3.4
  • DHCP answers are received at tun0 with source IP 1.2.4.5 and destination IP of eth1
  • no DHCP packets are set to client at eth1

Using a GRE bridge (l2) is not an option in my setup.

What am I doing wrong?

Could this be a bug or a missing feature :slight_smile: ?

Thanks in advance!
Cheers,
Bjoern

Hello @BjoernR,

DHCP-Relay or Server shouldn’t work with tunnel encapsulation GRE, but it should work with GRE-Bridge
https://docs.vyos.io/en/latest/configexamples/dhcp-relay-through-gre-bridge.html

Maybe ISC maillist will be helpful dhcp-relay over tun interface - solution?

Hello @Dmitry,

Thank you very much for your quick reply.

What a pitty that a hardware address seems to be needed even for tun0, as test case2 worked 3/4 of the way.
Vyos just discarded the received packet from DHCP server through tun0 which is addressed to destination IP of eth1 which has a proper hardware address.

I’ll guess I have to think of another solution then.

Thanks again!
Cheers,
Bjoern

We faced the same issue. We use GRE tunnels with NHRP and IPSec (for DMVPN). DHCP relaying simply can’t be done with ISC DHCP server in that case.

The alternative we are currently using is the dhcp-helper package which we manually copy to the Vyos router. It does the job perfectly.

See the feature request to add this packjage that I submitted: https://phabricator.vyos.net/T3340