DHCP Relay NICs:
NIC 1: connection to DHCP server (assigned by 172.20.0.1):
enp1s0 Link encap:Ethernet HWaddr 00:e0:4c:68:39:0d
inet addr:172.20.0.103 Bcast:172.20.0.255 Mask:255.255.255.0
inet6 addr: fe80::2e0:4cff:fe68:390d/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:541 errors:0 dropped:0 overruns:0 frame:0
TX packets:359 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:55554 (55.5 KB) TX bytes:73663 (73.6 KB)
NIC 2: DHCP relay NIC
wlp3s0 Link encap:Ethernet HWaddr f8:16:54:8b:8b:f7
inet addr:172.20.0.210 Bcast:172.20.0.255 Mask:255.255.255.0
inet6 addr: fe80::fa16:54ff:fe8b:8bf7/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:114 errors:0 dropped:0 overruns:0 frame:0
TX packets:123 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:21968 (21.9 KB) TX bytes:25195 (25.1 KB)
When a client connects to wlp3s0 and attempts to get an IP address, this is what the relay logs:
Apr 01 11:41:11 linroute sh[1318]: Forwarded BOOTREQUEST for d0:04:01:30:96:8d to 172.20.0.1
Apr 01 11:41:11 linroute sh[1318]: Forwarded BOOTREQUEST for d0:04:01:30:96:8d to 172.20.0.1
The DHCP server (172.20.0.1) logs this at the same time:
Apr 01 11:41:11 linux-router dhcpd[1296]: DHCPDISCOVER from d0:04:01:30:96:8d via 172.20.0.210
Apr 01 11:41:11 linux-router dhcpd[1296]: DHCPOFFER on 172.20.0.106 to d0:04:01:30:96:8d via 172.20.0.210
Apr 01 11:41:11 linux-router dhcpd[1296]: DHCPDISCOVER from d0:04:01:30:96:8d via 172.20.0.210
Apr 01 11:41:11 linux-router dhcpd[1296]: DHCPOFFER on 172.20.0.106 to d0:04:01:30:96:8d via 172.20.0.210
This tells me that the DHCP server is working (which it is: everything directly connected to it works well). But the DHCP relay doesn't seem to be relaying the response back to the client seeking the address. They never get assigned IP addresses even though it appears that the DHCP server is happily serving them.
Relay config:
SERVERS="172.20.0.1"
INTERFACES="wlp3s0"
The Relay server has no iptables NAT setup. Everything is allowed (INPUT & FORWARD)
Best Answer
INTERFACES in the relay's configuration needs to include the 'source' adapter as well:
INTERFACES="enp1s0 wlp3s0"
Even though only IP addresses should be assigned to clients on the wlp3s0 interface, evidently this isn't enough.