Linux DHCP Server Migration

dhcp-serverlinux

Background

I'm moving 2 existing Linux DHCP servers to a new network. The servers currently configured as follows:

shared-network network {

        #new network
        subnet 192.168.100.0 netmask 255.255.255.0 {
            option subnet-mask 255.255.255.0;
            option routers 192.168.100.1;
            deny unknown-clients;
            }

        # 1 Subnet
        subnet 192.168.1.0 netmask 255.255.255.0 {
                option subnet-mask 255.255.255.0;
                option routers 192.168.1.1;
                deny unknown-clients;
                }

        # 2/3 Subnet
        subnet 192.168.2.0 netmask 255.255.254.0 {
                option subnet-mask 255.255.254.0;
                option routers 192.168.2.1;
                }

        # 4 Subnet
        subnet 192.168.4.0 netmask 255.255.255.0 {
                option subnet-mask 255.255.255.0;
                option routers 192.168.4.1;
                deny client-updates;
                deny unknown-clients;
                }

        # 5 Subnet
        subnet 192.168.5.0 netmask 255.255.255.0 {
                option subnet-mask 255.255.255.0;
                option routers 192.168.5.1;
                option domain-name "domain.com";
                option domain-name-servers x.x.x.x, x.x.x.x, x.x.x.x, x.x.x.x;
                deny client-updates;
                deny unknown-clients;
                }


        # 6 Subnet
        subnet 192.168.6.0 netmask 255.255.255.0 {
                option subnet-mask 255.255.255.0;
                option routers 192.168.5.1;
                pool {
                        deny unknown-clients;
                        deny dynamic bootp clients;
                        failover peer "dhcp";
                        range 192.168.6.100 192.168.6.149;
                        }
                }
}

Issue

I stopped DHCP on the existing DHCP servers and started on the new DHCP servers. All the networks worked with the exception of subnet 4. The MACs (apples) on this network could not obtain an IP.

This is from the logs:

dhcpd: DHCPDISCOVER from d5:9d:11:0h:s3:5u via 192.168.4.1  

- This message is sent by a client that is connected to a local subnet. 

dhcpd: DHCPOFFER on 192.168.5.126 to d5:9d:11:0h:s3:5u via 192.168.4.1 

sent by a server. 

dhcpd: DHCPREQUEST for 192.168.5.126 (192.168.100.10) from d5:9d:11:0h:s3:5u via 192.168.5.1

- This DHCP message is sent in response to DHCPOFFER indicating that the client has accepted the network configuration

dhcpd: DHCPACK on 192.168.5.126 to d5:9d:11:0h:s3:5u via 192.168.5.1

- This message signals the end of the process.  Signals end of conversation.

This process appears to loop with the client never getting an IP address. Looking at the logs 2nd half of the conversation appears to happen via different gateways. Possibly asymmetric routing?

NOTE: BOOTP/ip helper-address is configured at the network level to forward DHCP traffic cross network. These networks are on the same vlan.

interface Vlan342
vrf forwarding central-duss
ip address 192.168.6.1 255.255.255.0 secondary 
ip address 192.168.5.1 255.255.255.0 secondary 
ip address 192.168.4.1 255.255.255.0 secondary 
ip address 192.168.1.1 255.255.254.0 
ip helper-address 192.168.1.9 (current)
ip helper-address 192.168.1.10 (current)
ip helper-address 192.168.100.10  (new)
ip helper-address 192.168.100.11 (new)
no ip redirects 
end

Best Answer

It was due to access rules on the firewall. I couldn't get full details from the network team.

Related Topic