On Fri, Oct 13, 2006 at 12:17:41PM +0200, ropers wrote:
> This may be a red herring, but are you running pf(4) on these OpenBSD
> firewalls? If so, are you letting DHCPDISCOVER messages through? I
> made such a mistake some time ago: In my case there was a Windows DHCP
> server on one side and its clients were on the other side of an
> OpenBSD firewall/bridge. This is what got things working:
>
> from /etc/pf.conf:
> #allow DHCP traffic to/from winsrv:
> pass on $ext_if proto udp from { 0.0.0.0, <dhcpclients> } port 68 to
> $winsrv port 67
> pass on $ext_if proto udp from any port 68 to 255.255.255.255 port 67
> pass on $ext_if proto udp from $winsrv port 67 to { 255.255.255.255,
> <dhcpclients> } port 68
I found this from a previous post (I think it was yours) and added that
to my pf.conf but it did not have any effect. I also tried just
disabling pf(4) entirely. That did not have any effect at all. What
makes this even more frustrating is that for one of my VLANs, dhcpd is
working pretty well on my OpenBSD server. For another VLAN, I can only
get a FreeBSD-based dhcpd to work. The whole goal was to phase that
server out but it is not working reliably on the first VLAN.
I am about to pull my hair out. This just does not make sense. In
searching the archives for anything that could be related I found a post
that stated that running the vlan(4) with the correct netmask and the
carp(4) interface with /32 caused dhcp to work fine for them. I have
done that and it has had no effect. Thanks for the response.
Bryan
