1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
|
.\" dhcrelay.8
.\"
.\" Copyright (c) 2004-2017 by Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (c) 1997-2003 by Internet Software Consortium
.\"
.\" This Source Code Form is subject to the terms of the Mozilla Public
.\" License, v. 2.0. If a copy of the MPL was not distributed with this
.\" file, You can obtain one at http://mozilla.org/MPL/2.0/.
.\"
.\" THE SOFTWARE IS PROVIDED "AS IS" AND ISC DISCLAIMS ALL WARRANTIES
.\" WITH REGARD TO THIS SOFTWARE INCLUDING ALL IMPLIED WARRANTIES OF
.\" MERCHANTABILITY AND FITNESS. IN NO EVENT SHALL ISC BE LIABLE FOR
.\" ANY SPECIAL, DIRECT, INDIRECT, OR CONSEQUENTIAL DAMAGES OR ANY DAMAGES
.\" WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
.\" ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT
.\" OF OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
.\"
.\" Internet Systems Consortium, Inc.
.\" PO Box 360
.\" Newmarket, NH 03857 USA
.\" <info@isc.org>
.\" https://www.isc.org/
.\"
.\" This software has been written for Internet Systems Consortium
.\" by Ted Lemon in cooperation with Vixie Enterprises.
.\"
.\" Support and other services are available for ISC products - see
.\" https://www.isc.org for more information or to learn more about ISC.
.\"
.\" $Id: dhcrelay.8,v 1.20 2012/05/14 23:17:43 sar Exp $
.\"
.TH dhcrelay 8
.SH NAME
dhcrelay - Dynamic Host Configuration Protocol Relay Agent
.SH SYNOPSIS
.B dhcrelay
[
.B -4
]
[
.B -dqaD
]
[
.B -p
.I port
|
.B -rp
.I relay-port
]
[
.B -c
.I count
]
[
.B -A
.I length
]
[
.B -pf
.I pid-file
]
[
.B --no-pid
]
[
.B -m
.I append
|
.I replace
|
.I forward
|
.I discard
]
[
.B -i
.I interface0
[
.B ...
.B -i
.I interfaceN
]
]
[
.B -iu
.I interface0
[
.B ...
.B -iu
.I interfaceN
]
]
[
.B -id
.I interface0
[
.B ...
.B -id
.I interfaceN
]
]
[
.B -U
.I interface
]
.I server0
[
.I ...serverN
]
.PP
.B dhcrelay -6
[
.B -dqI
]
[
.B -p
.I port
|
.B -rp
.I relay-port
]
[
.B -c
.I count
]
[
.B -pf
.I pid-file
]
[
.B --no-pid
]
[
.B -s
.I subscriber-id
]
.B -l
.I lower0
[
.B ...
.B -l
.I lowerN
]
.B -u
.I upper0
[
.B ...
.B -u
.I upperN
]
.SH DESCRIPTION
The Internet Systems Consortium DHCP Relay Agent, dhcrelay, provides a
means for relaying DHCP and BOOTP requests from a subnet to which
no DHCP server is directly connected to one or more DHCP servers on
other subnets. It supports both DHCPv4/BOOTP and DHCPv6 protocols.
.SH OPERATION
.PP
The DHCP Relay Agent listens for DHCPv4 or DHCPv6 queries from clients or
other relay agents on one or more interfaces, passing them along to
``upstream'' servers or relay agents as specified on the command line.
When a reply is received from upstream, it is multicast or unicast back
downstream to the source of the original request.
.SH COMMAND LINE
.PP
\fIProtocol selection options:\fR
.TP
-6
Run dhcrelay as a DHCPv6 relay agent. Incompatible with the \fB-4\fR
option.
.TP
-4
Run dhcrelay as a DHCPv4/BOOTP relay agent. This is the default mode of
operation, so the argument is not necessary, but may be specified for
clarity. Incompatible with \fB-6\fR.
.PP
\fISpecifying DHCPv4/BOOTP servers\fR
.PP
In DHCPv4 mode, a list of one or more server addresses must be specified on
the command line, to which DHCP/BOOTP queries should be relayed.
.PP
\fIOptions available for both DHCPv4 and DHCPv6:\fR
.TP
-c \fIcount\fR
Maximum hop count. When forwarding packets, dhcrelay discards packets
which have reached a hop count of COUNT. Default is 10. Maximum is 255.
.TP
-d
Force dhcrelay to run as a foreground process. Useful when running
dhcrelay under a debugger, or running out of inittab on System V systems.
.TP
-p \fIport\fR
Listen and transmit on port PORT. This is mostly useful for debugging
purposes. Default is port 67 for DHCPv4/BOOTP, or port 547 for DHCPv6.
Incompatible with \fB-rp\fR.
.TP
-rp \fIrelay-port\fR
Alternative source port for upstream (i.e toward the server) messages
with DHCPv4 RAI relay-port sub-option or DHCPv6 relay-source-port
option. Relay port support is only available if the code was compiled
with (./configure --enable-relay-port) and requires LPF or BPF link
layer access.
.TP
-q
Quiet mode. Prevents dhcrelay6 from printing its network configuration
on startup.
.TP
-pf pid-file
Path to alternate pid file.
.TP
--no-pid
Option to disable writing pid files. By default the program
will write a pid file.
.PP
\fIOptions available in DHCPv4 mode only:\fR
.TP
-a
Append an agent option field to each request before forwarding it to
the server. Agent option fields in responses sent from servers to
clients will be stripped before forwarding such responses back to the
client. The agent option field will contain two agent options: the Circuit
ID suboption and the Remote ID suboption. Currently, the Circuit ID will
be the printable name of the interface on which the client request was
received. The client supports inclusion of a Remote ID suboption as well,
but this is not used by default.
.TP
-A \fIlength\fR
Specify the maximum packet size to send to a DHCPv4/BOOTP server. This
might be done to allow sufficient space for addition of relay agent
options while still fitting into the Ethernet MTU size.
.TP
-D
Drop packets from upstream servers if they contain Relay Agent
Information options that indicate they were generated in response to
a query that came via a different relay agent. If this option is not
specified, such packets will be relayed anyway.
.TP
-i \fIifname\fR
Listen for DHCPv4/BOOTP traffic on interface \fIifname\fR. Multiple
interfaces may be specified by using more than one \fB-i\fR option. If
no interfaces are specified on the command line, dhcrelay will identify
all network interfaces, eliminating non-broadcast interfaces if possible,
and attempt to listen on all of them.
.TP
-iu \fIifname\fR
Specifies an upstream network interface: an interface from which replies
from servers and other relay agents will be accepted. Multiple interfaces
may be specified by using more than one \fB-iu\fR option. This argument is
intended to be used in conjunction with one or more -i or -id arguments.
.TP
-id \fIifname\fR
Specifies a downstream network interface: an interface from which requests
from clients and other relay agents will be accepted. Multiple interfaces
may be specified by using more than one \fB-id\fR option. This argument is
intended to be used in conjunction with one or more -i or -iu arguments.
.TP
-m \fIappend\fR|\fIreplace\fR|\fIforward\fR|\fIdiscard\fR
Control the handling of incoming DHCPv4 packets which already contain
relay agent options. If such a packet does not have \fIgiaddr\fR set in
its header, the DHCP standard requires that the packet be discarded.
However, if \fIgiaddr\fR is set, the relay agent may handle the situation
in four ways: It may \fIappend\fR its own set of relay options to the
packet, leaving the supplied option field intact; it may \fIreplace\fR the
existing agent option field; it may \fIforward\fR the packet unchanged; or,
it may \fIdiscard\fR it.
.TP
-U \fIifname\fR
Enables the addition of a RFC 3527 compliant link selection suboption for
clients directly connected to the relay. This RFC allows a relay to
specify two different IP addresses: one for the server to use when
communicating with the relay (giaddr) the other for choosing the subnet
for the client (the suboption). This can be useful if the server is
unable to send packets to the relay via the address used for the subnet.
When enabled, dhcrelay will add an agent option (as per \fB-a\fR above) that
includes the link selection suboption to the forwarded packet. This will only
be done to packets received from clients that are directly connected to the
relay (i.e. giaddr is zero). The address used in the suboption will be that
of the link upon which the inbound packet was received (which would otherwise
be used for giaddr). The value of giaddr will be set to that of interface
\fIifname\fR.
Only one interface should be marked in this fashion. Currently enabling
this option on an interface causes the relay to process all DHCP traffic
similar to the \fI-i\fR option, in the future we may split the two more
completely.
This option is off by default. Note that enabling this option automatically
enables the \fB-a\fR option.
Keep in mind that using options such as \fB-m replace\fR or \fB-m discard\fR
on relays upstream from one using \fB-U\fR can pose problems. The upstream
relay will wipe out the initial agent option containing the link selection
while leaving the re-purposed giaddr value in place, causing packets to go
astray.
.PP
\fIOptions available in DHCPv6 mode only:\fR
.TP
-I
Force use of the DHCPv6 Interface-ID option. This option is
automatically sent when there are two or more downstream interfaces
in use, to disambiguate between them. The \fB-I\fR option causes
dhcrelay to send the option even if there is only one downstream
interface.
.TP
-s subscriber-id
Add an option with the specified subscriber-id into the packet. This
feature is for testing rather than production as it will put the same
subscriber-id into the packet for all clients.
.TP
-l [\fIaddress%\fR]\fIifname\fR[\fI#index\fR]
Specifies the ``lower'' network interface for DHCPv6 relay mode: the
interface on which queries will be received from clients or from other
relay agents. At least one \fB-l\fR option must be included in the command
line when running in DHCPv6 mode. The interface name \fIifname\fR is a
mandatory parameter. The link address can be specified by \fIaddress%\fR;
if it isn't, dhcrelay will use the first non-link-local address configured
on the interface. The optional \fI#index\fR parameter specifies the
interface index.
.TP
-u [\fIaddress%\fR]\fIifname\fR
Specifies the ``upper'' network interface for DHCPv6 relay mode: the
interface to which queries from clients and other relay agents should be
forwarded. At least one \fB-u\fR option must be included in the command
line when running in DHCPv6 mode. The interface name \fIifname\fR is a
mandatory parameter. The destination unicast or multicast address can be
specified by \fIaddress%\fR; if not specified, the relay agent will forward
to the DHCPv6 \fIAll_DHCP_Relay_Agents_and_Servers\fR multicast address.
.PP
It is possible to specify the same interface with different addresses
more than once, and even, when the system supports it, to use the same
interface as both upper and lower interfaces.
.SH SEE ALSO
dhclient(8), dhcpd(8), RFC3315, RFC2132, RFC2131.
.SH BUGS
.PP
Using the same interface on both upper and lower sides may cause
loops, so when running this way, the maximum hop count should be set
to a low value.
.PP
The loopback interface is not (yet) recognized as a valid interface.
.SH AUTHOR
.B dhcrelay(8)
To learn more about Internet Systems Consortium, see
.B https://www.isc.org
|