charon.plugins.dhcp.server = 255.255.255.255
DHCP server unicast or broadcast IP address.
+charon.plugins.dhcp.use_server_port = no
+ Use the DHCP server port (67) as source port when a unicast server address
+ is configured.
+
+ Use the DHCP server port (67) as source port, instead of the DHCP client
+ port (68), when a unicast server address is configured and the plugin acts
+ as relay agent. When replying in this mode the DHCP server will always send
+ packets to the DHCP server port and if no process binds that port an ICMP
+ port unreachables will be sent back, which might be problematic for some
+ DHCP servers. To avoid that, enabling this option will cause the plugin to
+ bind the DHCP server port to send its requests when acting as relay agent.
+ This is not necessary if a DHCP server is already running on the same host
+ and might even cause conflicts (and since the server port is already bound,
+ ICMPs should not be an issue).
+
charon.plugins.dhcp.interface
Interface name the plugin uses for address allocation.
destroy(this);
return NULL;
}
- if (!is_broadcast(this->dst))
+ if (!is_broadcast(this->dst) &&
+ lib->settings->get_bool(lib->settings,
+ "%s.plugins.dhcp.use_server_port", FALSE,
+ lib->ns))
{
/* when setting giaddr (which we do when we don't broadcast), the server
* should respond to the server port on that IP, according to RFC 2131,
* kernel will respond with an ICMP port unreachable if there is no
* socket bound to that port, which might be problematic with certain
* DHCP servers. instead of opening an additional socket, that we don't
- * actually use, we can also just send our requests from port 67 */
+ * actually use, we can also just send our requests from port 67.
+ * we don't do this by default, as it might cause conflicts with DHCP
+ * servers running on the same host */
src.sin_port = htons(DHCP_SERVER_PORT);
}
if (bind(this->send, (struct sockaddr*)&src, sizeof(src)) == -1)
projects / thirdparty / strongswan.git / commitdiff
