.\" dhcrelay.8
.\"
-.\" Copyright (c) 2009-2013 by Internet Systems Consortium, Inc. ("ISC")
+.\" Copyright (c) 2009-2013,2016 by Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (c) 2004,2007 by Internet Systems Consortium, Inc. ("ISC")
.\" Copyright (c) 1997-2003 by Internet Software Consortium
.\"
.B -i
.I interfaceN
]
+.B -l
+.I interface
]
.I server0
[
packet, leaving the supplied option field intact; it may \fIreplace\fR the
existing agent option field; it may \fIforward\fR the packet unchanged; or,
it may \fIdiscard\fR it.
+.TP
+-u \fIifname\fR
+Enables the addition of a RFC 3527 compliant link selection suboption for
+clients directly connected to the relay. This RFC allows a relay to
+specify two different IP addresses: one for the server to use when
+communicating with the relay (giaddr) the other for choosing the subnet
+for the client (the suboption). This can be useful if the server is
+unable to send packets to the relay via the address used for the subnet.
+
+When enabled, dhcrelay will add an agent option (as per \fB-a\fR above) that
+includes the link selection suboption to the forwarded packet. This will only
+be done to packets received from clients that are directly connected to the
+relay (i.e. giaddr is zero). The address used in the suboption will be that
+of the link upon which the inbound packet was received (which would otherwise
+be used for giaddr). The value of giaddr will be set to that of interface
+\fIifname\fR.
+
+Only one interface should be marked in this fashion. Currently enabling
+this option on an interface causes the relay to process all DHCP traffic
+similar to the \fI-i\fR option, in the future we may split the two more
+completely.
+
+This option is off by default. Note that enabling this option automatically
+enables the \fB-a\fR option.
+
+Keep in mind that using options such as \fB-m replace\fR or \fB-m discard\fR
+on relays upstream from one using \fB-u\fR can pose problems. The upstream
+relay will wipe out the initial agent option containing the link selection
+while leaving the re-purposed giaddr value in place, causing packets to go
+astray.
-To use this option you must also enable the \fB-a\fR option.
.PP
\fIOptions available in DHCPv6 mode only:\fR
.TP
int client_packet_errors = 0; /* Errors sending packets to clients. */
int add_agent_options = 0; /* If nonzero, add relay agent options. */
+int add_rfc3527_suboption = 0; /* If nonzero, add RFC3527 link selection sub-option. */
int agent_option_errors = 0; /* Number of packets forwarded without
agent options because there was no room. */
struct sockaddr_in to;
} *servers;
+struct interface_info *uplink;
+
#ifdef DHCPv6
struct stream_list {
struct stream_list *next;
" [-pf <pid-file>] [--no-pid]\n"\
" [-m append|replace|forward|discard]\n" \
" [-i interface0 [ ... -i interfaceN]\n" \
+" [-u interface]\n" \
" server0 [ ... serverN]\n\n" \
" %s -6 [-d] [-q] [-I] [-c <hops>] [-p <port>]\n" \
" [-pf <pid-file>] [--no-pid]\n" \
" [-pf <pid-file>] [--no-pid]\n" \
" [-m append|replace|forward|discard]\n" \
" [-i interface0 [ ... -i interfaceN]\n" \
+" [-u interface]\n" \
" server0 [ ... serverN]\n\n"
#endif
agent_relay_mode = discard;
} else
usage("Unknown argument to -m: %s", argv[i]);
+ } else if (!strcmp(argv [i], "-u")) {
+ if (++i == argc)
+ usage(use_noarg, argv[i-1]);
+
+ /* Allocate the uplink interface */
+ status = interface_allocate(&uplink, MDL);
+ if (status != ISC_R_SUCCESS) {
+ log_fatal("%s: uplink interface_allocate: %s",
+ argv[i], isc_result_totext(status));
+ }
+
+ strcpy(uplink->name, argv[i]);
+ interface_snorf(uplink, INTERFACE_REQUESTED);
+
+ /* Turn on -a, in case they don't do so explicitly */
+ add_agent_options = 1;
+ add_rfc3527_suboption = 1;
} else if (!strcmp(argv[i], "-D")) {
#ifdef DHCPv6
if (local_family_set && (local_family == AF_INET6)) {
return;
/* Add relay agent options if indicated. If something goes wrong,
- drop the packet. */
+ * drop the packet. Note this may set packet->giaddr if RFC3527
+ * is enabled. */
if (!(length = add_relay_agent_options(ip, packet, length,
ip->addresses[0])))
return;
int is_dhcp = 0, mms;
unsigned optlen;
u_int8_t *op, *nextop, *sp, *max, *end_pad = NULL;
+ int adding_link_select;
/* If we're not adding agent options to packets, we can skip
this. */
max = ((u_int8_t *)packet) + dhcp_max_agent_option_packet_length;
+ /* Add link selection suboption if enabled and we're the first relay */
+ adding_link_select = (add_rfc3527_suboption
+ && (packet->giaddr.s_addr == 0));
+
/* Commence processing after the cookie. */
sp = op = &packet->options[4];
optlen += ip->remote_id_len + 2; /* RAI_REMOTE_ID + len */
}
+ if (adding_link_select) {
+ optlen += 6;
+ }
+
/* We do not support relay option fragmenting(multiple options to
* support an option data exceeding 255 bytes).
*/
memcpy(sp, ip->remote_id, ip->remote_id_len);
sp += ip->remote_id_len;
}
+
+ /* RFC3527: Use the inbound packet's interface address in
+ * the link selection suboption and set the outbound giaddr
+ * to the uplink address. */
+ if (adding_link_select) {
+ *sp++ = RAI_LINK_SELECT;
+ *sp++ = 4u;
+ memcpy(sp, &giaddr.s_addr, 4);
+ sp += 4;
+ packet->giaddr = uplink->addresses[0];
+ log_debug ("Adding link selection suboption"
+ " with addr: %s", inet_ntoa(giaddr));
+ }
} else {
++agent_option_errors;
log_error("No room in packet (used %d of %d) "
projects / thirdparty / dhcp.git / commitdiff
