From owner-freebsd-questions@FreeBSD.ORG Sun Jun 24 14:25:15 2007 Return-Path: X-Original-To: freebsd-questions@freebsd.org Delivered-To: freebsd-questions@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 9953D16A46C for ; Sun, 24 Jun 2007 14:25:15 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: from mail6.sea5.speakeasy.net (mail6.sea5.speakeasy.net [69.17.117.8]) by mx1.freebsd.org (Postfix) with ESMTP id 7266A13C43E for ; Sun, 24 Jun 2007 14:25:15 +0000 (UTC) (envelope-from freebsd-questions-local@be-well.ilk.org) Received: (qmail 2723 invoked from network); 24 Jun 2007 14:25:14 -0000 Received: from dsl092-078-145.bos1.dsl.speakeasy.net (HELO be-well.ilk.org) ([66.92.78.145]) (envelope-sender ) by mail6.sea5.speakeasy.net (qmail-ldap-1.03) with SMTP for ; 24 Jun 2007 14:25:14 -0000 Received: from Lowell-Desk.lan (Lowell-Desk.lan [172.30.250.6]) by be-well.ilk.org (Postfix) with ESMTP id 17CA22843A; Sun, 24 Jun 2007 10:25:09 -0400 (EDT) Received: by Lowell-Desk.lan (Postfix, from userid 1147) id C9B2C1CC45; Sun, 24 Jun 2007 10:25:08 -0400 (EDT) To: tradigan@newrevolutions.net References: <53014.208.40.168.12.1182527936.squirrel@www.newrevolutions.net> From: Lowell Gilbert Date: Sun, 24 Jun 2007 10:25:08 -0400 In-Reply-To: <53014.208.40.168.12.1182527936.squirrel@www.newrevolutions.net> (tradigan@newrevolutions.net's message of "Fri\, 22 Jun 2007 11\:58\:56 -0400 \(EDT\)") Message-ID: <44k5tth1kr.fsf@Lowell-Desk.lan> User-Agent: Gnus/5.11 (Gnus v5.11) Emacs/22.0.99 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: freebsd-questions@freebsd.org Subject: Re: dhcrelay X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: freebsd-questions@freebsd.org List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jun 2007 14:25:15 -0000 tradigan@newrevolutions.net writes: > Not sure if this is the right place for this, but I have a set of FreeBSD > 6.2 firewalls. They each have 3 interfaces in them. One interface > connects to the 10.94/16 network, the other connects the 192.168.4/24, > 192.168.5/24 and 192.168.8/24 networks. > > Here is a breakdown of the interfaces: > > BSD 1 > bge0 10.94.2.222/16 > xl0 "up" > xl1 "up" > vlan2 192.168.4.2/24 > vlan3 192.168.5.2/24 > vlan4 192.168.8.2/24 > carp1 10.94.2.221/16 > carp2 192.168.4.1/24 > carp3 192.168.5.1/24 > carp4 192.168.8.1/24 > > BSD 2 > bge0 10.94.2.223/16 > xl0 "up" > xl1 "up" > vlan2 192.168.4.3/24 > vlan3 192.168.5.3/24 > vlan4 192.168.8.3/24 > carp1 10.94.2.221/16 > carp2 192.168.4.1/24 > carp3 192.168.5.1/24 > carp4 192.168.8.1/24 > > BSD 1 is the current CARP master for all interfaces. For dhcrelay in > rc.conf I have: > dhcrelay_enable="YES" > dhcrelay_servers="10.94.2.204" # IP to MS Server 2003 DHCP server > dhcrelay_ifaces="bge0 vlan2 vlan3 vlan4" > dhcrelay_flags="-a" > > In MS Server 2003 there is a superscope defined with scopes for each > network (10.94/16, 192.168.4., 192.168.5., and 192.168.8.) > > The problem is, it doesn't seem like the BSD box is forwarding the DHCP > requests to the DHCP server. It will NOT get an address. If I manually > assign an IP address, the client talks fine to the other networks. > > There are no firewall/nat rules loaded at all.. PF is running but without > a rule set it defaults to allow all.. any ideas? Run the relay agent in verbose mode and find out what it thinks is happening.