Stephen Hoekstra Posted November 14, 2014 Share Posted November 14, 2014 Hello, We are using NetScalers in multiple data centres and would like to make our DHCP service highly available by chaining DHCP relay requests. The primary reason for this it to we to point remote sites to a centralised HA DHCP solution. In our lab we have: DHCP Client --> [172.16.10.0/25] DHCP helper on firewall --> Netscaler --> [172.16.10.150/25] DHCP Server We have tested this and can't get it working but thought to post here before moving to an alternate solution. To make sure the DHCPRA service and DHCP server work nicely together, we configured an interface on the NetScaler in the client and server subnets (bypassing the firewall) and configured the vServer as per the DHCPRA documentation; everything worked as expected. We then made sure the firewall configuration was correct by configuring the helper address as the DHCP Server, skipping the NetScaler, and again working as expected. Then to make the two work together, we configured the helper address as the NetScaler. As we weren't sure what to configure it as due to the vServer IP being *, we first tried using the SNIP, then configured a second vServer with an IP with the same service behind it but also no joy. It looks like the NetScaler does not know what to do with the forwarded DHCP packet (this is using a second vServer with 172.16.10.252 as the VIP/helper address, same result as when sending to the SNIP): 19:19:03.195229 IP 172.16.10.1.bootps > 172.16.10.252.bootps: BOOTP/DHCP, Request from 00:50:56:b0:3b:8f (oui Unknown), length: 300 19:19:08.185068 IP 172.16.10.1.bootps > 172.16.10.252.bootps: BOOTP/DHCP, Request from 00:50:56:b0:3b:8f (oui Unknown), length: 300 19:19:12.993842 IP 172.16.10.1.bootps > 172.16.10.252.bootps: BOOTP/DHCP, Request from 00:50:56:b0:3b:8f (oui Unknown), length: 300 19:19:21.799618 IP 172.16.10.1.bootps > 172.16.10.252.bootps: BOOTP/DHCP, Request from 00:50:56:b0:3b:8f (oui Unknown), length: 300 This should be possible according to the RFC, so I'm hoping this a configuration problem on my part and not a limitation of the NetScaler. Any input or suggestions would be appreciated. We would rather use NetScalers for this if possible rather than configuring two helper addresses on the local firewalls. TIA Stephen Link to comment Share on other sites More sharing options...
Stephen Hoekstra Posted November 14, 2014 Author Share Posted November 14, 2014 I forgot to add, we are using NS10.1 Build 123.9. Link to comment Share on other sites More sharing options...
Eric Silva1709156568 Posted December 20, 2019 Share Posted December 20, 2019 Same issue. Link to comment Share on other sites More sharing options...
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now