4

I have a Windows Server 2016 (Datacenter Core) running DHCP server role which is not responding to DHCP requests which come from a DHCP relay but is responding to DHCP requests on the local network.

The server running the DHCP role has an ip address of 172.31.2.100/16.

The DHCP relay is a pfSense router with two adapters and addresses 172.31.255.254/16 and 172.30.255.254/16 and is configured to relay DHCP requests from the 172.30.x.x subnet to 172.31.2.100.

Running netsh on the server shows the DHCP requests arriving with the relay agent field correctly populated (172.30.255.254) but the DHCP event log doesn't show any activity.

The DHCP server is fine handing out leases on the local network.

Manually setting an IP for a host in the 172.30.x.x range works and when that's done it can ping the DHCP server and the DHCP server can ping it so the router is doing its job fine.

DHCP Server configuration: DHCP Server configuration

DHCP Scope options: enter image description here

Packet capture (from DHCP server): Packet capture (from DHCP server)

DHCP Server event log: DHCP Server event log

The DHCP Relay configuration: DHCP Relay configuration

Am I doing something obviously dumb?

digitalPhonix
  • 83
  • 1
  • 2
  • 6
  • Please post a screen shot of the Relay settings. – Davidw Sep 12 '17 at 19:45
  • Added! Does something look off in the forwarded DHCPDISCOVER? – digitalPhonix Sep 13 '17 at 01:49
  • I'm not familiar with reading Microsoft Message Analyzer captures, what's in the GIADDR field in the DHCPDISCOVER? That'll be used by the DHCP server to select the appropriate Scope from which to offer an ip address. If it's wrong it may be that you have the DHCP relay agent bound to the wrong interface on the pfSense. – joeqwerty Sep 13 '17 at 02:45
  • The log shows pool exhausted. – Davidw Sep 13 '17 at 02:46
  • @Davidw: I'm not seeing that. I see Event ID's 24, 25, and 11. Lines/Messages 1 through 30 are descriptive/informational. The actual log entries start at Line/Message 31. – joeqwerty Sep 13 '17 at 02:58
  • Message 10, Event ID 14: A lease request could not be satisfied because the scope's address pool was exhausted. – Davidw Sep 13 '17 at 03:00
  • No, that's a description of that Event ID, that's not an event that occurred. Messages 1 through 28 describe what each Event ID correlates to. Messages 29 and 30 are also descriptive. Lines 1 through 30 describe the DHCP log events/entries. The actual DHCP events that got logged begin with line 31. Everything below line 31 are the actual DHCP events. – joeqwerty Sep 13 '17 at 03:05
  • Also the packet capture shows the DHCP server receive the DHCPDISCOVER message at 1:32 but there is no corresponding log entry even though it definitely spans that period – digitalPhonix Sep 13 '17 at 05:03
  • @joeqwerty the GIADDR field is set to 172.30.255.254 which should be in the 172.30.0.0/16 scope that's configured. (The RelayAgent field in the message viewer corresponds to what Wireshark labels as GIADDR) – digitalPhonix Sep 13 '17 at 21:59
  • Ah. I'm not familiar with the Microsoft Message Analyzer interface. I mostly use Microsoft Network Monitor (deprecated) when I need to do a trace. I'm stumped. I don't see anything that sticks out. How about the Event Logs? Anything there? Also, run the DHCP BPA and see if it flags anything. – joeqwerty Sep 14 '17 at 00:02
  • How about a screen shot of the scope options? – Davidw Sep 14 '17 at 04:59
  • You mention two interfaces in your description but your relay configuration screen shot shows a third one for the subnet that is not receiving the DHCP addresses? Is that just a typo? – Davidw Sep 14 '17 at 06:41
  • Sorry, the router running the relay has three physical interfaces: WAN (disconnected), LAN (172.31.255.254/16) and MANAGEMENT (172.30.255.254/16). On the DHCP server the scope "Temporary DHCP Scope" maps to the router's LAN interface range and the "Management DHCP Scope" maps to the router's MANAGEMENT interface. – digitalPhonix Sep 14 '17 at 19:51

0 Answers0