-1

I am doing DHCP relay POC. I have setup as following.

DHCP Client(VX-works) ----------- DHCP Relay----------- DHCP Server (VXworks)

In this setup, DHCP Client is sending the DICOVER packets, but relay agent was not receiving the packet. I looked into the code and I found that Berkeley Packet Filtering (BPF) is applied on the socket. DHCP Relay was simply dropping the packet and not forwarding it to the server.

In order to move further in my debugging, I removed the BPF filter and the checksum validation part from the code.

Now, DHCP Relay is forwarding the packet, but the packet is not what DHCP Server is expecting. DHCP Relay is changing the packet from broadcast to unicast correctly. The frame, the Ethernet header, the IP header, and the UDP header received at the server side are correct (I checked in Wireshark logs), but bootstrap protocol option fields are not correct.

I also captured the Wireshark logs at client side. Client is sending the DICOVER packet as expected.

If you need more information please comment.

Realy : ISC dhcrelay(4.3.1P1) Linux (3.14 kernel) based

Thanks in advance.

Edit: Below is the Hex Dump of a Single packet captured at DHCP Client side.

ff ff ff ff ff ff 00 20 61 1e 9e 14 08 00 45 00 01 1a 4f fe 40 00 20 11 09 d6 00 00 00 00 ff ff ff ff 00 44 00 43 01 06 fd 9b 01 01 06 00 00 ae af 53 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 20 61 1e 9e 14 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 63 82 53 63 35 01 01 39 02 02 4e 37 04 0f 06 03 01 ff

DHCP Discover packet (bootstrap protocol)

Webster
  • 79
  • 8
  • Why did you remove the checksum validation part from the code? Was the checksum incorrect and the packet dropped? – pchaigno Jun 04 '18 at 16:57
  • Actually BPF in ISC DHCP was dropping the packet, so for moving further in my debugging i removed the BPF filter applied on the RAW socket cretaed by relay. But then checksum failure error was restricting the packet to be forwarded to the server. So i removed the checksum part. Now i captured the packet at client side, it is broadcasting the perfect packet and BPF is dropping the packet at kernel only. So i think my broadcom chip is corrupting the packet. This is just an assumption. Please provide me your inputs. – Webster Jun 07 '18 at 09:06
  • Could you dump the packet before BPF drops it, to try and see why it is dropped by BPF? – pchaigno Jun 07 '18 at 09:24

1 Answers1

0

The BPF filter is defined in common/bpf.c. It checks that the packet is an IP/UDP packet with a single fragment (no fragmentation) and destined to port 67, and it drops it otherwise.

You mentioned your packet is an IP/UDP packet, but did you make sure its not fragmented and has the right port?

pchaigno
  • 11,313
  • 2
  • 29
  • 54
  • Thanks for the comment @pchaigno. I checked the MTU size of interface and the packet size. packet size is of range 296-590, So packet should not be fragmented. One more observation is, I am receiving packet of around 1190 at the DHCP server with wrong bootstrap protocol fields, port is right because port is the part of UDP header and DHCP server is receiving correct UDP header. – Webster Jun 04 '18 at 05:30