DHCP RELAY over L2TPv3: Difference between revisions

From Teltonika Networks Wiki
mNo edit summary
No edit summary
Line 19: Line 19:
Enter the router's WebUI, go to '''Network > Interfaces > Ethernet LAN''' and click the '''<nowiki/>'Edit'''' button on the right side of the interface to set the LAN network address.
Enter the router's WebUI, go to '''Network > Interfaces > Ethernet LAN''' and click the '''<nowiki/>'Edit'''' button on the right side of the interface to set the LAN network address.


[[File:Server new 01 fixed.png|frameless]]
[[File:Server new 01 fixed.png|border|class=tlt-border|750x750px]]


Under '''DHCP SERVER''' set parameters for the DHCP pool.
Under '''DHCP SERVER''' set parameters for the DHCP pool.
[[File:Server new 02.png|alt=|center|464x464px|border|class=tlt-border]]
[[File:Server new 02.png|alt=|center|464x464px|border|class=tlt-border]]


=== Set up Mobile WAN as Main WAN ===
===Set up Mobile WAN as Main WAN ===
Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''.
Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''.
[[File:Server new 03.png|alt=Mobile WAN as Main WAN|center|thumb|504x504px|Mobile WAN as Main WAN]]
[[File:Server new 03.png|alt=Mobile WAN as Main WAN|center|thumb|504x504px|Mobile WAN as Main WAN]]


=== Create L2TPv3 instance ===
===Create L2TPv3 instance ===
Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance.
Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance.


Line 64: Line 64:
[[File:Server new 04 02.png|alt=L2TPv3 Server Settings|center|thumb|480x480px|L2TPv3 Server Settings]]Specify the Local address of your mobile WAN. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.
[[File:Server new 04 02.png|alt=L2TPv3 Server Settings|center|thumb|480x480px|L2TPv3 Server Settings]]Specify the Local address of your mobile WAN. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.


== DHCP Client Settings (Relay) ==
==DHCP Client Settings (Relay)==


=== DHCP Relay ===
===DHCP Relay ===
Enter the router's WebUI, go to '''Network > Interface > LAN > DHCP Server''' and change the "'''Enable DHCP'''" field value from Enable to Relay and type in the DHCP Server the IP address of the server. Click Save & Apply.
Enter the router's WebUI, go to '''Network > Interface > LAN > DHCP Server''' and change the "'''Enable DHCP'''" field value from Enable to Relay and type in the DHCP Server the IP address of the server. Click Save & Apply.
[[File:Client 01.png|alt=Enable DHCP Relay|center|thumb|517x517px|Enable DHCP Relay]]
[[File:Client 01.png|alt=Enable DHCP Relay|center|thumb|517x517px|Enable DHCP Relay]]
'''Note:''' The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.
'''Note:''' The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.


=== Set up Mobile WAN as Main WAN ===
===Set up Mobile WAN as Main WAN ===
Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''.
Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''.
[[File:Client 02.png|alt=Mobile WAN as Main WAN|center|thumb|545x545px|Mobile WAN as Main WAN]]
[[File:Client 02.png|alt=Mobile WAN as Main WAN|center|thumb|545x545px|Mobile WAN as Main WAN]]


=== Modify Enable-DHCP-renew firewall rule ===
===Modify Enable-DHCP-renew firewall rule ===
Enter in the router’s WebUI, go to '''Network > Firewall > Traffic rules''' to additionally allow destination port 67.
Enter in the router’s WebUI, go to '''Network > Firewall > Traffic rules''' to additionally allow destination port 67.
[[File:Client 03.png|alt=DHCP renew firewall rule|center|thumb|555x555px|DHCP renew firewall rule]]
[[File:Client 03.png|alt=DHCP renew firewall rule|center|thumb|555x555px|DHCP renew firewall rule]]


=== Create L2TPv3 instance ===
===Create L2TPv3 instance ===
Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance.
Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance.


Line 115: Line 115:




== Testing DHCP over L2TPv3 ==
==Testing DHCP over L2TPv3==
To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI  and run '''cat /tmp/dhcp.leases''' to list all DHCP clients.
To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI  and run '''cat /tmp/dhcp.leases''' to list all DHCP clients.
[[File:Test 01.png|alt=DHCP clients|center|thumb|508x508px|DHCP clients]]
[[File:Test 01.png|alt=DHCP clients|center|thumb|508x508px|DHCP clients]]
Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network.
Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network.
[[File:Test 02.png|alt=DHCP Clients|center|thumb|513x513px|DHCP Clients]]
[[File:Test 02.png|alt=DHCP Clients|center|thumb|513x513px|DHCP Clients]]

Revision as of 18:32, 25 March 2022

Main Page > General Information > Configuration Examples > Use cases > DHCP RELAY over L2TPv3

Introduction

A DHCP relay agent allows the DHCP clients to obtain IP addresses from a DHCP server that is not configured on the same LAN.

This article provides a configuration example with details on how to set-up a DHCP relay over a L2TPv3 VPN.

Prerequisites

You will need:

  • Two RUT or RUTX devices (one as Server and other as Client)
  • A PC acting as a Host for testing
  • Both routers must have a Public Static or Public Dynamic IP addresses

Configuration Scheme

I will paste a Topology Image here

DHCP Server Settings

DHCP Pool

Enter the router's WebUI, go to Network > Interfaces > Ethernet LAN and click the 'Edit' button on the right side of the interface to set the LAN network address.

Under DHCP SERVER set parameters for the DHCP pool.

Set up Mobile WAN as Main WAN

Enter to the router’s WebUI, go to Network > Interfaces press mouse click on the Mobile Wan interface, then drag it to the 1st position and then press Save & Apply.

Mobile WAN as Main WAN
Mobile WAN as Main WAN

Create L2TPv3 instance

Go to router’s WebUI, under Service > VPN > L2TP > L2TPv3 and create new L2TPV3 instance.

LOCAL SETTING

Local address: 84.15.155.201

Tunnel ID: 100

Session ID: 100

Cookie: 12ABCDEF

PEER SETTING

Peer address: 84.15.249.182

Peer Tunnel ID: 10

Peer Session ID: 10

Peer Cookie: 12ABCDEF

INSTANCE SETTING

Bridge to: LAN

MTU: 1500

Encapsulation: IP

Layer 2 specific header type: Linux Default

L2TPv3 Server settings
L2TPv3 Server settings
L2TPv3 Server Settings
L2TPv3 Server Settings

Specify the Local address of your mobile WAN. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.

DHCP Client Settings (Relay)

DHCP Relay

Enter the router's WebUI, go to Network > Interface > LAN > DHCP Server and change the "Enable DHCP" field value from Enable to Relay and type in the DHCP Server the IP address of the server. Click Save & Apply.

Enable DHCP Relay
Enable DHCP Relay

Note: The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.

Set up Mobile WAN as Main WAN

Enter to the router’s WebUI, go to Network > Interfaces press mouse click on the Mobile Wan interface, then drag it to the 1st position and then press Save & Apply.

Mobile WAN as Main WAN
Mobile WAN as Main WAN

Modify Enable-DHCP-renew firewall rule

Enter in the router’s WebUI, go to Network > Firewall > Traffic rules to additionally allow destination port 67.

DHCP renew firewall rule
DHCP renew firewall rule

Create L2TPv3 instance

Go to router’s WebUI, under Service > VPN > L2TP > L2TPv3 and create new L2TPV3 instance.

LOCAL SETTING

Local address: 84.15.249.182

Tunnel ID: 10

Session ID: 10

Cookie: 12ABCDEF

PEER SETTING

Peer address: 84.15.155.201

Peer Tunnel ID: 100

Peer Session ID: 100

Peer Cookie: 12ABCDEF

INSTANCE SETTING

Bridge to: LAN

MTU: 1500

Encapsulation: IP

Layer 2 specific header type: Linux Default

L2TPv3 Client instance
L2TPv3 Client Settings
L2TPv3 Client Settings
L2TPv3 Client Settings


Testing DHCP over L2TPv3

To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI and run cat /tmp/dhcp.leases to list all DHCP clients.

DHCP clients
DHCP clients

Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network.

DHCP Clients
DHCP Clients