DHCP RELAY over L2TPv3: Difference between revisions
mNo edit summary |
No edit summary |
||
Line 19: | Line 19: | ||
Enter the router's WebUI, go to '''Network > Interfaces > Ethernet LAN''' and click the '''<nowiki/>'Edit'''' button on the right side of the interface to set the LAN network address. | Enter the router's WebUI, go to '''Network > Interfaces > Ethernet LAN''' and click the '''<nowiki/>'Edit'''' button on the right side of the interface to set the LAN network address. | ||
[[File:Server new 01 fixed.png| | [[File:Server new 01 fixed.png|border|class=tlt-border|750x750px]] | ||
Under '''DHCP SERVER''' set parameters for the DHCP pool. | Under '''DHCP SERVER''' set parameters for the DHCP pool. | ||
[[File:Server new 02.png|alt=|center|464x464px|border|class=tlt-border]] | [[File:Server new 02.png|alt=|center|464x464px|border|class=tlt-border]] | ||
=== Set up Mobile WAN as Main WAN === | ===Set up Mobile WAN as Main WAN === | ||
Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''. | Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''. | ||
[[File:Server new 03.png|alt=Mobile WAN as Main WAN|center|thumb|504x504px|Mobile WAN as Main WAN]] | [[File:Server new 03.png|alt=Mobile WAN as Main WAN|center|thumb|504x504px|Mobile WAN as Main WAN]] | ||
=== Create L2TPv3 instance === | ===Create L2TPv3 instance === | ||
Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance. | Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance. | ||
Line 64: | Line 64: | ||
[[File:Server new 04 02.png|alt=L2TPv3 Server Settings|center|thumb|480x480px|L2TPv3 Server Settings]]Specify the Local address of your mobile WAN. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end. | [[File:Server new 04 02.png|alt=L2TPv3 Server Settings|center|thumb|480x480px|L2TPv3 Server Settings]]Specify the Local address of your mobile WAN. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end. | ||
== DHCP Client Settings (Relay) == | ==DHCP Client Settings (Relay)== | ||
=== DHCP Relay === | ===DHCP Relay === | ||
Enter the router's WebUI, go to '''Network > Interface > LAN > DHCP Server''' and change the "'''Enable DHCP'''" field value from Enable to Relay and type in the DHCP Server the IP address of the server. Click Save & Apply. | Enter the router's WebUI, go to '''Network > Interface > LAN > DHCP Server''' and change the "'''Enable DHCP'''" field value from Enable to Relay and type in the DHCP Server the IP address of the server. Click Save & Apply. | ||
[[File:Client 01.png|alt=Enable DHCP Relay|center|thumb|517x517px|Enable DHCP Relay]] | [[File:Client 01.png|alt=Enable DHCP Relay|center|thumb|517x517px|Enable DHCP Relay]] | ||
'''Note:''' The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts. | '''Note:''' The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts. | ||
=== Set up Mobile WAN as Main WAN === | ===Set up Mobile WAN as Main WAN === | ||
Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''. | Enter to the router’s WebUI, go to '''Network > Interfaces''' press mouse click on the Mobile Wan interface, then drag it to the 1<sup>st</sup> position and then press '''Save & Apply'''. | ||
[[File:Client 02.png|alt=Mobile WAN as Main WAN|center|thumb|545x545px|Mobile WAN as Main WAN]] | [[File:Client 02.png|alt=Mobile WAN as Main WAN|center|thumb|545x545px|Mobile WAN as Main WAN]] | ||
=== Modify Enable-DHCP-renew firewall rule === | ===Modify Enable-DHCP-renew firewall rule === | ||
Enter in the router’s WebUI, go to '''Network > Firewall > Traffic rules''' to additionally allow destination port 67. | Enter in the router’s WebUI, go to '''Network > Firewall > Traffic rules''' to additionally allow destination port 67. | ||
[[File:Client 03.png|alt=DHCP renew firewall rule|center|thumb|555x555px|DHCP renew firewall rule]] | [[File:Client 03.png|alt=DHCP renew firewall rule|center|thumb|555x555px|DHCP renew firewall rule]] | ||
=== Create L2TPv3 instance === | ===Create L2TPv3 instance === | ||
Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance. | Go to router’s WebUI, under '''Service > VPN > L2TP > L2TPv3''' and create new '''L2TPV3''' instance. | ||
Line 115: | Line 115: | ||
== Testing DHCP over L2TPv3 == | ==Testing DHCP over L2TPv3== | ||
To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI and run '''cat /tmp/dhcp.leases''' to list all DHCP clients. | To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI and run '''cat /tmp/dhcp.leases''' to list all DHCP clients. | ||
[[File:Test 01.png|alt=DHCP clients|center|thumb|508x508px|DHCP clients]] | [[File:Test 01.png|alt=DHCP clients|center|thumb|508x508px|DHCP clients]] | ||
Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network. | Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network. | ||
[[File:Test 02.png|alt=DHCP Clients|center|thumb|513x513px|DHCP Clients]] | [[File:Test 02.png|alt=DHCP Clients|center|thumb|513x513px|DHCP Clients]] |
Revision as of 18:32, 25 March 2022
Main Page > General Information > Configuration Examples > Use cases > DHCP RELAY over L2TPv3Introduction
A DHCP relay agent allows the DHCP clients to obtain IP addresses from a DHCP server that is not configured on the same LAN.
This article provides a configuration example with details on how to set-up a DHCP relay over a L2TPv3 VPN.
Prerequisites
You will need:
- Two RUT or RUTX devices (one as Server and other as Client)
- A PC acting as a Host for testing
- Both routers must have a Public Static or Public Dynamic IP addresses
Configuration Scheme
I will paste a Topology Image here
DHCP Server Settings
DHCP Pool
Enter the router's WebUI, go to Network > Interfaces > Ethernet LAN and click the 'Edit' button on the right side of the interface to set the LAN network address.
Under DHCP SERVER set parameters for the DHCP pool.
Set up Mobile WAN as Main WAN
Enter to the router’s WebUI, go to Network > Interfaces press mouse click on the Mobile Wan interface, then drag it to the 1st position and then press Save & Apply.
Create L2TPv3 instance
Go to router’s WebUI, under Service > VPN > L2TP > L2TPv3 and create new L2TPV3 instance.
LOCAL SETTING
Local address: 84.15.155.201
Tunnel ID: 100
Session ID: 100
Cookie: 12ABCDEF
PEER SETTING
Peer address: 84.15.249.182
Peer Tunnel ID: 10
Peer Session ID: 10
Peer Cookie: 12ABCDEF
INSTANCE SETTING
Bridge to: LAN
MTU: 1500
Encapsulation: IP
Layer 2 specific header type: Linux Default
Specify the Local address of your mobile WAN. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.
DHCP Client Settings (Relay)
DHCP Relay
Enter the router's WebUI, go to Network > Interface > LAN > DHCP Server and change the "Enable DHCP" field value from Enable to Relay and type in the DHCP Server the IP address of the server. Click Save & Apply.
Note: The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.
Set up Mobile WAN as Main WAN
Enter to the router’s WebUI, go to Network > Interfaces press mouse click on the Mobile Wan interface, then drag it to the 1st position and then press Save & Apply.
Modify Enable-DHCP-renew firewall rule
Enter in the router’s WebUI, go to Network > Firewall > Traffic rules to additionally allow destination port 67.
Create L2TPv3 instance
Go to router’s WebUI, under Service > VPN > L2TP > L2TPv3 and create new L2TPV3 instance.
LOCAL SETTING
Local address: 84.15.249.182
Tunnel ID: 10
Session ID: 10
Cookie: 12ABCDEF
PEER SETTING
Peer address: 84.15.155.201
Peer Tunnel ID: 100
Peer Session ID: 100
Peer Cookie: 12ABCDEF
INSTANCE SETTING
Bridge to: LAN
MTU: 1500
Encapsulation: IP
Layer 2 specific header type: Linux Default
Testing DHCP over L2TPv3
To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI and run cat /tmp/dhcp.leases to list all DHCP clients.
Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network.