DHCP RELAY over L2TPv3 new

Introduction

A DHCP relay agent allows the DHCP clients to obtain IP addresses from a DHCP server that is not configured on the same LAN.

This article provides a configuration example with details on how to set-up a DHCP relay over a L2TPv3 VPN.

Prerequisites

You will need:

Two RUT or RUTX devices (one as Server and other as Client)
A PC acting as a Host for testing
Both routers must have a Public Static or Public Dynamic IP addresses

Configuration Scheme

RUT1 LAN interface configuration

Login to the router's WebUI and navigate to Network → LAN → LAN interfaces → lan. Click the 'Edit' button on the right side of the interface to set the LAN network address.

General Settings

Aplly the following changes:

IPv4 Address: 192.168.10.1

RUT1 DHCP pool configuration

Login to the router's WebUI and navigate to Network → DHCP → Server Settings → IPv4 → DHCPv4 servers → lan → Edit:

General Setup

Make the Following changes:

Start IP:192.168.10.150
End IP:192.168.10.170

RUT1 L2TPv3 Server Configuration

Go to router’s WebUI, under Service → VPN → L2TPv3 and create new L2TPv3 instance.

L2TPv3 instance configuration

Apply the following configuration:

Enable: on
Local address: 84.15.XXX.XXX
Tunnel ID: 100
Session ID: 100
Cookie: 12ABCDEF

Peer settings

Apply the following configuration:

Peer address: 213.130.XXX.XXX
Peer Tunnel ID: 10
Peer Session ID: 10
Peer Cookie: 12ABCDEF

Instance settings

Apply the following configuration:

Bridge to: lan
MTU: 1500
Encapsulation: IP
Layer 2 specific header type: Linux Default

Note: Specify on "Local address" your mobile WAN public IP. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.

RUT2 DHCP Client Settings (Relay)

Login to the router's WebUI and navigate to Network → DHCP → Server Settings → IPv4 → DHCPv4 servers → lan → Edit: General Setup

Make the Following changes:

DHCPv4 mode: Relay
DHCP server: 84.15.XXX.XXX

Note: The IPv4 address of the LAN interface is different from the server's LAN interface address, this is necessary to avoid conflicts.

RUT2 Allow-DHCP-Renew firewall rule changes

Open the router’s WebUI, go to Network → Firewall → Traffic rules → Allow-DHCP-Renew -> Edit and include destination port 67 inside the rule configuration.

Create L2TPv3 Client configraution

Go to router’s WebUI, under Service → VPN → L2TP → L2TPv3 and create new L2TPV3 instance.

L2TPv3 instance configuration

Local address: 213.130.XXX.XXX

Tunnel ID: 10

Session ID: 10

Cookie: 12ABCDEF

PEER SETTING

Peer address: 84.15.XXX.XXX

Peer Tunnel ID: 100

Peer Session ID: 100

Peer Cookie: 12ABCDEF

INSTANCE SETTING

Bridge to: LAN

MTU: 1500

Encapsulation: IP

Layer 2 specific header type: Linux Default

Note: Specify on "Local address" your mobile WAN public IP. Local value for Tunnel ID, session ID and Cookie must match with the peer values being used at the other end.

Testing DHCP over L2TPv3

To test the realy settings go to DHCP server to check that devices are able to recieve IP addresses in the range 192.168.10.150 - 192.168.10.170 either via LAN port or Wi-Fi. Access the CLI and run cat /tmp/dhcp.leases to list all DHCP clients.

Asking for the Address Resolution Protocol (ARP) table is also an other method to find hosts on the LAN network.