Bug 110723
Summary: | Will dhcrelay work through IPSEC in FC2? | ||||||||
---|---|---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Stefan Christians <bugzilla> | ||||||
Component: | dhcp | Assignee: | Jason Vas Dias <jvdias> | ||||||
Status: | CLOSED UPSTREAM | QA Contact: | |||||||
Severity: | low | Docs Contact: | |||||||
Priority: | low | ||||||||
Version: | 1 | ||||||||
Target Milestone: | --- | ||||||||
Target Release: | --- | ||||||||
Hardware: | i586 | ||||||||
OS: | Linux | ||||||||
Whiteboard: | |||||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||||
Doc Text: | Story Points: | --- | |||||||
Clone Of: | Environment: | ||||||||
Last Closed: | 2006-03-16 00:26:26 UTC | Type: | --- | ||||||
Regression: | --- | Mount Type: | --- | ||||||
Documentation: | --- | CRM: | |||||||
Verified Versions: | Category: | --- | |||||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||||
Cloudforms Team: | --- | Target Upstream Version: | |||||||
Embargoed: | |||||||||
Attachments: |
|
Description
Stefan Christians
2003-11-24 09:42:17 UTC
Have you checked this on FC2? Created attachment 98901 [details]
enable dhcrelay to function when running on endpoint of ipsec tunnel
Just finnished checking it on FC2 Test1:
1) startup priority
Setkey does not create a virtual interface, so the physical interfaces dhcrelay
listens on all already exist at the current startup priority.
No need to change anything
2) define USE_SOCKETS
Still, if USE_SOCKETS is not defined in includes/site.h, dhcrelay will not work
through ipsec if it is on the vpn gateway itself.
Looking at the IP-traffic, dhcrelay contacts the dhcp server and gets the
response back, but does not forward it to the client.
A patch for defining USE_SOCKETS is attached.
However, the description of this function sounds a little bit scary, and I have
no none-redhat clients available to test it with other dhcp clients.
Created attachment 98902 [details]
enable dhcrelay to function when running on endpoint of ipsec tunnel
Just finnished checking it on FC2 Test1:
1) startup priority
Setkey does not create a virtual interface, so the physical interfaces dhcrelay
listens on all already exist at the current startup priority.
No need to change anything
2) define USE_SOCKETS
Still, if USE_SOCKETS is not defined in includes/site.h, dhcrelay will not work
through ipsec if it is on the vpn gateway itself.
Looking at the IP-traffic, dhcrelay contacts the dhcp server and gets the
response back, but does not forward it to the client.
A patch for defining USE_SOCKETS is attached.
However, the description of this function sounds a little bit scary, and I have
no none-redhat clients available to test it with other dhcp clients.
Sorry for the delay in processing this bug - it somehow slipped through the cracks. Is this still an issue with FC-3/4 2.6+ kernel ipsec support ? I am investigating . No, dhcp currently will NOT work with USE_SOCKETS - for many reasons. This is being worked on upstream at the ISC. |