Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Noah_T
Participant

DHCP Relay stopped working after gateway upgrade to R80.20

Team,

Last weekend  we did OS Upgrade on SG 15600 Cluster ( Active/Standby setup ) from R77.30 to R80.20 and after the upgrade dhcp relay stopped working , offer packets were being dropped with error ( offer fw_postvm_chain_handler Reason: 'dhcp_request_code' drop ) . Drops were not seen on CLM Logs , but were seen via Zdebug commandmon cli. 

we were using legacy dhcp services ( bootp, dhcp-rep-localmodule etc)  and manual NAT rules as per SK98839. The MDS is on R80.10. 

After we replaced all the legacy services with New dhcp services (dhcp-request, dhcp-reply ) dhcp relay started working. 

 

As per SK98839 legacy services are still supported so I would like to know the reason why it stopped working as OS was upgraded on the gateways to R80.20.

 

Thank You. 

0 Kudos
3 Replies
JozkoMrkvicka
Mentor
Mentor

check sk98839 and search forfwx_dhcp_relay_nat parameter. Must be 1 after upgrade.

Kind regards,
Jozko Mrkvicka
Noah_T
Participant

@JozkoMrkvicka 

Thank You for your reply. fwx_dhcp_relay_nat  not being 1 should be the reason. I have another Cluster upgrade this weekend and can confirm. 

 

What is the significance of  fwx_dhcp_relay_nat parameter ? 

When using Legacy services as per sk98839 manual NAT rules are required but why are they not required when using New DHCP services ?

 

0 Kudos
PhoneBoy
Admin
Admin

Most likely because the newer DHCP services actually handle this through their INSPECT handler, which the legacy services didn't have.
0 Kudos

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events