DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware

DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware

DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
2 weeks ago - last edited a week ago
Model: ER8411  
Hardware Version: V1
Firmware Version: ER8411(UN)_V1_1.2.2 Build 20240809

The DHCP Relay functionality is broken in the ER8411(UN)_V1_1.2.2 Build 20240809 firmware. The router forwards DHCP datagrams from configured VLANS to the DHCP server, but it does not forward DHCP replies to the client(s).

The only solution is to downgrade firmware to the ER8411(UN)_V1_1.2.1 Build 20240308.

 

P.S.

The router managed in the standalone mode.

  1      
  1      
#1
Options
1 Accepted Solution
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware-Solution
a week ago - last edited a week ago

Hi @.AT 

Thanks for posting in our business forum.

.AT wrote

Thank you @Clive_A

 

Here are couple notes which may help you to reproduce the issue:

  1. All VLANs on the diagram are /23 subnets
  2. Gateway IP on each subnet is the highest unicast IP address
  3. DHCP Pools use lower part of subnet

 

For example:

  • VLAN-server: network: 192.168.0.0/23; GW: 192,168.1.254; DHCP Server IP: 192.168.0.3
  • VLAN-guest: network: 192.168.8.0/23; GW: 192.168.9.254; DHCP Pool: 192.168.8.1 - 192.168.8.253
  • VLAN-client: network: 192.168.4.0/23; GW: 192.168.5.254; DHCP Pool: 192.168.4.32 - 192.168.4.253

We have located this issue and expect to fix this in the 1.2.3 firmware in the near future.

If you need a beta that addresses this, please let me know.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#6
Options
8 Reply
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
a week ago

Hi @.AT 

Thanks for posting in our business forum.

Please provide the diagram of your network with IP marked and detailed settings for the DHCP relay.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#2
Options
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
a week ago

This is simplified network diagram:

 

Diagram description:

There are several 802.1Q VLANs configured on the router and switches including presented on the diagram above.

  • DHCP Relay configured for the VLAN-guest and VLAN-client VLANs at the Router only (DHCP Mode: "DHCP Relay"; Enabled: "On"; Server: "IPv4 address of DHCP Server in the VLAN-server subnet"
  • VLAN-quests handles only WiFi clients connected though EAP-670 where SSID configured as "Guest Network" for this VLAN.
  • VLAN-client handles wired and wireless client.Wireless clients connected via EAP-670 with seoarate SSID attached to this VLAN.
  • DHCP Server located in the VLAN-server VLAN. 
  • All servers on the diagram above are LXD containers run on top of the hosts directly connected to the Router's ports. DHCP Servers are the cluster of ISC DHCP.

 

This network topology worked well starting from original firmware and up to 1.2.1. Clients stopped receiving DHCP responses after upgrading router firmware to 1.2.2. 

Capturing traffic at the host hosting DHCP server and Clients located in the VLAN-client and VLAN-guest segments displayed next picture:

  • Router forwards DHCPREQUEST packet from the client to the DHCP server
  • DHCP Server sends DHCPACK packet to the router with request to forward it to the client
  • Router drops the packed (clients never receive DHCPACK packets)

 

Reverting router firmware to 1.2.1 resolved the issue.

 

  1  
  1  
#3
Options
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
a week ago - last edited a week ago

Hi @.AT 

Thanks for posting in our business forum.

.AT wrote

This is simplified network diagram:

 

 

Diagram description:

There are several 802.1Q VLANs configured on the router and switches including presented on the diagram above.

  • DHCP Relay configured for the VLAN-guest and VLAN-client VLANs at the Router only (DHCP Mode: "DHCP Relay"; Enabled: "On"; Server: "IPv4 address of DHCP Server in the VLAN-server subnet"
  • VLAN-quests handles only WiFi clients connected though EAP-670 where SSID configured as "Guest Network" for this VLAN.
  • VLAN-client handles wired and wireless client.Wireless clients connected via EAP-670 with seoarate SSID attached to this VLAN.
  • DHCP Server located in the VLAN-server VLAN. 
  • All servers on the diagram above are LXD containers run on top of the hosts directly connected to the Router's ports. DHCP Servers are the cluster of ISC DHCP.

 

This network topology worked well starting from original firmware and up to 1.2.1. Clients stopped receiving DHCP responses after upgrading router firmware to 1.2.2. 

Capturing traffic at the host hosting DHCP server and Clients located in the VLAN-client and VLAN-guest segments displayed next picture:

  • Router forwards DHCPREQUEST packet from the client to the DHCP server
  • DHCP Server sends DHCPACK packet to the router with request to forward it to the client
  • Router drops the packed (clients never receive DHCPACK packets)

 

Reverting router firmware to 1.2.1 resolved the issue.

 

Will review this with the test team.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  1  
  1  
#4
Options
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
a week ago

Thank you @Clive_A

 

Here are couple notes which may help you to reproduce the issue:

  1. All VLANs on the diagram are /23 subnets
  2. Gateway IP on each subnet is the highest unicast IP address
  3. DHCP Pools use lower part of subnet

 

For example:

  • VLAN-server: network: 192.168.0.0/23; GW: 192,168.1.254; DHCP Server IP: 192.168.0.3
  • VLAN-guest: network: 192.168.8.0/23; GW: 192.168.9.254; DHCP Pool: 192.168.8.1 - 192.168.8.253
  • VLAN-client: network: 192.168.4.0/23; GW: 192.168.5.254; DHCP Pool: 192.168.4.32 - 192.168.4.253
  0  
  0  
#5
Options
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware-Solution
a week ago - last edited a week ago

Hi @.AT 

Thanks for posting in our business forum.

.AT wrote

Thank you @Clive_A

 

Here are couple notes which may help you to reproduce the issue:

  1. All VLANs on the diagram are /23 subnets
  2. Gateway IP on each subnet is the highest unicast IP address
  3. DHCP Pools use lower part of subnet

 

For example:

  • VLAN-server: network: 192.168.0.0/23; GW: 192,168.1.254; DHCP Server IP: 192.168.0.3
  • VLAN-guest: network: 192.168.8.0/23; GW: 192.168.9.254; DHCP Pool: 192.168.8.1 - 192.168.8.253
  • VLAN-client: network: 192.168.4.0/23; GW: 192.168.5.254; DHCP Pool: 192.168.4.32 - 192.168.4.253

We have located this issue and expect to fix this in the 1.2.3 firmware in the near future.

If you need a beta that addresses this, please let me know.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
Recommended Solution
  0  
  0  
#6
Options
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
a week ago

Could you post that beta please with its changelog, i have a second site that is facing this issue with the ER8411 and also had to roll it back to 1.2.1

  0  
  0  
#7
Options
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
a week ago

Thank you  @Clive_A 

 

Please don't forget to request test team to update the test-plan and pipeline(s) wink.

  0  
  0  
#8
Options
Re:DHCP Relay is broken in ER8411(UN)_V1_1.2.2 Build 20240809 firmware
a week ago

Hi @GRL 

Thanks for posting in our business forum.

GRL wrote

Could you post that beta please with its changelog, i have a second site that is facing this issue with the ER8411 and also had to roll it back to 1.2.1

Yep. Has informed them of this. Will note it.

Best Regards! If you are new to the forum, please read: Howto - A Guide to Use Forum Effectively. Read Before You Post. Look for a model? Search your model NOW Official and Beta firmware. NEW features! Subscribe for the latest update!Download Beta Here☚ ☛ ★ Configuration Guide ★ ☚ ☛ ★ Knowledge Base ★ ☚ ☛ ★ Troubleshooting ★ ☚ ● Be kind and nice. ● Stay on the topic. ● Post details. ● Search first. ● Please don't take it for granted. ● No email confidentiality should be violated. ● S/N, MAC, and your true public IP should be mosaiced.
  0  
  0  
#9
Options