F5 APM DHCP instead of leasepool
Hello, I'm looking to configure the APM to use an upstream DHCP server instead of the locally defined leasepool. I have seen in other posts a link to an article for just this, but the link is no longer around and I cannot find the iapps template associated. iApp, documentation, and example APM Policy to get IP addresses from DHCP for APM VPN clients Can someone point me to the correct link, or can someone tell me the proper way to do this? When i remove the leasepool from the APM policy it says no leasepool assigned and the connections fail. Thank you.DHCP Relay not forwarding traffic
I'm Testing DHCP relay on our F5. I have followed the following guide. https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-1-0/23.html Host Network range is 10.10.0.0/24 VLAN55 DCHP servers are on 10.11.0.0/24 LAN56 10.11.0.3 and 10.11.0.7 When setting up the Virtual Server I had to change the source from 255.255.255.255 too 0.0.0.0. Type DHCP relay was not available, just DHCP (same thing?) tcpdump on VLAN55 IP 0.0.0.0.bootpc > 255.255.255.255.bootps: BOOTP/DHCP, Request from 00:50:56:96:01:7a, length 300 in slot1/tmm0 lis=/Common/dHCPRELAY No traffic destined for the DCHP servers on VLAN56 IP 10.11.0.3 > 10.11.0.5: ICMP echo reply, id 8976, seq 6684, length 20 in slot1/tmm2 lis= Statistics show, IN OUT IN OUT dHCPRELAY Common View... 341.1K 0 130 0 1 1 1 0 0% 0% 0% No Data No Data No Data I have tried using both profiles, dhcpv4, and dhcpv4_fwd same results. any ideas? thank you
F5 DHCP Relay in multi-hop configuration issue
Hi all, We have 2x F5 BIG-IP 4000 units with APM Base, GTM-DNS and LTM Base licenses, running version 11.6.0 (build 3.0.412). We are having trouble with a multi-hop DHCP relay config where the F5 does not have a presence in the client VLAN. The reason we are wanting the F5 in the mix is so that we can take advantage of Server 2012 R2 DHCP redundancy/failover features and switch DHCP servers far quicker than updating 200 devices at once. We do not want or need the F5 to service DHCP broadcast requests hitting it's own interfaces. We have been using these documents to try get this running: https://devcentral.f5.com/articles/dhcp-relay-virtual-server https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-6-0/29.html We have the following setup: Client network config: Client on VLAN20 Cisco switch (C4500X with iOS XE 03.04.05) with VLAN20 configured with 10.1.0.1/24 and an IP Helper pointing to 10.2.0.5 which is 3 hops away A single laptop with a wired connection to a switchport configured for VLAN20. F5 config: F5 Virtual Server configured with Type DHCP, Source Address 0.0.0.0/0, Destination (Other) 10.2.0.5, listening only on the VLAN where 10.2.0.5 is present. DHCPv4 Profile configured using default settings, but tried in both Relay and Forward mode, with Idle Timeout set to Indefinite, Max Hops set to 30, Default TTL set to 2000, and TTL Decrement Amount set to 0, with no change in result. Member Pool with 1x Windows Server 2012 R2 member on 10.2.0.6:67 running MS DHCP with a DHCP pool for 10.1.0.0/24. Also tried with a Windows Server 2008 R2 member. No iRules applied. SNAT rule created to map 10.1.0.1 to 10.1.0.1, but tried with and without this in place Tried with and without a Self IP on 10.2.0.5 (not sure if it's required with a unicast DHCP packet instead of broadcast) DHCP Server config: Windows Server 2012 R2 with DHCP service installed Scope created for 10.1.0.0/24 with gateway, DNS and domain name set Static route added for 10.1.0.1/32 to go via 10.2.0.5 What we're seeing: Virtual Server stats show traffic in and out, including recognising the DHCPDISCOVER packet, however it shows that all requests are timing out. Pool stats show zeroes across the board for bits, packets, connections etc Wireshark on the Windows DHCP server monitoring UDP port 67 and destination IP of 10.2.0.5. We see the DHCP health checks appear as malformed BOOTP packets, but no "real" DHCP packets. Other thoughts I've had: Cisco IOS doesn't seem to allow adding/editing a Max Hops value on IP Helper. In DHCP mode, a Virtual Server forwards DHCP packets to all members at the same time. This may prevent the stats from reporting in an expected way. Any tips or help that anyone can provide would be greatly appreciated. Regards, PhilipDHCP relay
Hello, I want to make a dhcp relay on F5 box. OS version is 11.6. F5 is vCMP guest. The problem is I can see on tcpdump that F5 is relaying request towards DHCP server but the problem is that source address in that request is outside address and not the vlan address request came originally from. I've tried following the exact procedure described here: https://support.f5.com/kb/en-us/products/big-ip_ltm/manuals/product/ltm-implementations-11-6-0/29.html The equivalent would be, following the scheme in this document, to have request going from 10.10.0.1 instead from 10.20.0.1. And that, of course, is not good. Please advise! Bojan
