DHCP-relay in MPLS VRF

Hi all!

I’m trying to setup a dhcp-relay which should relay requests through a L3 MPLS-VPN but can’t get it to work.
It seems like the relay request are sent via the main routing-table (default gw) and not the vrf.

I’ll try to illustrate:
[DHCP server (192.168.88.1)] --vrf1-- [PE1] —MPLS Cloud (main)— [PE2] --vrf1-- [DHCP Client]

PE2 has dhcp-relay setup: (ether1=main, ether2=vrf1)
/ip dhcp-relay add delay-threshold=none dhcp-server=192.168.88.1 disabled=no interface=ether2 local-address=192.168.92.2 name=relay1

When I sniff at PE2 on ether1 I see DHCP unicast IP-packet and not a MPLS-encapsulated packet.

Anyone got an idea about this? Limitation?

DHCP relay is not VRF aware, so it is not going to work.

Ok, thanks.

After some time considering this, any plans to implement?
Would be nice to have.

Hey,

I have come across the same dilemma…

Trying to relay DHCP over a routed MPLS network, from a windows DHCP server, to clients on VRF’s across a WAN.

Is there any fix to this? Seems to work fine on Cisco hardware, just stumped on the Mikrotiks.

Cheers,

Andy

I was able to do a workaround with one mangle and one nat rule to make this work.
Make you sure you have a route for the DHCP server in the main table, default route is enough (or else the router will drop the packet) and create a mangle rule kind of like this:

ip firewall mangle add chain=output  dst-address=<dhcpserver> protocol=udp dst-port-67 action=mark-routing new-routing-mark=<vrf>

Possible you need a nat rule to make sure the source address is correct for the customers network:

 
ip firewall nat add chain=srcnat dst-address=<dhcpserver> protocol=udp dst-port=67 routing-mark=<vrf> action=src-nat to-addresses=<relayip>

relayip is the address you have assigned on the interface facing the customers network.

Hope this helps.

Thanks heaps norpan,
worked perfectly! Didn’t need the nat rule it seemed.

Now I can get things rolling!