Add support for DHCP relays + fix bugs

- Fix header.Op to always be BOOT_REPLY, rather than the code of the dhcp response
  type

- Add support for DHCP relays, tested against isc-dhcp-relay

Author: jrgp

README.md

@@ -15,7 +15,7 @@ I wanted to make a small and safe Go solution, as well as to learn the DHCP prot
 2. go build
 3. Configure conf.yaml
 3. Run with permissions needed to listen on port 67 (eg run as root or use linux capabilities), as follows
-4. Run a separate VM on the same bridge/vlan as a dhcp client. This is tested against Alpine's udhcpc and ubuntu's dhclient
+4. Run a separate VM on the same bridge/vlan as a dhcp client
 
 ### Configuration
 
@@ -72,16 +72,18 @@ root@ubuntu2:~#
 
 ## Status
 
-Verified to work with Alpine's `udhcpc` client, Ubuntu's `dhclient` client, and Windows 10.
+- Verified to work with Alpine's `udhcpc` client, Ubuntu's `dhclient` client, and Windows 10.
+- Relay requests verified to work with isc-dhcp-relay.
 
 ## Implemented
 
 - Bare minimum wire protocol for DHCPDISCOVER, DHCPOFFER, DHCPREQUEST, DHCPNAK, DHCPACK, and DHCPRELEASE to work
-- Multiple IP Pools, sourced from configuration
+- Supports relayed requests
+- Supports multiple IP Pools, sourced from configuration
 
 ## TODO
 
-- Support relay requests, and acting as a relay
+- Support acting as a relay
 - Support arbitrary options
 - Support hosts in config with hardcoded IPs, based on mac address
 - More Tests

app.go

@@ -90,6 +90,8 @@ func (a *App) oObToInterface(oob []byte) (*net.Interface, error) {
 	return iface, nil
 }
 
+// For non-relayed requests: find a pool by comparing nets to local nic
+// IPs
 func (a *App) findPoolByInterface(iface *net.Interface) (*Pool, error) {
 	addrs, err := iface.Addrs()
 
@@ -117,7 +119,32 @@ func (a *App) findPoolByInterface(iface *net.Interface) (*Pool, error) {
 	return nil, errors.New("Not found")
 }
 
+// For relayed requests: find a pool by comparing giaddr to configured
+// pool nets
+func (a *App) findPoolbyGiaddr(giaddr FixedV4) (*Pool, error) {
+	for _, pool := range a.ipnet2pool {
+		ipnet := &net.IPNet{
+			IP:   pool.Network,
+			Mask: net.IPMask([]byte(pool.Netmask)),
+		}
+		if ipnet.Contains(giaddr.NetIp()) {
+			return pool, nil
+		}
+	}
+
+	return nil, errors.New("Not found")
+}
+
 func (a *App) DispatchMessage(myBuf, myOob []byte, remote *net.UDPAddr, localSocket *net.UDPConn) {
+	// Sanity remote port check
+	if remote.Port != 67 && remote.Port != 68 {
+		log.Printf("Ignoring DHCP packet with source port %d rather than 67 or 68", remote.Port)
+		return
+	}
+
+	var err error
+
+	// Grab iface and verify we're configured to work on it
 	iface, err := a.oObToInterface(myOob)
 	if err != nil {
 		log.Printf("Failed parsing interface out of OOB: %v", err)
@@ -129,30 +156,41 @@ func (a *App) DispatchMessage(myBuf, myOob []byte, remote *net.UDPAddr, localSoc
 		return
 	}
 
-	pool, err := a.findPoolByInterface(iface)
+	// Parse entire dhcp message
+	message, err := ParseDhcpMessage(myBuf)
 	if err != nil {
-		log.Printf("Can't find pool based on IPs bound to %v", iface.Name)
+		log.Printf("Failed parsing dhcp packet: %v", err)
 		return
 	}
 
-	if remote.Port != 68 {
-		log.Printf("Ignoring DHCP packet with source port %d rather than 68", remote.Port)
-		return
-	}
+	var pool *Pool
 
-	message, err := ParseDhcpMessage(myBuf)
-	if err != nil {
-		log.Printf("Failed parsing dhcp packet: %v", err)
-		return
+	// Relayed request. Find pool based on giaddr
+	if !message.Header.GatewayAddr.Empty() {
+		pool, err = a.findPoolbyGiaddr(message.Header.GatewayAddr)
+		if err != nil {
+			log.Printf("Can't find pool based on IPs bound to %v", iface.Name)
+			return
+		}
+
+	} else {
+		pool, err = a.findPoolByInterface(iface)
+		if err != nil {
+			log.Printf("Can't find pool based on IPs bound to %v", iface.Name)
+			return
+		}
 	}
 
 	handler := NewRequestHandler(message, pool)
 
 	response := handler.Handle()
 
 	if response != nil {
-		// FIXME: options to sending to unicast, sending to relay, etc. Move these send functions
-		// somewhere else.
-		handler.sendMessageBroadcast(response, localSocket)
+		// In the case of a relayed request, send the response unicast to the relaying server
+		if !message.Header.GatewayAddr.Empty() {
+			handler.sendMessageRelayed(response, message.Header.GatewayAddr, localSocket)
+		} else {
+			handler.sendMessageBroadcast(response, localSocket)
+		}
 	}
 }

conf.yaml

@@ -9,8 +9,20 @@ pools:
     routers: [ 172.17.0.1 ]
     dns: [ 1.1.1.1, 8.8.8.8 ]
 
+  # Example pool acting as a relay, using a separate
+  # net on eth2
+  - name: other network
+    network: 192.168.0.0
+    mask: 255.255.255.0
+    start: 192.168.0.200
+    end: 192.168.0.200
+    leasetime: 60
+    myip: 192.168.0.1
+    routers: [ 192.168.0.1 ]
+    dns: [ 1.1.1.1, 8.8.8.8 ]
+
 leasedir: .
-interfaces: [ eth1 ]
+interfaces: [ eth1, eth2 ]
 
 # The following makes more sense
 #leasedir: /var/lib/godhcpd

constants.go

@@ -1,5 +1,13 @@
 package main
 
+//
+// DHCP Op types
+//
+const (
+	BOOT_REQUEST = 1
+	BOOT_REPLY   = 2
+)
+
 //
 // DHCP Message types
 //

options.go

@@ -49,11 +49,27 @@ func (o *Options) GetAll() map[byte]Option {
 	return o.data
 }
 
+func (o *Options) Dump() {
+	for _, key := range o.order {
+		option := o.data[key]
+		log.Printf("%v = %v (%+v)", key, string(""), option.Data)
+	}
+}
+
 func (o *Options) Get(code byte) (Option, bool) {
 	option, ok := o.data[code]
 	return option, ok
 }
 
+func (o *Options) GetByte(code byte) byte {
+	if option, ok := o.data[code]; ok {
+		if len(option.Data) == 1 {
+			return option.Data[0]
+		}
+	}
+	return 0
+}
+
 func (o *Options) Set(code byte, data []byte) {
 	option := Option{
 		Data: data,

payload.go

@@ -47,14 +47,8 @@ func ParseDhcpMessage(buf []byte) (*DHCPMessage, error) {
 	// Parse arbitrary options
 	options := ParseOptions(reader)
 
-	// Confusingly, the Op type can be overridden using an option
-	if option, ok := options.Get(OPTION_MESSAGE_TYPE); ok {
-		if option.Header.Length == 1 {
-			header.Op = option.Data[0]
-		}
-	}
-
-	// Similarly, so can the ClientAddr
+	// ClientAddr overriden by option?
+	// FIXME: verify if this logic is actually needed
 	if option, ok := options.Get(OPTION_REQUESTED_IP); ok {
 		if option.Header.Length == 4 {
 			ip, err := BytesToFixedV4(option.Data)

payload_test.go

@@ -16,7 +16,7 @@ func TestParseDhcpMessage(t *testing.T) {
 	require.Nil(t, err)
 
 	require.Equal(t, "0:1c:42:b4:6e:1d", message.Header.Mac.String())
-	require.Equal(t, byte(DHCPREQUEST), message.Header.Op)
+	require.Equal(t, byte(DHCPREQUEST), message.Options.GetByte(OPTION_MESSAGE_TYPE))
 	require.Equal(t, uint32(0x6effc930), message.Header.Identifier)
 	require.Equal(t, IpToFixedV4(net.ParseIP("172.17.0.100")), message.Header.ClientAddr)
 

request.go

@@ -22,7 +22,7 @@ func NewRequestHandler(message *DHCPMessage, pool *Pool) *RequestHandler {
 }
 
 func (r *RequestHandler) Handle() *DHCPMessage {
-	switch r.header.Op {
+	switch r.options.GetByte(OPTION_MESSAGE_TYPE) {
 	case DHCPDISCOVER:
 		return r.HandleDiscover()
 	case DHCPREQUEST:
@@ -66,7 +66,6 @@ func (r *RequestHandler) HandleRequest() *DHCPMessage {
 	if lease, ok = r.pool.TouchLeaseByMac(mac); !ok {
 		log.Printf("Unrecognized lease for %v", mac.String())
 		return r.SendNAK()
-
 	}
 
 	// Verify IP matches what is in our lease
@@ -103,7 +102,7 @@ func (r *RequestHandler) HandleRelease() *DHCPMessage {
 // Share code for DHCPOFFER and DHCPACK
 func (r *RequestHandler) SendLeaseInfo(lease *Lease, op byte) *DHCPMessage {
 	header := &MessageHeader{
-		Op:         op,
+		Op:         BOOT_REPLY,
 		Hops:       0,
 		Identifier: r.header.Identifier,
 		YourAddr:   lease.IP,
@@ -150,23 +149,27 @@ func (r *RequestHandler) SendLeaseInfo(lease *Lease, op byte) *DHCPMessage {
 
 func (r *RequestHandler) SendNAK() *DHCPMessage {
 	header := &MessageHeader{
-		Op:         DHCPNAK,
+		Op:         BOOT_REPLY,
 		Hops:       0,
 		Identifier: r.header.Identifier,
 		ServerAddr: r.pool.MyIp,
 		Mac:        r.header.Mac,
 	}
 
-	log.Printf("Sending %s to %v", opNames[header.Op], r.header.Mac.String())
+	log.Printf("Sending %s to %v", opNames[DHCPNAK], r.header.Mac.String())
 
 	options := NewOptions()
-	options.Set(OPTION_MESSAGE_TYPE, []byte{header.Op})
+	options.Set(OPTION_MESSAGE_TYPE, []byte{DHCPNAK})
 
 	// FIXME: we likely need more options
 
 	return &DHCPMessage{header, options}
 }
 
+//
+// Send a dhcp response message to broadcast address
+//
+
 func (r *RequestHandler) sendMessageBroadcast(message *DHCPMessage, localSocket *net.UDPConn) {
 	buf := new(bytes.Buffer)
 
@@ -178,7 +181,7 @@ func (r *RequestHandler) sendMessageBroadcast(message *DHCPMessage, localSocket
 
 	err = r.sendBroadcast(buf.Bytes(), localSocket)
 	if err != nil {
-		log.Printf("Failed sending %s payload: %v", opNames[message.Header.Op], err)
+		log.Printf("Failed sending %s payload: %v", opNames[message.Options.GetByte(OPTION_MESSAGE_TYPE)], err)
 	}
 }
 
@@ -197,3 +200,45 @@ func (r *RequestHandler) sendBroadcast(data []byte, localSocket *net.UDPConn) er
 	}
 	return nil
 }
+
+//
+// Send a dhcp response message to a unicast address
+//
+
+func (r *RequestHandler) sendMessageRelayed(message *DHCPMessage, dest FixedV4, localSocket *net.UDPConn) {
+	// FIXME: maybe more/fixed header mangling?
+	message.Header.GatewayAddr = r.header.GatewayAddr
+	message.Header.Flags = r.header.Flags
+	r.sendMessageUnicast(message, dest, localSocket)
+}
+
+func (r *RequestHandler) sendMessageUnicast(message *DHCPMessage, dest FixedV4, localSocket *net.UDPConn) {
+	buf := new(bytes.Buffer)
+
+	err := message.Encode(buf)
+	if err != nil {
+		log.Printf("Failed encoding payload: %v", err)
+		return
+	}
+
+	err = r.sendUnicast(buf.Bytes(), dest, localSocket)
+	if err != nil {
+		log.Printf("Failed sending %s unicast payload: %v", opNames[message.Options.GetByte(OPTION_MESSAGE_TYPE)], err)
+	}
+}
+
+func (r *RequestHandler) sendUnicast(data []byte, dest FixedV4, localSocket *net.UDPConn) error {
+	// Quickly ripped from https://github.com/aler9/howto-udp-broadcast-golang
+	addr, err := net.ResolveUDPAddr("udp4", dest.String()+":67")
+	if err != nil {
+		return fmt.Errorf("Failed resolving remote: %v", err)
+	}
+
+	// Need to use our original listening socket to maintain source port 67,
+	// otherwise windows dhcp will not see our responses
+	_, err = localSocket.WriteTo(data, addr)
+	if err != nil {
+		return fmt.Errorf("Failed writing: %v", err)
+	}
+	return nil
+}

request_test.go

@@ -28,7 +28,7 @@ func TestDhcpDiscover(t *testing.T) {
 	handler := NewRequestHandler(message, pool)
 	response := handler.Handle()
 
-	require.Equal(t, byte(DHCPNAK), response.Header.Op)
+	require.Equal(t, byte(DHCPNAK), response.Options.GetByte(OPTION_MESSAGE_TYPE))
 
 	//
 	// DISCOVER. Should get back a lease.
@@ -39,12 +39,12 @@ func TestDhcpDiscover(t *testing.T) {
 
 	message, err = ParseDhcpMessage(b)
 	require.Nil(t, err)
-	require.Equal(t, byte(DHCPDISCOVER), message.Header.Op)
+	require.Equal(t, byte(DHCPDISCOVER), message.Options.GetByte(OPTION_MESSAGE_TYPE))
 
 	handler = NewRequestHandler(message, pool)
 	response = handler.Handle()
 
-	require.Equal(t, byte(DHCPOFFER), response.Header.Op)
+	require.Equal(t, byte(DHCPOFFER), response.Options.GetByte(OPTION_MESSAGE_TYPE))
 	require.Equal(t, IpToFixedV4(net.ParseIP("10.0.0.10")), response.Header.YourAddr)
 
 	// Pool should have a lease for this mac
@@ -61,12 +61,12 @@ func TestDhcpDiscover(t *testing.T) {
 
 	message, err = ParseDhcpMessage(b)
 	require.Nil(t, err)
-	require.Equal(t, byte(DHCPREQUEST), message.Header.Op)
+	require.Equal(t, byte(DHCPREQUEST), message.Options.GetByte(OPTION_MESSAGE_TYPE))
 
 	handler = NewRequestHandler(message, pool)
 	response = handler.Handle()
 
-	require.Equal(t, byte(DHCPNAK), response.Header.Op)
+	require.Equal(t, byte(DHCPNAK), response.Options.GetByte(OPTION_MESSAGE_TYPE))
 
 	//
 	// A request should now get back an ACK
@@ -77,12 +77,12 @@ func TestDhcpDiscover(t *testing.T) {
 
 	message, err = ParseDhcpMessage(b)
 	require.Nil(t, err)
-	require.Equal(t, byte(DHCPREQUEST), message.Header.Op)
+	require.Equal(t, byte(DHCPREQUEST), message.Options.GetByte(OPTION_MESSAGE_TYPE))
 
 	handler = NewRequestHandler(message, pool)
 	response = handler.Handle()
 
-	require.Equal(t, byte(DHCPACK), response.Header.Op)
+	require.Equal(t, byte(DHCPACK), response.Options.GetByte(OPTION_MESSAGE_TYPE))
 
 	//
 	// Do a DHCPRELEASE
@@ -93,7 +93,7 @@ func TestDhcpDiscover(t *testing.T) {
 
 	message, err = ParseDhcpMessage(b)
 	require.Nil(t, err)
-	require.Equal(t, byte(DHCPRELEASE), message.Header.Op)
+	require.Equal(t, byte(DHCPRELEASE), message.Options.GetByte(OPTION_MESSAGE_TYPE))
 
 	handler = NewRequestHandler(message, pool)
 	response = handler.Handle()