From eecec6b5caeaef14a03ddbb1d09f9c599273b998 Mon Sep 17 00:00:00 2001
From: Christian Poessinger <christian@poessinger.com>
Date: Sun, 6 Dec 2020 13:44:56 +0100
Subject: dhcp: T2562: add "listen-address" CLI node for better DHCP relay
 support

Running ISC DHCP server as backend server for multiple pools served to relay
agents requires DHCPd to explicitly listen on give interfaces or a "transit"
subnet declaration facing the network where we receive the DHCPREQ messages on.

This implements a new "listen-address" CLI node, the given address is validated
if it is assigned to the system and upon success, a proper "subnet { }" statement
is added into dhcpd.conf
---
 src/conf_mode/dhcp_server.py | 16 +++++++++++++---
 1 file changed, 13 insertions(+), 3 deletions(-)

(limited to 'src')

diff --git a/src/conf_mode/dhcp_server.py b/src/conf_mode/dhcp_server.py
index 9be586cdf..1ab2d8d16 100755
--- a/src/conf_mode/dhcp_server.py
+++ b/src/conf_mode/dhcp_server.py
@@ -26,6 +26,7 @@ from vyos.template import render
 from vyos.util import call
 from vyos.util import dict_search
 from vyos.validate import is_subnet_connected
+from vyos.validate import is_addr_assigned
 from vyos.xml import defaults
 from vyos import ConfigError
 from vyos import airbag
@@ -246,10 +247,19 @@ def verify(dhcp):
                     if net.overlaps(net2):
                         raise ConfigError('Conflicting subnet ranges: "{net}" overlaps "{net2}"!')
 
+    for address in (dict_search('listen_address', dhcp) or []):
+        if is_addr_assigned(address):
+            listen_ok = True
+            # no need to probe further networks, we have one that is valid
+            continue
+        else:
+            raise ConfigError(f'listen-address "{address}" not configured on any interface')
+
+
     if not listen_ok:
-        raise ConfigError('DHCP server configuration error! None of the configured\n' \
-                          'subnets have an appropriate primary IP address on any\n'
-                          'broadcast interface.')
+        raise ConfigError('None of the configured subnets have an appropriate primary IP address on any\n'
+                          'broadcast interface configured, nor was there an explicit listen-address\n'
+                          'configured for serving DHCP relay packets!')
 
     return None
 
-- 
cgit v1.2.3