DHCP Relay in docker

Table of Contents

1. About The Project
2. Getting Started
   • Prerequisites
3. Usage
   • Potentials issues
   • Testing
   • PiHole and DHCP Relay
4. License
5. Contact
6. Acknowledgements

About The Project

This is a small docker image with a DHCP Helper useful in case when you have a DHCP server in the docker environment and you need a relay for broadcast.

The DHCP server in the container does get only unicast the DHCPOFFER messages when it will have to get broadcast DHCPOFFER messages on the network.

It will not work the DHCP server in docker even in networking host mode unless you are using any DHCP relay.

👨‍🎓 If you need to know more about how it works DHCP protocol, I highly recommend this link.

Getting Started

🔰 It will work on any Linux box amd64 or Raspberry Pi with arm64 or arm32.

Prerequisites

You will need to have:

• 🐳 Docker
• 🐋 docker-compose

This step is optional

Usage

You only need to pass as variable the IP address of DHCP server: "-e IP=X.X.X.X"

You can run as:

docker run --privileged -d --name dhcp --net host -e "IP=172.31.0.100" homeall/dhcphelper:latest

Potentials issues

⚠️ Please make sure your host has port 67 on UDP open on iptables/firewall of your OS and it is running on network host mode ONLY.

‼️ You can run the following command to see that is working:

$ nc -uzvw3 127.0.0.1 67
Connection to 127.0.0.1 port 67 [udp/bootps] succeeded!

♥️ On the status column of the docker, you will notice the healthy word. This is telling you that docker is running healtcheck itself in order to make sure it is working properly. Please test yourself using the following command:

$ docker inspect --format "{{json .State.Health }}" dhcp | jq
{
  "Status": "healthy",
  "FailingStreak": 0,
  "Log": [
    {
      "Start": "2021-01-04T10:28:11.8070681Z",
      "End": "2021-01-04T10:28:14.8695872Z",
      "ExitCode": 0,
      "Output": "127.0.0.1 (127.0.0.1:67) open\n"
    }
  ]
}

⬆️ Go on TOP ☝️

Testing

➡️ You can run a command from Linux/Mac:

$ sudo nmap --script broadcast-dhcp-discover -e $Your_Interface

⬇️ Output result:

Starting Nmap 7.91 ( https://nmap.org ) at 2021-01-01 19:40 GMT
Pre-scan script results:
| broadcast-dhcp-discover:
|   Response 1 of 1:
|     Interface: en0
|     IP Offered: 192.168.1.30
|     DHCP Message Type: DHCPOFFER
|     Server Identifier: 172.31.0.100
|     IP Address Lease Time: 2m00s
|     Renewal Time Value: 1m00s
|     Rebinding Time Value: 1m45s
|     Subnet Mask: 255.255.255.0
|     Broadcast Address: 192.168.1.255
|     Domain Name Server: 172.31.0.100
|     Domain Name: lan
|     Router: 192.168.1.1
Nmap done: 0 IP addresses (0 hosts up) scanned in 10.26 seconds

PiHole and DHCP Relay

💰 It will work amazing both together dhcphelper and ©️ PiHole ☯️

❇️ A simple docker-compose.yml:

version: "3.3"

services:
  pihole:
    container_name: pihole
    image: pihole/pihole:latest
    hostname: pihole
    ports:
      - "53:53/tcp"
      - "53:53/udp"
      - "80:80/tcp"
    environment:
      TZ: 'Europe/London'
      WEBPASSWORD: 'admin'
      DNS1: '127.0.0.53'
      DNS2: 'no'
    volumes:
      - './etc-pihole/:/etc/pihole/'
    depends_on:
      - dhcphelper
    cap_add:
      - NET_ADMIN
    restart: unless-stopped
    networks:
      backend:
        ipv4_address: '172.31.0.100'
      proxy-tier: {}

  dhcphelper:
    restart: unless-stopped
    container_name: dhcphelper
    network_mode: "host"
    image: homeall/dhcphelper:latest
    environment:
      IP: '172.31.0.100'
      TZ: 'Europe/London'
    cap_add:
      - NET_ADMIN

⬆️ Go on TOP ☝️

License

🗞️ Distributed under the MIT license. See LICENSE for more information.

Contact

🔴 Please free to open a ticket on Github.

Acknowledgements

• 🎉 @DerFetzer 🏆
• 🎉 @Simon Kelley who is the author of dnsmasq and dhcp-helper. 🥇

⬆️ Go on TOP ☝️