Results 1 to 4 of 4

Thread: DHCP relay

  1. #1
    Join Date
    Nov 2018

    Angry DHCP relay

    Could someone please break down the logic or lack thereof about have a GUI option for a DHCP replay inside of Untangle. Literally every other firewall I have messed with has an option for it. Why is it so hard to put into the effing fw................. I have made sure to use the right syntax when putting the relay command into DNS and DHCP option but it still will not pass DHCP request. Just for example:

    dhcp-relay=, (these are not my real addresses)

    Fortigate: has it
    Pfsense: again has it
    OPNsense: has it
    Watchguard: has it
    Cisco: has it

  2. #2
    Untangler jcoffin's Avatar
    Join Date
    Aug 2008
    Sunnyvale, CA


    It's not that we don't have it but there is an underlying sub-system with a bug. Unlike our competitors, our bug database is open to the public. A quick search will provide all the reasons.

    Untangle 15.0 is based on Debian 9. Dnsmasq 2.76 has a bug with dhcp-relay which is the version in Debian 9.
    Untangle 15.1 (in beta currently) is based on Debian 10 which has the updated dnsmasq contain the bug fix.

    Last edited by jcoffin; 05-02-2020 at 12:55 PM.
    Attention: Support and help on the Untangle Forums is provided by
    volunteers and community members like yourself.
    If you need Untangle support please call or email

  3. #3
    Untangle Ninja sky-knight's Avatar
    Join Date
    Apr 2008
    Phoenix, AZ


    DNSMasq didn't support dhcp relay at all until fairly recently, so be glad you can do what you're doing.

    Also, cardinal rules... Untangle is designed to be at the edge of your network, and that functionality is for the core.

    I could go on... but this is certainly a want instead of a need if you're using Untangle properly. And if you're not, you copy paste a line into a text box... It's a bucket easier than configuring an Azure instance of anything. And considering the time Untangle saves me on everything else it does, this one snag doesn't account for much. Especially when I compare the amount of time all the products you just listed cost me. And all of those products have their on quirks that requires command line tweaking too.

    But that's a hard sell too, because Untangle is awesome. And, the only thing worse than busted software, is great software that's almost perfect. So when you have a thing that does 99% of what you want, that last 1% is REALLY annoying. I get it, I'm with you. I'm sure we'll get a UI feature for this particular thing at some point, but please know that it wasn't even a stable option via DNSMasq on Debian until around this time last year!

    *edit* And JCoffin is correct, the version we have in v15.0 is bugged to boot... so yeah...
    Last edited by sky-knight; 05-02-2020 at 12:55 PM.
    Rob Sandling, BS:SWE, MCP
    Phone: 866-794-8879 x201

  4. #4
    Master Untangler
    Join Date
    Oct 2013


    Now that we're on v15.1, there already ought to be a way to do this by now in GUI. I agree, somewhat, that this may very well be a core network function. But by that logic, you shouldn't even be doing inter-VLAN routing on the firewall, right? Yet, you can and a lot of people do.

    My point is, the goal post have moved a great degree and the different functions between a network's building blocks have started to overlap. I guess the biggest evidence of this is what the OP brought up; other firewalls are already doing it. All these thanks to better hardware and innovations in software.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts

SEO by vBSEO 3.6.0 PL2