I have a Windows DHCP Server with many scopes, each one related with a VLAN, and I have a PC connected to a switchport. Then, I am changing the access VLAN on this switchport to see if the PC receives the IP address belonging to such VLAN, but the client always receives the same IP address regardless of the VLAN configured on the switchport. I have configured the DHCP relay on my firewall, and this part is working fine. Now when I change the switchport to a new VLAN, and when I do a tcpdump and see the trace, I can see the client is requesting the old IP address 172.22.2.4 (old VLAN), and the DHCP server gives this old IP address, ignoring the "Relay agent IP address" field (172.22.9.1) that the firewall is inserting in the DHCP request packet. Not sure why the PC requests the old IP after doing a ipconfig /release and ipconfig /renew. But to my understanding, I think the DHCP server should give an IP address within the 172.22.9.0/24 scope, since the Relay agent IP address is 172.22.9.1, regardless which IP the PC is asking for.
The Relay IP Address and the subnet masks of the server’s configured scopes are compared through a logical AND comparison to find a scope whose network ID matches the network ID of the Relay IP Address. When a match is found, the DHCP server allocates an IP address from that scope.
https://www.itgeared.com/dhcp-relay-agent/
The only weird thing I can see is the firewall is not inserting the "Relay agent IP address" in the GIADDR field or DHCP option 82, just in the main DHCP field, although this may be correct. Any ideas?
Attached the DHCP request and DHCP reply traces.
DCHP request
DHCP reply
Regards,
Julián
