DHCP Relay Agent Configuration
Overview
The DHCP Relay feature was designed to forward DHCP broadcast requests as unicast packets to a configured DHCP server or servers for redundancy in different network segments.
DHCP Relay for IPv4
Before configuring DHCP Relay, make sure DHCP server and client configurations are done.
.
DHCP Relay Configuration
DHCP Agent
#configure terminal | Enter configure mode. |
(config)#feature dhcp | Enable the feature dhcp. This is enabled by default. |
(config)#ip dhcp relay | By default this will be enabled. It starts the ip dhcp relay service. |
(config)# ip dhcp relay address 10.10.10.2 | The relay address configured should be server interface address connected to DUT machine. |
(config)#interface xe1 | Enter interface mode. |
(config-if)#ip address 10.10.10.1/24 | Configure ipv4 address on the interface xe1. |
(config-if)#ip dhcp relay uplink | Configure relay uplink on the device connecting the server. |
(config if)#exit | Exit interface mode. |
(config)#interface xe2 | Enter interface mode. |
(config-if)#ip address 20.20.20.1/24 | Configure ipv4 address on the interface xe2. |
(config-if)#ip dhcp relay | Relay should be configured on the interface connecting to the client. |
(config if)#exit | Exit interface mode. |
Validation Commands
#show running-config dhcp
ip dhcp relay address 10.10.10.2
interface xe2
ip dhcp relay
!
interface xe1
ip dhcp relay uplink
!
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: default
Option 82: Disabled
DHCP Servers configured: 10.10.10.2
Interface Uplink/Downlink
--------- -------------
xe2 Downlink
xe1 Uplink
#show ip dhcp relay address
VRF Name: default
DHCP Servers configured: 10.10.10.2
DHCP Relay for IPv6 Configuration
DHCP Agent
#configure terminal | Enter configure mode. |
(config)#feature dhcp | Enable the feature dhcp. This is enabled in default. |
(config)#ipv6 dhcp relay | By default this will be enabled. It starts the ipv6 dhcp relay service. |
(config)#ipv6 dhcp relay address 2001::2 | The relay address configured should be server interface address connected to DUT machine. |
(config)#interface xe1 | Enter interface mode. |
(config-if)#ipv6 address 2001::1/64 | Configure ipv6 address on the interface xe1. |
(config-if)#ipv6 dhcp relay uplink | Configure relay uplink on the device connecting the server. |
(config if)#exit | Exit interface mode. |
(config)#interface xe2 | Enter interface mode. |
(config-if)#ipv6 address 2002::1/64 | Configure ipv6 address on the interface xe2. |
(config-if)#ipv6 dhcp relay | Relay should be configured on the interface connecting to the client. |
(config if)#exit | Exit interface mode. |
Validation Commands
#sh ipv6 dhcp relay address
VRF Name: default
DHCPv6 Servers configured: 2001::2
#show running-config dhcp
Ipv6 dhcp relay address 2001::2
interface xe2
ipv6 dhcp relay
!
interface xe1
ipv6 dhcp relay uplink
!
DHCP Relay option 82
This section contains examples of DHCP Relay option-82 configuration. DHCP option 82 (Agent Information Option) provides additional security when DHCP is used to allocate network addresses. It enables the DHCP relay agent to prevent DHCP client requests from untrusted sources. Service Providers use remote identifier (option 82 sub option 2) for troubleshooting, authentication, and accounting. The DHCP Option 82 Remote ID Format feature adds support for the interpretation of remote-IDs that are inserted by end users. On the relay agent, you can configure information option to add option 82 information to DHCP requests from the clients before forwarding the requests to the DHCP server. When configured with option 82 and remote-id, the server will receive the DHCP request packet with Agent Circuit ID and remote-id.
The two examples below, show how to configure the DHCP Relay option 82:
• Configuration of DHCP Relay option 82 on a physical interface with Agent information and remote-id.
• Configuration of DHCP Relay option 82 on a VLAN interface with Agent information and remote-id.
Topology
DHCP 82 interface topology
Physical Interface Configuration
Here, the DHCP Server is running with IP 192.168.1.2 with another pool of subnet 10.10.20.0 configured in the server. Configure a static route to 10.10.20.0 network for DHCP OFFER packets to reach the Relay Agent.
Relay agent
#configure terminal | Enter configure mode. |
(config)#ip dhcp relay | Enable DHCP Relay |
(config)#ip dhcp relay information option remote-id hostname | Enable DHCP Relay information option with both agent circuit id which is sub option 1 of option 82 and remote-id which is sub option 2 of option 82. String support is also provided for remote-id. |
(config)#interface xe5 | Enter interface mode. |
(config-if)#ip address 10.10.20.2/24 | Add IP address |
(config-if)#ip dhcp relay | Configure DHCP relay for the interface connecting to client. |
(config-if)#exit | Exit from interface mode |
(config)#interface xe4 | Enter interface mode |
(config-if)#ip dhcp relay uplink | Configure DHCP relay uplink for the interface connecting to server. |
(config-if)#exit | Exit interface mode. |
Client
#configure terminal | Enter configure mode. |
(config)#interface xe5 | Enter interface mode. |
(config-if)#ip address dhcp | Configure IP address DHCP |
(config-if)#exit | Exit from interface mode |
Validation
Relay Agent
#show running-config dhcp
!
ip dhcp relay information option remote-id hostname
ip dhcp relay address 192.168.1.2
interface xe5
ip dhcp relay
!
interface xe4
ip dhcp relay uplink
!
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: default
Option 82: Enabled
Remote Id: OcNOS
DHCP Servers configured: 192.168.1.2
Interface Uplink/Downlink
--------- -------------
xe5 Downlink
xe4 Uplink
Client
#show ip interface brief | include xe5
xe5 *10.10.20.10 up up
Packet captured at DHCP Server
Bootstrap Protocol (Discover)
Message type: Boot Request (1)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 1
Transaction ID: 0x4e61176c
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 10.10.20.2 (10.10.20.2)
Client MAC address: b8:6a:97:35:d7:9d (b8:6a:97:35:d7:9d)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Discover)
Length: 1
DHCP: Discover (1)
Option: (55) Parameter Request List
Length: 3
Parameter Request List Item: (1) Subnet Mask
Parameter Request List Item: (28) Broadcast Address
Parameter Request List Item: (3) Router
Option: (60) Vendor class identifier
Length: 39
Vendor class identifier: onie_vendor:x86_64-accton_as7326_56x-r0
Option: (82) Agent Information Option
Length: 12
Option 82 Suboption: (1) Agent Circuit ID
Length: 3
Agent Circuit ID: 786535
Option 82 Suboption: (2) Agent Remote ID
Length: 5
Agent Remote ID: 4f634e4f53
Option: (255) End
Option End: 255
Padding
Physical Interface Configuration with non-default vrf.
Here, the DHCP Server is running with IP 192.168.1.2 with another pool of subnet 10.10.20.0 configured in the server. Configure a static route to 10.10.20.0 network for DHCP OFFER packets to reach the Relay Agent.
Relay agent
#configure terminal | Enter configure mode. |
(config)#ip dhcp relay | Enable DHCP Relay. |
(config)#ip vrf vrf_dhcp | Configuring non default vrf vrf_dhcp |
(config-vrf)#ip dhcp relay information option remote-id hostname | Enable DHCP Relay information option with both agent circuit id which is sub option 1 of option 82 and remote-id which is sub option 2 of option 82 on non default vrf.. String support is also provided for remote-id. |
(config-vrf)#ip dhcp relay address 192.168.1.2 | Configure DHCP relay address in non default vrf. |
(config)#interface xe5 | Enter interface mode. |
(config-if)#ip vrf forwarding vrf_dhcp | Configure vrf forwarding for vrf_dhcp. |
(config-if)#ip address 10.10.20.2/24 | Add IP address. |
(config-if)#ip dhcp relay | Configure DHCP relay for the interface connecting to client. |
(config-if)#exit | Exit from interface mode |
(config)#interface xe4 | Enter interface mode |
(config-if)#ip vrf forwarding vrf_dhcp | Configure vrf forwarding for vrf_dhcp. |
(config-if)#ip dhcp relay uplink | Configure DHCP relay uplink for the interface connecting to server. |
(config-if)#ip address 192.168.1.4/24 | Add IP address. |
(config-if)#exit | Exit interface mode. |
Client
#configure terminal | Enter configure mode. |
(config)#interface xe5 | Enter interface mode. |
config-if)#ip vrf forwarding vrf_dhcp | Configure ip vrf forwarding for non default vrf. |
(config-if)#ip address dhcp | Configure IP address DHCP. |
(config-if)#exit | Exit from interface mode. |
Validation
Relay Agent
#show running-config dhcp
!
ip vrf vrf_dhcp
ip dhcp relay information option remote-id hostname
ip dhcp relay address 192.168.1.2
interface xe5
ip dhcp relay
!
interface xe4
ip dhcp relay uplink
!
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: vrf_dhcp
Option 82: Enabled
Remote Id: OcNOS
DHCP Servers configured: 192.168.1.2
Interface Uplink/Downlink
--------- -------------
xe5 Downlink
xe4 Uplink
Client
#show ip interface brief | include xe5
xe5 *10.10.20.10 up up
Packet captured at DHCP Server
Bootstrap Protocol (Discover)
Message type: Boot Request (1)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 1
Transaction ID: 0x4e61176c
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 10.10.20.2 (10.10.20.2)
Client MAC address: b8:6a:97:35:d7:9d (b8:6a:97:35:d7:9d)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Discover)
Length: 1
DHCP: Discover (1)
Option: (55) Parameter Request List
Length: 3
Parameter Request List Item: (1) Subnet Mask
Parameter Request List Item: (28) Broadcast Address
Parameter Request List Item: (3) Router
Option: (60) Vendor class identifier
Length: 39
Vendor class identifier: onie_vendor:x86_64-accton_as7326_56x-r0
Option: (82) Agent Information Option
Length: 12
Option 82 Suboption: (1) Agent Circuit ID
Length: 3
Agent Circuit ID: 786535
Option 82 Suboption: (2) Agent Remote ID
Length: 5
Agent Remote ID: 4f634e4f53
Option: (255) End
Option End: 255
Padding
Sample DHCP configuration for using Remote-id
class "remote-id" {
match if option agent.remote-id = OcNOS
} # remote-id
subnet 10.10.20.0 netmask 255.255.255.0 {
pool {
allow members of "remote-id";
default-lease-time 600;
max-lease-time 7200;
range 10.10.20.3 10.10.10.100;
option routers 10.10.20.2;
option broadcast-address 10.10.20.255;
option subnet-mask 255.255.255.0;
option domain-name-servers 4.2.2.2;
}
VLAN Interface Configuration
Topology
DHCP 82 vlan topology
Here, the DHCP Server is running with IP 192.168.1.2 with another pool of subnets 10.10.20.0 configured in the server. Configure a static route to 10.10.20.0 network for DHCP OFFER packets to reach the Relay Agent. In the above topology, vlan 20 is part of interface xe5 in relay Agent and xe5 in Client.
Relay Agent
t
#configure terminal | Enter configure mode. |
(config)#ip dhcp relay | Enable DHCP Relay |
(config)#ip dhcp relay information option remote-id hostname | Enable DHCP Relay information option with both agent circuit id which is sub option 1 of option 82 and remote-id which is sub option 2 of option 82. String support is also provided for remote-id. |
(config)#ip dhcp relay address 192.168.1.2 | Configure DHCP relay address |
(config)#bridge 1 protocol rstp vlan-bridge | Configure bridge |
(config)#vlan 2-100 bridge 1 state enable | Enable some VLANs |
(config)#interface xe5 | Enter interface mode |
(config-if)#switchport | Configure switchport |
(config-if)#bridge-group 1 | Configure bridge-group |
(config-if)#switchport mode hybrid | Configure switchport mode |
(config-if)#switchport hybrid allowed vlan all | Enable vlan |
(config-if)#exit | Exit from interface mode |
(config)#interface vlan1.20 | Enter interface mode for the vlan interface towards client. |
(config-if)#ip address 10.10.20.2/24 | Add IP address |
(config-if)#ip dhcp relay | Configure DHCP relay on the vlan interface connecting to client. |
(config-if)#exit | Exit from interface mode |
(config)#interface xe4 | Enter interface mode |
(config-if)#ip dhcp relay uplink | Configure DHCP relay uplink for the interface connecting to server. |
(config-if)#ip address 192.168.1.4/24 | Add IP address |
(config-if)#exit | Exit interface mode. |
Client
#configure terminal | Enter configure mode. |
(config)#bridge 1 protocol rstp vlan-bridge | Configure bridge |
(config)#vlan 2-100 bridge 1 state enable | Enable VLANs |
(config)#interface xe5 | Enter interface mode. |
(config-if)#switchport | Configure switchport |
(config-if)#bridge-group 1 | Configure bridge-group |
(config-if)#switchport mode hybrid | Configure switchport mode |
(config-if)#switchport hybrid allowed vlan add 20 egress-tagged enable | Enable vlan |
(config-if)#exit | Exit from interface mode |
(config)#interface vlan1.20 | Enter interface mode for the vlan interface which connects relay. |
(config-if)#ip address dhcp | Configure IP address DHCP |
(config-if)#exit | Exit from interface mode |
Validation
Relay Agent
#show running-config dhcp
!
ip dhcp relay information option remote-id hostname
ip dhcp relay address 192.168.1.2
!
interface vlan1.20
ip dhcp relay
!
interface xe4
ip dhcp relay uplink
!
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: default
Option 82: Enabled
Remote Id: ocnos
DHCP Servers configured: 192.168.1.2
Interface Uplink/Downlink
--------- -------------
Vlan1.20 Downlink
xe4 Uplink
Client
#show ip interface brief |include vlan1.20
vlan1.20 *10.10.20.10 up up
Packet captured at DHCP Server
Bootstrap Protocol (Discover)
Message type: Boot Request (1)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 1
Transaction ID: 0x59591459
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 10.10.20.2 (10.10.20.2)
Client MAC address: b8:6a:97:35:d7:9d (b8:6a:97:35:d7:9d)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Discover)
Length: 1
DHCP: Discover (1)
Option: (55) Parameter Request List
Length: 3
Parameter Request List Item: (1) Subnet Mask
Parameter Request List Item: (28) Broadcast Address
Parameter Request List Item: (3) Router
Option: (60) Vendor class identifier
Length: 39
Vendor class identifier: onie_vendor:x86_64-accton_as7326_56x-r0
Option: (82) Agent Information Option
Length: 17
Option 82 Suboption: (1) Agent Circuit ID
Length: 8
Agent Circuit ID: 766c616e312e3230
Option 82 Suboption: (2) Agent Remote ID
Length: 5
Agent Remote ID: 4f634e4f53
Option: (255) End
Option End: 255