OcNOS-RON : System Management Guide : System Management Configuration Guide : DHCP Relay Agent Configuration
DHCP Relay Agent Configuration
Overview
The DHCP Relay feature was designed to forward DHCP broadcast requests as unicast packets to a configured DHCP server or servers for redundancy.
DHCP Relay for IPv4
Before configuring DHCP Relay, make sure DHCP server and client configurations are done.
.
DHCP Relay Configuration
DHCP Agent
 
#configure terminal
Enter configure mode.
(config)#feature dhcp
Enable the feature dhcp. This is enabled by default.
(config)#ip dhcp relay
By default this will be enabled. It starts the ip dhcp relay service.
(config)#ip dhcp relay address 10.10.10.2
The relay address configured should be server interface address connected to DUT machine.
(config)#interface xe1
Enter interface mode.
(config-if)#ip address 10.10.10.1/24
Configure ipv4 address on the interface xe1.
(config-if)#ip dhcp relay uplink
Configure relay uplink on the device connecting the server.
(config-if)#exit
Exit interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
(config)#interface xe2
Enter interface mode.
(config-if)#ip address 20.20.20.1/24
Configure ipv4 address on the interface xe2.
(config-if)#ip dhcp relay
Relay should be configured on the interface connecting to the client.
(config-if)#exit
Exit interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
Validation Commands
#show running-config dhcp
 
ip dhcp relay address 10.10.10.2
interface xe2
ip dhcp relay
!
interface xe1
ip dhcp relay uplink
!
 
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: default
Option 82: Disabled
DHCP Servers configured: 10.10.10.2
Interface Uplink/Downlink
--------- -------------
xe2 Downlink
xe1 Uplink
 
#show ip dhcp relay address
VRF Name: default
DHCP Servers configured: 10.10.10.2
DHCP Relay for IPv6 Configuration
DHCP Agent
 
#configure terminal
Enter configure mode.
(config)#feature dhcp
Enable the feature dhcp. This is enabled in default.
(config)#ipv6 dhcp relay
By default this will be enabled. It starts the ipv6 dhcp relay service.
(config)#ipv6 dhcp relay address 2001::2
The relay address configured should be server interface address connected to DUT machine.
(config)#interface xe1
Enter interface mode.
(config-if)#ipv6 address 2001::1/64
Configure ipv6 address on the interface xe1.
(config-if)#ipv6 dhcp relay uplink
Configure relay uplink on the device connecting the server.
(config-if)#exit
Exit interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
(config)#interface xe2
Enter interface mode.
(config-if)#ipv6 address 2002::1/64
Configure ipv6 address on the interface xe2.
(config-if)#ipv6 dhcp relay
Relay should be configured on the interface connecting to the client.
(config-if)#exit
Exit interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
Validation Commands
#sh ipv6 dhcp relay address
 
VRF Name: default
DHCPv6 Servers configured: 2001::2
 
#show running-config dhcp
 
Ipv6 dhcp relay address 2001::2
interface xe2
ipv6 dhcp relay
!
interface xe1
ipv6 dhcp relay uplink
!
DHCP Relay option 82
This section contains examples of DHCP Relay option-82 configuration. DHCP option 82 (Agent Information Option) provides additional security when DHCP is used to allocate network addresses. It enables the DHCP relay agent to prevent DHCP client requests from untrusted sources. Service Providers use remote identifier (option 82 sub option 2) for troubleshooting, authentication, and accounting. The DHCP Option 82 Remote ID Format feature adds support for the interpretation of remote-IDs that are inserted by end users. On the relay agent, you can configure information option to add option 82 information to DHCP requests from the clients before forwarding the requests to the DHCP server. When configured with option 82 and remote-id, the server will receive the DHCP request packet with Agent Circuit ID and remote-id.
 
The two examples below, show how to configure the DHCP Relay option 82:
Configuration of DHCP Relay option 82 on a physical interface with Agent information and remote-id.
Configuration of DHCP Relay option 82 on a VLAN interface with Agent information and remote-id.
Topology
DHCP 82 interface topology
Physical Interface Configuration
Here, the DHCP Server is running with IP 192.168.1.2 with another pool of subnet 10.10.20.0 configured in the server. Configure a static route to 10.10.20.0 network for DHCP OFFER packets to reach the Relay Agent.
Relay agent
 
#configure terminal
Enter configure mode.
(config)#ip dhcp relay
Enable DHCP Relay
(config)#ip dhcp relay address 192.168.1.2
The relay address configured should be server interface
address connected to DUT machine
 
(config)#ip dhcp relay information option remote-id hostname
Enable DHCP Relay information option with both agent circuit id which is sub option 1 of option 82 and remote-id which is sub option 2 of option 82. String support is also provided for remote-id.
(config)#interface xe5
Enter interface mode.
(config-if)#ip address 10.10.20.2/24
Add IP address
(config-if)#ip dhcp relay
Configure DHCP relay for the interface connecting to client.
(config-if)#exit
Exit from interface mode
(config)#commit
 
 
Commit the candidate configuration to the running configuration
(config)#interface xe4
Enter interface mode
(config-if)#ip address 192.168.1.1/24
Configure ipv4 address on the interface xe4
(config-if)#ip dhcp relay uplink
Configure DHCP relay uplink for the interface connecting to server.
(config-if)#exit
Exit interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
Client
 
#configure terminal
Enter configure mode.
(config)#interface xe5
Enter interface mode.
(config-if)#ip address dhcp
Configure IP address DHCP
(config-if)#exit
Exit from interface mode
(config)#commit
 
 
Commit the candidate configuration to the running configuration
Validation
Relay Agent
#show running-config dhcp
!
ip dhcp relay information option remote-id hostname
ip dhcp relay address 192.168.1.2
interface xe5
ip dhcp relay
!
interface xe4
ip dhcp relay uplink
!
 
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: default
Option 82: Enabled
Remote Id: OcNOS
DHCP Servers configured: 192.168.1.2
Interface Uplink/Downlink
--------- -------------
xe5 Downlink
xe4 Uplink
 
Client
#show ip interface brief | include xe5
xe5 *10.10.20.10 up up
 
Packet captured at DHCP Server
 
Bootstrap Protocol (Discover)
Message type: Boot Request (1)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 1
Transaction ID: 0x4e61176c
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 10.10.20.2 (10.10.20.2)
Client MAC address: b8:6a:97:35:d7:9d (b8:6a:97:35:d7:9d)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Discover)
Length: 1
DHCP: Discover (1)
Option: (55) Parameter Request List
Length: 3
Parameter Request List Item: (1) Subnet Mask
Parameter Request List Item: (28) Broadcast Address
Parameter Request List Item: (3) Router
Option: (60) Vendor class identifier
Length: 39
Vendor class identifier: onie_vendor:x86_64-accton_as7326_56x-r0
Option: (82) Agent Information Option
Length: 12
Option 82 Suboption: (1) Agent Circuit ID
Length: 3
Agent Circuit ID: 786535
Option 82 Suboption: (2) Agent Remote ID
Length: 5
Agent Remote ID: 4f634e4f53
Option: (255) End
Option End: 255
Padding
Physical Interface Configuration with non-default VRF
Here, the DHCP Server is running with IP 192.168.1.2 with another pool of subnet 10.10.20.0 configured in the server. Configure a static route to 10.10.20.0 network for DHCP OFFER packets to reach the Relay Agent.
Relay agent
 
#configure terminal
Enter configure mode.
(config)#ip dhcp relay
Enable DHCP Relay.
(config)#ip vrf vrf_dhcp
Configuring non default vrf vrf_dhcp
(config-vrf)#ip dhcp relay information option remote-id hostname
Enable DHCP Relay information option with both agent circuit id which is sub option 1 of option 82 and remote-id which is sub option 2 of option 82 on non default vrf.. String support is also provided for remote-id.
(config-vrf)#ip dhcp relay address 192.168.1.2
Configure DHCP relay address in non default vrf.
(config)#interface xe5
Enter interface mode.
(config-if)#ip vrf forwarding vrf_dhcp
Configure vrf forwarding for vrf_dhcp.
(config-if)#ip address 10.10.20.2/24
Add IP address.
(config-if)#ip dhcp relay
Configure DHCP relay for the interface connecting to client.
(config-if)#exit
Exit from interface mode
(config)#commit
 
 
Commit the candidate configuration to the running configuration
(config)#interface xe4
Enter interface mode
(config-if)#ip vrf forwarding vrf_dhcp
Configure vrf forwarding for vrf_dhcp
(config-if)#ip dhcp relay uplink
Configure DHCP relay uplink for the interface connecting to server.
(config-if)#ip address 192.168.1.4/24
Add IP address.
(config-if)#exit
Exit interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
 
Client
 
#configure terminal
Enter configure mode.
(config)#interface xe5
Enter interface mode.
(config-if)#ip vrf forwarding vrf_dhcp
Configure ip vrf forwarding for non default vrf.
(config-if)#ip address dhcp
Configure IP address DHCP.
(config-if)#exit
Exit from interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
Validation
Relay Agent
#show running-config dhcp
!
ip vrf vrf_dhcp
ip dhcp relay information option remote-id hostname
ip dhcp relay address 192.168.1.2
interface xe5
ip dhcp relay
!
interface xe4
ip dhcp relay uplink
!
 
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: vrf_dhcp
Option 82: Enabled
Remote Id: OcNOS
DHCP Servers configured: 192.168.1.2
Interface Uplink/Downlink
--------- -------------
xe5 Downlink
xe4 Uplink
Client
#show ip interface brief | include xe5
xe5 *10.10.20.10 up up
 
Packet captured at DHCP Server
 
Bootstrap Protocol (Discover)
Message type: Boot Request (1)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 1
Transaction ID: 0x4e61176c
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 10.10.20.2 (10.10.20.2)
Client MAC address: b8:6a:97:35:d7:9d (b8:6a:97:35:d7:9d)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Discover)
Length: 1
DHCP: Discover (1)
Option: (55) Parameter Request List
Length: 3
Parameter Request List Item: (1) Subnet Mask
Parameter Request List Item: (28) Broadcast Address
Parameter Request List Item: (3) Router
Option: (60) Vendor class identifier
Length: 39
Vendor class identifier: onie_vendor:x86_64-accton_as7326_56x-r0
Option: (82) Agent Information Option
Length: 12
Option 82 Suboption: (1) Agent Circuit ID
Length: 3
Agent Circuit ID: 786535
Option 82 Suboption: (2) Agent Remote ID
Length: 5
Agent Remote ID: 4f634e4f53
Option: (255) End
Option End: 255
Padding
 
Sample DHCP configuration for using Remote-id
 
class "remote-id" {
match if option agent.remote-id = OcNOS
} # remote-id
 
subnet 10.10.20.0 netmask 255.255.255.0 {
pool {
allow members of "remote-id";
default-lease-time 600;
max-lease-time 7200;
range 10.10.20.3 10.10.10.100;
option routers 10.10.20.2;
option broadcast-address 10.10.20.255;
option subnet-mask 255.255.255.0;
option domain-name-servers 4.2.2.2;
}
VLAN Interface Configuration
Topology
DHCP 82 vlan topology
Here, the DHCP Server is running with IP 192.168.1.2 with another pool of subnets 10.10.20.0 configured in the server. Configure a static route to 10.10.20.0 network for DHCP OFFER packets to reach the Relay Agent. In the above topology, vlan 20 is part of interface xe5 in relay Agent and xe5 in Client.
Relay Agent
t
#configure terminal
Enter configure mode.
(config)#ip dhcp relay
Enable DHCP Relay
(config)#ip dhcp relay information option remote-id hostname
Enable DHCP Relay information option with both agent circuit id which is sub option 1 of option 82 and remote-id which is sub option 2 of option 82. String support is also provided for remote-id.
(config)#ip dhcp relay address 192.168.1.2
Configure DHCP relay address
(config)#bridge 1 protocol rstp vlan-bridge
Configure bridge
(config)#vlan 2-100 bridge 1 state enable
Enable some VLANs
(config)#interface xe5
Enter interface mode
(config-if)#switchport
Configure switchport
(config-if)#bridge-group 1
Configure bridge-group
(config-if)#switchport mode hybrid
Configure switchport mode
(config-if)#switchport hybrid allowed vlan all
Enable vlan
(config-if)#exit
Exit from interface mode
(config)#commit
 
 
Commit the candidate configuration to the running configuration
(config)#interface vlan1.20
Enter interface mode for the vlan interface towards client.
(config-if)#ip address 10.10.20.2/24
Add IP address
(config-if)#ip dhcp relay
Configure DHCP relay on the vlan interface connecting to client.
(config-if)#exit
Exit from interface mode
(config)#commit
 
 
Commit the candidate configuration to the running configuration
(config)#interface xe4
Enter interface mode
(config-if)#ip dhcp relay uplink
Configure DHCP relay uplink for the interface connecting to server.
(config-if)#ip address 192.168.1.4/24
Add IP address
(config-if)#exit
Exit interface mode.
(config)#commit
 
 
Commit the candidate configuration to the running configuration
Client
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol rstp vlan-bridge
Configure bridge
(config)#vlan 2-100 bridge 1 state enable
Enable VLANs
(config)#interface xe5
Enter interface mode.
(config-if)#switchport
Configure switchport
(config-if)#bridge-group 1
Configure bridge-group
(config-if)#switchport mode hybrid
Configure switchport mode
(config-if)#switchport hybrid allowed vlan add 20 egress-tagged enable
Enable vlan
(config-if)#exit
Exit from interface mode
(config)#commit
 
 
Commit the candidate configuration to the running configuration
(config)#interface vlan1.20
Enter interface mode for the vlan interface which connects relay.
(config-if)#ip address dhcp
Configure IP address DHCP
(config-if)#exit
Exit from interface mode
(config)#commit
 
 
Commit the candidate configuration to the running configuration
Validation
Relay Agent
#show running-config dhcp
!
ip dhcp relay information option remote-id hostname
ip dhcp relay address 192.168.1.2
!
interface vlan1.20
ip dhcp relay
!
interface xe4
ip dhcp relay uplink
!
 
 
#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: default
Option 82: Enabled
Remote Id: ocnos
DHCP Servers configured: 192.168.1.2
Interface Uplink/Downlink
--------- -------------
Vlan1.20 Downlink
xe4 Uplink
 
Client
#show ip interface brief |include vlan1.20
vlan1.20 *10.10.20.10 up up
 
Packet captured at DHCP Server
 
Bootstrap Protocol (Discover)
Message type: Boot Request (1)
Hardware type: Ethernet (0x01)
Hardware address length: 6
Hops: 1
Transaction ID: 0x59591459
Seconds elapsed: 0
Bootp flags: 0x0000 (Unicast)
0... .... .... .... = Broadcast flag: Unicast
.000 0000 0000 0000 = Reserved flags: 0x0000
Client IP address: 0.0.0.0 (0.0.0.0)
Your (client) IP address: 0.0.0.0 (0.0.0.0)
Next server IP address: 0.0.0.0 (0.0.0.0)
Relay agent IP address: 10.10.20.2 (10.10.20.2)
Client MAC address: b8:6a:97:35:d7:9d (b8:6a:97:35:d7:9d)
Client hardware address padding: 00000000000000000000
Server host name not given
Boot file name not given
Magic cookie: DHCP
Option: (53) DHCP Message Type (Discover)
Length: 1
DHCP: Discover (1)
Option: (55) Parameter Request List
Length: 3
Parameter Request List Item: (1) Subnet Mask
Parameter Request List Item: (28) Broadcast Address
Parameter Request List Item: (3) Router
Option: (60) Vendor class identifier
Length: 39
Vendor class identifier: onie_vendor:x86_64-accton_as7326_56x-r0
Option: (82) Agent Information Option
Length: 17
Option 82 Suboption: (1) Agent Circuit ID
Length: 8
Agent Circuit ID: 766c616e312e3230
Option 82 Suboption: (2) Agent Remote ID
Length: 5
Agent Remote ID: 4f634e4f53
 
Option: (255) End
Option End: 255
DHCP-Relay with different VRFs
This chapter explains about DHCP Relay package to make Relay talk to different VRFs when Client and Server are running in different VRFs.
DHCP Relay for IPv4 with different VRFs
Before configuring DHCP Relay, make sure DHCP server and client configurations are done.
 
DHCP Relay Configuration
DHCP Agent
 
#configure terminal
Enter configure mode.
(config)#feature dhcp
Enable the feature dhcp. This is enabled in default.
(config)#ipv4 dhcp relay
By default this will be enabled. It starts the ipv4 dhcp relay service.
(config)# ip vrf vrf1
Configure IP VRF
(config)# ip dhcp relay address 10.10.10.2 global
Configure DHCP relay address
(config)#interface xe1
Enter interface mode.
(config-if)#ip address 10.10.10.1/24
Configure ipv4 address on the interface xe1.
(config-if)#ip dhcp relay uplink
Configure relay uplink on the device connecting the server.
(config-if)#exit
 
Exit interface mode.
(config)#commit
Commit the candidate configuration to the running
(config)#interface xe2
Enter interface mode.
(config)#ip vrf forwarding vrf1
Configure IP VRF forwarding
(config-if)#ip address 20.20.20.1/24
Configure ipv4 address on the interface xe2.
(config-if)#ip dhcp relay
Relay should be configured on the interface connecting to the client.
(config-if)#exit
 
Exit interface mode.
(config)#commit
Commit the candidate configuration to the running
Validation Commands
#show running-config dhcp
interface eth0
ip address dhcp
!
ip vrf vrf1
ip dhcp relay address 10.10.10.2 global
!
interface xe2
ip dhcp relay
!
interface xe1
ip dhcp relay uplink
!
 
#show ip dhcp relay
DHCP relay service is Enabled. VRF Name: vrf1
Option 82: Disabled
DHCP Servers configured:
10.10.10.2 default
Interface Uplink/Downlink
 
xe2 Downlink
VRF Name: default
Interface Uplink/Downlink
 
xe1 Uplink
 
Incoming DHCPv4 packets which already contain relay agent option are FORWARDED
unchanged.
#show ip dhcp relay address
VRF Name: vrf1
DHCP Servers configured:
10.10.10.2 default
Incoming DHCPv4 packets which already contain relay agent option are FORWARDED unchanged.
DHCP Relay for IPv6 Configuration with different VRFs
DHCP Agent
 
#configure terminal
Enter configure mode.
(config)#feature dhcp
Enable the feature dhcp. This is enabled in default.
(config)#ipv6 dhcp relay
By default, this will be enabled. It starts the ipv6 dhcp relay service.
(config)#ip vrf vrf1
Configure vrf1
(config)#ipv6 dhcp relay address 2001::2 global
The relay address configured should be server interface address which is in default vrf , connected to DUT machine.
(config)#interface xe1
Enter interface mode.
(config-if)#ipv6 address 2001::1/64
Configure ipv6 address on the interface xe1.
(config-if)#ipv6 dhcp relay uplink
Configure relay uplink on the device connecting the server.
(config-if)#exit
Exit interface mode.
(config)#commit
Commit the candidate configuration to the running configuration
(config)#interface xe2
Enter interface mode.
(config-if)# ip vrf forwarding vrf1
Attach vrf1 under downlink interface
(config-if)#ipv6 address 2002::1/64
Configure ipv6 address on the interface xe2.
(config-if)#ipv6 dhcp relay
 
 
Relay should be configured on the interface connecting client.
(config-if)#exit
 
Exit interface mode.
(config)#commit
 
Commit the candidate configuration to the running configuration
Validation Commands
#show ipv6 dhcp relay address
VRF Name: vrf1
DHCPv6 Servers configured:
2001::2 default
#show running-config dhcp
interface eth0
ip address dhcp
!
ip vrf vrf1
ipv6 dhcp relay address 2001::1 global
interface xe2
ipv6 dhcp relay
!
interface xe1
ipv6 dhcp relay uplink
!
 
#show ipv6 dhcp relay
IPv6 DHCP relay service is Enabled.
VRF Name: vrf1
DHCPv6 Servers configured:
2001::2 default
DHCPv6 IA_PD Route injection: Disabled
Interface Uplink/Downlink
--------- -------------
Xe2 Downlink
DHCPv6 IA_PD Route injection: Disabled
Interface Uplink/Downlink
--------- -------------
Xe1 Uplink