DHCP Relay Over IRB Interface
This chapter contains configurations for DHCP relay over IRB interface.
Overview
Dynamic Host Configuration Protocol (DHCP) is a protocol that allows a DHCP server to dynamically allocate IP addresses to DHCP clients. The DHCP relay agent forwards DHCP messages between DHCP clients and DHCP servers when they are on different networks.
For DHCP relay to function, uplink interface (server facing) and downlink interface (client facing) are to be configured along with DHCP server address. These configurations are done in the interface mode.
In the IRB deployment, IRB interface acts as gateway and hence it might need to provide the service of DHCP for the hosts connected to IRB network per L2 VPN. Since the DHCP server will not be present in the VTEP, it can forward the DHCP requests to the DHCP server acting as relay agent.
Topology
The procedures in this section use the following topology:
DHCP Relay over IRB
ROUTER-1
#configure terminal | Enter Configure mode. |
(config)#interface lo | Enter Interface mode for loopback. |
(config-if)#ip address 1.1.1.1/32 secondary | Assign secondary IP address. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VxLAN. |
(config)#nvo vxlan enable | Enable VxLAN |
(config)#nvo vxlan irb | Enable VxLAN IRB |
(config)#ip vrf vrf1 | Create routing/forwarding instance with VRF1 name and enter into VRF mode |
(config-vrf)#rd 200:1 | Assign RD value |
(config-vrf)#route-target both 200:1 | Assign route target value |
(config-vrf)#ip dhcp relay address 40.40.40.1 | The relay address configured should be server interface address connected to DUT machine |
(config-vrf)#ip dhcp relay uplink evpn | Configure the uplink interface as L3 VNI interface for specific VRF |
(config-vrf)#l3vni 45001 | Configure L3VNI as 45001 for VRF1 |
(config-vrf)#exit | Exit IP VRF mode |
(config)#mac vrf vrfred | Create MAC VRF instance with vrfred name and enter into VRF mode |
(config-vrf)#rd 1.1.1.1:1 | Assign RD value |
(config-vrf)#route-target both 1.1.1.1:1 | Assign route target value |
(config-vrf)#exit | Exit MAC VRF mode |
(config)#interface irb 1 | Configure IRB interface |
(config-irb-if)#ip vrf forwarding vrf1 | Configure IP VRF forwarding |
(config-irb-if)#ip address 11.1.1.1/24 | Assign IP address on IRB interface. |
(config-irb-if)#ip dhcp relay | Relay should be configured on the interface connecting to the relay |
(config-irb-if)#exit | Exit IRB interface mode |
(config)#interface irb 2 | Configure irb interface |
(config-irb-if)#ip vrf forwarding vrf1 | Configure IP VRF forwarding |
(config-irb-if)#ip address 70.70.70.1/24 | Assign IP address on IRB interface. |
(config-irb-if)#exit | Exit IRB interface mode |
(config)#interface ce49 | Enter Interface mode for ce49. |
(config-if)#ip address 10.1.1.0/31 | Assign IP address on ce49 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe5 | Enter Interface mode for xe5. |
(config-if)#switchport | Configure interface as L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#router ospf | Enter the Router OSPF mode |
(config-router)#network 1.1.1.1/32 area 0.0.0.0 | Advertise loopback address in OSPF |
(config-router)#network 10.1.1.0/31 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#exit | Exit from Router OSPF mode and enter into config mode |
(config)#router bgp 1 | Enter into BGP router mode |
(config-router)#neighbor 2.2.2.2 remote-as 1 | Specify a VTEP2 loopback IP address and remote-as defined |
(config-router)#neighbor 2.2.2.2 update-source 1.1.1.1 | Configure update as loopback for VTEP2 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 2.2.2.2 activate | Activate neighbor in L2VPN mode |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#address-family ipv4 vrf vrf1 | Enter into address-family mode for VRF1 |
(config-router-af)#redistribute connected | Configure Redistribute connected |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#exit | Exit from router BGP mode and enter into config mode |
(config)#nvo vxlan vtep-ip-global 1.1.1.1 | Configure Source VTEP-IP-global configuration. Use loopback IP address |
(config)#nvo vxlan id 10 ingress-replication inner-vid-disabled | Configure VxLAN Network identifier with/without inner-vid-disabled configure and enter into VxLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#evpn irb1 | Configure IRB1 under VxLAN ID 10 |
(config-nvo)#exit | Exit from VxLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 30 ingress-replication inner-vid-disabled | Configure VxLAN Network identifier with/without inner-vid-disabled configure and enter into VxLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#evpn irb2 | Configure IRB2 under VxLAN ID 30 |
(config-nvo)#exit | Exit from VxLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan access-if port-vlan xe5 2 | Enable port-VLAN mapping i.e. access port to outer-VLAN (SVLAN) - Multihomed access port |
(config-nvo-acc-if)#map vnid 10 | Map VxLAN Identified to access-port for VxLAN |
(config-nvo-acc-if)#exit | Exit from VxLAN access-interface mode and enter into configuration mode |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit from configuration mode |
ROUTER-2
#configure terminal | Enter Configure mode. |
(config)#interface ce0 | Enter Interface mode for ce0. |
(config-if)#ip address 10.1.1.1/31 | Assign IP address on ce0 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe13 | Enter Interface mode for xe13. |
(config-if)#ip address 30.1.1.1/31 | Assign IP address on xe13 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#router ospf | Enter the Router OSPF mode |
(config-router)#network 10.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#network 30.30.30.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#exit | Exit from Router OSPF mode and enter into config mode |
(config)#commit | commit the candidate configuration to the running configuration |
(config)#exit | Exit from configuration mode |
ROUTER-3
#configure terminal | Enter Configure mode. |
(config)#interface lo | Enter Interface mode for loopback. |
(config-if)#ip address 2.2.2.2/32 secondary | Assign secondary IP address. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#hardware-profile filter vxlan enable | Enable hardware-profile filter for VxLAN. |
(config)#nvo vxlan enable | Enable VxLAN |
(config)#nvo vxlan irb | Enable VxLAN IRB |
(config)#ip vrf vrf1 | Create routing/forwarding instance with VRF1 name and enter into VRF mode |
(config-vrf)#rd 300:1 | Assign RD value |
(config-vrf)#route-target both 200:1 | Assign route target value |
(config-vrf)#ip dhcp relay uplink evpn | Configure the uplink interface as L3 VNI interface for specific VRF |
(config-vrf)#l3vni 45001 | Configure L3VNI as 45001 for VRF1 |
(config-vrf)#exit | Exit IP VRF mode |
(config)#mac vrf vrfred | Create MAC VRF instance with vrfred name and enter into VRF mode |
(config-vrf)#rd 2.2.2.1:1 | Assign RD value |
(config-vrf)#route-target both 1.1.1.1:1 | Assign route target value |
(config-vrf)#exit | Exit MAC VRF mode |
(config)#interface irb 2 | Configure IRB interface |
(config-irb-if)#ip vrf forwarding vrf1 | Configure IP VRF forwarding |
(config-irb-if)#ip address 40.40.40.2/24 | Assign IP address on IRB interface. |
(config-irb-if)#exit | Exit IRB interface mode |
(config)#interface xe13 | Enter Interface mode for xe13. |
(config-if)#ip address 30.1.1.0/31 | Assign IP address on xe13 interface. |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#interface xe19 | Enter Interface mode for xe19. |
(config-if)#switchport | Configure interface as L2 interface |
(config-if)#exit | Exit Interface mode and return to Configure mode. |
(config)#router ospf | Enter the Router OSPF mode |
(config-router)#network 2.2.2.2/32 area 0.0.0.0 | Advertise loopback address in OSPF |
(config-router)#network 30.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#network 40.1.1.0/24 area 0.0.0.0 | Advertise network address in OSPF |
(config-router)#exit | Exit from Router OSPF mode and enter into config mode |
(config)#router bgp 1 | Enter into BGP router mode |
(config-router)#neighbor 1.1.1.1 remote-as 1 | Specify a VTEP1 loopback IP address and remote-as defined |
(config-router)#neighbor 1.1.1.1 update-source 2.2.2.2 | Configure update as loopback for VTEP1 |
(config-router)#address-family l2vpn evpn | Enter into L2VPN EVPN address family mode |
(config-router-af)#neighbor 1.1.1.1 activate | Activate neighbor in L2VPN mode |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#address-family ipv4 vrf vrf1 | Enter into address-family mode for VRF1 |
(config-router-af)#redistribute connected | Configure Redistribute connected |
(config-router-af)#exit-address-family | Exit from Address family mode |
(config-router)#exit | Exit from router BGP mode and enter into config mode |
(config)#nvo vxlan vtep-ip-global 2.2.2.2 | Configure Source VTEP-IP-global configuration. Use loopback IP address |
(config)#nvo vxlan id 10 ingress-replication inner-vid-disabled | Configure VxLAN Network identifier with/without inner-vid-disabled configure and enter into VxLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#exit | Exit from VxLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan id 20 ingress-replication inner-vid-disabled | Configure VxLAN Network identifier with/without inner-vid-disabled configure and enter into VxLAN tenant mode |
(config-nvo)#vxlan host-reachability-protocol evpn-bgp vrfred | Assign VRF for EVPN-BGP to carry EVPN route |
(config-nvo)#evpn irb2 | Configure IRB2 under VxLAN ID 20 |
(config-nvo)#exit | Exit from VxLAN tenant mode and enter into configuration mode. |
(config)#nvo vxlan access-if port xe19 | Enable port mapping i.e. access port |
(config-nvo-acc-if)#map vnid 20 | Map VxLAN Identified to access-port for VxLAN |
(config-nvo-acc-if)#exit | Exit from VxLAN access-interface mode and enter into configuration mode |
(config)#commit | Commit the candidate configuration to the running configuration |
(config)#exit | Exit from configuration mode |
Validation
ROUTER-1
VTEP1#show running-config nvo vxlan
!
nvo vxlan enable
!
nvo vxlan irb
!
nvo vxlan vtep-ip-global 1.1.1.1
!
nvo vxlan id 10 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
evpn irb1
!
nvo vxlan id 30 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
evpn irb2
!
nvo vxlan access-if port xe2
map vnid 10
!
nvo vxlan access-if port-vlan xe5 2
map vnid 10
!
VTEP1#show ip dhcp relay
DHCP relay service is Enabled.
VRF Name: vrf1
Option 82: Disabled
DHCP Servers configured: 40.40.40.1
Interface Uplink/Downlink
--------- -------------
irb1 Downlink
evpn uplink
Incoming DHCPv4 packets which already contain relay agent option are FORWARDED unchanged.
VTEP1#show nvo vxlan mac-table
==========================================================================================================================================
VxLAN MAC Entries
==========================================================================================================================================
VNID Interface VlanId Vlan-RangeId Inner-VlanId Mac-Addr VTEP-Ip/ESI Type Status AccessPortDesc
__________________________________________________________________________________________________________________________________________
10 xe5 2 ---- ---- 0000.2837.ddf5 1.1.1.1 Dynamic Local ------- -------
10 irb1 b86a.97f9.85be 1.1.1.1 Static Local ------- -------
30 irb2 b86a.97f9.85be 1.1.1.1 Static Local ------- -------
Total number of entries are : 3
VTEP1#show nvo vxlan arp-cache
VxLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
30 70.70.70.1 b86a.97f9.85be Static Local ----
10 11.1.1.1 b86a.97f9.85be Static Local ----
10 11.1.1.30 0000.2837.ddf5 Dynamic Local ----
Total number of entries are 3
VTEP1#show nvo vxlan tunnel
VxLAN Network tunnel Entries
Source Destination Status Up/Down Update
============================================================================
1.1.1.1 2.2.2.2 Installed 01:51:11 01:51:11
Total number of entries are 1
ROUTER-2
VTEP2#show running-config nvo vxlan
!
nvo vxlan enable
!
nvo vxlan irb
!
nvo vxlan vtep-ip-global 2.2.2.2
!
nvo vxlan id 10 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
!
nvo vxlan id 20 ingress-replication inner-vid-disabled
vxlan host-reachability-protocol evpn-bgp vrfred
evpn irb2
!
nvo vxlan access-if port xe19
map vnid 20
!
!
VTEP2#show nvo vxlan arp-cache
VxLAN ARP-CACHE Information
===========================
VNID Ip-Addr Mac-Addr Type Age-Out Retries-Left
____________________________________________________________________________
20 40.40.40.2 b86a.9761.ea3d Static Local ----
20 40.40.40.1 0002.a54f.1577 Dynamic Local ----
20 40.40.40.101 0000.2837.ddf3 Dynamic Local ----
10 11.1.1.1 b86a.97f9.85be Static Remote ----
10 11.1.1.30 0000.2837.ddf6 Dynamic Remote ----
Total number of entries are 5
VTEP2#show running-config dhcp
interface eth0
ip address dhcp
!
!
ip vrf vrf1
ip dhcp relay uplink evpn