DHCP relay¶
Overview¶
The DHCP relay listens for DHCP queries and responses. When a query is received from a client, it is forwarded to the specified DHCP server(s). When a reply is received from a server, it is forwarded to the client that made the initial request.
The DHCP relay needs at least the IP address of a reachable DHCP server and an interface on which listen for DHCP queries.
In the following example, a DHCP relay is configured with a maximum hop count
of 5 (hop-count
), which limits the number of network devices a DHCP message
can pass through before being discarded. The maximum allowed size for DHCP
packets is set to 576 bytes (maximum-size
). These options apply to all
interfaces but can be overridden by interface configurations (interface
).
Then, the relay is configured to listen on 2 interfaces:
For eth1, the relay forwards DHCP queries to the DHCP servers at 1.0.0.1 and 2.0.0.1 (
dhcp-server
). Additionally, this interface has its owndrop-unmatched
policy, which is configured to drop any DHCP packets from DHCP servers in response to a different relay agent.For eth2, the relay forwards DHCP requests to servers at IP addresses 1.0.0.1 and 3.0.0.1. This interface has also its own specific settings:
handle-option
andmaximum-size
. Thehandle-option
setting ensures that any existing relay agent options in the DHCP packets are replaced with the relay’s own options. Themaximum-size
setting limits DHCP packets on this interface to 800 bytes, which overrides the global maximum size configured at the root level.
vsr> edit running
vsr running config# vrf main
vsr running vrf main# dhcp
vsr running dhcp# relay
vsr running relay# hop-count 5
vsr running relay# maximum-size 576
vsr running relay# interface eth1
vsr running interface eth1# dhcp-server 1.0.0.1
vsr running interface eth1# dhcp-server 2.0.0.1
vsr running interface eth1# drop-unmatched true
vsr running interface eth1# ..
vsr running relay# interface eth2
vsr running interface eth2# dhcp-server 1.0.0.1
vsr running interface eth2# dhcp-server 3.0.0.1
vsr running interface eth2# handle-option replace
vsr running interface eth2# maximum-size 800
vsr running interface eth2# ..
vsr running relay# commit
The same configuration can be made using this NETCONF XML configuration:
vsr> show config xml absolute vrf main dhcp relay
<config xmlns="urn:6wind:vrouter">
<vrf>
<name>main</name>
<dhcp xmlns="urn:6wind:vrouter/dhcp">
<relay>
<enabled>true</enabled>
<handle-option>append</handle-option>
<drop-unmatched>false</drop-unmatched>
<hop-count>5</hop-count>
<max-size>576</max-size>
<interface>
<name>eth1</name>
<enabled>true</enabled>
<dhcp-server>1.0.0.1</dhcp-server>
<dhcp-server>2.0.0.1</dhcp-server>
<drop-unmatched>true</drop-unmatched>
</interface>
<interface>
<name>eth2</name>
<enabled>true</enabled>
<dhcp-server>1.0.0.1</dhcp-server>
<dhcp-server>3.0.0.1</dhcp-server>
<handle-option>replace</handle-option>
<maximum-size>800<maximum-size>
</interface>
</relay>
</dhcp>
</vrf>
</config>
See also
The DHCP relay command reference for details.
The state of DHCP relay includes the statistics for received and forwarded packet counters and valid DHCP leases for each interface:
dut-vm running config# show state vrf main dhcp relay
relay
enabled true
handle-option append
drop-unmatched false
hop-count 5
max-size 576
interface eth1
enabled true
dhcp-server 1.0.0.1
dhcp-server 2.0.0.1
handle-option append
drop-unmatched true
hop-count 5
max-size 576
counters
discover 1
offer 1
request 1
decline 0
ack 1
nack 0
release 0
inform 0
boot-request 0
boot-reply 0
..
dhcp-server-leases 10.100.0.3
starts 2024-08-30T15:39:03-01:00
ends 2024-08-30T16:39:03-01:00
hw-mac-address de:ed:01:15:df:0c
..
..
interface eth2
enabled true
dhcp-server 1.0.0.1
dhcp-server 3.0.0.1
handle-option replace
drop-unmatched false
hop-count 5
max-size 800
counters
discover 0
offer 0
request 0
decline 0
ack 0
nack 0
release 0
inform 0
boot-request 0
boot-reply 0
..
..
..
It is also possible to retrieve the statistics and valid leases of eth1 using
the command show dhcp-relay
:
vsr> show dhcp-relay interface eth1
statistics for interface ntfp1 :
discover offer request decline ack nack release inform boot-request boot-reply
======== ===== ======= ======= === ==== ======= ====== ============ ==========
1 1 1 0 1 0 0 0 0 0
vsr> show dhcp-relay leases interface eth1
leases for interface ntfp1 :
address: 10.100.0.3
starts: 2024-08-30T15:39:03-01:00
ends: 2024-08-30T16:39:03-01:00
mac-addr: de:ed:01:15:df:0c
See also
The show dhcp-relay command reference for details.
Agent information¶
Agent information in DHCP relay, also known as DHCP Option 82, is a feature used to enhance DHCP functionality by adding additional information to DHCP packets as they are relayed between clients and the DHCP server.
To enable agent information:
vsr> edit running
vsr running config# vrf main dhcp relay interface eth1
vsr running interface eth1# dhcp-server 1.0.0.1
vsr running interface eth1# agent-information
vsr running agent-information# commit
By default, only the circuit-id (DHCP Option 82.1) containing the interface
name is inserted. It can be customized to add new options to be appended on
DHCP packets. This example sets a custom value to circuit-id
and remote-id
.
vsr running agent-information# circuit-id 6wind-eth1
vsr running agent-information# remote-id global 6wind-eth1
Note
The remote-id
DHCP Option 82.2 is a value that can be appended when
relaying DHCP packets to the DHCP servers. This value applies globally to
all remote devices behind the interface, which means it does not comply with
“RFC 3046”. However, it does ensure compatibility with certain DHCP
implementations.