Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

DHCP Client Attribute and Address Assignment

 

DHCP Attributes Overview

You can configure features that are specific to the DHCP application that are applied to only certain DHCP clients or to all DHCP clients with DHCP attributes. DHCP uses the attributes to determine the scope of the client operation. For example, you can configure attributes that set the maximum lease time or preferred lifetime of the lease, the domain in which to search for DHCP servers, match criteria for which address range to use from within an address pool, and so on. You might specify that a client that matches certain prerequisite information is dynamically assigned an address from a particular named address range. Based on which named range is used, DHCP specifies additional DHCP attributes.

You can configure DHCP attributes in the following ways:

  • On the RADIUS server so that they are conveyed in the corresponding DHCP option when a subscriber is authenticated. Refer to your RADIUS server documentation for more information.

  • For specific DHCPv4 or DHCPv6 clients that receive an address from the local address assignment pool with the dhcp-attributes statement at the [edit access address-assignment pool pool-name] hierarchy level.

  • As a set of attributes that you can apply to DHCP clients outside of specific address pools. Define the attribute set with the protocol-attributes statement at the [edit access] hierarchy level. Then apply the set with a different protocol-attributes statement to any of the following:

    • For all DHCPv4 clients at the [edit system services dhcp-local-server overrides] hierarchy level.

    • For a group of DHCPv4 clients at the [edit system services dhcp-local-server group group-name overrides] hierarchy level.

    • For all DHCPv6 clients at the [edit system services dhcp-local-server dhcpv6 overrides] hierarchy level.

    • For a group of DHCPv6 clients at the [edit system services dhcp-local-server dhcpv6 group group-name overrides] hierarchy level.

The DHCP local server processes attributes provided by different methods in the following hierarchy:

RADIUS > address pool > global > other

  1. When the attribute is configured in RADIUS, the value in the corresponding option received by the DHCP local server is used.

  2. When the attribute is configured for an address pool, that value is used for clients assigned addresses from that pool.

  3. When the attribute is configured globally with the protocol-attributes statement, that value is used for all clients.

  4. When none of the other criteria is met but the attribute is configured at the [edit access] hierarchy level, that value is used for all clients. If the attribute is configured at the [edit access profile] hierarchy level, that value is used for clients using the profile.

Benefits of Configuring DHCP Attributes

You can match desired attributes to specific clients based on matching criteria. You have the flexibility to assign attributes and values when an address is assigned from a pool, globally for clients not using address pools, or with RADIUS attributes at authentication.

Attributes That Can Be Applied to DHCP Clients

This topic provides descriptions of DHCPv4 and DHCPv6 options.

Table 1 describes the DHCPv4 client attributes that you can configure.

Table 1: DHCP Attributes

Attribute

Description

DHCP Option

boot-file

Boot filename advertised to the client, and used by the client to complete configuration.

67

boot-server

Boot server containing the boot file.

66

domain-name

Domain in which clients search for a DHCP server host.

15

grace-period

Grace period offered with the lease.

maximum-lease-time

Maximum lease time allowed by the DHCP server.

51

name-server

IP address of DNS server to which clients can send DNS queries.

6

netbios-node-type

NetBIOS node type.

46

option

User-defined options.

option-match

Option 82 value is mapped to named address range.

router

IP address for routers on the subnetwork.

3

server-identifier

IP address used as the DHCP source address

54

t1-percentage

Percentage of the preferred-lifetime that the client (router) waits before sending renew messages to the DHCPv4 server that granted the original lease to extend the client’s lease.

58

t1-renewal-time

Time that the client (router) waits before sending renew messages to extend the client’s lease. The renew messages are sent to the DHCPv4 server that granted the original lease.

This attribute is an alternative to t1-percentage.

58

t2-percentage

Percentage of the preferred-lifetime that the client (router) waits before sending rebind messages to any available DHCPv4 server to extend the client’s lease.

59

t2-rebinding-time

Time that the client (router) waits before sending rebind messages to extend the client’s lease. The rebind messages are sent to any available DHCPv4 server.

This attribute is an alternative to t2-percentage.

59

tftp-server

Trivial File Transfer Protocol (TFTP) server that the client uses to obtain the client configuration file.

150

wins-server

IP address of the Windows NetBIOS name server.

44

Table 2 describes the DHCPv6 client attributes that you can configure.

Table 2: DHCPv6 Attributes

Attribute

Description

DHCPv6 Option

dns-server

IPv6 address of DNS server to which clients can send DNS queries.

23

grace-period

Grace period offered with the lease.

maximum-lease-time

Maximum lease time allowed by the DHCP server.

option

User-defined options.

preferred-lifetime

Length of time that a valid address is in the preferred state. When the preferred lifetime expires, the address becomes deprecated.

sip-server-address

IPv6 address of SIP outbound proxy server.

22

sip-server-domain-name

Domain name of the SIP outbound proxy server.

21

t1-percentage

Percentage of the preferred-lifetime that the client (router) waits before sending renew messages to the DHCPv6 server that granted the original lease to extend the client’s lease.

t1-renewal-time

Time that the client (router) waits before sending renew messages to extend the client’s lease. The renew messages are sent to the DHCPv6 server that granted the original lease.

This attribute is an alternative to t1-percentage.

t2-percentage

Percentage of the preferred-lifetime that the client (router) waits before sending rebind messages to any available DHCPv6 server to extend the client’s lease.

t2-rebinding-time

Time that the client (router) waits before sending rebind messages to extend the client’s lease. The rebind messages are sent to any available DHCPv6 server.

This attribute is an alternative to t2-percentage.

valid-lifetime

Length of time that the address remains in the valid state. When the lifetime expires, the address becomes invalid.

Configuring DHCP Attributes for All Clients or a Group of Clients

You can configure DHCP client attributes to determine the scope of the client operation. For example, you can configure attributes that set the maximum lease time or preferred lifetime of the lease, the domain in which to search for DHCP servers, the match criteria that determine the address range to use from within an address pool, and so on.

You can configure DHCP attributes to be applied to clients in the following ways:

To assign attributes globally or to a group:

  1. Create a DHCP attribute set that you want to apply to clients with the DHCPv4 or DHCPv6 local server.
  2. Specify the attributes to include in the attribute set.
  3. Apply the attribute set to the desired DHCP clients.
    • To all DHCPv4 clients:

    • To a group of DHCPv4 clients:

    • To all DHCPv6 clients:

    • To a group of DHCPv6 clients:

For example, the following configuration creates an attribute set named attr-v4-1 and applies the set to all DHCPv4 clients.

Configuring DHCP Client-Specific Attributes Applied When Clients Obtain an Address

You use the address-assignment pool feature to include DHCP attributes specific to the client when clients obtain an address. The DHCP client application uses the attributes to determine how addresses are assigned, and to also provide optional characteristics to the client. For example, the DHCP application might specify that a client that matches certain prerequisite information is dynamically assigned an address from a particular named range. Based on which named range is used, DHCP specifies additional DHCP attributes such as the boot file that the client uses, the lease grace period, and the maximum lease time.

You use the dhcp-attributes statement to configure DHCP client-specific attributes for address-assignment pools. Attributes That Can Be Applied to DHCP Clients describes the supported attributes you can configure for IPv4 and IPv6 address-assignment pools (or optionally assign to all clients or clients in a group).

To configure address-assignment pool attributes for DHCP clients:

  1. Specify the name and IP family of the address-assignment pool.
  2. Configure optional DHCP client attributes.

For example, the following configuration specifies values for the boot server, grace period, and maximum lease time for the isp1 pool for DHCPv4:

Note

The DNS name server addresses that are configurable as DHCP attributes can also be configured globally at the routing instance level and in access profiles. For more information, see DNS Name Server Address Overview.

Configuring How the Extended DHCP Local Server Determines Which Address-Assignment Pool to Use

You can specify the match order in which the extended DHCP local server uses the client data to determine the address-assignment pool that provides the IP address and configuration for a DHCP client. If you do not specify any pool match order, the device uses the default IP address configured in IP address first matching option to select the address pool.

Example:

You can specify the order for pool matching methods. You can specify the methods in any order. All methods are optional. IP address first method is default method.

  • IP address first—Default option. The server selects the address-assignment pool to use by matching the IP address in the client DHCP request with the network address of the address-assignment pool.

    • If the client request contains the gateway IP address (giaddr), the local server matches the giaddr to the address-assignment pool’s address.

    • If the client request does not contain the giaddr, then the DHCP local server matches the IP address of the receiving interface to the address of the address-assignment pool.

    Example:

  • External authority—The DHCP local server receives the address assignment from an external authority, such as RADIUS or Diameter.

    • If RADIUS is the external authority, the DHCP local server uses the Framed-IPv6-Pool attribute (RADIUS attribute 100) to select the pool.

    • If Diameter is the external authority, the server uses the Diameter counterpart of the Framed-IPv6-Pool attribute to determine the pool.

    Example:

  • Option 82—For IPv4 address-Extended DHCP local server matches the DHCP relay agent information option (option 82) in the client DHCP packets to a named range in the address-assignment pool. Named ranges are subsets within the overall address-assignment pool address range, which you can configure when you create the address-assignment pool.

    Example:

    To use the DHCP local server option 82 matching feature with an IPv4 address-assignment pool, you must ensure that the option-82 statement is included in the dhcp-attributes statement for the address-assignment pool.

This example shows an extended DHCP local server configuration that includes optional IPv4 address-assignment pool matching and interface groups. For pool matching, this configuration specifies that the DHCP local server first check the response from an external authentication authority (for example, RADIUS) and use the Framed-IPv6-Pool attribute to determine the address-assignment pool to use for the client address. If no external authority match is found, the DHCP local server then uses ip-address-first matching together with the option 82 information to match the named address range for client IPv4 address assignment. The option 82 matching must also be included in the address-assignment pool configuration.

Assign a Specific IP Address to a Client Using DHCP Option 50 and DHCPv6 IA_NA Option

Subscriber management or DHCP management enables you to specify that DHCP local server assign a particular address to a client. For example, if a client is disconnected, you might use this capability to assign the same address that the client was using prior to being disconnected. If the requested address is available, DHCP assigns it to the client. If the address is unavailable, the DHCP local server offers another address, based on the address allocation process.

Both DHCP local server and DHCPv6 local server support the specific address request feature. DHCP local server uses DHCP option 50 in DHCP discover messages to request a particular address, while DHCPv6 local server uses the IA_NA option (Identity Association for Non-Temporary Addresses) in DHCPv6 solicit messages.

Note

Subscriber management (DHCP management) supports only one address for each of the DHCPv6 IA_NA or IA_PD address types. If the DHCPv6 client requests more than one address for a given type, the DHCPv6 local server uses only the first address and ignores the other addresses.

Specifying the Subnet for DHCP Client Address Assignment

Subscriber management enables you to explicitly specify the subnet to which the DHCP local server matches the requested IP address. The server accepts and uses an active client’s requested IP address for address assignment only when the requested address and the IP address of the DHCP server interface are in the same subnet. The server accepts and uses a passive client’s requested IP address only when the requested address and the IP address of the relay interface are in the same subnet. The DHCPv6 local server supports the same process for DHCPv6 clients and addresses.

To specify the subnet used for client address assignment:

  • For DHCP local server:

  • For DHCPv6 local server:

DHCP Local Server Handling of Client Information Request Messages

DHCP clients that already have externally provided addresses may solicit further configuration information from a DHCP server by sending a DHCP inform or DHCPv6 information-request message that indicates what information is desired. These message types can be collectively referred to as information request messages. By default, DHCP local server and DHCPv6 local server ignore any DHCP information requests that they receive. You can override this default behavior to enable processing of these messages.

If you enable processing of information requests, DHCP local server responds to the client with a DHCP acknowledgment message that includes the requested information—if it is available. DHCPv6 local server responds in the same manner but uses a DHCP reply message. No subscriber management or DHCP-management is applied as a result of the DHCP information request message.

By default, DHCP relay and DHCP relay proxy automatically forward DHCP information request messages without modification if the messages are received on an interface configured for a DHCP server group. DHCP relay and relay proxy drop information request messages received on any other interfaces. You cannot disable this default DHCP relay and relay proxy behavior.

The information requested by these clients is typically configured with the dhcp-attributes statement for an address pool defined by the address-assignment pool pool-name statement at the [edit access] hierarchy level.

When you enable processing of DHCP information requests, you can optionally specify the name of the pool from which the local server retrieves the requested configuration information for the client. If you do not do specify a local pool, then the local server requests that AAA selects and returns only the name of the relevant pool.

Note

PPP interfaces are not supported on EX Series switches.

When DHCPv6 is configured over PPP interfaces, the PPP RADIUS authentication data can be used to select the pool from which the response information is taken. Additionally other RADIUS attributes can also be inserted into the DHCPv6 reply message. If an overlap exists between RADIUS attributes and local pool attributes, the RADIUS values are used instead of the local configuration data. If no RADIUS information is received from the underlying PPP interface, then the behavior is the same as described previously for non-PPP interfaces.

Enabling Processing of Client Information Requests

By default, DHCP local server and DHCPv6 local server do not respond to information request (DHCP inform and DHCPv6 information-request) messages from the client. You can enable DHCP local server and DHCPv6 local server to process these messages and respond to them with an acknowledgment (ack or reply message, respectively) and the requested information.

DHCP relay agent automatically forwards the information request messages without modification to the configured server group by means of the interfaces configured for the respective server group. The messages are dropped if they are received on an unconfigured interface. DHCP relay proxy also supports forwarding these messages. You cannot disable forwarding of the information request messages.

Configure one or more local address pools if you want to use a local pool rather than one provided by AAA. See DHCPv6 Address-Assignment Pools. For processing information request messages, the address configuration is not necessary. For DHCP local server, you must specify the IPv4 family; for DHCPv6 local server, you must specify the IPv6 family.

See Configuring DHCP Client-Specific Attributes Applied When Clients Obtain an Address for details about how to configure the information sought by clients that send information request messages.

To enable processing of DHCP client information request messages:

  1. Specify that you want to configure override options.
    • For DHCP local server:

    • For DHCPv6 local server:

  2. (Optional) Specify a pool name from which DHCP information is returned to the client.
    • For DHCP local server:

    • For DHCPv6 local server:



DNS Address Assignment Precedence

Subscriber management supports four methods for assigning addresses to DHCP clients. When multiple methods are configured, the router uses the following precedence order to determine which address to assign to the client.

  1. Address defined on the RADIUS server by Internet Assigned Numbers Authority (IANA) vendor ID 4874 attributes 26-4 (Primary-DNS) and 26-5 (Secondary-DNS).

  2. Address defined on the RADIUS server by IANA vendor ID 2636 attributes 26-31 (Primary-DNS) and 26-33 (Secondary-DNS).

  3. Address defined on the RADIUS server by IANA vendor ID 311 attributes 26-28 (MS-Primary-DNS-Server) and 26-29 (MS-Secondary-DNS-Server).

  4. Address defined in the local address pool on the router.

Example: Extended DHCP Local Server Configuration with Optional Pool Matching

This example shows an extended DHCP local server configuration that includes optional IPv4 address-assignment pool matching and interface groups. For pool matching, this configuration specifies that the DHCP local server first check the response from an external authentication authority (for example, RADIUS) and use the Framed-IPv6-Pool attribute to determine the address-assignment pool to use for the client address. If no external authority match is found, the DHCP local server then uses ip-address-first matching together with the option 82 information to match the named address range for client IPv4 address assignment. The option 82 matching must also be included in the address-assignment pool configuration.

Note

The interface type in this topic is just an example. The fe- interface type is not supported by EX Series switches.