Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Extended DHCP Local Server

 

An extended DHCP local server enhances traditional DHCP server operation by providing additional address assignment and client configuration functionality. For more information, read this topic.

Extended DHCP Local Server Overview

Junos OS includes an extended DHCP local server that enhances traditional DHCP server operation by providing additional address assignment and client configuration functionality and flexibility in a subscriber-aware environment. The extended DHCP local server enables service providers to take advantage of external address-assignment pools and integrated RADIUS-based configuration capabilities in addition to the continued support of traditional local address pools. The address-assignment pools are considered external because they are external to the DHCP local server. The pools are managed independently of the DHCP local server, and can be shared by different client applications, such as DHCP or PPPoE access. Table 1 provides a comparison of the extended DHCP local server and a traditional DHCP local server.

The extended DHCP local server provides an IP address and other configuration information in response to a client request. The server supports the attachment of dynamic profiles and also interacts with the local AAA Service Framework to use back-end authentication servers, such as RADIUS, to provide DHCP client authentication. You can configure the dynamic profile and authentication support on a global basis or for a specific group of interfaces.

Table 1: Comparing the Extended DHCP Local Server to the Traditional DHCP Local Server

Feature

Extended DHCP Local Server

Traditional DHCP Local Server

Local address pools

X

X

External, centrally-managed address pools

X

Local configuration

X

X

External configuration using information from address-assignment pools or RADIUS servers

X

Dynamic-profile attachment

X

RADIUS-based subscriber authentication, and configuration using RADIUS attributes and Juniper Networks VSAs

X

IPv6 client support

X

Default minimum client configuration

X

X

You can also configure the extended DHCP local server to support IPv6 clients. Both DHCP local server and DHCPv6 local server support the specific address request feature, which enables you to assign a particular address to a client.

Note

If you delete the DHCP server configuration, DHCP server bindings might still remain. To ensure that DHCP bindings are removed, issue the clear dhcp server binding command before you delete the DHCP server configuration.

This overview covers:

Interaction Among the DHCP Client, Extended DHCP Local Server, and Address-Assignment Pools

The pattern of interaction between the DHCP local server, the DHCP client, and address-assignment pools is the same regardless of whether you are using a router or a switch. However, there are some differences in the details of usage.

  • On routers—In a typical carrier edge network configuration, the DHCP client is on the subscriber’s computer or customer premises equipment (CPE), and the DHCP local server is configured on the router.

  • On switches—In a typical network configuration, the DHCP client is on an access device, such as a personal computer, and the DHCP local server is configured on the switch.

The following steps provide a high-level description of the interaction among the DHCP local server, DHCP client, and address-assignment pools:

  1. The DHCP client sends a discover packet to one or more DHCP local servers in the network to obtain configuration parameters and an IP address for the subscriber (or DHCP client).
  2. Each DHCP local server that receives the discover packet then searches its address-assignment pool for the client address and configuration options. Each local server creates an entry in its internal client table to keep track of the client state, then sends a DHCP offer packet to the client.
  3. On receipt of the offer packet, the DHCP client selects the DHCP local server from which to obtain configuration information and sends a request packet indicating the DHCP local server selected to grant the address and configuration information.
  4. The selected DHCP local server sends an acknowledgement packet to the client that contains the client address lease and configuration parameters. The server also installs the host route and ARP entry, and then monitors the lease state.

Providing DHCP Client Configuration Information

When the extended DHCP application receives a response from an external authentication server, the response might include information in addition to the IP address and subnet mask. The extended DHCP application uses the information from the authentication grant for the response the DHCP application sends to the DHCP client. The DHCP application can either send the information in its original form or the application might merge the information with local configuration specifications. For example, if the authentication grant includes an address pool name and a local configuration specifies DHCP attributes for that pool (such as, DNS server address), the extended DHCP application merges the authentication results and the attributes in the reply that the server sends to the client.

A local configuration is optional — a client can be fully configured by the external authentication service. However, if the external authentication service does not provide client configuration, you might need to configure the local address-assignment pool to provide the configuration information, such as DNS server, for the client. When a local configuration specifies options, the extended DHCP application adds the local configuration options to the offer PDU the server sends to the client. If the two sets of options overlap, the options in the authentication response from the external service take precedence.

When you use RADIUS to provide the authentication, the additional information might be in the form of RADIUS attributes and Juniper Networks VSAs. Table 2 lists the information that RADIUS might include in the authentication grant. See RADIUS Attributes and Juniper Networks VSAs Supported by the AAA Service Framework for a complete list of RADIUS attributes and Juniper Networks VSAs that the extended DHCP applications supports for subscriber access management or DHCP management.

Table 2: Information in Authentication Grant

Attribute Number

Attribute Name

Description

RADIUS attribute 8

Framed-IP-Address

Client IP address

RADIUS attribute 9

Framed-IP-Netmask

Subnet mask for client IP address (DHCP option 1)

Juniper Networks VSA 26-4

Primary-DNS

Primary domain server (DHCP option 6)

Juniper Networks VSA 26-5

Secondary-DNS

Secondary domain server (DHCP option 6)

Juniper Networks VSA 26-6

Primary-WINS

Primary WINS server (DHCP option 44)

Juniper Networks VSA 26-7

Secondary-WINS

Secondary WINS server (DHCP option 44)

RADIUS attribute 27

Session-Timeout

Lease time

RADIUS attribute 88

Framed-Pool

Address assignment pool name

Juniper Networks VSA 26-109

DHCP-Guided-Relay-Server

DHCP relay server

Minimal Configuration for Clients

The extended DHCP local server provides a minimal configuration to the DHCP client if the client does not have DHCP option 55 configured. The server provides the subnet mask of the address-assignment pool that is selected for the client. In addition to the subnet mask, the server provides the following values to the client if the information is configured in the selected address-assignment pool:

  • router—A router located on the client’s subnet. This statement is the equivalent of DHCP option 3.

  • domain name—The name of the domain in which the client searches for a DHCP server host. This is the default domain name that is appended to hostnames that are not fully qualified. This is equivalent to DHCP option 15.

  • domain name server—A Domain Name System (DNS) name server that is available to the client to resolve hostname-to-client mappings. This is equivalent to DHCP option 6.

DHCP Local Server and Address-Assignment Pools

In the traditional DHCP server operation, the client address pool and client configuration information reside on the DHCP server. With the extended DHCP local server, the client address and configuration information reside in external address-assignment pools (external to the DHCP local server). The external address-assignment pools are managed by the authd process, independently of the DHCP local server, and can be shared by different client applications.

The extended DHCP local server also supports advanced pool matching and the use of named address ranges. You can also configure the local server to use DHCP option 82 information in the client PDU to determine which named address range to use for a particular client. The client configuration information, which is configured in the address-assignment pool, includes user-defined options, such as boot server, grace period, and lease time.

Configuring the DHCP environment that includes the extended DHCP local server requires two independent configuration operations, which you can complete in any order. In one operation, you configure the extended DHCP local server on the router and specify how the DHCP local server determines which address-assignment pool to use. In the other operation, you configure the address-assignment pools used by the DHCP local server. The address-assignment pools contain the IP addresses, named address ranges, and configuration information for DHCP clients.

Note

The extended DHCP local server and the address-assignment pools used by the server must be configured in the same logical system and routing instance.

Configuring the Router as an Extended DHCP Local Server

You can enable the router to function as an extended DHCP local server and configure the extended DHCP local server options on the router. The extended DHCP local server provides an IP address and other configuration information in response to a client request.

The extended DHCP local server enhances traditional DHCP server operation in which the client address pool and client configuration information reside on the DHCP server. With the extended DHCP local server, the client address and configuration information reside in centralized address-assignment pools, which are managed independently of the DHCP local server and which can be shared by different client applications.

The extended DHCP local server also supports advanced pool matching and the use of named address ranges. You can also configure the local server to use DHCP  option 82 information in the client PDU to determine which named address range to use for a particular client. The client configuration information, which is configured in the address-assignment pool, includes user-defined options, such as boot server, grace period, and lease time.

Configuring the DHCP environment that includes the extended DHCP local server requires two independent configuration operations, which you can complete in any order. In one operation, you configure the extended DHCP local server on the router and specify how the DHCP local server determines which address-assignment pool to use. In the other operation, you configure the address-assignment pools used by the DHCP local server. The address-assignment pools contain the IP addresses, named address ranges, and configuration information for DHCP clients. See Address-Assignment Pool Configuration Overview for details about creating and using address-assignment pools.

Note

The extended DHCP local server and the address-assignment pools used by the server must be configured in the same logical system and routing instance.

You cannot configure the extended DHCP local server and extended DHCP relay on the same interface.

To configure the extended DHCP local server on the router, include the dhcp-local-server statement at the [edit system services] hierarchy level:

You can also include these statements at the following hierarchy levels:

  • [edit logical-systems logical-system-name system services]

  • [edit logical-systems logical-system-name routing-instances routing-instance-name system services]

  • [edit routing-instances routing-instance-name system services]

In addition, you can configure tracing for DHCP local server operations by including the traceoptions statement at the [edit system processes dhcp-service] hierarchy level:

Interaction Among the DHCP Client, Extended DHCP Local Server, and Address-Assignment Pools

In a typical carrier edge network configuration, the DHCP client is on the subscriber’s computer, and the DHCP local server is configured on the router. The following steps provide a high-level description of the interaction among the DHCP local server, DHCP client, and address-assignment pools:

  1. The DHCP client sends a discover packet to one or more DHCP local servers in the network to obtain configuration parameters and an IP address for the subscriber.
  2. Each DHCP local server that receives the discover packet then searches its address-assignment pool for the client address and configuration options. Each local server creates an entry in its internal client table to keep track of the client state, then sends a DHCP offer packet to the client.
  3. On receipt of the offer packet, the DHCP client selects the DHCP local server from which to obtain configuration information and sends a request packet indicating the DHCP local server that will grant the address and configuration information.
  4. The selected DHCP local server sends an acknowledgement packet to the client that contains the client address lease and configuration parameters. The server also installs the host route and ARP entry, and then monitors the lease state.

Extended DHCP Local Server and Address-Assignment Pools

The extended DHCP local server enhances traditional DHCP server operation in which the client address pool and client configuration information reside on the DHCP server. With the extended DHCP local server, the client address and configuration information reside in centralized address-assignment pools, which are managed independently of the DHCP local server and which can be shared by different client applications.

The extended DHCP local server also supports advanced pool matching and the use of named address ranges. You can also configure the local server to use DHCP option 82 information in the client PDU to determine which named address range to use for a particular client. The client configuration information, which is configured in the address-assignment pool, includes user-defined options, such as boot server, grace period, and lease time.

Configuring the DHCP environment that includes the extended DHCP local server requires two independent configuration operations, which you can complete in any order. In one operation, you configure the extended DHCP local server on the router and specify how the DHCP local server determines which address-assignment pool to use. In the other operation, you configure the address-assignment pools used by the DHCP local server. The address-assignment pools contain the IP addresses, named address ranges, and configuration information for DHCP clients. See Address-Assignment Pool Configuration Overview for details about creating and using address-assignment pools.

Note

The extended DHCP local server and the address-assignment pools used by the server must be configured in the same logical system and routing instance.

Methods Used by the Extended DHCP Local Server to Determine Which Address-Assignment Pool to Use

You can specify the method that the extended DHCP local server uses to determine which address-assignment pool provides the IP address and configuration for a DHCP client. By default, the server matches the IP address in the client DHCP request to the address of the address-assignment pool.

The following sections describe the methods used by the DHCP local server to determine which address-assignment pool to use:

Matching the Client IP Address to the Address-Assignment Pool

In the default configuration, the server selects the address-assignment pool to use by matching the IP address in the client DHCP request with the network address of the address-assignment pool. If the client request contains the gateway IP address (giaddr), the local server matches the giaddr to the address-assignment pool’s address. If there is no giaddr in the request, the DHCP local server matches the IP address of the receiving interface to the address of the address-assignment pool.

Matching Option 82 Information to Named Address Ranges

You can also configure the extended DHCP local server to match the DHCP relay agent information option (option 82) in the client DHCP packets to a named range in the address-assignment pool used for the client. Named ranges are subsets within the overall address-assignment pool address range, and are configured when you create the address-assignment pool. To use the DHCP local server option 82 matching feature, you must ensure that the option-82 statement is included in the dhcp-attributes statement for the address-assignment pool.

Note

To enable the option 82 matching method, you must first specify the ip-address-first statement in the pool-match-order statement, and then specify the option-82 statement.

Default Options Provided by the Extended DHCP Server for the DHCP Client

The extended DHCP local server provides a minimal configuration to the DHCP client if the client does not have DHCP option 55 configured. The server provides the subnet mask of the address-assignment pool that is selected for the client. In addition to the subnet mask, the server provides the following values to the client if the information is configured in the selected address-assignment pool:

  • router—A router located on the client’s subnet. This statement is the equivalent of DHCP option 3.

  • domain name—The name of the domain in which the client searches for a DHCP server host. This is the default domain name that is appended to hostnames that are not fully qualified. This is equivalent to DHCP option 15.

  • domain name server—A Domain Name System (DNS) name server that is available to the client to resolve hostname-to-client mappings. This is equivalent to DHCP option 6.

Using External AAA Authentication Services to Authenticate DHCP Clients

Both the extended DHCP local server and the extended DHCP relay agent support the use of external AAA authentication services, such as RADIUS, to authenticate DHCP clients. When the extended DHCP local server or relay agent receives a discover PDU from a client, the extended DHCP application contacts the AAA server to authenticate the DHCP client. The extended DHCP application can obtain client addresses and DHCP configuration options from the external AAA authentication server.

Note

This topic uses the term extended DHCP application to refer to both the extended DHCP local server and the extended DHCP relay agent.

The external authentication feature also supports AAA directed logout. If the external AAA service supports a user logout directive, the extended DHCP application honors the logout and views it as if it was requested by a CLI management command. All of the client state information and allocated resources are deleted at logout. The extended DHCP application supports directed logout using the list of configured authentication servers you specify with the authentication-server statement at the [edit access profile profile-name] hierarchy level.

Tasks for configuring External AAA authentication services are:

  1. Configuring Authentication Support for an Extended DHCP Application

  2. Grouping Interfaces with Common DHCP Configurations

  3. Configuring Passwords for Usernames the DHCP Application Presents to the External AAA Authentication Service

  4. Creating Unique Usernames the Extended DHCP Application Passes to the External AAA Authentication Service

Configuring Authentication Support for an Extended DHCP Application

To configure authentication support for an extended DHCP application, include the authentication statement at these hierarchy levels. You can configure either global authentication support or group-specific support.

You must configure the username-include statement to enable the use of authentication. The password statement is not required and does not cause DHCP to use authentication if the username-include statement is not included.

Extended DHCP local server hierarchies:

  • [edit system services dhcp-local-server]

  • [edit system services dhcp-local-server group group-name]

  • [edit logical-systems logical-system-name routing-instances routing-instance-name system services dhcp-local-server]

  • [edit logical-systems logical-system-name routing-instances routing-instance-name system services dhcp-local-server group group-name]

  • [edit logical-systems logical-system-name system services dhcp-local-server]

  • [edit logical-systems logical-system-name system services dhcp-local-server group group-name]

  • [edit logical-systems logical-system-name routing-instances routing-instance-name system services dhcp-local-server]

  • [edit logical-systems logical-system-name routing-instances routing-instance-name system services dhcp-local-server group group-name]

  • [edit routing-instances routing-instance-name system services dhcp-local-server]

  • [edit routing-instances routing-instance-name system services dhcp-local-server group group-name]

Extended DHCP relay agent hierarchies:

  • [edit forwarding-options dhcp-relay]

  • [edit forwarding-options dhcp-relay group group-name]

  • [edit logical-systems logical-system-name forwarding-options dhcp-relay]

  • [edit logical-systems logical-system-name forwarding-options dhcp-relay group group-name]

  • [edit logical-systems logical-system-name routing-instances routing-instance-name forwarding-options dhcp-relay]

  • [edit logical-systems logical-system-name routing-instances routing-instance-name forwarding-options dhcp-relay group group-name]

  • [edit routing-instances routing-instance-name forwarding-options dhcp-relay]

  • [edit routing-instances routing-instance-name forwarding-options dhcp-relay group group-name]

Grouping Interfaces with Common DHCP Configurations

The extended DHCP applications enable you to group together a set of interfaces and apply a common DHCP configuration to the named interface group.

To configure an interface group, use the group statement.

You can specify the names of one or more interfaces on which the extended DHCP application is enabled. You can repeat the interface interface-name statement to specify multiple interfaces within a group, but you cannot specify the same interface in more than one group. For example:

You can use the upto option to specify a range of interfaces on which the extended DHCP application is enabled. For example:

You can use the exclude option to exclude a specific interface or a specified range of interfaces from the group. For example:

Configuring Passwords for Usernames the DHCP Application Presents to the External AAA Authentication Service

You can configure an optional password that the extended DHCP application presents to the external AAA authentication service to authenticate the specified username.

To configure a password that authenticates the username, use the password statement. For example:

Creating Unique Usernames the Extended DHCP Application Passes to the External AAA Authentication Service

You can configure the extended DHCP application to include additional fields in the username passed to the external AAA authentication service when the DHCP client logs in. This additional information enables you to construct usernames that uniquely identify subscribers.

Note

No authentication is performed if you do not include a username in the authentication configuration; however, the IP address is provided by the local pool if it is configured.

To configure unique usernames, use the username-include statement. You can include any or all of the additional statements.

The following list describes the attributes that can be included as part of the username:

  • circuit-type—The circuit type used by the DHCP client, for example enet.

  • delimiter—The delimiter character that separates components that make up the concatenated username. The semicolon (;) is not supported as a delimiter character.

  • domain-name—The client domain name as string. The router adds the @ delimiter to the username.

  • logical-system-name—The name of the logical system, if the receiving interface is in a logical system.

  • mac-address—The client MAC address, in a string of format xxxx.xxxx.xxxx.

  • option-60—The portion of the option 60 payload that follows the length field.

  • option-82 <circuit-id> <remote-id>—The specified contents of the option 82 payload.

    • circuit-id—The payload of the agent circuit ID suboption.

    • remote-id—The payload of the Agent Remote ID suboption.

    • Both circuit-id and remote-id—The payloads of both suboptions, in the format: circuit-id[delimiter]remote-id.

    • Neither circuit-id or remote-id—The raw payload of the option 82 from the PDU is concatenated to the username.

  • routing-instance-name—The name of the routing instance, if the receiving interface is in a routing instance.

  • user-prefix—A string indicating the user prefix.

The router creates the unique username by including the specified additional information in the following order, with the fields separated by a delimiter. The default delimiter is a period (.). You can specify a different delimiter; however, the semicolon character (;) is not allowed.

The following example shows a sample configuration that creates a unique username. The username is shown after the configuration.

The resulting unique username is:

Client Configuration Information Exchanged Between the External Authentication Server, DHCP Application, and DHCP Client

When the extended DHCP application receives a response from an external authentication server, the response might include information in addition to the IP address and subnet mask. The extended DHCP application uses the information from the authentication grant for the response the DHCP application sends to the DHCP client. The DHCP application can either send the information in its original form or the application might merge the information with local configuration specifications. For example, if the authentication grant includes an address pool name and a local configuration specifies DHCP attributes for that pool, the extended DHCP application merges the authentication results and the attributes in the reply that the server sends to the client.

A local configuration is optional—a client can be fully configured by the external authentication service. However, if the external authentication service does not provide client configuration, you must configure the local address assignment pool to provide the configuration for the client. When a local configuration specifies options, the extended DHCP application adds the local configuration options to the offer PDU the server sends to the client. If the two sets of options overlap, the options in the authentication response from the external service take precedence.

When you use RADIUS to provide the authentication, the additional information might be in the form of RADIUS attributes and Juniper Networks VSAs. The following list shows the information that RADIUS might include in the authentication grant. See RADIUS Attributes and Juniper Networks VSAs Supported by the AAA Service Framework for a complete list of RADIUS attributes and Juniper Networks VSAs that the extended DHCP applications supports for subscriber access management.

  • Client IP address—RADIUS attribute 8, Framed-IP-Address

  • Subnet mask for client IP address (DHCP option 1)—RADIUS attribute 9, Framed-IP-Netmask

  • Primary domain server (DHCP option 6)—VSA 26-4, Primary-DNS

  • Secondary domain server (DHCP option 6)—VSA 26-5 Secondary-DNS

  • Primary WINS server (DHCP option 44)—VSA 26-6, Primary-WINS

  • Secondary WINS server (DHCP option 44)—VSA 26-7, Secondary-WINS

  • Address assignment pool name—RADIUS attribute 88, Framed-Pool

  • Lease time—RADIUS attribute 27, Session-Timeout

  • DHCP relay server—VSA 26-109, DHCP-Guided-Relay-Server

Example: Configuring the Minimum Extended DHCP Local Server Configuration

The following example shows the minimum configuration you need to use the extended DHCP local server on the router:

This example creates the server group named group_one, and specifies that the DHCP local server is enabled on interface fe-0/0/2.0 within the group. The DHCP local server uses the default pool match configuration of ip-address-first.

Example: Extended DHCP Local Server Configuration with Optional Pool Matching

The following example shows an extended DHCP local server configuration that includes optional pool matching and interface groups. This configuration specifies that the DHCP local server uses option 82 information to match the named address range for client IP address assignment. The option 82 matching must also be included in the address-assignment pool configuration.

Tracing Extended DHCP Local Server Operations

The extended DHCP tracing operations track the extended DHCP local server operations and record them in a log file. By default, no extended DHCP local server processes are traced. If you include the traceoptions statement at the [edit system processes dhcp-service] hierarchy level, the default tracing behavior is the following:

  • Important extended DHCP local server events are logged in a file called jdhcpd located in the /var/log directory.

  • When the file jdhcpd reaches 128 kilobytes (KB), it is renamed jdhcpd.0, then jdhcpd.1, and so on, until there are three trace files. Then the oldest trace file (jdhcpd.2) is overwritten. For more information about how log files are created, see the Junos System Log Messages Reference.

  • Log files can be accessed only by the user who configures the tracing operation.

Note

In software releases earlier than Junos OS 11.4, you configured tracing statements at the [edit system services dhcp-local-server] and [edit forwarding-options dhcp-relay] hierarchy levels. Starting in Junos OS Release 11.4, these statements have been deprecated and hidden in favor of a new statement at the [edit system processes dhcp-service] hierarchy level. The deprecated statements may be removed from a future release; we recommend that you transition to the new statement.

To trace DHCP local server operations, include the traceoptions statement at the [edit system processes dhcp-service] hierarchy level:

The following topics describe the tracing operation configuration statements:

  1. Configuring the Filename of the Extended DHCP Local Server Processes Log

  2. Configuring the Number and Size of Extended DHCP Local Server Processes Log Files

  3. Configuring Access to the Log File

  4. Configuring a Regular Expression for Lines to Be Logged

  5. Configuring Trace Option Flags

Configuring the Filename of the Extended DHCP Local Server Processes Log

By default, the name of the file that records trace output is jdhcpd. You can specify a different name by including the file statement at the [edit system processes dhcp-service traceoptions] hierarchy level:

Configuring the Number and Size of Extended DHCP Local Server Processes Log Files

By default, when the trace file reaches 128 kilobytes (KB) in size, it is renamed jdhcpd.0, then jdhcpd.1, and so on, until there are three trace files. Then the oldest trace file (jdhcpd.2) is overwritten.

You can configure the limits on the number and size of trace files by including the following statements at the [edit system processes dhcp-service traceoptions] hierarchy level:

For example, set the maximum file size to 2 MB, and the maximum number of files to 20. When the file that receives the output of the tracking operation (jdhcpd) reaches 2 MB, jdhcpd is renamed jdhcpd.0, and a new file called jdhcpd is created. When the new jdhcpd reaches 2 MB, jdhcpd.0 is renamed jdhcpd.1 and filename is renamed jdhcpd.0. This process repeats until there are 20 trace files. Then the oldest file (jdhcpd.19) is overwritten by the newest file (jdhcpd.0).

The number of files can be from 2 through 1000 files. The file size of each file can be from 10KB through 1 gigabyte (GB).

Configuring Access to the Log File

By default, log files can be accessed only by the user who configures the tracing operation.

To specify that any user can read all log files, include the file world-readable statement at the [edit system processes dhcp-service traceoptions] hierarchy level:

To set the default behavior explicitly, include the file no-world-readable statement at the [edit system processes dhcp-service traceoptions] hierarchy level:

Configuring a Regular Expression for Lines to Be Logged

By default, the trace operations output includes all lines relevant to the logged events.

You can refine the output by including the match statement at the [edit system processes dhcp-service traceoptions] hierarchy level and specifying a regular expression (regex) to be matched:

Configuring Trace Option Flags

By default, only important events are logged. You can configure the trace operations to be logged by including extended DHCP local server tracing flags at the [edit system processes dhcp-service traceoptions] hierarchy level:

You can configure the following tracing flags:

  • all—Trace all operations.

  • auth—Trace authentication operations.

  • database—Trace database events.

  • fwd—Trace firewall process events.

  • general—Trace miscellaneous events.

  • ha—Trace high availability-related events.

  • interface—Trace interface operations.

  • io—Trace I/O operations.

  • packet—Trace packet decoding operations.

  • performance—Trace performance measurement operations.

  • profile—Trace profile operations.

  • rpd—Trace routing protocol process events.

  • rtsock—Trace routing socket operations.

  • session-db—Trace session database operations.

  • state—Trace changes in state.

  • statistics—Trace baseline statistics.

  • ui—Trace user interface operations.