Configuring the DHCP Local Server

Tasks to configure the DHCP local server include:

Basic Configuration of DHCP Local Server

Before you configure a DHCP local server, you must identify which mode to activate (standalone mode or equal-access mode). Use equal-access mode, if you use the Session and Resource Control (SRC) software for address allocation and managing the subscribers. If you do not use SRC for managing subscribers, use standalone mode. SRC contributes to the address pool selection and so when you use standalone mode, SRC is not used for address allocation.

If you do not specify a mode, equal-access mode is activated, by default. When you activate equal-access mode, common open policy service usage for policy provisioning (COPS-PR) and SRC client are automatically started on the virtual router.

To configure the DHCP local server:

  1. Enable the DHCP local server for either equal-access or standalone mode.
    host1(config)#service dhcp-local equal-access host1(config)#service dhcp-local standalone
  2. (Optional) Specify the maximum number of IP addresses that the DHCP local server can supply to each VPI/VCI, VLAN, Ethernet subnetwork, or to a particular interface or subinterface. See Limiting the Number of IP Addresses Supplied by DHCP Local Server for more information about limiting the number of IP addresses.
    host1(config)#ip dhcp-local limit ethernet 6
  3. (Optional) Specify any addresses that the DHCP local server must not assign. See Excluding IP Addresses from Address Pools for more information.

    Note: You can specify this command multiple times on the CLI and the excluded address must fall within a network that has been specified in the DHCP local pool.

    host1(config)#ip dhcp-local excluded-address 10.10.3.4
  4. (Optional) Enable general DHCP local server traps. See Using SNMP Traps to Monitor DHCP Local Server Events.
    host1(config)#ip dhcp-local snmpTraps
  5. (Optional) Configure the DHCP local server to support the creation of dynamic subscriber interfaces built over dynamic VLANs that are based on the agent-circuit-id option (suboption 1) of the option 82 field in DHCP messages. See Configuring DHCP Local Server to Support Creation of Dynamic Subscriber Interfaces.
    host1(config)#ip dhcp-local auto-configure agent-circuit-identifier
  6. (Optional) Specify that DHCP local server use an optional method to differentiate between clients with duplicate client IDs or hardware addresses. Any changes you make have no effect on currently bound clients. See Differentiating Between Clients with the Same Client ID or Hardware Address.
    host1(config)# ip dhcp-local unique-client-ids
  7. Configure the DHCP local address pool that supplies IP addresses to subscribers who want to access a domain. See Configuring DHCP Local Address Pools for more information about configuring address pools.

Limiting the Number of IP Addresses Supplied by DHCP Local Server

You can specify the maximum number of IP addresses that the DHCP local server can supply to each VPI/VCI, VLAN, Ethernet subnetwork, or POS access interface type, or to a particular interface or subinterface.

You can set global limits for a given interface type—all interfaces of that type that are subsequently created, whether dynamically or statically, inherit that limit value.

You can also set an individual interface limit for a specific interface and override the global limit configured for that interface type. For example, suppose the VLAN interface type limit is five. You can specify a limit of 10 for the VLAN interface FastEthernet 1/0.100. All other VLAN interfaces retain the global limit of five.

The global limits for interface types and the individual interface limits set on static interfaces are kept in NVS. These values are restored during a switchover or a reload.

When you assign an individual limit to a dynamic interface, that limit is in force only until either a switchover or reload takes place. After the switchover or reload, if the action that caused the dynamic interface to be created occurs again, a new dynamic interface is created. The new dynamic interface then inherits the limit set by the global values based on the type of interface that is created.

Excluding IP Addresses from Address Pools

You can use the ip dhcp-local excluded-address command to specify IP addresses that you do not want the DHCP local server to supply from the default address pool. You might exclude addresses if because those addresses are already used by devices on the subnetwork.

You can exclude a single IP address or a range of addresses. To exclude a range, you specify the start-of-range IP address and the end-of-range IP address.

Configuring DHCP Local Server to Support Creation of Dynamic Subscriber Interfaces

You can use the ip dhcp-local auto-configure agent-circuit-identifier command to configure the DHCP local server to support the creation of dynamic subscriber interfaces built over dynamic VLANs that are based on the agent-circuit-id option (suboption 1) of the option 82 field in DHCP messages.

The use of the option 82 field enables you to stack an IP interface that is associated with a particular subscriber over a dynamically created VLAN; the VLAN is dynamically created based on the agent-circuit-id option (suboption 1) that is contained in the DHCP option 82 field.

For information about configuring agent-circuit-id–based dynamic VLAN subinterfaces, see the Configuring Dynamic Interfaces Using Bulk Configuration chapter in the JunosE Link Layer Configuration Guide.

Differentiating Between Clients with the Same Client ID or Hardware Address

A JunosE Software feature enables the DHCP local server to create unique client IDs to support roaming clients and to manage situations in which two clients in the network have the same hardware address.

Note: This feature replaces the previous router behavior for DHCP local server client roaming and duplicate address support. The ip dhcp-local unique-client-ids command replaces the ip dhcp-local inhibit-roaming command, which has been removed from the CLI and has no effect on the DHCP local server.

You can configure the method DHCP local server uses when the router receives a DISCOVER or REQUEST packet that contains a client ID or hardware address that matches the ID or address of a currently bound client on another subnet or subinterface.

In the default configuration, the DHCP local server uses the DHCP client’s subnet or subinterface to differentiate duplicate clients and support client roaming. When a new client, with a duplicate ID or hardware address, requests an address lease, DHCP assigns that client a new address and lease—the existing client’s lease is unchanged.

The following table describes how the DHCP local server differentiates between a new DHCP client with the same ID or hardware address as a currently bound DHCP client. The determination is based on whether the DHCP clients exist on the same or on different subnets and subinterfaces.

Location of DHCP Clients with Identical IDs or Addresses

How DHCP Local Server Differentiates Clients

On different subinterfaces in the same subnet

By unique subinterface

On the same subinterface in different subnets

By unique subnet

On different subinterfaces in different subnets

By unique subinterface and unique subnet

On the same subinterface in the same subnet

DHCP local server cannot distinguish clients with identical IDs or identical hardware addresses in this configuration

In the optional configuration, you use the ip dhcp-local unique-client-ids command to disable the use of the DHCP client’s subnet or subinterface to differentiate between clients with duplicate client IDs or hardware addresses. When DHCP receives the request from a duplicate ID or address, DHCP terminates the address lease for the existing client and returns the address to its original address pool. DHCP then assigns a new address and lease to the new client.

We strongly recommend that you enable the ip dhcp-local unique-client-ids command in the following situations:

Enabling the ip dhcp-local unique-client-ids command in these cases enables you to properly manage DHCP clients that roam to different subnets.

The DHCP relay agent application and the DHCP relay proxy application do not support duplicate client IDs or duplicate hardware addresses.

Logging Out DHCP Local Server Subscribers

You can use the logout subscribers command from Privileged Exec mode to log out DHCP local server subscribers. For example, you might use this feature if you want to force a user to request a new lease or if you want to recover functional resources. The logout subscribers command, unlike the clear ip address binding command (described in Clearing an IP DHCP Local Server Binding), does not terminate the subscriber’s user session or management representation.

This command applies to DHCP local server local-access and standalone clients, as well as to PPP users. You can log out all subscribers, or log out subscribers by username, domain, virtual-router, or port.

Clearing an IP DHCP Local Server Binding

Note: This command is deprecated and might be removed completely in a future release. The function provided by this command has been replaced by the dhcp delete-binding command.

You can use the clear ip dhcp-local binding command to force the removal of a connected user's IP address lease and associated route configuration. Using this command enables you to:

Using SNMP Traps to Monitor DHCP Local Server Events

The DHCP local server supports configurable global SNMP traps that monitor events related to the DHCP local server and local SNMP traps that are related to address pool utilization. You use the ip dhcp-local snmpTraps command to enable the global SNMP traps for DHCP local server.

The DHCP local server’s global SNMP trap generates severity level 1 (alert), 2 (critical), and 3 (error) events. This trap helps administrators monitor DHCP local server general health, error statistics, address lease status, and protocol events. The global SNMP trap generates a severity level 4 (warning) event when a duplicate MAC address is detected. The global SNMP trap information is captured in the dhcpLocalGeneral logging category.

SNMP also traps events related to address pool utilization. You use the warning command to define the maximum and minimum threshold values and the snmpTrap command to generate traps when utilization occurs above or below the defined values.

For linked or shared pools, SNMP treats the members of the pool as a group, and uses the values configured for the first pool in the chain as the group’s threshold.

The address pool utilization SNMP trap information is captured in the dhcpLocalPool logging category.

Note: You must configure your SNMP management client to read the MIB objects, and your SNMP trap collector must be capable of decoding the new traps. For information about setting up SNMP, see the Configuring SNMP chapter in the JunosE System Basics Configuration Guide.

Using DHCP Local Server Event Logs

To troubleshoot and monitor your DHCP local server, use the following system event logs:

See the JunosE System Event Logging Reference Guide for additional information about the DHCP local server logs.

Related Documentation