Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

Navigation
Guide That Contains This Content
[+] Expand All
[-] Collapse All

    Configuring the DHCP Local Server

    Tasks to configure the DHCP local server include:

    Basic Configuration of DHCP Local Server

    Before you configure a DHCP local server, you must identify which mode to activate (standalone mode or equal-access mode). Use equal-access mode, if you use the Session and Resource Control (SRC) software for address allocation and managing the subscribers. If you do not use SRC for managing subscribers, use standalone mode. SRC contributes to the address pool selection and so when you use standalone mode, SRC is not used for address allocation.

    If you do not specify a mode, equal-access mode is activated, by default. When you activate equal-access mode, common open policy service usage for policy provisioning (COPS-PR) and SRC client are automatically started on the virtual router.

    To configure the DHCP local server:

    1. Enable the DHCP local server for either equal-access or standalone mode.
      host1(config)#service dhcp-local equal-access host1(config)#service dhcp-local standalone
    2. (Optional) Specify the maximum number of IP addresses that the DHCP local server can supply to each VPI/VCI, VLAN, Ethernet subnetwork, or to a particular interface or subinterface. See Limiting the Number of IP Addresses Supplied by DHCP Local Server for more information about limiting the number of IP addresses.
      host1(config)#ip dhcp-local limit ethernet 6
    3. (Optional) Specify any addresses that the DHCP local server must not assign. See Excluding IP Addresses from Address Pools for more information.

      Note: You can specify this command multiple times on the CLI and the excluded address must fall within a network that has been specified in the DHCP local pool.

      host1(config)#ip dhcp-local excluded-address 10.10.3.4
    4. (Optional) Enable general DHCP local server traps. See Using SNMP Traps to Monitor DHCP Local Server Events.
      host1(config)#ip dhcp-local snmpTraps
    5. (Optional) Configure the DHCP local server to support the creation of dynamic subscriber interfaces built over dynamic VLANs that are based on the agent-circuit-id option (suboption 1) of the option 82 field in DHCP messages. See Configuring DHCP Local Server to Support Creation of Dynamic Subscriber Interfaces.
      host1(config)#ip dhcp-local auto-configure agent-circuit-identifier
    6. (Optional) Specify that DHCP local server use an optional method to differentiate between clients with duplicate client IDs or hardware addresses. Any changes you make have no effect on currently bound clients. See Differentiating Between Clients with the Same Client ID or Hardware Address.
      host1(config)# ip dhcp-local unique-client-ids
    7. Configure the DHCP local address pool that supplies IP addresses to subscribers who want to access a domain. See Configuring DHCP Local Address Pools for more information about configuring address pools.

    Limiting the Number of IP Addresses Supplied by DHCP Local Server

    You can specify the maximum number of IP addresses that the DHCP local server can supply to each VPI/VCI, VLAN, Ethernet subnetwork, or POS access interface type, or to a particular interface or subinterface.

    You can set global limits for a given interface type—all interfaces of that type that are subsequently created, whether dynamically or statically, inherit that limit value.

    You can also set an individual interface limit for a specific interface and override the global limit configured for that interface type. For example, suppose the VLAN interface type limit is five. You can specify a limit of 10 for the VLAN interface FastEthernet 1/0.100. All other VLAN interfaces retain the global limit of five.

    The global limits for interface types and the individual interface limits set on static interfaces are kept in NVS. These values are restored during a switchover or a reload.

    When you assign an individual limit to a dynamic interface, that limit is in force only until either a switchover or reload takes place. After the switchover or reload, if the action that caused the dynamic interface to be created occurs again, a new dynamic interface is created. The new dynamic interface then inherits the limit set by the global values based on the type of interface that is created.

    • To set a global limit for an interface type:
      host1(config)#ip dhcp-local limit ethernet 6
    • To set a limit for a specific interface:
      host1(config)#ip dhcp-local limit interface atm 3/1 15

      Note: Limits that you specify on dynamic interfaces are not restored after a switchover or reboot.

    Excluding IP Addresses from Address Pools

    You can use the ip dhcp-local excluded-address command to specify IP addresses that you do not want the DHCP local server to supply from the default address pool. You might exclude addresses if because those addresses are already used by devices on the subnetwork.

    You can exclude a single IP address or a range of addresses. To exclude a range, you specify the start-of-range IP address and the end-of-range IP address.

    • To exclude a specific IP address:
      host1(config)#ip dhcp-local excluded-address 10.10.3.4
    • To exclude a range of IP addresses:
      host1(config)#ip dhcp-local excluded-address 10.10.3.4 10.10.3.100

    Configuring DHCP Local Server to Support Creation of Dynamic Subscriber Interfaces

    You can use the ip dhcp-local auto-configure agent-circuit-identifier command to configure the DHCP local server to support the creation of dynamic subscriber interfaces built over dynamic VLANs that are based on the agent-circuit-id option (suboption 1) of the option 82 field in DHCP messages.

    • Use this command within a specific virtual router context.
    • This command requires that the user’s DHCP control traffic and data traffic traverse the same client-facing ingress port on the E Series router.

    The use of the option 82 field enables you to stack an IP interface that is associated with a particular subscriber over a dynamically created VLAN; the VLAN is dynamically created based on the agent-circuit-id option (suboption 1) that is contained in the DHCP option 82 field.

    For information about configuring agent-circuit-id–based dynamic VLAN subinterfaces, see the Configuring Dynamic Interfaces Using Bulk Configuration chapter in the JunosE Link Layer Configuration Guide.

    Differentiating Between Clients with the Same Client ID or Hardware Address

    A JunosE Software feature enables the DHCP local server to create unique client IDs to support roaming clients and to manage situations in which two clients in the network have the same hardware address.

    Note: This feature replaces the previous router behavior for DHCP local server client roaming and duplicate address support. The ip dhcp-local unique-client-ids command replaces the ip dhcp-local inhibit-roaming command, which has been removed from the CLI and has no effect on the DHCP local server.

    You can configure the method DHCP local server uses when the router receives a DISCOVER or REQUEST packet that contains a client ID or hardware address that matches the ID or address of a currently bound client on another subnet or subinterface.

    In the default configuration, the DHCP local server uses the DHCP client’s subnet or subinterface to differentiate duplicate clients and support client roaming. When a new client, with a duplicate ID or hardware address, requests an address lease, DHCP assigns that client a new address and lease—the existing client’s lease is unchanged.

    The following table describes how the DHCP local server differentiates between a new DHCP client with the same ID or hardware address as a currently bound DHCP client. The determination is based on whether the DHCP clients exist on the same or on different subnets and subinterfaces.

    Location of DHCP Clients with Identical IDs or Addresses

    How DHCP Local Server Differentiates Clients

    On different subinterfaces in the same subnet

    By unique subinterface

    On the same subinterface in different subnets

    By unique subnet

    On different subinterfaces in different subnets

    By unique subinterface and unique subnet

    On the same subinterface in the same subnet

    DHCP local server cannot distinguish clients with identical IDs or identical hardware addresses in this configuration

    In the optional configuration, you use the ip dhcp-local unique-client-ids command to disable the use of the DHCP client’s subnet or subinterface to differentiate between clients with duplicate client IDs or hardware addresses. When DHCP receives the request from a duplicate ID or address, DHCP terminates the address lease for the existing client and returns the address to its original address pool. DHCP then assigns a new address and lease to the new client.

    We strongly recommend that you enable the ip dhcp-local unique-client-ids command in the following situations:

    • When duplicate client IDs and duplicate hardware addresses do not exist in your network
    • When the DHCP local server application interacts with DHCP relays in your network that do not support duplicate client IDs or duplicate hardware addresses

    Enabling the ip dhcp-local unique-client-ids command in these cases enables you to properly manage DHCP clients that roam to different subnets.

    The DHCP relay agent application and the DHCP relay proxy application do not support duplicate client IDs or duplicate hardware addresses.

    Logging Out DHCP Local Server Subscribers

    You can use the logout subscribers command from Privileged Exec mode to log out DHCP local server subscribers. For example, you might use this feature if you want to force a user to request a new lease or if you want to recover functional resources. The logout subscribers command, unlike the clear ip address binding command (described in Clearing an IP DHCP Local Server Binding), does not terminate the subscriber’s user session or management representation.

    This command applies to DHCP local server local-access and standalone clients, as well as to PPP users. You can log out all subscribers, or log out subscribers by username, domain, virtual-router, or port.

    Clearing an IP DHCP Local Server Binding

    Note: This command is deprecated and might be removed completely in a future release. The function provided by this command has been replaced by the dhcp delete-binding command.

    You can use the clear ip dhcp-local binding command to force the removal of a connected user's IP address lease and associated route configuration. Using this command enables you to:

    • Recover functional resources from a user who has not explicitly terminated connectivity and whose lease is unexpired.
    • Discontinue connectivity to a user, prompting or forcing the user to request a new lease in order to reestablish network connectivity.

    Using SNMP Traps to Monitor DHCP Local Server Events

    The DHCP local server supports configurable global SNMP traps that monitor events related to the DHCP local server and local SNMP traps that are related to address pool utilization. You use the ip dhcp-local snmpTraps command to enable the global SNMP traps for DHCP local server.

    The DHCP local server’s global SNMP trap generates severity level 1 (alert), 2 (critical), and 3 (error) events. This trap helps administrators monitor DHCP local server general health, error statistics, address lease status, and protocol events. The global SNMP trap generates a severity level 4 (warning) event when a duplicate MAC address is detected. The global SNMP trap information is captured in the dhcpLocalGeneral logging category.

    SNMP also traps events related to address pool utilization. You use the warning command to define the maximum and minimum threshold values and the snmpTrap command to generate traps when utilization occurs above or below the defined values.

    For linked or shared pools, SNMP treats the members of the pool as a group, and uses the values configured for the first pool in the chain as the group’s threshold.

    The address pool utilization SNMP trap information is captured in the dhcpLocalPool logging category.

    Note: You must configure your SNMP management client to read the MIB objects, and your SNMP trap collector must be capable of decoding the new traps. For information about setting up SNMP, see the Configuring SNMP chapter in the JunosE System Basics Configuration Guide.

    Using DHCP Local Server Event Logs

    To troubleshoot and monitor your DHCP local server, use the following system event logs:

    • dhcpLocalClients—DHCP local server client events and duplicate MAC address detection
    • dhcpLocalGeneral—DHCP local server infrastructure-related events and number of client threshold events

      Note: The dhcpLocalGeneral category replaces the dhcpLocalServerGeneral category.

    • dhcpLocalHighAvailability—DHCP high availability events
    • dhcpLocalPool—DHCP local address pool events, including normal, linked, and shared pools
    • dhcpLocalProtocol—DHCP local server protocol events

    See the JunosE System Event Logging Reference Guide for additional information about the DHCP local server logs.

    Published: 2014-08-20