[Contents] [Prev] [Next] [Index] [Report an Error]

Using Option 60 Information to Forward Client Traffic to Specific DHCP Servers

You can configure the extended DHCP relay agent to use the DHCP vendor class identifier option (option 60) in DHCP client packets to forward client traffic to specific DHCP servers. This feature is useful in network environments where DHCP clients access services provided by multiple vendors and DHCP servers. For example, a DHCP client might gain Internet access from a particular DHCP server provided by one vendor, and access IPTV service from a different DHCP server provided by another vendor. The option 60 string enables vendors to include vendor-specific information in DHCP client packets.

To use option 60 vendor-specific information to select a DHCP server to which to forward the client packets, include the relay-option-60 statement:




relay-option-60 {



vendor-option {


(equals | starts-with) (ascii match-string | hexadecimal match-hex) {
(relay-server-group server-group-name |

local-server-group local-server-group-name |

drop);
}


(default-relay-server-group server-group-name |

default-local-server-group local-server-group-name |

drop);
}


}

To configure option 60 support globally, include the relay-option-60 statement and subordinate statements at the [edit forwarding-options dhcp-relay] hierarchy level. To configure option 60 support for a named group of interfaces, include the relay-option-60 statement and subordinate statements at the [edit forwarding-options dhcp-relay group group-name] hierarchy level. You can also configure option 60 support for the extended DHCP relay agent on a per logical system and per routing instance basis.

Using Matching Option 60 Strings to Process DHCP Client Traffic

Configuring option 60 support helps you manage multivendor networks by enabling the extended DHCP relay agent to compare option 60 vendor-specific strings received in DHCP client packets against a list of ASCII or hexadecimal strings that you configure on the router.

The match criteria you configure for the option 60 string-to-DHCP server mapping can be either of the following:

To specify an exact, left-to-right match of the configured match string with the option 60 string, use the vendor-option equals statement with either the ascii statement (to define a nonempty ASCII match string of 1 through 255 alphanumeric characters) or the hexadecimal statement (to define a hexadecimal match string of 1 through 255 hexadecimal characters [0 through 9, a through f, A through F]).
To specify a partial match of the configured match string with the option 60 string, use the vendor-option starts-with statement with either the ascii statement or the hexadecimal statement. In this case, the option 60 string can contain a superset of the configured ASCII or hexadecimal string, provided that the leftmost characters of the option 60 string entirely match the characters in the configured match string. When you use the starts-with statement, the longest match rule applies. For example, the extended DHCP relay agent matches the string “test123” before it matches the string “test”.

If the option 60 string received in the DHCP client packet matches the configured ASCII or hexadecimal string, you can define one of the following actions for the associated DHCP client packets:

To relay client traffic to a group of specific DHCP relay servers that provide the requested client service, use the relay-server-group statement.
The DHCP client packet is relayed to all of the servers specified in the server-group statement at the [edit forwarding-options dhcp-relay] hierarchy level that map to the vendor class identifier information provided in the option 60 string. To configure a named group of DHCP relay servers, which are also referred to as vendor-option servers, include the server-group statement at the [edit forwarding-options dhcp-relay] hierarchy level, as described in Configuring Server Groups.
To forward client traffic to a specific extended DHCP local server, use the local-server-group statement.
To configure an extended DHCP local server, include the dhcp-local-server statement at the [edit system services] hierarchy level. For information about configuring and using the extended DHCP local server, see the JUNOS System Basics Configuration Guide.
To drop (discard) the packets, use the drop statement.
Specifying that certain DHCP client packets be dropped can be useful when DHCP clients request services that are invalid or no longer supported.

The following additional considerations apply when you configure an ASCII or hexadecimal match string:

You can configure the same ASCII or hexadecimal match string as both an exact (equals) match and as a partial (starts-with) match. In that case, the exact string match configured with the equals statement takes precedence over the partial string match configured with the starts-with statement.
A server group can contain multiple server addresses and can map to more than one match string.
You can configure an unlimited number of match strings.
The use of wildcard attributes in match strings is not supported.

For configuration examples that illustrate how to use matching option 60 strings to forward or drop DHCP client traffic, see Example: Using Option 60 Strings to Forward DHCP Client Traffic and Example: Using Option 60 Strings to Drop DHCP Client Traffic.

Using Nonmatching Option 60 Strings to Process DHCP Client Traffic

If the option 60 string received in the DHCP client packet does not match the configured ASCII or hexadecimal string, you can define one of the following default actions for the associated DHCP client packets:

To relay client traffic to a default extended DHCP relay server that you specify, use the default-relay-server-group statement.
To forward client traffic to a default extended DHCP local server that you specify, use the default-local-server-group statement.
To drop (discard) the packets, use the drop statement.

In rare instances, the extended DHCP relay agent might receive a DHCP client packet with an option 60 string of zero (0) length. In this case, there is nothing in the option 60 string against which to match. As a result, such packets are treated as if they contained nonmatching option 60 strings; that is, they can be relayed to a default DHCP relay server, forwarded to a default DHCP extended local server, or dropped.

For configuration examples that illustrate how to use nonmatching option 60 strings to forward or drop DHCP client traffic, see Example: Using Option 60 Strings to Forward DHCP Client Traffic and Example: Using Option 60 Strings to Drop DHCP Client Traffic.

Displaying a Count of Discarded DHCP Packets with Option 60 Information

To display the number of discarded DHCP client packets containing option 60 vendor-specific information, use the show dhcp relay statistics operational command. For information about using this command, see the JUNOS Routing Protocols and Policies Command Reference.

[Contents] [Prev] [Next] [Index] [Report an Error]