 | Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |
- group group-name {
-
active-server-group server-group-name;
-
-
authentication {
-
password password-string;
-
-
username-include {
-
circuit-type;
-
delimiter delimiter-character;
-
domain-name domain-name-string;
-
logical-system-name;
-
mac-address;
-
option-60;
-
option-82 [ circuit-id
] [ remote-id ];
-
routing-instance-name;
-
user-prefix user-prefix-string;
- }
- }
-
interface interface-name [upto upto-interface-name] [exclude];
-
-
overrides {
-
always-write-giaddr;
-
always-write-option-82;
-
layer2-unicast-replies;
-
trust-option-82;
-
disable-relay;
- }
-
-
relay-option-60 {
-
-
vendor-option {
-
- (equals | starts-with) (ascii match-string | hexadecimal match-hex) {
- (relay-server-group server-group-name |
-
local-server-group local-server-group-name |
-
drop);
- }
- (default-relay-server-group server-group-name |
-
default-local-server-group local-server-group-name |
-
drop);
- }
- }
-
-
relay-option-82 {
-
-
circuit-id {
-
prefix host-name logical-system-name
routing-instance-name;
- }
- }
- }
- [edit forwarding-options dhcp-relay],
- [edit logical-systems logical-system-name forwarding-options dhcp-relay],
- [edit logical-systems logical-system-name routing-instances routing-instance-name forwarding-options dhcp-relay],
- [edit routing-instances routing-instance-name forwarding-options dhcp-relay]
Statement introduced in JUNOS Release 8.3.
relay-option-60 option introduced in JUNOS Release 9.0.
Specify the name of a group of interfaces that have a common DHCP relay agent configuration. A group must contain at least one interface.
The statements configured at the [edit forwarding-options dhcp-relay group group-name] hierarchy level apply only to the named group of interfaces, and override any global DHCP relay agent settings configured with the same statements at the [edit forwarding-options dhcp-relay] hierarchy level.
group-name—Name of a group of interfaces that have a common DHCP relay agent configuration.
The remaining statements are explained separately.
See Configuring the Extended DHCP Relay Agent and Using External AAA Authentication Services.
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
-
group group-name {
-
interface interface-name;
- }
- [edit routing-instances routing-instance-name forwarding-options dhcp-relay]
- [edit routing-instances routing-instance-name bridge-domain bridge-domain-name forwarding-options dhcp-relay]
Statement supported on MX-series routers starting in JUNOS Release 9.4.
Configure Dynamic Host Configuration Protocol (DHCP) snooping on the router. When acting as a snooping agent, the MX-series router typically is located between the client and the DHCP relay agent. It creates filters by “snooping” DHCP messages and binding DHCP-issued IP addresses with the MAC address of the client. These filters help prevent DHCP spoofing.
Configure DHCP snooping by including the appropriate interfaces under the group statement.
See Preventing DHCP Spoofing (MX-series Routers Only).
interface—To view this statement in the configuration.
interface-control—To add this statement to the configuration.
| Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice. | |