Using Matching Option 60 Strings to Process DHCP Client Traffic

Configuring option 60 support helps you manage multivendor networks by enabling the extended DHCP relay agent to compare option 60 vendor-specific strings received in DHCP client packets against a list of ASCII or hexadecimal strings that you configure on the router.

The match criteria you configure for the option 60 string-to-DHCP server mapping can be either of the following:

• To specify an exact, left-to-right match of the configured match string with the option 60 string, use the vendor-option equals statement with either the ascii statement (to define a nonempty ASCII match string of 1 through 255 alphanumeric characters) or the hexadecimal statement (to define a hexadecimal match string of 1 through 255 hexadecimal characters [0 through 9, a through f, A through F]).
• To specify a partial match of the configured match string with the option 60 string, use the vendor-option starts-with statement with either the ascii statement or the hexadecimal statement. In this case, the option 60 string can contain a superset of the configured ASCII or hexadecimal string, provided that the leftmost characters of the option 60 string entirely match the characters in the configured match string. When you use the starts-with statement, the longest match rule applies. For example, the extended DHCP relay agent matches the string “test123” before it matches the string “test”.

If the option 60 string received in the DHCP client packet matches the configured ASCII or hexadecimal string, you can define one of the following actions for the associated DHCP client packets:

• To relay client traffic to a group of specific DHCP relay servers that provide the requested client service, use the relay-server-group statement.

  The DHCP client packet is relayed to all of the servers specified in the server-group statement at the [edit forwarding-options dhcp-relay] hierarchy level that map to the vendor class identifier information provided in the option 60 string. To configure a named group of DHCP relay servers, which are also referred to as vendor-option servers, include the server-group statement at the [edit forwarding-options dhcp-relay] hierarchy level, as described in Configuring Server Groups.

• To forward client traffic to a specific extended DHCP local server, use the local-server-group statement.

  To configure an extended DHCP local server, include the dhcp-local-server statement at the [edit system services] hierarchy level. For information about configuring and using the extended DHCP local server, see the JUNOS System Basics Configuration Guide.

• To drop (discard) the packets, use the drop statement.

  Specifying that certain DHCP client packets be dropped can be useful when DHCP clients request services that are invalid or no longer supported.

The following additional considerations apply when you configure an ASCII or hexadecimal match string:

• You can configure the same ASCII or hexadecimal match string as both an exact (equals) match and as a partial (starts-with) match. In that case, the exact string match configured with the equals statement takes precedence over the partial string match configured with the starts-with statement.
• A server group can contain multiple server addresses and can map to more than one match string.
• You can configure an unlimited number of match strings.
• The use of wildcard attributes in match strings is not supported.

For configuration examples that illustrate how to use matching option 60 strings to forward or drop DHCP client traffic, see Example: Using Option 60 Strings to Forward DHCP Client Traffic and Example: Using Option 60 Strings to Drop DHCP Client Traffic.

Copyright © 2009, Juniper Networks, Inc. All rights reserved. Trademark Notice.