dhcp-relay
構文
dhcp-relay { access-profile profile-name; active-leasequery { idle-timeout seconds; peer-address address; timeout seconds; topology-discovery; } active-server-group server-group-name; authentication { password password-string; username-include { circuit-type; delimiter delimiter-character; domain-name domain-name-string; interface-description (device-interface | logical-interface); interface-name; logical-system-name; mac-address; option-60; option-82 <circuit-id> <remote-id>; routing-instance-name; user-prefix user-prefix-string; stale-timer vlan-tags; } } bulk-leasequery { attempts number-of-attempts; timeout seconds; } dhcpv6 { access-profile profile-name; active-leasequery { idle-timeout seconds; peer-address address; timeout seconds; topology-discovery; } active-server-group server-group-name; } authentication { password password-string; username-include { circuit-type; client-id; delimiter delimiter-character; domain-name domain-name-string; interface-description (device-interface | logical-interface); interface-name interface-name; logical-system-name; mac-address mac-address; relay-agent-interface-id; relay-agent-remote-id; relay-agent-subscriber-id; routing-instance-name; user-prefix user-prefix-string; vlan-tags; } } bulk-leasequery { attempts number-of-attempts; timeout seconds; trigger automatic; } duplicate-clients incoming-interface; dynamic-profile profile-name { aggregate-clients (merge | replace); use-primary primary-profile-name; } forward-only { logical-system <current | default | logical-system-name>; routing-instance <current | default | routing-instance-name>; } forward-only-replies; } forward-snooped-clients (all-interfaces | configured-interfaces | non-configured-interfaces); group group-name { access-profile profile-name; active-server-group server-group-name; authentication { password password-string; username-include { circuit-type; client-id; delimiter delimiter-character; domain-name domain-name-string; interface-description (device-interface | logical-interface); interface-name interface-name; logical-system-name; mac-address mac-address; relay-agent-interface-id; relay-agent-remote-id; relay-agent-subscriber-id; routing-instance-name; user-prefix user-prefix-string; vlan-tags; } } dynamic-profile profile-name { aggregate-clients (merge | replace); use-primary primary-profile-name; } forward-only { logical-system <current | default | logical-system-name>; routing-instance <current | default | routing-instance-name>; } interface interface-name { access-profile profile-name; dynamic-profile profile-name { aggregate-clients (merge | replace); use-primary primary-profile-name; } exclude; overrides { allow-snooped-clients; asymmetric-lease-time seconds; asymmetric-prefix-lease-time seconds; client-negotiation-match incoming-interface; delay-authentication; delete-binding-on-renegotiation; dual-stack dual-stack-group-name; interface-client-limit number; no-allow-snooped-clients; no-bind-on-request; relay-source interface-name; send-release-on-delete; } service-profile dynamic-profile-name; short-cycle-protection <lockout-min-time seconds> <lockout-max-time seconds>; trace; upto upto-interface-name; } } lease-time-validation { lease-time-threshold seconds; violation-action action; } liveness-detection { failure-action (clear-binding | clear-binding-if-interface-up | log-only); method { bfd { version (0 | 1 | automatic); minimum-interval milliseconds; minimum-receive-interval milliseconds; multiplier number; no-adaptation; transmit-interval { minimum-interval milliseconds; threshold milliseconds; } detection-time { threshold milliseconds; } session-mode(automatic | multihop | singlehop); holddown-interval milliseconds; } layer2-liveness-detection { max-consecutive-retries number; transmit-interval interval; } } } overrides { allow-snooped-clients; asymmetric-lease-time seconds; asymmetric-prefix-lease-time seconds; client-negotiation-match incoming-interface; delay-authentication; delete-binding-on-renegotiation; dual-stack dual-stack-group-name; interface-client-limit number; no-allow-snooped-clients; no-bind-on-request; relay-source interface-name; send-release-on-delete; } relay-agent-interface-id { include-irb-and-l2; keep-incoming-interface-id ; no-vlan-interface-name; prefix prefix; use-interface-description (logical | device); use-option-82 <strict>; use-vlan-id; } relay-agent-remote-id { include-irb-and-l2; keep-incoming-interface-id ; no-vlan-interface-name; prefix prefix; use-interface-description (logical | device); use-option-82 <strict>; use-vlan-id; } relay-option { option-number option-number; default-action { drop; forward-only; relay-server-group relay-server-group; } equals (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; relay-server-group relay-server-group; } starts-with (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; relay-server-group relay-server-group; } } remote-id-mismatch disconnect; route-suppression; service-profile dynamic-profile-name; short-cycle-protection <lockout-min-time seconds> <lockout-max-time seconds>; } leasequery { attempts number-of-attempts; timeout seconds; } lease-time-validation { lease-time-threshold seconds; violation-action action; } liveness-detection { failure-action (clear-binding | clear-binding-if-interface-up | log-only); method { bfd { version (0 | 1 | automatic); minimum-interval milliseconds; minimum-receive-interval milliseconds; multiplier number; no-adaptation; transmit-interval { minimum-interval milliseconds; threshold milliseconds; } detection-time { threshold milliseconds; } session-mode(automatic | multihop | singlehop); holddown-interval milliseconds; } layer2-liveness-detection { max-consecutive-retries number; transmit-interval interval; } route-suppression; service-profile dynamic-profile-name; } } no-snoop; overrides { allow-snooped-clients; asymmetric-lease-time seconds; asymmetric-prefix-lease-time seconds; client-negotiation-match incoming-interface; delay-authentication; delete-binding-on-renegotiation; dual-stack dual-stack-group-name; interface-client-limit number; no-allow-snooped-clients; no-bind-on-request; relay-source interface-name; send-release-on-delete; } relay-agent-interface-id { include-irb-and-l2; keep-incoming-interface-id ; no-vlan-interface-name; prefix prefix; use-interface-description (logical | device); use-option-82 <strict>; use-vlan-id; } relay-agent-remote-id { include-irb-and-l2; keep-incoming-remote-id ; no-vlan-interface-name; prefix prefix; use-interface-description (logical | device); use-option-82 <strict>; use-vlan-id; } relay-option { option-number option-number; default-action { drop; forward-only; relay-server-group relay-server-group; } equals (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; relay-server-group relay-server-group; } starts-with (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; relay-server-group relay-server-group; } } relay-option-vendor-specific{ host-name; location; remote-id-mismatch disconnect; route-suppression; server-group { server-group-name { server-ip-address; } } server-response-time seconds; service-profile dynamic-profile-name; short-cycle-protection <lockout-min-time seconds> <lockout-max-time seconds>; } dual-stack-group dual-stack-group-name { access-profile profile-name; authentication { password password-string; username-include { circuit-type; delimiter delimiter-character; domain-name domain-name-string; interface-description (device-interface | logical-interface); interface-name; logical-system-name; mac-address; relay-agent-interface-id; relay-agent-remote-id; routing-instance-name; user-prefix user-prefix-string; vlan-tags; } } classification-key { circuit-id circuit-id; mac-address mac-address; remote-id remote-id; } dual-stack-interface-client-limit number; dynamic-profile profile-name { aggregate-clients (merge | replace); use-primary primary-profile-name; } liveness-detection { failure-action (clear-binding | clear-binding-if-interface-up | log-only); method { layer2-liveness-detection { max-consecutive-retries number; transmit-interval interval; } } } protocol-primary (inet | inet6); relay-agent-interface-id { include-irb-and-l2; keep-incoming-interface-id ; no-vlan-interface-name; prefix prefix; use-interface-description (logical | device); use-option-82 <strict>; use-vlan-id; } relay-agent-remote-id { include-irb-and-l2; keep-incoming-remote-id ; no-vlan-interface-name; prefix prefix; use-interface-description (logical | device); use-option-82 <strict>; use-vlan-id; } service-profile dynamic-profile-name; short-cycle-protection <lockout-min-time seconds> <lockout-max-time seconds>; } duplicate-clients-in-subnet (incoming-interface | option-82): dynamic-profile profile-name { aggregate-clients (merge | replace); use-primary primary-profile-name; } forward-only { logical-system <current | default | logical-system-name>; routing-instance <current | default | routing-instance-name>; } forward-only-replies; forward-snooped-clients (all-interfaces | configured-interfaces | non-configured-interfaces); group group-name { access-profile profile-name; active-server-group server-group-name; authentication { password password-string; username-include { circuit-type; delimiter delimiter-character; domain-name domain-name-string; interface-description (device-interface | logical-interface); interface-name interface-name; logical-system-name; mac-address; option-60; option-82 [circuit-id] [remote-id]; routing-instance-name; user-prefix user-prefix-string; } vlan-tags; } dynamic-profile profile-name { aggregate-clients (merge | replace); use-primary primary-profile-name; } forward-only { logical-system <current | default | logical-system-name>; routing-instance <current | default | routing-instance-name>; } forward-only { logical-system <current | default | logical-system-name>; routing-instance <current | default | routing-instance-name>; } interface interface-name { access-profile profile-name; exclude; liveness-detection { failure-action (clear-binding | clear-binding-if-interface-up | log-only); method { bfd { version (0 | 1 | automatic); minimum-interval milliseconds; minimum-receive-interval milliseconds; multiplier number; no-adaptation; transmit-interval { minimum-interval milliseconds; threshold milliseconds; } detection-time { threshold milliseconds; } session-mode (automatic | multihop | singlehop); holddown-interval milliseconds; } } } overrides { allow-no-end-option; allow-snooped-clients; always-write-giaddr; always-write-option-82; asymmetric-lease-time seconds; client-discover-match <option60-and-option82 | incoming-interface>; delay-authentication; delete-binding-on-renegotiation; disable-relay; dual-stack dual-stack-group-name; interface-client-limit number; layer2-unicast-replies; no-allow-snooped-clients; no-bind-on-request; proxy-mode; relay-source replace-ip-source-with; send-release-on-delete; trust-option-82; } service-profile dynamic-profile-name; short-cycle-protection <lockout-min-time seconds> <lockout-max-time seconds>; trace; upto upto-interface-name; } overrides { allow-no-end-option allow-snooped-clients; always-write-giaddr; always-write-option-82; asymmetric-lease-time seconds; asymmetric-prefix-lease-time seconds; client-discover-match (option60-and-option82 | incoming-interface); delay-authentication; delete-binding-on-renegotiation; disable-relay; dual-stack dual-stack-group-name; interface-client-limit number; layer2-unicast-replies; no-allow-snooped-clients; no-bind-on-request; proxy-mode; relay-source replace-ip-source-with; send-release-on-delete; trust-option-82; } relay-option { option-number option-number; default-action { drop; forward-only; relay-server-group group-name; } equals (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; relay-server-group relay-server-group; } starts-with (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; local-server-group local-server-group; relay-server-group relay-server-group; } } relay-option-82 { circuit-id { prefix prefix; use-interface-description (logical | device); } remote-id { prefix prefix; use-interface-description (logical | device); } server-id-override } remote-id-mismatch disconnect; route-suppression: service-profile dynamic-profile-name; short-cycle-protection <lockout-min-time seconds> <lockout-max-time seconds>; } leasequery { attempts number-of-attempts; timeout seconds; } lease-time-validation { lease-time-threshold seconds; violation-action action; } liveness-detection { failure-action (clear-binding | clear-binding-if-interface-up | log-only); method { bfd { version (0 | 1 | automatic); minimum-interval milliseconds; minimum-receive-interval milliseconds; multiplier number; no-adaptation; transmit-interval { minimum-interval milliseconds; threshold milliseconds; } detection-time { threshold milliseconds; } session-mode (automatic | multihop | singlehop); holddown-interval milliseconds; } layer2-liveness-detection { max-consecutive-retries number; transmit-interval interval; } } } no-snoop; overrides { allow-no-end-option allow-snooped-clients; always-write-giaddr; always-write-option-82; asymmetric-lease-time seconds; asymmetric-prefix-lease-time seconds; client-discover-match (option60-and-option82 | incoming-interface); delay-authentication; delete-binding-on-renegotiation; disable-relay; dual-stack dual-stack-group-name; interface-client-limit number; layer2-unicast-replies; no-allow-snooped-clients; no-bind-on-request; proxy-mode; relay-source replace-ip-source-with; send-release-on-delete; trust-option-82; } relay-option { option-number option-number; default-action { drop; forward-only; relay-server-group group-name; } equals (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; relay-server-group relay-server-group; } starts-with (ascii ascii-string | hexadecimal hexadecimal-string) { drop; forward-only; local-server-group local-server-group; relay-server-group relay-server-group; } } relay-option-82 { circuit-id { prefix prefix; use-interface-description (logical | device); } remote-id { prefix prefix; use-interface-description (logical | device); } server-id-override } } remote-id-mismatch disconnect; route-suppression: server-group { server-group-name { server-ip-address; } } server-response-time seconds; service-profile dynamic-profile-name; short-cycle-protection <lockout-min-time seconds> <lockout-max-time seconds>; }
階層レベル
[edit forwarding-options], [edit logical-systems logical-system-name forwarding-options], [edit logical-systems logical-system-name routing-instances routing-instance-name forwarding-options], [edit routing-instances routing-instance-name forwarding-options]
説明
ルーターまたはスイッチで拡張動的ホスト構成プロトコル(DHCP)リレーおよび DHCPv6 リレーオプションを設定し、ルーター(またはスイッチ)が DHCP リレーエージェントとして機能できるようにします。DHCP リレー エージェントは、DHCP クライアントと DHCP サーバー間で DHCP 要求パケットと応答パケットを転送します。
DHCPリレーは、動的プロファイルの添付をサポートし、またローカルAAAサービスフレームワークと対話して、RADIUSなどのバックエンド認証サーバーを使用して、加入者認証またはクライアント認証を提供します。動的プロファイルをアタッチし、認証サポートをグローバルに、または特定のインターフェイス グループに対して設定できます。
および dhcpv6
ステートメントでdhcp-relay
設定された拡張 DHCP および DHCPv6 リレー エージェント オプションは、 ステートメントでbootp
設定された DHCP/BOOTP リレー エージェント オプションと互換性がありません。その結果、拡張 DHCP または DHCPv6 リレー エージェントと DHCP/BOOTP リレー エージェントの両方をルーター(またはスイッチ)で同時に有効にすることはできません。
残りのステートメントについては、個別に説明します。 詳細については、CLI エクスプローラー でステートメントを検索するか、「構文」セクションでリンクされたステートメントをクリックしてください。
必要な権限レベル
interface—設定でこのステートメントを表示します。
interface-control—設定にこのステートメントを追加します。
リリース情報
Junos OSリリース8.3で導入されたステートメント。