[an error occurred while processing this directive][an error occurred while processing this directive]

Overriding Default DHCP Local Server Configuration Settings

Subscriber management enables you to override certain default DHCP and DHCPv6 local server configuration settings. You can override settings at the global level, for a named group of interfaces, or for a specific interface within a named group.

  • To override global default DHCP local server configuration options, include the overrides statement and its subordinate statements at the [edit system services dhcp-local-server] or [edit system services dhcp-local-server dhcpv6] hierarchy level.
  • To override DHCP local server configuration options for a named group of interfaces, include the statements at the [edit system services dhcp-local-server group group-name] or [edit system services dhcp-local-server dhcpv6 group] hierarchy level.
  • To override DHCP local server configuration options for a specific interface within a named group of interfaces, include the statements at the [edit system services dhcp-local-server group group-name interface] or [edit system services dhcp-local-server dhcpv6 group group-name interface] hierarchy level.

To override default DHCP local server configuration settings:

  1. Specify that you want to configure override options.

    Global override:

    [edit system services dhcp-local-server]user@host# edit overrides

    Group level override:

    [edit system services dhcp-local-server]user@host# edit group boston overrides

    Per-interface override:

    [edit system services dhcp-local-server]user@host# edit group boston overrides interface fe-1/0/1.1
  2. (Optional) Override the maximum number of DHCP clients allowed per interface.

    See Specifying the Maximum Number of DHCP Clients Per Interface.

  3. (Optional) Override ARP table population in distrusted environments.

    See Disabling ARP Table Population.

  4. (Optional) Configure DHCP client auto logout.

    See Automatically Logging Out DHCP Clients.

This topic contains the following sections:

Deleting DHCP Local Server and DHCP Relay Override Settings

You can delete override settings for DHCP local server and DHCP relay globally, for a named group, or for a specific interface within a named group. You can delete a specific override setting or all overrides.

  • To delete a specific DHCP override setting at a particular hierarchy level, include the overrides statement with the appropriate subordinate statements. For example, to delete the DHCP local server override no-arp setting for a group named marin20:

    [edit system services dhcp-local-server]user@host# delete group marin20 overrides no-arp
  • To delete all DHCP override settings at a hierarchy level, include the overrides statement without any subordinate statements. For example, to delete all DHCP relay overrides for interface fxp0.0, which is in group marin20:

    [edit forwarding-options dhcp-relay]user@host# delete group marin20 interface fxp0.0 overrides

Specifying the Maximum Number of DHCP Clients Per Interface

By default, there is no limit to the number of DHCP local server or DHCP relay clients allowed on an interface. However, you can override the default setting and specify the maximum number of clients allowed per interface, in the range 1 through 500,000. When the number of clients on the interface reaches the specified limit, no additional DHCP Discover PDUs or DHCPv6 Solicit PDUs are accepted. When the number of clients subsequently drops below the limit, new clients are again accepted.

Note: The maximum number of DHCP (and DHCPv6) local server clients or DHCP relay clients can also be specified by Juniper Networks VSA 26-143 during client login. The VSA-specified value always takes precedence if the interface-client-limit number statement specifies a different number.

If the VSA-specified value differs with each client login, DHCP uses the largest limit set by the VSA until there are no clients on the interface.

To configure the maximum number of DHCP clients allowed per interface:

  1. Specify that you want to configure override options.
    • For DHCP local server:
      [edit system services dhcp-local-server]user@host# edit overrides
    • For DHCPv6 local server:
      [edit system services dhcp-local-server dhcpv6]user@host# edit overrides
    • For DHCP relay agent:
      [edit forwarding-options dhcp-relay]user@host# edit overrides
  2. Configure the maximum number of clients allowed per interface. (DHCP local server, DHCPv6 local server, and DHCP relay agent all support the interface-client-limit statement.)
    [edit system services dhcp-local-server overrides]user@host# set interface-client-limit number

Disabling ARP Table Population

By default, DHCP populates the ARP table with the MAC address of a client when the client binding is established. However, you may choose to use the DHCP no-arp statement to hide the subscriber MAC address information, as it appears in ARP table entries.

When running in a trusted environment (that is, when not using the no-arp statement), DHCP populates the ARP table with unique MAC addresses contained within the DHCP PDU for each DHCP client:

Table 1: ARP Table in Trusted Environment

IP Address

MAC Address

Client 1 IP Address

MAC A

Client 2 IP Address

MAC B

Client 3 IP Address

MAC C

In distrusted environments, you can specify the no-arp statement to hide the MAC addresses of clients. When you specify the no-arp statement, DHCP does not automatically populate the ARP table with MAC address information from the DHCP PDU for each client. Instead, the system performs an ARP to obtain the MAC address of each client and obtains the MAC address of the immediately-attached device (for example, a DSLAM). DHCP populates the ARP table with the same interface MAC address (for example, MAC X from a DSLAM interface) for each client:

Table 2: ARP Table in Distrusted Environment

IP Address

MAC Address

Client 1 IP Address

MAC X

Client 2 IP Address

MAC X

Client 3 IP Address

MAC X

To disable ARP table population:

  1. Specify that you want to configure override options.
    • For DHCP local server:
      [edit system services dhcp-local-server]user@host# edit overrides
    • For DHCP relay:
      [edit forwarding-options dhcp-relay]user@host# edit overrides
  2. Disable ARP table population with client-specific information. (DHCP local server and DHCP relay agent both support the no-arp statement.)
    • For DHCP local server:
      [edit system services dhcp-local-server overrides]user@host# set no-arp
    • For DHCP relay:
      [edit forwarding-options dhcp-relay overrides]user@host# set no-arp

Published: 2010-04-15

[an error occurred while processing this directive]