Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?


DHCP Subscriber Access Networks Overview

DHCP and Subscriber Management Overview

You use DHCP in broadband access networks to provide IP address configuration and service provisioning. DHCP, historically a popular protocol in LANs, works well with Ethernet connectivity and is becoming increasingly popular in broadband networks as a simple, scalable solution for assigning IP addresses to subscriber home PCs, set-top boxes (STBs), and other devices.

Junos OS subscriber management supports the following DHCP allocation models:

  • DHCP Local Server

  • DHCP Relay

  • DHCP Relay Proxy

DHCP uses address assignment pools from which to allocate subscriber addresses. Address-assignment pools support both dynamic and static address assignment:

  • Dynamic address assignment—A subscriber is automatically assigned an address from the address-assignment pool.

  • Static address assignment—Addresses are reserved and always used by a particular subscriber.


    Addresses that are reserved for static assignment are removed from the dynamic address pool and cannot be assigned to other clients.

Extended DHCP Local Server and Subscriber Management Overview

You can enable the services router to function as an extended DHCP local server. As an extended DHCP local server the services router, and not an external DHCP server, provides an IP address and other configuration information in response to a client request. The extended DHCP local server supports the use of external AAA authentication services, such as RADIUS, to authenticate DHCP clients.

Extended DHCP Relay and Subscriber Management Overview

You can configure extended DHCP relay options on the router and enable the router to function as a DHCP relay agent. A DHCP relay agent forwards DHCP request and reply packets between a DHCP client and a DHCP server. You can use DHCP relay in carrier edge applications such as video and IPTV to obtain configuration parameters, including an IP address, for your subscribers. The extended DHCP relay agent supports the use of external AAA authentication services, such as RADIUS, to authenticate DHCP clients.

DHCP Relay Proxy and Subscriber Management Overview

DHCP relay proxy mode is an enhancement to extended DHCP relay. DHCP relay proxy supports all DHCP relay features while providing additional features and benefits. Except for the ability to add DHCP relay agent options and the gateway address (giaddr) to DHCP packets, DHCP relay is transparent to DHCP clients and DHCP servers, and simply forwards messages between DHCP clients and servers. When you configure DHCP relay to operate in proxy mode, the relay is no longer transparent. In proxy mode, DHCP relay conceals DHCP server details from DHCP clients, which interact with a DHCP relay in proxy mode as though it is the DHCP server. For DHCP servers there is no change, because proxy mode has no effect on how the DHCP server interacts with the DHCP relay.

Subscriber Access Operation Flow Using DHCP Relay

The subscriber management feature requires that a subscriber (for example, a DHCP client) send a discover message to the router interface to initialize dynamic configuration of that interface.

Figure 1 shows the flow of operations that occurs when the router is using DHCP relay to enable access for a subscriber.

Figure 1: Subscriber Access Operation FlowSubscriber Access Operation Flow

The following general sequence occurs during access configuration for a DHCP client:

  1. The client issues a DHCP discover message.

  2. The router issues an authorization request to the RADIUS server.

  3. The RADIUS server issues an authorization response to the router.

  4. The router passes the DHCP discover message through to the DHCP server.

  5. The DHCP server issues an IP address for the client.

  6. The router DHCP component sends an acknowledgement back to the client.

The subscriber now has access to the network and the authorized service.

Defining Various Levels of Services for DHCP Subscribers

This topic discusses how to create dynamic profiles to define various levels of service for DHCP clients.

Before you configure dynamic profiles for client services:

  1. Create a basic dynamic profile.

    See Configuring a Basic Dynamic Profile.

  2. Configure a dynamic profile that enables DHCP clients access to the network.

    See Configuring Dynamic DHCP Client Access to a Multicast Network


    You can create a basic dynamic profile that contains both access configuration and some level of basic service.

  3. Ensure that the router is configured to enable communication between the client and the RADIUS server.

    See Specifying the Authentication and Accounting Methods for Subscriber Access.

  4. Configure all RADIUS values that you want the profiles to use when validating DHCP clients.

    See RADIUS Servers and Parameters for Subscriber Access

To configure an initial client access dynamic profile:

  1. Access the desired service profile.
  2. (Optional) Define any IGMP protocols values as described for creating a basic access profile to combine a basic service with access in a profile.
  3. (Optional) Specify any filters for the interface.
  4. Define any CoS values for the service level you want this profile to configure on the interface.

Example: Configuring a Tiered Service Profile for Subscriber Access

This example shows how to configure a tiered service profile for subscribers.

The profile contains three services:

  • Gold—Subscribers that pay for this service are allocated 10M bandwidth for data, voice, and video services.

  • Silver—Subscribers that pay for this service are allocated 5M bandwidth for data, voice, and video services.

  • Bronze—Subscribers that pay for this service are allocated 1M bandwidth for the data service only.

Each subscriber is allocated a VLAN that is created statically. Subscribers log in using DHCP and authenticate using RADIUS. The subscribers can migrate from one service to another when they change subscriptions.

To configure a profile for a tiered service:

  1. Configure the VLAN interfaces associated with each subscriber. Enable hierarchical scheduling for the interface.

  2. Configure the static CoS parameters.

    In this example, each offering (video, voice, and data) is assigned a queue, and each service (Gold, Silver, and Bronze) is assigned a scheduler.

  3. Configure the dynamic profile for the service.

    The scheduler maps configured for each service are referenced in the dynamic profile.

  4. Configure access for the subscribers.

    The DHCP relay agent forwards DHCP request and reply packets between a DHCP client and a DHCP server. You use DHCP relay to obtain configuration parameters, including an IP address, for subscribers. In this example, one DHCP server, address, can be used by subscribers.

    The DHCP relay configuration is attached to an active server group named service_provider_group.

    The subscribers are grouped together within the subscriber_group, and identifies characteristics such as authentication, username info, and the associated interfaces for the group members. In this example, it also identifies the active server group and the dynamic interface that is used by the subscribers in the group.