Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Solution Benefits

In enterprise networks, it is mission critical that devices such as Juniper® Series of High-Performance Access Points and attached wired and wireless clients obtain DHCP leases from the network without difficulty. This critical functionality requires a DHCP server somewhere in the network to manage the lease handouts. In most cases, customers have existing DHCP servers from third-party vendors that need to be integrated when designing and installing a new campus fabric. In these cases, the campus fabric itself is not responsible for providing the DHCP server functionality. Instead, the fabric must forward the DHCP lease requests from clients attached to access switches from the fabric to the customer-provided DHCP server to manage the lease and respond back to the client through the fabric. The fabric relays DHCP traffic between DHCP client and server by providing DHCP relay functionality. We share more information about this process and how it works later in this chapter.

The recommended production-grade solution is the IETF RFC 2131 and RFC 3046 standards-based approach leveraging DHCP relay inside the fabric to forward to a customer-managed DHCP server. For such a production-grade design utilizing DHCP relay in the fabric, we suggest choosing a third-party DHCP server that can support the following:

  • Provide at least two DHCP server instances for redundancy of this critical function. It is beneficial if the redundant servers share a common database for the lease handouts. Otherwise, you must split the ranges handed out for a particular VLAN between the servers as each then requires a unique non-overlapping pool range.
  • For DHCP relay to work properly, the DHCP server is required to listen on an IP address-based socket interface as the traditional Layer 2 broadcast listening won’t work here. More details explained below.
  • OPTIONAL: Provide an interface and integration with your DNS server.
  • OPTIONAL: Provide an interface and integration with your security functions such as a NAC when required to manage or monitor new clients in the network.

The Junos OS-based fabric switches themselves either do not provide this functionality or they do so in a limited fashion.