DHCP Relay on EX9200

In this post we will see how DHCP Relay is configured on EX9200. Actually, the same type of configuration can be applied on any Juniper platform that supports ELS.

DHCP Relay allows clients to get an IP address even when they are not in the same broadcast domain with the DHCP server.

The DHCP Relay acts as a proxy between the client and DHCP server in the two subnets and forwards/translates the DHCP messages between the two.

This is the network where DHCP Relay will be configured:

 

 

The two hosts are in the same VLAN, 136:

[edit]
root@EX9200_1# run show ethernet-switching table vlan-id 136

MAC flags (S - static MAC, D - dynamic MAC, L - locally learned, P - Persistent static, C - Control MAC
           SE - statistics enabled, NM - non configured MAC, R - remote PE MAC, O - ovsdb MAC)


Ethernet switching table : 2 entries, 2 learned
Routing instance : default-switch
    Vlan                MAC                 MAC         Age    Logical                NH        RTR
    name                address             flags              interface              Index     ID
    CLIENT        	00:26:88:6e:82:44   DL            -   ge-0/0/0.0           0         0
    CLIENT       	00:26:88:6e:82:4a   DL            -   ge-1/0/0.0           0         0

[edit]
root@EX9200_1#

This is the configuration required on DHCP Relay:

[edit]
root@EX9200_1# show forwarding-options
dhcp-relay {
    persistent-storage automatic;
    overrides {
        allow-snooped-clients;
        always-write-giaddr;
        trust-option-82;
        bootp-support;
    }
    server-group {
        DHCP-RELAY {
            192.168.221.41;
        }
    }
    group DHCP-RELAY {
        active-server-group DHCP-RELAY;
        relay-option-82 {
            circuit-id {
                no-vlan-interface-name;
            }
        }
        interface irb.5;
        interface irb.6;
        interface irb.7;
        interface irb.8;
        interface irb.9;
        interface irb.44;
        interface irb.48;
        interface irb.56;
        interface irb.64;
        interface irb.96;
        interface irb.104;
        interface irb.136;
        interface irb.200;
        interface irb.240;
    }
}

[edit]
root@EX9200_1#

The above configuration states that if DHCP messages will come to the device on interfaces irb.5, irb.6 and so on, will be forwarded to the DHCP server(or servers) defined under server-group configuration.

In our case, DHCP Discover messages will be forwarded to 192.168.221.41.

Keep in mind that not all the knobs from the above configuration are required for DHCP Relay to work properly.

Based on the specific use case, some knobs are added to accomplish the goal.

On the server side, the DHCP messages exchanged by the server and the DHCP Relay(on behalf of the client) are these.

You can also see what IP address will be assigned for each client(based on the MAC identification):

admin@DHCP_SERVER:~$ sudo cat /var/log/syslog.1 | grep 00:26:88:6e:82:44
Jul 17 12:37:20 DHCP_SERVER dhcpd[10013]: DHCPDISCOVER from 00:26:88:6e:82:44 (BN0209386422) via 192.168.136.1
Jul 17 12:37:21 DHCP_SERVER dhcpd[10013]: DHCPOFFER on 192.168.136.10 to 00:26:88:6e:82:44 via 192.168.136.1
Jul 17 12:37:21 DHCP_SERVER dhcpd[10013]: DHCPREQUEST for 192.168.136.10 (192.168.221.41) from 00:26:88:6e:82:44 via 192.168.136.1
Jul 17 12:37:21 DHCP_SERVER dhcpd[10013]: DHCPACK on 192.168.136.10 to 00:26:88:6e:82:44 via 192.168.136.1
admin@DHCP_SERVER:~$ sudo cat /var/log/syslog.1 | grep 00:26:88:6e:82:4a
Jul 17 12:37:21 DHCP_SERVER dhcpd[10013]: DHCPDISCOVER from 00:26:88:6e:82:4a (BN0209386422) via 192.168.136.1
Jul 17 12:37:22 DHCP_SERVER dhcpd[10013]: DHCPOFFER on 192.168.136.11 to 00:26:88:6e:82:4a via 192.168.136.1
Jul 17 12:37:22 DHCP_SERVER dhcpd[10013]: DHCPREQUEST for 192.168.136.11 (192.168.221.41) from 00:26:88:6e:82:4a via 192.168.136.1
Jul 17 12:37:22 DHCP_SERVER dhcpd[10013]: DHCPACK on 192.168.136.11 to 00:26:88:6e:82:4a via 192.168.136.1
admin@DHCP_SERVER:~$

The leases are hold here:

admin@DHCP_SERVER:~$ cat /var/lib/dhcp/dhcpd.leases
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.3.3

lease 192.168.136.10 {
  starts 2 2017/07/18 05:15:54;
  ends 3 2017/07/19 05:15:54;
  cltt 2 2017/07/18 05:15:54;
  binding state active;
  next binding state free;
  rewind binding state free;
  hardware ethernet 00:26:88:6e:82:44;
  option agent.circuit-id "irb.136";
}
lease 192.168.136.11 {
  starts 2 2017/07/18 05:15:55;
  ends 3 2017/07/19 05:15:55;
  cltt 2 2017/07/18 05:15:55;
  binding state active;
  next binding state free;
  rewind binding state free;
  hardware ethernet 00:26:88:6e:82:4a;
  option agent.circuit-id "irb.136";
}
admin@DHCP_SERVER:~$

The bindings on EX9200 can be seen here:

[edit]
root@EX9200_1# run show dhcp relay binding
IP address        Session Id  Hardware address   Expires     State      Interface
192.168.136.10    9           00:26:88:6e:82:44  78359       BOUND      irb.136
192.168.136.11    10          00:26:88:6e:82:4a  78361       BOUND      irb.136

[edit]
root@EX9200_1# run show dhcp relay binding detail

Client IP Address:  192.168.136.10
     Hardware Address:             00:26:88:6e:82:44
     State:                        BOUND(RELAY_STATE_BOUND)
     Lease Expires:                2017-07-19 07:47:07 CEST
     Lease Expires in:             78356 seconds
     Lease Start:                  2017-07-17 13:08:33 CEST
     Last Packet Received:         2017-07-18 07:47:07 CEST
     Incoming Client Interface:    irb.136:ge-0/0/0.0
     Server Ip Address:            192.168.221.41
     Server Interface:             none
     Bootp Relay Address:          192.168.136.1
     Session Id:                   9
     Generated Circuit ID:         irb.136
Client IP Address:  192.168.136.11
     Hardware Address:             00:26:88:6e:82:4a
     State:                        BOUND(RELAY_STATE_BOUND)
     Lease Expires:                2017-07-19 07:47:09 CEST
     Lease Expires in:             78358 seconds
     Lease Start:                  2017-07-17 13:08:33 CEST
     Last Packet Received:         2017-07-18 07:47:09 CEST
     Incoming Client Interface:    irb.136:ae0.0
     Server Ip Address:            192.168.221.41
     Server Interface:             none
     Bootp Relay Address:          192.168.136.1
     Session Id:                   10
     Generated Circuit ID:         irb.136

[edit]
root@EX9200_1#

The two host are reachable:

[edit]
root@EX9200_1# run ping 192.168.136.10 count 2
PING 192.168.136.10 (192.168.136.10): 56 data bytes
64 bytes from 192.168.136.10: icmp_seq=0 ttl=64 time=2.678 ms
64 bytes from 192.168.136.10: icmp_seq=1 ttl=64 time=1.148 ms

--- 192.168.136.10 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.148/1.913/2.678/0.765 ms

[edit]
root@EX9200_1# run ping 192.168.136.11 count 2
PING 192.168.136.11 (192.168.136.11): 56 data bytes
64 bytes from 192.168.136.11: icmp_seq=0 ttl=64 time=2.924 ms
64 bytes from 192.168.136.11: icmp_seq=1 ttl=64 time=1.255 ms

--- 192.168.136.11 ping statistics ---
2 packets transmitted, 2 packets received, 0% packet loss
round-trip min/avg/max/stddev = 1.255/2.090/2.924/0.834 ms

[edit]
root@EX9200_1# run show arp no-resolve | match 192.168.136.1
00:26:88:6e:82:44 192.168.136.10    irb.136 [ge-0/0/0.0]   none
00:26:88:6e:82:4a 192.168.136.11    irb.136 [ge-1/0/0.0]   none

[edit]
root@EX9200_1#

And this would be all about DHCP Relay, at least the basics.

You need to specify who is the DHCP server and from which interfaces over which DHCP Discover messages are coming, you should allow and send further to the DHCP server.

I hope you found this interesting.

 

The following two tabs change content below.

Paris ARAU

Paris ARAU is a networking professional with strong background on routing and switching technologies. He is a holder of CCIE R&S and dual JNCIE(SP and ENT). The day to day work allows him to dive deeply in networking technologies. Part of the continuously training, he is focusing on Software Defined Network and cloud computing.

Comments

So empty here ... leave a comment!

Leave a Reply

Your email address will not be published. Required fields are marked *

Sidebar



%d bloggers like this: