DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes

The DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes feature uses the Dynamic Host Configuration Protocol (DHCP) On-Demand Address Pool (ODAP) feature to support the centralized management of overall IP addresses and zero touch Spoke DMVPN deployments.

Dynamic IP address allocation for the DMVPN Spoke's generic routing encapsulation (GRE) tunnel interface is supported. The Spoke devices in DMVPN deployments must be configured statically for local DHCP pools so that they can distribute addresses to hosts on their inside LAN interface. This involves substantial administrative overhead. The management of large pools of IP subnets needs to be centralized to simplify the configuration of subnets allocated to LAN interfaces in large DMVPN networks.

The Cisco implementation of DHCP provides an additional functionality of ODAP subnet allocation. The ODAP subnet allocation allows DHCP to be used to not only allocate and install an IP address for the DMVPN mGRE tunnel on the Spoke, but also to allocate an IP subnet to be used by the Spoke to distribute addresses on its inside LAN interface. ODAP is used to centralize the management of large pools of addresses and simplify the configuration of large networks. ODAP provides a central management point for the allocation and assignment of subnets and IP addresses.

Finding Feature Information

Your software release may not support all the features documented in this module. For the latest caveats and feature information, see Bug Search Tool and the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the feature information table.

Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to www.cisco.com/​go/​cfn. An account on Cisco.com is not required.

Information About DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes

ODAP Client Support on DMVPN Spoke

The Cisco IOS DHCP ODAP feature supports centralized management of IP addresses and zero touch spoke DMVPN deployments. After the IP address is assigned to the DMVPN mGRE tunnel on the spoke, DHCP is used to allocate an IP subnet that is to be used by the spoke to distribute addresses to hosts on its inside LAN interface.

The following enhancements are made on the ODAP client side to support the DHCP- Automatic IPv4 Address Pool Assignment for DMVPN Spokes feature:

  • In the existing implementation of IOS ODAP client, the outgoing interface for sending a subnet allocation request cannot be specified. Therefore, subnet allocation request DHCP packets are sent on all the interfaces. This is not desirable in a DMVPN environment. A new CLI is introduced that allows the administrator to specify the outgoing interface for sending the subnet allocation request. The target ODAP server's IP address can also be specified in the same CLI.

  • By default, the Cisco IOS DHCP ODAP client module prepares the client ID to be sent in the subnet allocation request by concatenating the router hostname with the subnet pool name. The subnet allocation server uses this client ID to identify and allocate subnets. This naming convention will not work well in a DMVPN environment. The IOS DHCP ODAP client module is enhanced to use an administrator-configured client ID.

  • By default, Cisco IOS ODAP requests only one subnet when sending the initial request for subnets at the time of configuration. The existing CLI is enhanced to allow the administrator to configure the number of subnets that need to be requested in the initial request for subnets.

  • With the existing implementation of the ODAP client, the DMVPN spoke will lose all the subnet information it had acquired after a reboot or reload. Any new subnet allocation request after a reload will result in a new subnet allocated to the spoke. This is not desirable in the DMVPN deployment scenario. The subnet allocation protocol provides a mechanism for recovering the previously allocated subnet after the subnet client reboots or reloads. As part of this feature, the ODAP client is enhanced to request previously allocated subnets after a reload or reboot. If the server does not reply with any previously allocated subnets, the client will learn that no subnets were allocated to it earlier, and will then switch back to the subnet allocation request for new subnets.

Apart from using DHCP, the DMVPN hub also can use the RADIUS AAA protocol for getting the subnet allocated for IP address allocation to its local LAN. With the RADIUS method of subnet allocation, the subsequent request for subnet allocation from the client will not result in the allocation of a new subnet.

ODAP Server Support on DMVPN Hub

The IOS ODAP server (that is, subnet allocation server) can be used in a DMVPN deployment at the hub node. The subnet allocation server also can reside outside the DMVPN network. In either case, the IOS ODAP server has limited usability in a DMVPN deployment. As part of the DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes feature, the following enhancements were made to the IOS subnet allocation server:

  • The existing implementation of the ODAP server supports only requests for new subnets. It does not understand the request for previously allocated subnets that the client can send at the time of reboot or reload. As part of this feature, the ODAP server is enhanced to recognize the request for previously allocated subnets and reply with all the previously allocated subnets to the client instead of allocating new ones.

  • The IOS software has database agent support that is used to store the IP address bindings to the nonvolatile storage (like the FTP file). This file can be read by the DHCP server at the time of reload or restart. The database agent support provides the persistent storage mechanism for IP address bindings. The IOS software supports persistent storage for ODAP subnet bindings.


Note

Relay agent support is not required for ODAP requests in a DMVPN environment irrespective of the ODAP server location.

DHCP Static Mapping

The DHCP static mapping binding feature allows you to configure many manual bindings without creating as many DHCP host pools. This feature allows the administrator to create a file with the static DHCP bindings (IP or client ID pair) that gets read when the DHCP server is started. While reading this static mapping file, manual or static DHCP bindings get created on the DHCP server with infinite lease. Few DMVPN deployments use this feature for assigning static IP address to spoke nodes. As part of the DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes feature, the DHCP static mapping binding feature is enhanced to make it more usable in DMVPN deployments. The following enhancements were made:

  • It is not feasible for the administrator to know the client ID of each spoke node in advance for the purpose of mentioning the it in the DHCP static mapping file. The static mapping file, instead of containing the IP address to client ID mapping, is enhanced to contain the IP address to ASCII format client ID, which can be configured on the requesting clients.

  • In the existing implementation of the DHCP static mapping bindings feature, file is read only in beginning at the time of configuration or when the DHCP server is started. An administrator configurable periodic timer is available with the DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes feature so that the static mapping file can be read periodically and the DHCP bindings on the server remain up to date. The origin file command is enhanced to allow you to specify the periodic refresh timer.

  • Apart from providing a periodic timer for refreshing the static mapping file, you can refresh the static mapping bindings without affecting the present DHCP bindings on the server using the odap server command.

  • The client ID shown in the DHCP debugs and in the show command outputs is displayed in ASCII string format to make it more readable. This change will apply only to static bindings. You can enable or disable this feature using the ip dhcp debug ascii-client-id command.

NHRP Support

In a DMVPN environment, the IPsec tunnel connecting the DMVPN spoke to hub must be built before any IP packet exchange can happen through GRE tunnel interface. Next Hop Resolution Protocol (NHRP) is integrated with DHCP to work in scenarios where the DMVPN spoke acts as a DHCP relay agent or DHCP server.

Configuring DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes

Assigning an IPv4 Address Pool for DMPVN Spokes

For more information about configuring DMVPN, see the Dynamic Multipoint VPN (DMVPN) module. You can use the odap server {rebind-time percent-value | renew-timepercent-value} command to configure ODAP server parameters. Perform this task to assign IPv4 address pool for DMVPN spokes.

Before You Begin

Note

You should configure the DHCP server ODAP. For more information, see the Configuring the DHCP Server On-Demand Address Pool Manager module.

You must configure the DMVPN hub as a DHCP server. For more information about configuring the spoke address dynamically on a DMVPN network using DHCP, see the DHCP: Tunnels Support module.
SUMMARY STEPS

    1.    enable

    2.    configure terminal

    3.    ip dhcp pool pool-name

    4.    origin dhcp number number

    5.    odap client {client-id id [interface type number] [target-server ip-address] | interface type number [client-id id] [target-server ip-address | target-server ip-address [client-id id] [interface type number]

    6.    origin dhcp [subnet size initial size [autogrow size]]

    7.    end


DETAILED STEPS
     Command or ActionPurpose
    Step 1 enable


    Example:
    Router> enable
     
    Enables privileged EXEC mode.

    • Enter your password if prompted.

     
    Step 2configure terminal


    Example:
    Router# configure terminal
     

    Enters global configuration mode.

     
    Step 3 ip dhcp pool pool-name


    Example:
    Router(config)# ip dhcp pool pool1
     

    Configures a DHCP address pool on a Cisco IOS DHCP server and enters DHCP pool configuration mode.

     
    Step 4origin dhcp number number


    Example:
    Router(dhcp-config)# origin dhcp number 3
     

    Configures the initial number of subnets that should be requested by the ODAP client.

     
    Step 5odap client {client-id id [interface type number] [target-server ip-address] | interface type number [client-id id] [target-server ip-address | target-server ip-address [client-id id] [interface type number]


    Example:
    Router(dhcp-config)# odap client client-id id1 interface gigabitethernet 0/0 target-server 192.168.10.1
     

    Configures ODAP client parameters.

     
    Step 6origin dhcp [subnet size initial size [autogrow size]]
     

    Configures an address pool as an ODAP.

    • If you do not configure the pool as an autogrow pool, the pool will not request additional subnets if one subnet is already in the pool.

    • You can enter the value for the size argument as either the subnet mask (nnnn.nnnn.nnnn.nnnn) or prefix size (/nn). The valid values are /0 and /4 to /30.

    • When a DHCP pool receives multiple subnets from an upstream DHCP server, an address from each subnet is automatically configured on the client connected interface so that the addresses within the subnets can be requested by DHCP clients. The first address in the first subnet is automatically assigned to the primary address on the interface. The first address of each subsequent subnet is assigned to secondary addresses on the interface. In addition, as client addresses are reclaimed, the count of lease addresses for that subnet is decremented. Once a lease counter for a subnet reaches zero (that is, lease expiry), the subnet is returned to the pool. The previous address on the interface is removed and the first secondary address on the interface is promoted as the primary address of the interface.

     
    Step 7end


    Example:
    Router(dhcp-config)# end
     

    Exits DHCP pool configuration mode and returns to privileged EXEC mode.

     

    Configuration Examples for DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes

    Example: Assigning an IPv4 Address Pool for DMVPN Spokes

    Router# configure terminal
Router(config)# ip dhcp pool pool1
Router(dhcp-config)# origin dhcp number 3
Router(dhcp-config)# odap client client-id id1 interface gigabitethernet 0/0 target-server 192.168.10.1
Router(dhcp-config)# origin dhcp subnet size initial /16 autogrow /16 
Rotuer(dhcp-config)# end

    Additional References

    Related Documents

    Related Topic

    Document Title

    Cisco IOS commands

    Cisco IOS Master Commands List, All Releases

    DMVPN commands

    Cisco IOS Security Command Reference

    On-Demand Address Pool Manager

    Configuring the DHCP Server On-Demand Address Pool Manager

    Dynamic Multipoint VPN

    Configuring DMVPN

    Configuring the node (or spoke) of generic routing encapsulation (GRE) tunnel interfaces dynamically using DHCP

    DHCP: Tunnels Support

    Standards and RFCs

    Standard/RFC

    Title

    None

    -

    MIBs

    MIB

    MIBs Link

    None

    To locate and download MIBs for selected platforms, Cisco software releases, and feature sets, use Cisco MIB Locator found at the following URL:

    http:/​/​www.cisco.com/​go/​mibs

    Technical Assistance

    Description

    Link

    The Cisco Support and Documentation website provides online resources to download documentation, software, and tools. Use these resources to install and configure the software and to troubleshoot and resolve technical issues with Cisco products and technologies. Access to most tools on the Cisco Support and Documentation website requires a Cisco.com user ID and password.

    http:/​/​www.cisco.com/​cisco/​web/​support/​index.html

    Feature Information for DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes

    The following table provides release information about the feature or features described in this module. This table lists only the software release that introduced support for a given feature in a given software release train. Unless noted otherwise, subsequent releases of that software release train also support that feature.

    Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to . An account on Cisco.com is not required.
    Table 1 Feature Information for DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes

    Feature Name

    Releases

    Feature Information

    DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes

    15.2(1)T

    The DHCP: Automatic IPv4 Address Pool Assignment for DMVPN Spokes feature uses the DHCP ODAP feature to support the centralized management of overall IP addresses and zero touch spoke DMVPN deployments.

    The following commands were introduced or modified:

    ip dhcp debug ascii-client-id, odap client, odap server, origin.