Implementing the Dynamic Host Configuration Protocol

This module describes the concepts and tasks you will use to configure Dynamic Host Configuration Protocol (DHCP).

Feature History for Implementing the Dynamic Host Configuration Protocol

Release

Modification

Release 5.0.0

This feature was introduced .

Prerequisites for Configuring DHCP Relay Agent

The following prerequisites are required to configure a DHCP relay agent:

  • You must be in a user group associated with a task group that includes the proper task IDs. The command reference guides include the task IDs required for each command. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

  • A configured and running DHCP client and DHCP server

  • Connectivity between the relay agent and DHCP server

Information About DHCP Relay Agent

A DHCP relay agent is a host that forwards DHCP packets between clients and servers that do not reside on a shared physical subnet. Relay agent forwarding is distinct from the normal forwarding of an IP router where IP datagrams are switched between networks transparently.

DHCP clients use User Datagram Protocol (UDP) broadcasts to send DHCPDISCOVER messages when they lack information about the network to which they belong.

If a client is on a network segment that does not include a server, a relay agent is needed on that network segment to ensure that DHCP packets reach the servers on another network segment. UDP broadcast packets are not forwarded, because most routers are not configured to forward broadcast traffic. You can configure a DHCP relay profile and configure one or more helper addresses in it. You can assign the profile to an interface.

Forwarding UDP Broadcasts to a DHCP Server Using a Helper Address demonstrates the process. The DHCP client broadcasts a request for an IP address and additional configuration parameters on its local LAN. Acting as a DHCP relay agent, Router B picks up the broadcast, changes the destination address to the DHCP server's address and sends the message out on another interface. The relay agent inserts the IP address of the interface, on which the into the gateway address (giaddr) field of the DHCP packet, which enables the DHCP server to determine which subnet should receive the offer and identify the appropriate IP address range. The relay agent unicasts the messages to the server address, in this case 172.16.1.2 (which is specified by the helper address in the relay profile).

Figure 1. Forwarding UDP Broadcasts to a DHCP Server Using a Helper Address

How to Configure and Enable DHCP Relay Agent

This section contains the following tasks:

Configuring and Enabling DHCP Relay Agent with DHCP MAC Address Verification

This section discusses how to configure and enable DHCP Relay Agent with DHCP MAC address verification.

Configuration Example

Router# configure

Router(config)# dhcp ipv4
/* Configures DHCP for IPv4 and enters the DHCPv4 configuration submode. */

Router(config-dhcpv4)# profile client relay
/* Enables DHCP relay profile */

Router(config-dhcpv4)# client-mac-mismatch action drop
/* Enables MAC address verification. If MAC address in the DHCPv4 protocol header does not match the L2 header source MAC address in the DHCPv4 relay profile,
 the frame is dropped  */

Router(config-dhcpv4-relay-profile)# relay information option
/* Inserts the DHCP relay agent information option (option-82 field) in forwarded 
BOOTREQUEST messages to a DHCP server. */

Router(config-dhcpv4-relay-profile)# relay information check
/* (Optional) Configures DHCP to check the validity of the relay agent information 
option in forwarded BOOTREPLY messages. */

Router(config-dhcpv4-relay-profile)# relay information policy drop
/* (Optional) Configures the reforwarding policy for a DHCP relay agent; 
that is, whether the relay agent will drop or keep (using the 'keep' keyword)
 the relay information. */

Router(config-dhcpv4-relay-profile)# relay information option allow-untrusted
/* (Optional) Configures the DHCP IPv4 Relay not to discard BOOTREQUEST packets that have an existing 
relay information option and the giaddr set to zero. */

Router(config-dhcpv4-relay-profile)# giaddr policy drop
/* Drops the packet that has an existing nonzero giaddr value. Use the 'replace' keyword
 to replace the existing giaddr value with a value that it generates (the default behavior).  */

Router(config-dhcpv4-relay-profile)# helper-address vrf vrf1 10.1.1.1
/* Forwards UDP broadcasts, including DHCP. */

Router(config-dhcpv4-relay-profile)# commit

Router(config-dhcpv4-relay-profile)# exit
Router(config-dhcpv4)# vrf vrf1 relay profile client
Router(config-dhcpv4)# commit
/* Configures DHCP Relay on a VRF and commits the entire configuration. */

Running Configuration

Confirm your configuration.

Router# show run
Thu May 11 09:00:57.839 IST
Building configuration...
!! IOS XR Configuration 0.0.0
!! Last configuration change at Thu May 11 09:00:54 2017 by annseque
!
dhcp ipv4
vrf vrf1 relay profile client
profile client relay
client-mac-match action drop
helper-address vrf vrf1 10.1.1.1
giaddr policy drop
relay information check
relay information option
relay information policy drop
relay information option allow-untrusted
!
!

DHCP MAC Address Verification

Use the following show command to check if DHCP MAC address is being verified on the router.

Router# show dhcp ipv4 relay statistics raw all
packet_drop_mac_mismatch                      :         0

The output validates that the DHCP MAC address of the packets is verified.

Enabling DHCP Relay Agent on an Interface

This task describes how to enable the Cisco IOS XR DHCP relay agent on an interface.


Note


On Cisco IOS XR software, the DHCP relay agent is disabled by default.


SUMMARY STEPS

  1. configure
  2. dhcp ipv4
  3. interface type interface-path-id relay profile profile-name
  4. commit

DETAILED STEPS

  Command or Action Purpose

Step 1

configure

Step 2

dhcp ipv4

Example:


RP/0/RP0/CPU0:router(config)# dhcp ipv4 

Enters DHCP IPv4 configuration submode.

Step 3

interface type interface-path-id relay profile profile-name

Example:


RP/0/RP0/CPU0:router(config-dhcpv4)# interface 
/0 relay profile client

Attaches a relay profile to an interface.

Step 4

commit

Disabling DHCP Relay on an Interface

This task describes how to disable the DHCP relay on an interface by assigning the none profile to the interface.

SUMMARY STEPS

  1. configure
  2. dhcp ipv4
  3. interface type interface-path-id none
  4. commit

DETAILED STEPS

  Command or Action Purpose

Step 1

configure

Step 2

dhcp ipv4

Example:


RP/0/RP0/CPU0:router(config)# dhcp ipv4

Enters DHCP IPv4 configuration submode.

Step 3

interface type interface-path-id none

Example:


RP/0/RP0/CPU0:router(config-dhcpv4-relay-profile)# interface 
0/1/4/1 none

Disables the DHCP relay on the interface.

Step 4

commit

Configuring the Relay Agent Information Feature

This task describes how to configure the DHCP relay agent information option processing capabilities.

A DHCP relay agent may receive a message from another DHCP relay agent that already contains relay information. By default, the relay information from the previous relay agent is replaced (using the replace option).

SUMMARY STEPS

  1. configure
  2. dhcp ipv4
  3. profile profile-name relay
  4. relay information option
  5. relay information check
  6. relay information policy {drop | keep}
  7. relay information option allow-untrusted
  8. commit

DETAILED STEPS

  Command or Action Purpose

Step 1

configure

Step 2

dhcp ipv4

Example:


RP/0/RP0/CPU0:router(config)# dhcp ipv4

Enters DHCP IPv4 configuration .

Step 3

profile profile-name relay

Example:


RP/0/RP0/CPU0:router(config-dhcpv4)# profile client relay

Enters DHCP IPv4 profile relay .

Step 4

relay information option

Example:


RP/0/RP0/CPU0:router(config-dhcpv4-relay-profile)# relay information option

Enables the system to insert the DHCP relay agent information option (option-82 field) in forwarded BOOTREQUEST messages to a DHCP server.

  • This option is injected by the relay agent while forwarding client-originated DHCP packets to the server. Servers recognizing this option can use the information to implement IP address or other parameter assignment policies. When replying, the DHCP server echoes the option back to the relay agent. The relay agent removes the option before forwarding the reply to the client.

  • The relay agent information is organized as a single DHCP option that contains one or more suboptions. These options contain the information known by the relay agent.

    The supported suboptions are:

    • Remote ID

    • Circuit ID

Note

 

This function is disabled by default.

Step 5

relay information check

Example:


RP/0/RP0/CPU0:router(config-dhcpv4-relay-profile)# relay information check

(Optional) Configures DHCP to check the relay agent information option in forwarded BOOTREPLY is

  • By default, DHCP the field in DHCP reply packets, received from the DHCP server.

Note

 

Use the relay information check command to reenable this functionality if the functionality has been disabled.

Step 6

relay information policy {drop | keep}

Example:


RP/0/RP0/CPU0:router(config)# dhcp relay information policy drop

(Optional) Configures the reforwarding policy for a DHCP relay agent; that is, whether the relay agent will drop or keep the relay information.

Step 7

relay information option allow-untrusted

Example:


RP/0/RP0/CPU0:router(config-dhcpv4-relay-)# relay information 

(Optional) Configures the DHCP IPv4 Relay not to discard packets that have an existing relay information option and the giaddr set to zero.

Step 8

commit

Configuring Relay Agent Giaddr Policy

This task describes how to configure for that already contain a nonzero giaddr attribute.

SUMMARY STEPS

  1. configure
  2. dhcp ipv4
  3. profile relay
  4. giaddr policy {replace | drop}
  5. commit

DETAILED STEPS

  Command or Action Purpose

Step 1

configure

Step 2

dhcp ipv4

Example:


RP/0/RP0/CPU0:router(config)# dhcp ipv4

Enables the DHCP IPv4 configuration submode.

Step 3

profile relay

Example:


RP/0/RP0/CPU0:router(config-dhcpv4)# profile client relay

Enables profile relay submode.

Step 4

giaddr policy {replace | drop}

Example:


RP/0/RP0/CPU0:router(config-dhcpv4-relay-profile)# giaddr policy drop

Specifies the giaddr policy.

  • replaceReplaces the existing giaddr value with a value that it generates.

  • dropDrops the packet that has an existing nonzero giaddr value.

Step 5

commit

Configuring a DHCP Proxy Profile

The DHCP proxy performs all the functions of a relay and also provides some additional functions. The DHCP proxy conceals DHCP server details from DHCP clients. The DHCP proxy modifies the DHCP replies such that the client considers the proxy to be the server. In this state, the client interacts with the proxy as if it is the DHCP server.

This task describes how to configure and enable the DHCP proxy profile.

SUMMARY STEPS

  1. configure
  2. dhcp ipv4
  3. profile profile-name proxy
  4. helper-address address [ giaddr gateway-address ]
  5. commit

DETAILED STEPS

  Command or Action Purpose

Step 1

configure

Step 2

dhcp ipv4

Example:


RP/0/RP0/CPU0:router(config)# dhcp ipv4

Enters DHCP IPv4 configuration .

Step 3

profile profile-name proxy

Example:


RP/0/RP0/CPU0:router(config-dhcpv4)# profile client proxy

Enters DHCP IPv4 profile proxy submode.

Step 4

helper-address address [ giaddr gateway-address ]

Example:


RP/0/RP0/CPU0:router(config-dhcpv4-proxy-profile)# helper-address  
10.10.1.1

Forwards UDP broadcasts, including DHCP.

  • The value of the address argument can be a specific DHCP server address or a network address (if other DHCP servers are on the destination network segment). Using the network address enables other servers to respond to DHCP requests.

  • For multiple servers, configure one helper address for each server.

Step 5

commit

DHCPv4 Client

The Dynamic Host Configuration Protocol (DHCP) client functionality enables the router interfaces to dynamically acquire the IPv4 address using DHCP.

The DHCP provides configuration parameters to Internet hosts. DHCP consists of two components:
  • a protocol to deliver host-specific configuration parameters from a DHCP server to a host.
  • a mechanism to allocate network addresses to hosts.

DHCP is built on a client-server model, where designated DHCP server hosts allocate network addresses, and deliver configuration parameters to dynamically configured hosts.

A relay agent is required if the client and server are not on the same Layer 2 network. The relay agent usually runs on the router, and is required because the client device does not know its own IP address initially. The agent sends out a Layer 2 broadcast to find a server that has this information. The router relays these broadcasts to the DHCP server, and forwards the responses back to the correct Layer 2 address so that the correct device gets the correct configuration information.

DHCP has the ability to allocate IP addresses only for a configurable period of time, called the lease period. If the client is required to retain this IP address for a longer period beyond the lease period, the lease period must be renewed before the IP address expires. The client renews the lease based on configuration that was sent from the server. The client unicasts a REQUEST message using the IP address of the server. When a server receives the REQUEST message and responds with an ACK message. The lease period of the client is extended by the lease time configured in the ACK message.

Restrictions and Limitations

  • DHCP client can be enabled only on management interfaces.
  • Either DHCP or static IP can be configured on an interface.

Enabling DHCP Client on an Interface

The DHCPv4 or DHCPv6 client can be enabled at an interface level. The DHCP component receives a notification when DHCPv4 or DHCPv6 is enabled or disabled on an interface.

Router# configure
Router(config)# interface MgmtEth rack/slot/CPU0/port
Router(config)# interface interface_name ipv6 address dhcp  

Configuration Examples for the DHCP Relay Agent

This section provides the following configuration examples:

DHCP Relay Profile: Example

The following example shows how to configure the Cisco IOS XR relay profile:


dhcp ipv4 
 profile client relay
  helper-address  foo 10.10.1.1
 !        
! ...

DHCP Relay on an Interface: Example

The following example shows how to enable the DHCP relay agent on an interface:


dhcp ipv4
 interface HundredGigE 0/1/1/0 relay profile client
!

Relay Agent Information Option Support: Example

The following example shows how to enable the relay agent and the insertion and removal of the DHCP relay information option:


dhcp ipv4
 profile client relay
relay information 

 !
!

Relay Agent Giaddr Policy: Example

The following example shows how to configure relay agent giaddr policy:


dhcp ipv4
 profile client relay
  giaddr policy drop
 !
!

Cisco IOS XR Broadcast Flag Policy: Example

The following example shows how to configure Cisco IOS XR broadcast flag policy:


dhcp ipv4
profile client relay
broadcast-flag policy check
!

Additional References

The following sections provide references related to implementing the Cisco IOS XR DHCP relay agent.

Related Documents

Related Topic

Document Title

Cisco IOS XR

DHCP commands

DHCP Commands module in the IP Addresses and Services Command Reference for Cisco NCS 6000 Series Routers

Information about user groups and task IDs

Configuring AAA Services module in the System Security Configuration Guide for Cisco NCS 6000 Series Routers

Standards

Standards

Title

No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.

MIBs

MIBs

MIBs Link

To locate and download MIBs, use the Cisco MIB Locator found at the following URL and choose a platform under the Cisco Access Products menu: https://mibs.cloudapps.cisco.com/ITDIT/MIBS/servlet/index

RFCs

RFC

Title

RFC 2131

Dynamic Host Configuration Protocol

Technical Assistance

Description

Link

The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.

http://www.cisco.com/techsupport