Restrictions for DHCP Relay in a BGP EVPN VXLAN Fabric
DHCPv6 prefix delegation is not supported.
The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.
DHCPv6 prefix delegation is not supported.
Networks use DHCP relay to forward DHCP packets between host devices and a DHCP server. In a BGP EVPN VXLAN fabric, you can configure a VTEP as a relay agent to provide DCHP relay services in a multi-tenant VXLAN environment.
When a network uses DHCP relay, DHCP messages move through the same switch in both directions. DHCP relay generally uses the gateway IP address (GiAddr) for scope selection and DHCP response messages. In a BGP EVPN VXLAN fabric that has distributed IP anycast gateway enabled, DHCP messages can return to any switch that hosts the respective GiAddr.
Deploying DHCP relay in an EVPN VXLAN network requires a different method for scope selection and a unique IP address for each switch in the network. The unique Loopback interface for a switch becomes the GiAddr that a switch uses to respond to the correct switch. DHCP option 82, also referred to as DHCP option VPN, is used for scope selection based on the Layer 2 VNI.
In a multi-tenant EVPN environment, DHCP relay uses the following sub-options of option 82:
Sub-Option 151(0x97)—Virtual Subnet Selection:
The virtual subnet selection sub-option is used to convey VRF-related information to the DHCP server in an MPLS VPN and a VXLAN EVPN multi-tenant environment.
RFC 6607 provides the definition for this sub-option.
Sub-Option 11(0xb)—Server ID Override
The server identifier or server ID override sub-option allows the DHCP relay agent to specify a new value for the server ID option. The DHCP server inserts this new value in the reply packet. This sub-option allows the DHCP relay agent to act as the actual DHCP server. The DHCP relay agent begins to receive all the renew requests instead of the DHCP server. The server ID override sub-option contains the incoming interface IP address. The DHCP client accesses the DHCP relay agent using the incoming interface IP address. The DHCP client uses this information to send all the renew and release request packets to the DHCP relay agent. The DHCP relay agent adds all the appropriate sub-options and then forwards the renew and release request packets to the original DHCP server.
For this function, Cisco’s proprietary implementation is sub-option 152(0x98). To implement the suboption and manage the function, run the ip dhcp relay sub-option type cisco command in global configuration mode on the VTEP that acts as the DHCP relay agent.
RFC 5107 provides the definition for this sub-option.
Sub-Option 5(0x5)—Link Selection:
The link selection sub-option provides a mechanism to separate the subnet or link, on which the DHCP client resides, from the GiAddr. The DHCP server uses this mechanism to communicate with the DHCP relay agent. The DHCP relay agent sets the sub-option to the correct subscriber subnet. The DHCP server then uses this value to assign an IP address different from the GiAddr. The DHCP relay agent sets the GiAddr to its own IP address to ensure that it is possible to forward the DHCP messages over the network.
For this function, Cisco’s proprietary implementation is sub-option 150(0x96). To manage the function, run the ip dhcp relay sub-option type cisco command in global configuration mode on the VTEP that acts as the DHCP relay agent.
RFC 3527 provides the definition for this sub-option.
DHCP relay is generally configured on the default gateway that faces the DHCP client. You can configure a VTEP as a DHCP relay agent in different ways to automate IP addressing. The configuration depends on whether the DHCP server is present in the same network, the same VRF, or a different VRF compared to the DHCP client. When the DHCP server and DHCP client are in different VRFs, traffic is forwarded across the tenant or VRF boundaries.
The following are the common DHCP relay deployment scenarios for a BGP EVPN VXLAN fabric:
DHCP server is in the Layer 3 default VRF and DHCP client is in the tenant VRF.
See Example: DHCP Server is in the Layer 3 Default VRF and the DHCP Client is in the Tenant VRF for a configuration example.
DHCP server and DHCP client are in the same tenant VRF.
See Example: DHCP Server and DHCP Client are in the Same Tenant VRF for a configuration example.
DHCP server and DHCP client are in different tenant VRFs.
See Example: DHCP Client and DHCP Server are in Different Tenant VRFs for a configuration example.
DHCP server is in a non-default non-VXLAN VRF and DHCP client is in the tenant VRF.
See Example: DHCP Server is in a non-Default, non-VXLAN VRF and DHCP Client is in the Tenant VRF for a configuration example.
You must configure EVPN VXLAN Layer 2 and Layer 3 overlay networks before configuring BGP EVPN VXLAN interworking with DHCP relay. See Configuring EVPN VXLAN Integrated Routing and Bridging for detailed steps.
Perform the following set of procedures to configure BGP EVPN VLAN interworking with DHCP relay:
To configure DHCP relay on a VTEP, perform the following steps:
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password, if prompted. |
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
Step 3 |
ip dhcp relay information option vpn Example:
|
Adds option VPN suboption to DHCP option 82. Enables the device to insert VPN suboptions into the DHCP relay agent information option in the messages forwarded to the DHCP server and sets the GiAddr on the outgoing interface towards the DHCP server. |
Step 4 |
ip dhcp relay information option Example:
|
Enables DHCP option 82. Enables the system to insert a DHCP relay agent information option in the messages forwarded to the DHCP server. |
Step 5 |
ip dhcp relay override gateway-ip-address link-selection Example:
|
Sets the gateway IP address as the IP address of the DHCP relay agent and configures the server to assign an IP address that is different from the GiAddr to the DHCP clients. |
Step 6 |
ip dhcp compatibility suboption { link-selection | server-override} standard Example:
|
Configures the DHCP client to use the Internet Assigned Numbers Authority (IANA) standard relay agent server ID override suboption. Use the link-selection standard keyword to switch to standard DHCP option 82[5]. Use the server-override standard keyword to switch to standard DHCP option 82[11]. |
Step 7 |
ip dhcp snooping vlan vlan-id-list Example:
|
Enables DHCP snooping on the specified list of VLANs. |
Step 8 |
ip dhcp snooping Example:
|
Enables DHCP snooping globally on the VTEP. |
Step 9 |
end Example:
|
Returns to privileged EXEC mode. |
Perform this procedure on all the VTEPs for each VLAN that is associated with the Layer 2 VNI configured in the EVPN VXLAN network.
To configure DHCP relay on the access SVI of a VTEP, perform the following steps:
Command or Action | Purpose | |||
---|---|---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password, if prompted. |
||
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
||
Step 3 |
interface vlan vlan-id Example:
|
Enters interface configuration mode for the specified VLAN interface. This VLAN interface acts as the GiAddr. |
||
Step 4 |
vrf forwarding vrf-name Example:
|
Associates the VRF with the interface. The interface must be associated with the same VRF for which the Layer 3 VNI has been configured for the EVPN VXLAN network. |
||
Step 5 |
ip dhcp relay information option vpn-id Example:
|
Enables the device to insert VPN suboptions into the DHCP relay agent information option in the messages forwarded to the DHCP server and sets the GiAddr on the outgoing interface towards the DHCP server. |
||
Step 6 |
ip dhcp relay source-interface Loopback loopback-interface-id Example:
|
Configures the specified Loopback interface as the source interface for DHCP relay messages. The DHCP relay agent uses the IP address of the source interface as the source IP address to relay messages.
|
||
Step 7 |
ip address ip-address Example:
|
Sets the IP address for the VLAN interface. |
||
Step 8 |
ip helper-address [ global | vrf vrf-name] ip-address Example:
|
Sets the DHCP IP helper address for the VLAN interface. Use the global keyword if the DHCP server is reachable over the global routing table (GRT). Use the vrf vrf-name keyword if the DHCP server is reachible over the tenant VRF. |
||
Step 9 |
exit Example:
|
Exits interface configuration mode and returns to global configuration mode. |
||
Step 10 |
end Example:
|
Returns to privileged EXEC mode. |
DHCP server reachability can be achieved through a physical Layer 3 interface (or subinterface), a dot1Q interface, an SVI, or a Layer 3 Portchannel interface (or subinterface).
Note |
This task is optional if you implement plain IP address forwarding in the respective VRF. |
To configure the Layer 3 or routed interface on the border VTEP for external connectivity, perform the following steps:
Command or Action | Purpose | |
---|---|---|
Step 1 |
enable Example:
|
Enables privileged EXEC mode. Enter your password, if prompted. |
Step 2 |
configure terminal Example:
|
Enters global configuration mode. |
Step 3 |
interface vlan vlan-id Example:
|
Enters interface configuration mode for the specified VLAN interface. |
Step 4 |
vrf forwarding vrf-name Example:
|
Configures the SVI for the VLAN and associates the specified VRF with the interface. |
Step 5 |
ip address ip-address Example:
|
Configures the IP address for the VLAN. |
Step 6 |
ipv6 address ipv6-address Example:
|
Configures the IPv6 address for the VLAN. |
Step 7 |
ipv6 enable Example:
|
Enables IPv6 processing on the VLAN interface. |
Step 8 |
exit Example:
|
Exits interface configuration mode and returns to global configuration mode. |
Step 9 |
interface interface-id Example:
|
Enters interface configuration mode for the specified interface. |
Step 10 |
switchport access vlan vlan-id Example:
|
Specifies the VLAN to be used as access VLAN when the interface is in access mode. |
Step 11 |
switchport mode access Example:
|
Configures the interface as an access interface. |
Step 12 |
exit Example:
|
Exits interface configuration mode and returns to global configuration mode. |
Step 13 |
end Example:
|
Returns to privileged EXEC mode. |
This section provides configuration examples for DHCP relay in a BGP EVPN VXLAN fabric for the following scenarios using the topology in DHCP Relay Deployment in a BGP EVPN VXLAN Fabric.
DHCP server is in the Layer 3 default VRF and DHCP client is in the tenant VRF
DHCP server is in a different tenant VRF from that of the DHCP client
DHCP server is in a non-default, non-VXLAN VRF and DHCP client is in the tenant VRF
The preceding figure shows an EVPN VXLAN network with two spine switches (Spine Switch 1 and Spine Switch 2) and three leaf switches (VTEP1, VTEP 2, and VTEP 3). VTEP 3 is connected to two DHCP servers. VTEP 1 and VTEP 2 are connected to a single DHCP client each.
This example shows how to configure DHCP relay deployment in a BGP EVPN VXLAN fabric for the topology in this figure when the DHCP server and the DHCP client are in the same tenant VRF. The DHCP server is reachable over global routing table (GRT).
The following tables provide sample configurations for the DHCP server and VTEP 1:
DHCP Configuration Snippet |
---|
|
VTEP 1 |
---|
|
|
|
Return to Configuration Examples for DHCP Relay in a BGP EVPN VXLAN Fabric.
This example shows how to configure DHCP relay deployment in a BGP EVPN VXLAN fabric for the topology in this figure when the DHCP server and the DHCP client are in the same tenant VRF. The DHCP server is reachable over this common tenant VRF.
The following tables provide sample configurations for the DHCP server and VTEP 1:
DHCP Configuration Snippet |
---|
|
VTEP 1 |
---|
|
|
|
Return to Configuration Examples for DHCP Relay in a BGP EVPN VXLAN Fabric.
This example shows how to configure DHCP relay deployment in a BGP EVPN VXLAN fabric for the topology in this figure when the DHCP server and the DHCP client are in different tenant VRFs. The DHCP server is reachable over a VRF that is different from the client's VRF.
The following tables provide sample configurations for the DHCP server and VTEP 1:
DHCP Configuration Snippet |
---|
|
VTEP 1 |
---|
|
|
|
|
Return to Configuration Examples for DHCP Relay in a BGP EVPN VXLAN Fabric.
This example shows how to configure DHCP relay deployment in a BGP EVPN VXLAN fabric for the topology in this figure when the DHCP server is in a non-default, non-VXLAN VRF and the DHCP client is in the tenant VRF. The DHCP server is reachable over a VRF that is different from the client's VRF.
The following tables provide sample configurations for the DHCP server and VTEP 1:
DHCP Configuration Snippet |
---|
|
VTEP 1 |
---|
|
|
|
|
Return to Configuration Examples for DHCP Relay in a BGP EVPN VXLAN Fabric.
Related Topic |
Document Title |
---|---|
DHCP Server configuration in IOS XE EVPN VXLAN |