Address allocation not working correctly

Lars Jacobsen lars-jacobsen at newmail.dk
Wed May 7 15:46:10 UTC 2008 

"Corley, Kenneth L \\(Kenny\\)" <corley at alcatel-lucent.com> wrote:

> We are not currently using option 82.


How do you distinguis between the different networks on the "client" side
? Are they in different VLANs routed by the Extreeme ? If so then you
might considder enabling opt. 82

Cut from Extreeme man:
Configuring the DHCP Relay Agent Option (Option 82)
After configuring and enabling the DHCP/BOOTP relay feature, you can
enable the DHCP relay agent option feature. This feature inserts a piece
of information, called option 82, into any DHCP request packet that is to
be relayed by the switch. Similarly, if a DHCP reply received by the
switch contains a valid relay agent option, the option will be stripped
from the packet before it is relayed to the client.
The DHCP relay agent option consists of two pieces of data, called
sub-options. The first is the agent circuit ID sub-option, and the second
is the agent remote ID sub-option. When the DHCP relay agent option is
enabled on switches running ExtremeWare, the value of these sub-options
is set as follows:
?Agent circuit ID sub-option: Contains the ID of the port on which the
original DHCP request packet was received. This ID is encoded as
((slot_number * 1000) + port_number). For example, if the DHCP request
were received on port 3:12, the agent circuit ID value would be 3012. On
non-slot-based switches, the agent circuit ID value is simply the port
number.
?Agent remote ID sub-option: Always contains the Ethernet MAC address of
the relaying switch. You can display the Ethernet MAC address of the
switch by issuing the show switch command.
To enable the DHCP relay agent option, use the following command after
configuring the DHCP/BOOTP relay function:
configure bootprelay dhcp-agent information option
To disable the DHCP relay agent option, use the following command:
unconfigure bootprelay dhcp-agent information option
In some instances, a DHCP server may not properly handle a DHCP request
packet containing a relay agent option. To prevent DHCP reply packets
with invalid or missing relay agent options from being forwarded to the
client, use the following command:
configure bootprelay dhcp-agent information check
To disable checking of DHCP replies, use this command:
unconfigure bootprelay dhcp-agent information check
A DHCP relay agent may receive a client DHCP packet that has been
forwarded from another relay agent. If this relayed packet already
contains a relay agent option, then the switch will handle this packet
according to the configured DHCP relay agent option policy. To configure
this policy, use the following command:
configure bootprelay dhcp-agent information policy <policy>
where <policy> must be one of the following values: replace, keep, or
drop. The default relay policy is replace. To configure the policy to the
default, use this command:
unconfigure bootprelay dhcp-agent information policy
For more general information about the DHCP relay agent information
option, refer to RFC 3046.
Verifying the DHCP/BOOTP Relay Configuration
To verify the DHCP/BOOTP relay configuration, use the following command:
show ipconfig
This command displays the configuration of the BOOTP relay service, and
the addresses that are currently configured.
UnCut from Extreeme man.

Again if several networks are comming into the DHCP server in the same
network (interface) then you should use "shared network"

Try search the list on opt. 82 and you might find some inspiration on
matching with use of classes etc.

> The giaddr is always 10.6.0.1 in DHCP Discover for both STB traffic
> and
> data/internet traffic so the DHCP server is allocating from 10.6.0.x
> always. I need it to allocate 10.5.0.x for STBs and 10.6.0.x for
> data/internet (ie. PCs).
> 
> Do you think using MAC OUI for STB address allocation would
> work...then
> put the scopes for data/internet and voip below in the DHCPd config
> file
> since it is processed from top to bottom?
> 
> class "ADB" {
> match if substring(hardware,1,3) = 00:03:91; *** ADB is the STB
> 
> }
> pool {
> range 10.5.0.2 10.5.0.200;
> allow members of "ADB";


This should work, but if a STB is put on the network anywhere else (a
different VLAN) it will still match the class and can be alocated an
adress form this scope.

> # subnet 10.6.0.0/24 Test Data
> subnet 10.6.0.0 netmask 255.255.255.0
> {
> authoritative;
> option routers 10.6.0.1;
> option broadcast-address 10.6.0.255;
> pool {
> deny members of "adb3800W-bootloader";
> deny members of "adb3800W-hlcode";
> deny members of "adb5810WX-bootloader";
> deny members of "adb5810WX-hlcode";
> range 10.6.0.201 10.6.0.225;
> }
> }
> #
> # subnet 10.7.0.0/24 Test Phone
> subnet 10.7.0.0 netmask 255.255.255.0
> {
> authoritative;
> option routers 10.7.0.1;
> option broadcast-address 10.7.0.255;
> range dynamic-bootp 10.7.0.201 10.7.0.225;
> option tftp-server-name "192.168.22.254";
> }
> 
> So I basically removed the following from the config:
> 
> # subnet 10.5.0.0/24 Test Video
> subnet 10.5.0.0 netmask 255.255.255.0
> {
> authoritative;
> option routers 10.5.0.1;
> option broadcast-address 10.5.0.255;
> pool {
> range dynamic-bootp 10.5.0.201 10.5.0.225;
> allow members of "adb3800W-bootloader";
> allow members of "adb3800W-hlcode";
> allow members of "adb5810WX-bootloader";
> allow members of "adb5810WX-hlcode";
> }
> }
> 
> Appreciate your thoughts.
> 
> Kenny
> 
> -----Original Message-----
> From: dhcp-users-bounce at isc.org [mailto:dhcp-users-bounce at isc.org] On
> Behalf Of Eric Helm
> Sent: Tuesday, May 06, 2008 8:23 PM
> To: dhcp-users at isc.org
> Subject: Re: Address allocation not working correctly
> 
> 
> 
> Corley, Kenneth L (Kenny) wrote:
> > Eric,
> >
> > The Extreme has the following DHCP relay config:
> >
> > enable bootprelay
> > configure bootprelay add 10.100.0.2 (10.100.0.2 is the DHCP server)
> > configure ip-down-vlan-action forward
> >
> > I did notice when looking at the DHCP DISCOVER from Set Top Box
> going
> > from the Extreme to the DHCP server that the bootp flag - relay
> agent
> > IP address - is set to 10.6.0.1. I assume this is why the DHCP
> server
> 
> > is allocating from the 10.6.0.x subnet? But I have deny statements
> > for the Set Top box class in the data or 10.6.0.x scope.
> >
> > Would you happen to know how to configure the Extreme to send
> 10.5.0.1
> 
> > in relay agent field of DISCOVER for STBs and send 10.6.0.1 in
> relay
> > agent field of DISCOVER for anything other than STBs (ie.
> PCs/laptops)?
> >
> 
> As far as I know, it cannot be done, but it shouldn't matter with the
> dhcp shared-network because it will service both networks regardless
> if
> the giaddr is 10.6.0.1 or 10.5.0.1.
> 
> You'll need to make sure your Option 82 classes are accurate and
> matching in the dhcpd.conf and that the Extreme is not stripping that
> information out of the DHCP packets. By the looks of the Extreme
> config,
> you'll need to add that line:
> 
> configure bootprelay dhcp-agent information policy keep
> 
> /Eric


Regards
Lars

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.isc.org/pipermail/dhcp-users/attachments/20080507/0f1dfdfe/attachment.html>

More information about the dhcp-users mailing list