This is an old revision of the document!
Configuration Guide - IP Service
S2720, S5700, and S6720 V200R013C00
This document describes the configurations of IP Service, including IP address, ARP, DHCP, DHCP policy VLAN, DNS, mDNS gateway, mDNS relay, UDP Helper, IP performance optimization, IPv6, DHCPv6, IPv6 DNS, IPv6 over IPv4 tunnel, and IPv4 over IPv6 tunnel.
Note: The dhcp enable command is the prerequisite for configuring DHCP-related functions, including DHCP relay, DHCP snooping, and DHCP server. These functions take effect only after the dhcp enable command is run. After the undo dhcp enable command is run, all DHCP-related configurations of the device are deleted. After DHCP is enabled again using the dhcp enable command, all DHCP-related configurations of the device are restored to the default configurations. After DHCP is enabled, if STP is also enabled, address allocation may slow down. By default, STP is enabled. To disable STP, run the undo stp enable command.
Procedure
1. Enter the system view.
system-view
2. Enable DHCP.
dhcp enable
By default, DHCP is disabled.
3. (Optional) Enable dynamic route limiting on DHCP messages.
dhcp speed-limit auto
By default, dynamic rate limiting is disabled on DHCP messages.
4. (Optional) Enable the DHCP broadcast suppression function.
dhcp broadcast suppress enable
By default, the DHCP broadcast suppression function is disabled.
Enabling the DHCP Relay Function
Context: Enable the DHCP relay function on an interface so that the interface functions as a DHCP relay agent.
Procedure
1. Enter the system view.
system-view
2. Enter the interface view or sub-interface view.
interface interface-type interface-number [.subinterface-number ]
Note: Only the S5720EI, S5720HI, S5730HI, S6720HI, S6720EI, and S6720S-EI support sub-interfaces.
3. (Optional) On an Ethernet interface, run undo portswitch The interface is switched to Layer 3 mode.
By default, an Ethernet interface works in Layer 2 mode.
Note: Only the S5720EI, S5720HI, S5730HI, S6720EI, S6720HI, and S6720S-EI support switching between Layer 2 and Layer 3 modes.
4. Configure an IP address for the interface or configure the interface to borrow an IP address from another interface
ip address ip-address { mask | mask-length } or ip address unnumbered interface interface-type interface-number
Note: The DHCP relay function is configured on the user-side gateway interface typically. The IP address of the gateway interface must be on the same network segment as the address pool configured on the DHCP server; otherwise, DHCP clients cannot obtain IP addresses.
You can configure an interface to borrow an IP address from another interface in the scenario where clients and the DHCP relay agent are on different network segments, for example, CPEs function as DHCP clients and need to obtain public IP addresses, but no public IP address is configured on the DHCP relay agent to save IP address resources. To configure an interface to borrow an IP address from another interface, you must enable DHCP snooping on the interface or VLAN connecting to users. After DHCP snooping is enabled, the DHCP relay agent adds user network routes (UNRs) to clients when adding DHCP snooping binding entries and deletes UNRs to clients when deleting DHCP snooping binding entries. The number of clients cannot exceed the maximum number of DHCP snooping binding entries that can be learned. You can run the dhcp snooping max-user-number command to configure the maximum number of DHCP snooping binding entries that can be learned.
5. Enable the DHCP relay function on the interface.
dhcp select relay
By default, the DHCP relay function is disabled on an interface.
Note: When enabling the DHCP relay function on a sub-interface, run the arp broadcast enable command on the sub- interface to enable ARP broadcast. By default, ARP broadcast is not enabled on a VLAN tag termination sub- interface.
Specifying the DHCP Server IP Address
Context: You must specify the IP address of the DHCP server so that the DHCP relay agent can forward DHCP messages between the server and clients. Two methods are available for you to specify the DHCP server IP address: in the interface view and in the DHCP server group view. The former method is recommended if you configure the DHCP relay function on individual interfaces connected to DHCP servers that have different IP addresses. The latter method is recommended if you configure the DHCP relay function on multiple interfaces that connect to one DHCP server.
Note: A maximum of 16 DHCP relay agents are allowed between a DHCP server and a DHCP client. If there are more than 16 DHCP relay agents, DHCP messages are discarded.
Procedure
* Specify the DHCP server IP address in the interface view. Enter the system view.
system-view
(Optional) Configure the DHCP server polling function on the DHCP relay agent.
ip relay address cycle
By default, DHCP server polling is disabled on a DHCP relay agent.
(Optional) Set the TTL value for DHCP Discovery messages after they are forwarded by the DHCP relay agent at Layer 3.
dhcp set ttl { unvaried | ttl-value }
By default, the TTL value of DHCP Discovery messages decreases by 1 after they are forwarded by the DHCP relay agent at Layer 3.
Note: If the DHCP relay agent connects to a special client whose TTL value of DHCP Discovery messages is 1, and if there are routing devices between the DHCP relay agent and DHCP server, run the dhcp set ttl ttl-value command to specify a fixed TTL value (16 is recommended) for DHCP Discovery messages after they are forwarded by the DHCP relay agent at Layer 3.
Enter the interface or sub-interface view.
interface interface-type interface-number[.subinterface-number ] Note: Only the S5720EI, S5720HI, S5730HI, S6720HI, S6720EI, and S6720S-EI support sub-interfaces.
(Optional) On an Ethernet interface, run undo portswitch The interface is switched to Layer 3 mode.
By default, an Ethernet interface works in Layer 2 mode.
Note: Only the S5720EI, S5720HI, S5730HI, S6720EI, S6720HI, and S6720S-EI support switching between Layer 2 and Layer 3 modes.
Specify the IP address of a DHCP server.
dhcp relay server-ip ip-address
By default, no DHCP server IP address is specified.
You can specify up to 20 DHCP server IP addresses for each interface.
(Optional) Enable DHCP relay gateway switching.
dhcp relay gateway-switch enable
By default, DHCP relay gateway switching is disabled.
After primary and secondary IP addresses are configured on an interface, the primary IP address functions as the gateway address in most cases. If clients cannot use the primary IP address to apply for IP addresses, configure DHCP relay gateway switching to allow the clients to use secondary IP addresses to apply for IP addresses. After DHCP relay gateway switching is enabled, configure address pools on the same network segment as the secondary IP addresses on the connected DHCP server.
- The gateway address switches from the primary IP address to a secondary IP address only when a user fails at least three times to obtain an IP address using the primary IP address and the interval between the last failure and first failure exceeds 24 seconds.
- If a primary IP address and multiple secondary IP addresses are configured on an interface, the system tries the secondary IP addresses one by one based on the IP address configuration sequence until users successfully obtain IP addresses.
* Specify the DHCP server IP address in the DHCP server group view.
Enter the system view.
system-view
(Optional) Configure the DHCP server polling function on the DHCP relay agent.
ip relay address cycle
By default, DHCP server polling is disabled on a DHCP relay agent.
(Optional) Set the TTL value for DHCP Discovery messages after they are forwarded by the DHCP relay agent at Layer 3.
dhcp set ttl { unvaried | ttl-value }
By default, the TTL value of DHCP Discovery messages decreases by 1 after they are forwarded by the DHCP relay agent at Layer 3.
Note: If the DHCP relay agent connects to a special client whose TTL value of DHCP Discovery messages is 1, and if there are routing devices between the DHCP relay agent and DHCP server, run the dhcp set ttl ttl-value command to specify a fixed TTL value (16 is recommended) for DHCP Discovery messages after they are forwarded by the DHCP relay agent at Layer 3.
Create a DHCP server group and enter its view.
dhcp server group group-name
By default, no DHCP server group is configured.
A maximum of 32 DHCP server groups can be configured on a device.
Configure the DHCP server members in the DHCP server group.
dhcp-server ip-address [ ip-address-index ]
By default, no DHCP server member is configured in a DHCP server group.
A maximum of 20 DHCP servers can be added to a DHCP server group.
(Optional) Specify the gateway address for clients.
gateway ip-address
A gateway address is specified for clients.
Skip this step if the interface connecting the DHCP relay agent to clients functions as the gateway.
The gateway address specified in this step must be the same as the egress gateway address of clients specified on the DHCP server. If the device functions as the DHCP server, refer to (Optional) Configuring a Gateway Address for Clients for details about how to specify the egress gateway address for clients.
(Optional) Bind the DHCP server group to a VPN instance.
vpn-instance vpn-instance-name
By default, the DHCP server group is not bound to a VPN instance.
To ensure clients can obtain IP parameters if the DHCP relay agent is deployed on a VPN network, bind the DHCP server group to a VPN instance that is also bound to the address pool of the DHCP server.
Return to the system view.
quit
Enter the interface or sub-interface view.
interface interface-type interface-number[.subinterface-number ] Note: Only the S5720EI, S5720HI, S5730HI, S6720HI, S6720EI, and S6720S-EI support sub-interfaces.
(Optional) On an Ethernet interface, run undo portswitch The interface is switched to Layer 3 mode.
By default, an Ethernet interface works in Layer 2 mode.
Note: Only the S5720EI, S5720HI, S5730HI, S6720EI, S6720HI, and S6720S-EI support switching between Layer 2 and Layer 3 modes.
Create a DHCP server group.
dhcp relay server-select group-name
(Optional) Enable DHCP relay gateway switching.
dhcp relay gateway-switch enable
By default, DHCP relay gateway switching is disabled.
After primary and secondary IP addresses are configured on an interface, the primary IP address functions as the gateway address in most cases. If clients cannot use the primary IP address to apply for IP addresses, configure DHCP relay gateway switching to allow the clients to use secondary IP addresses to apply for IP addresses. After DHCP relay gateway switching is enabled, configure address pools on the same network segment as the secondary IP addresses on the connected DHCP server.
- The gateway address switches from the primary IP address to a secondary IP address only when a user fails at least three times to obtain an IP address using the primary IP address and the interval between the last failure and first failure exceeds 24 seconds. - If a primary IP address and multiple secondary IP addresses are configured on an interface, the system tries the secondary IP addresses one by one based on the IP address configuration sequence until users successfully obtain IP addresses.
(Optional) Configuring Strategies for Processing Option 82 Information on a DHCP Relay Agent
Context To enable a DHCP relay agent to accept, process, and forward DHCP messages that carry Option 82 information, you must configure the DHCP relay agent to trust and process this option.
You are advised to perform the configuration on a user-side device. If the DHCP relay agent connects to a DHCP snooping-enabled device, configure the strategies for processing Option 82 information on the DHCP snooping device. When a device functions as the DHCP snooping device, for details on how to perform the configuration, see Inserting the Option 82 Field in a DHCP Message in “DHCP Snooping Configuration” in the S2720, S5700, and S6720 V200R013C00 Configuration Guide - Security.
Note: If the device functions as the first-hop DHCP relay agent, it can process Option 82 information. If the device functions as the second-hop or subsequent DHCP relay agent, it cannot process Option 82 information.
Procedure 1. Enter the system view.
system-view
2. Enable the DHCP relay agent to trust Option 82.
dhcp relay trust option82
By default, a DHCP relay agent does not trust Option 82.
When this function is enabled, the DHCP relay agent can receive and forward DHCP messages that carry Option 82. If the DHCP relay agent is disabled from trusting Option 82 using the undo dhcp relay trust option82 command, the device discards the DHCP messages carrying Option 82.
3. Configure strategies for processing Option 82 information on the DHCP relay agent. - Configure the DHCP relay agent to insert the Option 82 field to DHCP messages in a VLAN view. This configuration takes effect on all DHCP messages from this VLAN received on the interfaces of the DHCP relay agent.
a. Enter the VLAN view.
vlan vlan-id
b. Enable the DHCP relay agent to insert the Option 82 field to received DHCP messages.
dhcp option82 { insert | rebuild } enable interface interface-type interface-number1 [ to interface-number2 ]
By default, a DHCP relay agent is disabled from inserting the Option 82 field to received DHCP messages.
c. Return to the system view.
quit
- Configure the DHCP relay agent to insert the Option 82 field to DHCP messages in an interface view. This configuration takes effect on DHCP messages received on the specified interface.
Use the following methods to configure strategies for processing Option 82 information. If both methods are used, method 2 takes effect.
+ Method 1:
1. Enter the interface view.
interface interface-type interface-number
2. Enable the DHCP relay agent to insert the Option 82 field to received DHCP messages.
dhcp option82 { insert | rebuild } enable
By default, a DHCP relay agent is disabled from inserting the Option 82 field to received DHCP messages.
DHCP messages received on the DHCP relay agent may carry the Option 82 field. Select a strategy based on network requirements.
When insert is configured: If a DHCP message does not carry the Option 82 field, the DHCP relay agent inserts the Option 82 field. If a DHCP message carries the Option 82 field, the DHCP relay agent checks the Option 82 field. If the field contains remote-id, the Option 82 field remains unchanged. Otherwise, the DHCP relay agent inserts remote-id.
When rebuild is configured: If a DHCP message does not carry the Option 82 field, the DHCP relay agent inserts the Option 82 field. If a DHCP message carries the Option 82 field, the DHCP relay agent deletes the original Option 82 field and inserts the locally configured Option 82 field.
3. Return to the system view.
quit
+ Method 2:
1. Enter the interface view or sub-interface view.
interface interface-type interface-number [.subinterface-number ] Note: Only the S5720EI, S5720HI, S5730HI, S6720HI, S6720EI, and S6720S-EI support sub-interfaces.
3. Enable the DHCP relay agent to support Option 82.
dhcp relay information enable
By default, a DHCP relay agent does not support Option 82.
4. Configure a strategy for processing Option 82 information on the DHCP relay agent.
dhcp relay information strategy { drop | keep | replace }
The default strategy is replace.
DHCP messages received on the DHCP relay agent may carry the Option 82 field. Select a strategy based on network requirements.
When replace is configured: If a DHCP message does not carry the Option 82 field, the DHCP relay agent inserts the Option 82 field. If a DHCP message carries the Option 82 field, the DHCP relay agent deletes the original Option 82 field and inserts the locally configured Option 82 field.
When drop is configured: If a DHCP message does not carry the Option 82 field, the DHCP relay agent forwards the message directly without processing it. If a DHCP message carries the Option 82 field, the DHCP relay agent discards the Option 82 field and forwards the message.
When keep is configured: If a DHCP message does not carry the Option 82 field, the DHCP relay agent forwards the message directly without processing it. If a DHCP message carries the Option 82 field, the DHCP relay agent retains the Option 82 field and forwards the message.
4. Return to the system view.
quit
4. (Optional) Set the format of the Option 82 field. Configure the format of the Option 82 field in the system or interface view. If the configuration is performed in the system view, it takes effect on all interfaces of the device. If the configuration is performed in an interface view, it takes effect only on the specified interface.
If the strategy for processing Option 82 information is drop or keep on the DHCP relay agent, skip this step.
Notice: + All Option82 fields configured in the system view or in the same interface view share a length of 1-255 bytes. If their total length exceeds 255 bytes, some Option82 information will be lost. + There is no limit on the number of Option 82 fields configured on the device. However, a large number of Option 82 fields will occupy a lot of memory and prolong the device processing time. To ensure device performance, you are advised to configure Option 82 fields based on the service requirements and device memory size.
- In the system view:
Configure the format of the Option 82 field.
dhcp option82 [ vlan vlan-id ] [ ce-vlan ce-vlan-id ] [ circuit-id | remote-id ] format { default | common |
extend | user-defined text }
By default, the Option 82 field is in the default format.
- In the interface view:
a. Enter the interface view.
interface interface-type interface-number
b. Configure the format of the Option 82 field.
dhcp option82 [ vlan vlan-id ] [ ce-vlan ce-vlan-id ] [ circuit-id | remote-id ] format { default | common |
extend | user-defined text }
By default, the Option 82 field is in the default format.
c. Return to the system view.