Ethernet Switching
Reply
Visitor
joadams
Posts: 6
Registered: ‎02-01-2011
0
Accepted Solution

DHCP Relay between VRF/VR

Hi,

 

We are trying to get DHCP relay from a Clinet VRF to get an address from a DHCP server in the Global Table (or another VRF).  It only seems to work within a VRF. The DHCP offer is not relayed from the DHCP SERVER to the Client, we can see the Offer made by the DHCP Server but it is not relayed to vlan 100 in our case. We are using an EX4500....

 

Anyone done this, can we do it?

 

Here is our code, quite simple really, vlan.100 is in a VRF, the DHCP server is in inet.0

 

johna@CLFR1_FR3-DS4500> show configuration forwarding-options

helpers {

    bootp {

        relay-agent-option;

        server 10.240.4.9;

        interface {

            vlan.99;

            vlan.100;

        }

    }

}

 

Note that vlan.99 is in the global table and works fine for DHCP relay 

Trusted Expert
dpapana
Posts: 282
Registered: ‎04-01-2011
0

Re: DHCP Relay between VRF/VR

Hello, you should have bootp server reachable from VRF, if it's in another VRF(or inet.0) than you'll have to leak direct and static(or dynamic) routes in order to make it reachable. You can use rib-groups to accomplish this.

You can post the full configuration and I may help with the necessary changes.

Regards,
Dumitru Papana
Visitor
joadams
Posts: 6
Registered: ‎02-01-2011
0

Re: DHCP Relay between VRF/VR

[ Edited ]

Hi Dumutri,

 

Yes I found that the DHCP reply from the server to the relay agent is unicast and there is no route in the DHCP Server VRF. I tried to leak routes using policy imports but it is not supported on the platform we have, I didn't try rib-groups. I was going to but then decided it would be better to use the SRX firewall that connects ALL VRFs by allowing UDP 67 out.  (bootp).

 

Now it all works, anyone else reading this you do need to add a path from the DHCP Server VRF  to DHCP relay VRF agent(switch) either by leaking the routes or passing it through another routing device between VRFs as I have done .....

 

Note the relay agent VRF does not need a route to the DHCP server VRF this is done through the  working config below using the routing-instance option

 

}

johna@CLFR1_FR3-DS4500> show configuration forwarding-options

helpers {

    bootp {

        relay-agent-option;

        server 10.240.4.9 routing-instance BLA; # BLA IS THE VRF NAME WHERE THE DHCP SERVER SITS

        interface {

            vlan.99;

            vlan.100;

        }

    }

Copyright© 1999-2013 Juniper Networks, Inc. All rights reserved.