Junos OS

last person joined: yesterday 

Ask questions and share experiences about Junos OS.

  • 1.  JDHCP Not Working - What am I missing?

    Posted 01-06-2019 11:33

    Hello all --

     

    Working on getting my first SRX set up from scratch - can't figure out why JDHCP isn't working in my routing instance.  I am hoping someone here can shed some light.

    I've got my vlans:

    set vlans vlan-guest vlan-id 50
set vlans vlan-guest l3-interface vlan.5
set vlans vlan-trust vlan-id 20
set vlans vlan-trust l3-interface vlan.2

     

    My interfaces:

    set interfaces fe-0/0/0 unit 0
set interfaces fe-0/0/1 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces fe-0/0/2 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces fe-0/0/3 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces fe-0/0/4 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces fe-0/0/5 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces fe-0/0/6 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces fe-0/0/7 unit 0 family ethernet-switching vlan members vlan-trust
set interfaces vlan unit 2 family inet address 192.168.100.1/26
set interfaces vlan unit 5 family inet address 192.168.100.65/26

    My security zones:

    set security zones security-zone trust host-inbound-traffic system-services all
set security zones security-zone trust host-inbound-traffic protocols all
set security zones security-zone trust interfaces vlan.2
set security zones security-zone untrust screen untrust-screen
set security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone untrust interfaces fe-0/0/0.0 host-inbound-traffic system-services tftp
set security zones security-zone guest host-inbound-traffic system-services all
set security zones security-zone guest host-inbound-traffic protocols all
set security zones security-zone guest interfaces vlan.5

    Any my routing instances containing my dhcp configuration:

    set routing-instances trust-vr instance-type virtual-router
set routing-instances trust-vr system services dhcp-local-server group trust-dhcp interface vlan.2
set routing-instances trust-vr access address-assignment pool trust-pool family inet network 192.168.100.0/26
set routing-instances trust-vr access address-assignment pool trust-pool family inet range r1 low 192.168.100.10
set routing-instances trust-vr access address-assignment pool trust-pool family inet range r1 high 192.168.100.60
set routing-instances trust-vr access address-assignment pool trust-pool family inet dhcp-attributes maximum-lease-time 86400
set routing-instances trust-vr access address-assignment pool trust-pool family inet dhcp-attributes domain-name home.local
set routing-instances trust-vr access address-assignment pool trust-pool family inet dhcp-attributes name-server 8.8.8.8
set routing-instances trust-vr access address-assignment pool trust-pool family inet dhcp-attributes name-server 8.8.4.4
set routing-instances trust-vr access address-assignment pool trust-pool family inet dhcp-attributes router 192.168.100.1

    When I check statistics, seems like all of the packets are being dropped?  What am I missing?

     

    Thanks!



  • 2.  RE: JDHCP Not Working - What am I missing?
    Best Answer

     
    Posted 01-06-2019 12:29

    I don't see that your interface has been assigned to the routing-instance:

     

    set routing-instances trust-vr interface vlan.2

     



  • 3.  RE: JDHCP Not Working - What am I missing?

    Posted 01-07-2019 00:23

    Also if you have unpacked your SRX from scratch and it's a SRX300 series device, please ensure that it's running at least Junos 15.1X49-D70. Otherwise you will experience issues with irb-interfaces, layer2 and jdhcpd.

     

    I would upgrade to the JTAC recommended release (currently 15.1X49-D150) to ensure stable operation.

     

    JTAC recommended releases: https://kb.juniper.net/InfoCenter/index?page=content&id=KB21476