SRX Services Gateway
Highlighted
SRX Services Gateway

DHCP over sub interfaces /vlans

‎06-13-2019 03:05 PM

Hello, 

I have multiple sub interfaces in different vlans on SRX320. Trunk link is created between SRX Physical interface and EX2200 switch.  I wnat to configure DHCP server on one of the sub interrface on SRX320 tagged to a particular VLAN. I suppose a PC connected to access port (member of a VLAN in which sub interface tagged) on switch gets IP address dynamically. But it does'nt work at all. 

I checked on Physical interface without vlan and subinterfaces and the DHCP is working.

 

So what's the way around to do this?

 

Scenario given below

 

SRX320-------------Trunklink------------->EX2200-----accessPort-vlan-member------->PC

 

Sub interfaces on SRX320

 

Ge-0/0/2.0   VLAN 10  10.10.1.0/24  (10.10.1.35 as Gateway IP configured on sub interface)

Ge-0/0/2.1   VLAN 20  10.10.2.0/24  (10.10.2.35 as Gateway IP configured on sub interface)

Ge-0/0/2.2   VLAN 30  10.10.3.0/24  (10.10.3.35 as Gateway IP configured on sub interface) 

Ge-0/0/2.3  VLAN 40   10.10.4.0/24  (10.10.4.35 as Gateway IP configured on sub interface)

5 REPLIES 5
SRX Services Gateway

Re: DHCP over sub interfaces /vlans

[ Edited ]
‎06-13-2019 04:17 PM

Whats the junos version and SRX model that you have?

 

Can you confirm the configuration on the interface facing the EX looks like this?

 

set interfaces ge-0/0/2 vlan-tagging
set interfaces ge-0/0/2.0 vlan-id VLAN-10
set interfaces ge-0/0/2.0 family inet address 10.10.1.35/24
set interfaces ge-0/0/2.1 vlan-id VLAN-20
set interfaces ge-0/0/2.1 family inet address 10.10.2.35/24
set interfaces ge-0/0/2.2 vlan-id VLAN-30
set interfaces ge-0/0/2.2 family inet address 10.10.3.35/24
set interfaces ge-0/0/2.3 vlan-id VLAN-40
set interfaces ge-0/0/2.3 family inet address 10.10.4.35/24

 

DHCP as Host-inbound-traffic on your security-zones has to be configured under the specific interfaces:

 

set security zones security-zone [name] interface ge-0/0/2.0 host-inbound-traffic services DHCP
set security zones security-zone [name] interface ge-0/0/2.1 host-inbound-traffic services DHCP
set security zones security-zone [name] interface ge-0/0/2.2 host-inbound-traffic services DHCP
set security zones security-zone [name] interface ge-0/0/2.3 host-inbound-traffic services DHCP

 

Also that your DHCP configuration is like this:

 

set system services dhcp-local-server group DHCP interface ge-0/0/2.0
set system services dhcp-local-server group DHCP interface ge-0/0/2.1
set system services dhcp-local-server group DHCP interface ge-0/0/2.2
set system services dhcp-local-server group DHCP interface ge-0/0/2.3


[example for vlan 10 only]
set access address-assignment pool VLAN-10 family inet network 10.10.1.0/24
set access address-assignment pool VLAN-10 family inet range RANGE low 10.10.1.2
set access address-assignment pool VLAN-10 family inet range RANGE high 10.10.1.254
set access address-assignment pool VLAN-10 family inet range RANGE exclude-address 10.10.1.35
set access address-assignment pool VLAN-10 family inet dhcp-attributes router 10.10.1.35

 

Please mark this comment as the Solution if applicable
SRX Services Gateway

Re: DHCP over sub interfaces /vlans

‎06-13-2019 04:40 PM

AZKhan, 

 

Can you provide the output of 'show interface ge-0/0/2 extensive' run iteratively a few times?

 

I wonder if you observe any L2 channel errors increasing on here.

 

Cheers

Pooja

SRX Services Gateway

Re: DHCP over sub interfaces /vlans

‎06-13-2019 07:44 PM

Hi,

 

If you are using virtual routers you would need to configure the services dhcp and pool within the virtual-router

 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB29401

 

Regards,

 

Vikas

SRX Services Gateway

Re: DHCP over sub interfaces /vlans

‎06-17-2019 11:58 AM

Hello AZKhan,

 

It will be very helpful if you could share the relevant configuration.

 

Mostly the answer provided by 

 

 

SRX Services Gateway

Re: DHCP over sub interfaces /vlans

‎06-17-2019 07:27 PM

Hello,

 

Please refer to the KB below which should help you in configuring DHCP for multiple VLANs.

 

https://kb.juniper.net/InfoCenter/index?page=content&id=KB21909&pmv=print

 

Regards,

Prakash