SRX

Hello,

 

i would use the SRX 340 "JUNOS 15.1X49-D70.3 " as a DHCP-Server for v4 and v6 in a Vlan.

 

The SRX has 1 Interface in this Vlan and i configure a Pool for v4 and v6 under "Access > Address-Assignment". If i map the dhcp-local-server Service to the the interface, all works fine. But i can only map v4 or v6 to the interface. But i would get v4 and v6 Adresses at the same time for the Clients in the Vlan.

 

Is the a chance that the DHCP spread out v4 and v6 adresses to the Clients in the Vlan?

 

Regardes

 

Andre

V4 and v6 mapping comes under different hierarchy on dhcp-local-server and we can specify 2 separate access profiles as below. Correct me if I am missing any points here.

set system services dhcp-local-server dhcpv6 group V6-Server interface ge-0/0/0.0 access-profile DHCP-pool-v6 ---> v6 pool
set system services dhcp-local-server group V4-Server interface ge-0/0/0.0 access-profile DHCP-pool-v4 ---> v4 pool

root@srx> ...em services dhcp-local-server
dhcpv6 {
group V6-Server {
interface ge-0/0/0.0 {
access-profile DHCP-pool-v6;
}
}
}
group V4-Server {
interface ge-0/0/0.0 {
access-profile DHCP-pool-v4;
}
}

root@srx> show configuration access
profile DHCP-pool-v6 {
address-assignment {
pool v6pool;
}
}
profile DHCP-pool-v4 {
address-assignment {
pool v4pool;
}
}
address-assignment {
pool v6pool {
family inet6 {
prefix 3000::/64;
range v6 {
low 3000::2/128;
high 3000::12/128;
}
}
}
pool v4pool {
family inet {
network 10.10.10.0/24;
range v4 {
low 10.10.10.2;
high 10.10.10.12;
}
}
}
}

root@srx>

set access profile DHCP-pool-v6 address-assignment pool v6pool
set access profile DHCP-pool-v4 address-assignment pool v4pool
set access address-assignment pool v6pool family inet6 prefix 3000::/64
set access address-assignment pool v6pool family inet6 range v6 low 3000::2/128
set access address-assignment pool v6pool family inet6 range v6 high 3000::12/128
set access address-assignment pool v4pool family inet network 10.10.10.0/24
set access address-assignment pool v4pool family inet range v4 low 10.10.10.2
set access address-assignment pool v4pool family inet range v4 high 10.10.10.12

Hi Suraj,

 

thx for your answer, i will trie it at my SRX and reply here.

 

Can you please post a "show interface ge-0/0/0" what you setup there, to complete the config.

 

Regardes

 

Andre

set interfaces ge-0/0/0 unit 0 family inet address 10.10.10.1/24
set interfaces ge-0/0/0 unit 0 family inet6 address 3000::1/128

Hi,

 

i test your config but i get a error message at the commit check. I post my config, looks same as yours but i don´t know how i can solve the problem.

 

An idea?

 

 

sb3959@SRX-DEV# show system services dhcp-local-server
group v4-Server {
    interface ge-0/0/1.0 {
        access-profile DHCP-pool-v4;
    }
}
group v6-Server {
    interface ge-0/0/1.0 {
        access-profile DHCP-pool-v6;
    }
}

[edit]
sb3959@SRX-DEV# show access
profile DHCP-pool-v4 {
    address-assignment {
        pool v4pool;
    }
}
profile DHCP-pool-v6 {
    address-assignment {
        pool v6pool;
    }
}
address-assignment {
    pool v4pool {
        family inet {
            network 192.168.200.0/24;
            range v4 {
                low 192.168.200.100;
                high 192.168.200.199;
            }
            dhcp-attributes {
                maximum-lease-time 86400;
                name-server {
                    8.8.7.7;
                    8.8.8.8;
                }
                router {
                    192.168.200.202;
                }
            }
        }
    }
    pool v6pool {
        family inet6 {
            prefix 2a06:7880:101::/48;
            range v6 {
                low 2a06:7880:101:1::1000/64;
                high 2a06:7880:101:1::ffff/64;
            }
            dhcp-attributes {
                maximum-lease-time 86400;
                dns-server {
                    2001:4860:4860::8844;
                    2001:4860:4860::8888;
                }
            }
        }
    }
}

[edit]
sb3959@SRX-DEV# show interfaces ge-0/0/1
description LAN;
unit 0 {
    family inet {
        address 192.168.200.202/24;
    }
    family inet6 {
        address 2a06:7880:101:1::202/64;
    }
}

[edit]
sb3959@SRX-DEV# commit check
[edit system services dhcp-local-server group v6-Server]
  'interface ge-0/0/1.0'
    Interface ge-0/0/1.0 already configured.
error: configuration check-out failed

[edit]
sb3959@SRX-DEV#

you are defining both v4 and v6 pool under v4 config. v6 interface/group is defined after the dhcpv6 keyword. try below

 

delete system services dhcp-local-server group v6-Server

set system services dhcp-local-server  dhcpv6 group v6-Server interface ge-0/0/1.0 access-profile DHCP-pool-v6

commit

Nice, that solved the error and i get the local Gateway with fe80..... But i don´t receive a Adresse from my DHCP Server with the DHCP Options. Is there a config issue or a understanding issue. In my opinion my client should receive a Adresse with " 2a06:7880:101:1".

 

 

[edit]
sb3959@SRX-DEV# show system services dhcp-local-server
dhcpv6 {
    group v6-Server {
        interface ge-0/0/1.0 {
            access-profile DHCP-pool-v6;
        }
    }
}

[edit]
sb3959@SRX-DEV# show interfaces ge-0/0/1
description LAN;
unit 0 {
    family inet {
        address 192.168.200.202/24;
    }
    family inet6 {
        address 2a06:7880:101:1::202/64;
    }
}

[edit]
sb3959@SRX-DEV# show access
profile DHCP-pool-v4 {
    address-assignment {
        pool v6pool;
    }
}
profile DHCP-pool-v6 {
    address-assignment {
        pool v6pool;
    }
}
address-assignment {
    pool v4pool {
        family inet {
            network 192.168.200.0/24;
            range v4 {
                low 192.168.200.100;
                high 192.168.200.199;
            }
            dhcp-attributes {
                maximum-lease-time 86400;
                name-server {
                    8.8.7.7;
                    8.8.8.8;
                }
                router {
                    192.168.200.202;
                }
            }
        }
    }
    pool v6pool {
        family inet6 {
            prefix 2a06:7880:101:1::/64;
            range v6 {
                low 2a06:7880:101:1::1000/64;
                high 2a06:7880:101:1::ffff/64;
            }
            dhcp-attributes {
                maximum-lease-time 86400;
                dns-server {
                    2001:4860:4860::8844;
                    2001:4860:4860::8888;
                }
            }
        }
    }
}

[edit]
sb3959@SRX-DEV# run show route

inet.0: 9 destinations, 9 routes (9 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

0.0.0.0/0          *[Static/5] 00:38:56
                    > to 212.101.204.193 via ge-0/0/0.0
172.16.0.0/12      *[Static/5] 00:38:56
                    > to 172.16.50.202 via ge-0/0/2.0
172.16.50.0/24     *[Direct/0] 00:38:56
                    > via ge-0/0/2.0
172.16.50.230/32   *[Local/0] 00:39:02
                      Local via ge-0/0/2.0
192.168.0.0/16     *[Static/5] 00:38:56
                    > to 172.16.50.202 via ge-0/0/2.0
192.168.200.0/24   *[Direct/0] 00:15:52
                    > via ge-0/0/1.0
192.168.200.202/32 *[Local/0] 00:39:02
                      Local via ge-0/0/1.0
212.101.204.192/26 *[Direct/0] 00:38:56
                    > via ge-0/0/0.0
212.101.204.226/32 *[Local/0] 00:39:02
                      Local via ge-0/0/0.0

inet6.0: 7 destinations, 7 routes (7 active, 0 holddown, 0 hidden)
+ = Active Route, - = Last Active, * = Both

::/0               *[Static/5] 00:38:46
                    > to 2a06:7880:101:0:1::1 via ge-0/0/0.0
2a06:7880:101::/64 *[Direct/0] 00:38:46
                    > via ge-0/0/0.0
2a06:7880:101:0:4::1/128
                   *[Local/0] 00:39:02
                      Local via ge-0/0/0.0
2a06:7880:101:1::/64
                   *[Direct/0] 00:15:41
                    > via ge-0/0/1.0
2a06:7880:101:1::202/128
                   *[Local/0] 00:39:02
                      Local via ge-0/0/1.0
fe80::f6cc:55ff:fe2e:c080/128
                   *[Local/0] 00:39:02
                      Local via ge-0/0/0.0
fe80::f6cc:55ff:fe2e:c081/128
                   *[Local/0] 00:39:02
                      Local via ge-0/0/1.0

[edit]
sb3959@SRX-DEV#

 

sb3959@SRX-DEV# edit protocols router-advertisement

[edit protocols router-advertisement]
sb3959@SRX-DEV# show
interface ge-0/0/1.0 {
    managed-configuration;
    other-stateful-configuration;
    default-lifetime 3600;
    prefix 2a06:7880:101:1::/64 {
        no-autonomous;
    }
    prefix ::/0 {
        no-autonomous;
    }
}