server to support more narrowly defined DHCP policy boundaries instead of defining the boundaries
at the VLAN or whole routing switch levels. If the MAC address option (the default) is configured
instead, the routing switch MAC address will be used regardless of which subnet was the source
of the client request. (The MAC address is the same for all VLANs configured on the routing switch.)
All request packets from DHCP clients in the different subnets in the VLAN must be able to reach
any DHCP server identified by the IP helper addresses configured on that VLAN.
Configuring Option 82
For information on Option 82, see the sections beginning with “DHCP Option 82” (page 65).
To configure DHCP Option 82 on a routing switch, enter the dhcp-relay option 82 command.
Syntax:
dhcp-relay option 82
<append[validate]|replace[validate]|drop[validate]|keep>
[ip|mac|mgmt-vlan]
Configures the switch to append an Option 82 field to the client DHCP packet.
If the client packet has existing Option 82 field(s) assigned by another device,
the new field is appended to the existing field(s).
append
The appended Option 82 field includes the switch Circuit ID (inbound port
number*) associated with the client DHCP packet, and the switch Remote ID.
The default switch remote ID is the MAC address of the switch on which the
packet was received from the client. To use the incoming VLAN’s IP address
or the Management VLAN IP address (if configured) for the remote ID instead
of the switch MAC address, use the ip or mgmt-vlan option (below).
Configures the switch to replace existing Option 82 fields in an inbound client
DHCP packet with an Option 82 field for the switch.
replace
The replacement Option 82 field includes the switch circuit ID (inbound port
number*) associated with the client DHCP packet and the switch remote ID.
The default switch remote ID is the MAC address of the switch on which the
packet was received from the client.
To use the incoming VLAN's IP address or the Management VLAN IP address
(if configured) for the remote ID instead of the switch MAC address, use the
ip or mgmt-vlan option (below).
Configures the routing switch to unconditionally drop any client DHCP packet
received with existing Option 82 fields. This means that such packets will not
drop
be forwarded. Use this option where access to the routing switch by untrusted
clients is possible.
If the routing switch receives a client DHCP packet without an Option 82 field,
it adds an Option 82 field to the client and forwards the packet. The added
Option 82 field includes the switch circuit ID (inbound port number*)
associated with the client DHCP packet and the switch remote ID. The default
switch remote ID is the MAC address of the switch on which the packet was
received from the client.
To use the incoming VLAN's IP address or the Management VLAN IP address
(if configured) for the remote ID instead of the switch MAC address, use the
ip or mgmt-vlan option (below).
For any client DHCP packet received with existing Option 82 fields, configures
the routing switch to forward the packet as-is, without replacing or adding to
the existing Option 82 fields.
keep
Operates when the routing switch is configured with append, replace, or drop
as a forwarding policy. With validate enabled, the routing switch applies
[validate]
stricter rules to an incoming Option 82 server response to determine whether
Configuring DHCP relay 73
To Next Page
Loading...
Need help?
General