DHCP Relay and Information Option 82
Configure DHCP Relay and Information Option 82
・IP address of Client is distributed by DHCP-Server which is on different segment. ・DHCP Relay Agent enables a relay information option 82, and adds Subscriber-ID. ・DHCP Server distributes proper address that correspond each Subscriber-ID.
Subscriber-ID: address range CCIE: 192.168.0.50 ~ 192.168.0.99 Cisco: 192.168.0.100 ~ 192.168.0.199 (Other): 192.168.0.0 ~ 192.168.0.49
Initial Set Up
[Client] interface Ethernet0/0 ip address dhcp
[DHCP-Relay] interface Ethernet0/0 no switchport ip address 10.0.0.1 255.255.255.0
interface Ethernet0/1 switchport access vlan 10 switchport mode access
interface Vlan10 ip address 192.168.0.1 255.255.255.0
[DHCP-Server] ip dhcp excluded-address 192.168.0.1
ip dhcp pool Pool1 network 192.168.0.0 255.255.255.0 default-router 192.168.0.1
interface Ethernet0/0 ip address 10.0.0.2 255.255.255.0
ip route 192.168.0.0 255.255.255.0 10.0.0.1
DHCP-Server#ping 192.168.0.1 Type escape sequence to abort. Sending 5, 100-byte ICMP Echos to 192.168.0.1, timeout is 2 seconds: !!!!! Success rate is 100 percent (5/5), round-trip min/avg/max = 4/4/6 ms
Client send DHCP Discover by broadcast,
but it can NOT reach DHCP-Server because DHCP-Relay doesn't transfer broadcast.
■Configure as DHCP Relay Agent
so that DHCP-Server which is on different segment
can distribute IP address.
[DHCP-Relay] interface Vlan10
ip helper-address 10.0.0.2
Debug and Packet capture
DHCP-Relay#debug ip dhcp server packet DHCP server packet debugging is on.
DHCP-Server#debug ip dhcp server packet DHCP server packet debugging is on.
Client(config)#int e0/0 Client(config-if)#ip add dhcp
DHCP-Relay transfers DHCP Discover to DHCP-Server by unicast.
Normally DHCP Discover uses UDP Src Port 68 and Dst Port 67.
But DHCP Relay Agent uses UDP Src Port 67 and Dst Port 67.
DHCP-Relay# *Apr 22 08:35:14.972: DHCPD: Reload workspace interface Vlan10 tableid 0. *Apr 22 08:35:14.972: DHCPD: tableid for 192.168.0.1 on Vlan10 is 0 *Apr 22 08:35:14.972: DHCPD: client's VPN is . *Apr 22 08:35:14.972: DHCPD: using received relay info. *Apr 22 08:35:14.972: DHCPD: Looking up binding using address 192.168.0.1 *Apr 22 08:35:14.972: DHCPD: setting giaddr to 192.168.0.1. *Apr 22 08:35:14.973: DHCPD: BOOTREQUEST from 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30
forwarded to 10.0.0.2.
Relay Agent IP address (giaddr) of DHCP Discover is set IP address
for interface which received DHCP Discover.
DHCP-Server# *Apr 22 08:35:20.016: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30
through relay 192.168.0.1. *Apr 22 08:35:20.017: DHCPD: Sending DHCPOFFER to client 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30 (192.168.0.2).DHCPD: Setting only requested parameters
DHCP-Server receive DHCP Discover and then send DHCP Offer. DHCP-Relay transfer them.
So Client can receive IP address.
Client(config-if)# *Apr 22 08:35:24.088: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.2, mask 255.255.255.0, hostname Client
DHCP-Server#show ip dhcp binding Bindings from all pools not associated with VRF: IP address Client-ID/ Lease expiration Type Hardware address/ User name 192.168.0.2 0063.6973.636f.2d61. Apr 23 2018 08:35 AM Automatic 6162.622e.6363.3030. 2e30.3230.302d.4574. 302f.30
■Enable DHCP Relay information option 82 on DHCP-Relay
DHCP-Relay(config)#ip dhcp relay information option
Client(config-if)#ip add dhcp
DHCP-Relay(config)# *Apr 22 08:51:32.501: DHCPD: Reload workspace interface Vlan10 tableid 0. *Apr 22 08:51:32.502: DHCPD: tableid for 192.168.0.1 on Vlan10 is 0 *Apr 22 08:51:32.502: DHCPD: client's VPN is . *Apr 22 08:51:32.502: DHCPD: using received relay info. *Apr 22 08:51:32.502: DHCPD: Looking up binding using address 192.168.0.1 *Apr 22 08:51:32.502: DHCPD: setting giaddr to 192.168.0.1. *Apr 22 08:51:32.502: DHCPD: adding relay information option. *Apr 22 08:51:32.503: DHCPD: BOOTREQUEST from 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30
forwarded to 10.0.0.2.
DHCP Relay information option 82 is inserted DHCP Discover by DHCP-Relay.
It includes only remote-id.
DHCP-Server# *Apr 22 08:51:34.528: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30
through relay 192.168.0.1. *Apr 22 08:51:34.528: DHCPD: Sending DHCPOFFER to client 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30 (192.168.0.3).DHCPD: Setting only requested parameters
DHCP-Server distribute IP address as usual.
Client(config-if)# *Apr 22 08:51:38.628: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.3, mask 255.255.255.0,
hostname Client
■Configure Subscriber-ID in option 82 to 'CCIE' by DHCP-Relay
DHCP-Relay(config)#int vlan 10 DHCP-Relay(config-if)#ip dhcp relay information option subscriber-id CCIE
Client(config-if)#ip add dhcp
DHCP-Server# *Apr 22 15:15:48.625: DHCPD: DHCPDISCOVER received from client 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30
through relay 192.168.0.1. *Apr 22 15:15:48.625: DHCPD: Sending DHCPOFFER to client 0063.6973.636f.2d61.6162.622e.6363.3030.2e30.3230.302d.4574.302f.30 (192.168.0.4).DHCPD: Setting only requested parameters
Client(config-if)# *Apr 22 15:15:52.718: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.4, mask 255.255.255.0, hostname Client
Configure address range that correspond Subscriber-ID
Set irresponsible hex, to check value of option 82.
[DHCP-Server] ip dhcp pool Pool1 network 192.168.0.0 255.255.255.0 default-router 192.168.0.1 class ForCCIE address range 192.168.0.50 192.168.0.99
ip dhcp class ForCCIE relay agent information relay-information hex aa
Use 'debug ip dhcp server class' command to check value of option 82.
DHCP-Server#u all All possible debugging has been turned off
DHCP-Server#debug ip dhcp server class DHCP server class debugging is on.
Client(config-if)#ip add dhcp
DHCP-Server# *Apr 22 15:31:19.738: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060443434945'
in class ForCCIE
We can see hex value of option 82.
02 0c 020a0000c0a800010a000000 06 04 43434945
①0x02:(2) Agent Remote ID ②0x0c:(12) Length 12 byte ③0x020a0000c0a800010a000000: Agent Remote ID '020a0000c0a800010a000000' ④0x06:(6) Subscriber-ID ⑤0x04:(4) Length 4 byte ⑥0x43434945: Subscriber-ID '43434945'
It is match to result of capture.
Client can not receive IP address because it is not match with option 82 on DHCP-Server.
Client(config-if)#ip add dhcp
Client(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0/0 unassigned YES DHCP up up
DHCP-Server#show ip dhcp binding Bindings from all pools not associated with VRF: IP address Client-ID/ Lease expiration Type Hardware address/ User name
Configure relay-information hex value on DHCP-Server,
basis on result by debug.
[DHCP-Server] ip dhcp class ForCCIE relay agent information no relay-information hex aa relay-information hex 020c020a0000c0a800010a000000060443434945
DHCP-Server# *Apr 22 15:43:14.182: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060443434945' in class ForCCIE *Apr 22 15:43:14.182: DHCPD: input pattern ' relay-information 020c020a0000c0a800010a000000060443434945' matches class ForCCIE *Apr 22 15:43:14.182: DHCPD: input matches class ForCCIE *Apr 22 15:43:14.182: DHCPD: best_match class ForCCIE
Client(config-if)# *Apr 22 15:38:58.023: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.50, mask 255.255.255.0, hostname Client
192.168.0.50 is distributed to Client, basis on Option 82 value.
Change Subscriber-ID to 'Cisco' on DHCP-Relay
DHCP-Relay(config)#int vlan 10 DHCP-Relay(config-if)#ip dhcp relay information option subscriber-id Cisco
Client(config-if)#ip add dhcp
DHCP-Server# *Apr 22 15:44:55.624: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a0000000605436973636f' in class ForCCIE
Client(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0/0 unassigned YES DHCP up up
Client can not receive IP address because it is not match with class 'ForCCIE'.
Configure class 'ForCisco' on DHCP-Server, basis on result by debug.
[DHCP-Server] ip dhcp pool Pool1
class ForCisco address range 192.168.0.100 192.168.0.199
ip dhcp class ForCisco relay agent information relay-information hex 020c020a0000c0a800010a000000 0605436973636f
DHCP-Server# *Apr 22 15:51:40.543: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a0000000605436973636f' in class ForCCIE *Apr 22 15:51:40.543: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a0000000605436973636f' in class ForCisco *Apr 22 15:51:40.543: DHCPD: input pattern ' relay-information 020c020a0000c0a800010a0000000605436973636f'
matches class ForCisco *Apr 22 15:51:40.543: DHCPD: input matches class ForCisco *Apr 22 15:51:40.543: DHCPD: best_match class ForCisco
Client(config-if)# *Apr 22 15:51:46.669: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.100, mask 255.255.255.0,
hostname Client
192.168.0.100 is distributed to Client, basis on Option 82 with Subscriber-ID 'Cisco'.
Set other Subscriber-ID on DHCP-Relay.
DHCP-Relay(config)#int vlan 10 DHCP-Relay(config-if)#ip dhcp relay information option subscriber-id test
Client(config-if)#ip add dhcp
DHCP-Server# *Apr 22 15:54:26.127: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060474657374' in class ForCCIE *Apr 22 15:54:26.127: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060474657374' in class ForCisco *Apr 22 15:54:29.416: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060474657374' in class ForCCIE *Apr 22 15:54:29.416: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060474657374' in class ForCisco
Client can not receive IP address because it is not match with class 'ForCCIE' and 'ForCisco'.
Client(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0/0 unassigned YES DHCP up up
Configure class match any other Subscriber-ID.
Not set relay-information hex value.
[DHCP-Server]
ip dhcp pool Pool1
class ForOther address range 192.168.0.2 192.168.0.49
ip dhcp class ForOther
DHCP-Server(config-dhcp-pool-class)# *Apr 22 16:00:38.834: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060474657374' in class ForCCIE *Apr 22 16:00:38.834: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060474657374' in class ForCisco *Apr 22 16:00:38.834: DHCPD: input matches class ForOther by default. *Apr 22 16:00:38.834: DHCPD: best_match default match class ForOther
Client(config-if)# *Apr 22 16:00:44.958: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.2, mask 255.255.255.0, hostname Client
192.168.0.2 is distributed to Client, match class 'ForOther'.
■Last Check
・Set for Subscriber-ID to 'CCIE'
DHCP-Relay(config)#int vlan 10 DHCP-Relay(config-if)#ip dhcp relay information option subscriber-id CCIE
DHCP-Server(config-dhcp-pool-class)# *Apr 22 16:02:54.039: DHCPD: Searching for a match to
' relay-information 020c020a0000c0a800010a000000060443434945' in class ForCCIE *Apr 22 16:02:54.039: DHCPD: input pattern ' relay-information 020c020a0000c0a800010a000000060443434945' matches class ForCCIE *Apr 22 16:02:54.039: DHCPD: input matches class ForCCIE *Apr 22 16:02:54.0392: DHCPD: best_match class ForCCIE
Client(config-if)# *Apr 22 16:03:00.139: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.50, mask 255.255.255.0, hostname Client
Client(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0/0 192.168.0.50 YES DHCP up up
・Set for Subscriber-ID to 'Cisco'
DHCP-Relay(config)#int vlan 10 DHCP-Relay(config-if)#ip dhcp relay information option subscriber-id Cisco
Client(config-if)#ip add dhcp
DHCP-Server(config-dhcp-pool-class)# *Apr 22 16:04:24.568: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a0000000605436973636f' in class ForCCIE
*Apr 22 16:04:24.568: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a0000000605436973636f' in class ForCisco *Apr 22 16:04:24.568: DHCPD: input pattern
' relay-information 020c020a0000c0a800010a0000000605436973636f'
matches class ForCisco *Apr 22 16:04:24.568: DHCPD: input matches class ForCisco *Apr 22 16:04:24.568: DHCPD: best_match class ForCisco
Client(config-if)# *Apr 22 16:04:30.678: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.100, mask 255.255.255.0,
hostname Client
Client(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0/0 192.168.0.100 YES DHCP up up
・Set for Subscriber-ID to any other ascii strings.
DHCP-Relay(config)#int vlan 10 DHCP-Relay(config-if)#ip dhcp relay information option subscriber-id abcd
Client(config-if)#ip add dhcp
DHCP-Server(config-dhcp-pool-class)#
*Apr 22 16:00:38.834: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060461626364' in class ForCCIE *Apr 22 16:00:38.834: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060461626364' in class ForCisco *Apr 22 16:00:38.834: DHCPD: input matches class ForOther by default. *Apr 22 16:00:38.834: DHCPD: best_match default match class ForOther
Client(config-if)# *Apr 22 16:05:53.003: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.2, mask 255.255.255.0, hostname Client
Client(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0/0 192.168.0.2 YES DHCP up up
DHCP-Relay(config)#int vlan 10 DHCP-Relay(config-if)#ip dhcp relay information option subscriber-id 1234
Client(config-if)#ip add dhcp
DHCP-Server(config-dhcp-pool-class)#
*Apr 22 16:07:08.947: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060431323334' in class ForCCIE *Apr 22 16:07:08.947: DHCPD: Searching for a match to ' relay-information 020c020a0000c0a800010a000000060431323334' in class ForCisco *Apr 22 16:07:08.947: DHCPD: input matches class ForOther by default. *Apr 22 16:07:08.947: DHCPD: best_match default match class ForOther
Client(config-if)# *Apr 22 16:07:15.057: %DHCP-6-ADDRESS_ASSIGN:
Interface Ethernet0/0 assigned DHCP address 192.168.0.3, mask 255.255.255.0, hostname Client
Client(config-if)#do sh ip int bri Interface IP-Address OK? Method Status Protocol Ethernet0/0 192.168.0.3 YES DHCP up up
We can distribute address range that correspond each Subscriber-ID.
DHCP-Server#sh run | sec dhcp
ip dhcp excluded-address 192.168.0.1
ip dhcp pool Pool1 network 192.168.0.0 255.255.255.0 default-router 192.168.0.1
class ForCCIE address range 192.168.0.50 192.168.0.99
class ForCisco address range 192.168.0.100 192.168.0.199
class ForOther address range 192.168.0.2 192.168.0.49
ip dhcp class ForCCIE relay agent information
relay-information hex 020c020a0000c0a800010a000000060443434945
ip dhcp class ForCisco relay agent information relay-information hex 020c020a0000c0a800010a000000 0605436973636f
ip dhcp class ForOther
