Filter
Top Products
CHAPTER 7
MX Series Router as a DHCP Relay Agent
•
MX Series Router as a Layer 2 DHCP Relay Agent on page 73
•
Example: Configuring DHCP Relay in a Bridge Domain VLAN Environment on page 74
•
Example: Configuring DHCP Relay in a VPLSRouting Instance Environment on page75
MX Series Router as a Layer 2 DHCP Relay Agent
The Dynamic Host Configuration Protocol (DHCP) is used by a DHCP client (host) to
determine Layer 3 information (such as an IP address) from a DHCP server. DHCP uses
the client’s MAC (Layer 2) address to query the server. A router can be used as a DHCP
relay agent to pass the query on to a server while the router appears to reply to the client.
You can configure a Juniper Networks MX Series Ethernet Services Router to act as a
DHCP relay agent. The MX Series router configuration at Layer 2 accesses the Layer 3
information with DHCP snooping.
DHCP servers and relay agents have a level of trust in the MAC addresses used in DHCP
client queries. A hacker can spoof invalid MAC addresses and overwhelm the server or
relay agent with flooded traffic. Or the hacker can try to determine other information,
such as the IP address range used by devices on the network. The DHCP process should
only trust MAC addresses that are valid for a particular network.
You can configure the MX Series router to use MAC addresses obtained by the Layer 2
address learning process to control the flooding of DHCP packets.
Several restrictions apply to DHCP configuration on the MX Series routers:
•
All statements referring to “option 82” (including circuit information in DHCP relay
messages) are not supported on the MX Series routers.
•
This feature works for static IP/MAC bindings on the MX Series routers.
•
The DHCP snooping database table is not restored after a Routing Engine reboot.
•
TheDHCPDiscover messageisnot floodedtothe DHCPserverwhen broadband service
aggregator (BSA) and broadband service router (BSR) are provisioned on the same
switch.
For more information on configuring DHCP, see the Junos OS Subscriber Access
Configuration Guide.
73Copyright © 2010, Juniper Networks, Inc.