↪️
ccie.nyquist.eu
  • Table of Contents
  • Layer 2 Technologies
    • Ethernet Switching
      • L2 Switch Operations
      • Spanning Tree
        • 802.1d – STP
        • 802.1w – RSTP
        • 802.1s – MSTP
      • VTP 101
      • Private VLANs
      • VLANs
      • EtherChannel 101
    • Layer 2 WAN Protocols
      • HDLC
        • HDLC 101
      • PPP
        • PPP 101
        • PPP Authentication - PAP
        • PPP Authentication – CHAP
        • PPP Authentication – EAP
        • PPP Multilink
        • PPPoFR – PPP over Frame Relay
        • PPPoE – PPP over Ethernet
      • Frame Relay
        • Frame Relay 101
        • Frame Relay 102
        • Frame Relay Encapsulations – IETF vs Cisco
        • Multilink Frame Relay
        • Frame Relay Switching
        • Routing over Frame Relay
      • Bridging
        • Bridging on a router
        • MTU 101
    • Wireless
      • Wireless Principles
      • Wireless Implementations
      • Wireless Roaming
      • Wireless Authentication
        • WPA2 PSK
        • WPA2 802.1X
  • IPv4
    • IPv4 Addressing
      • Backup Interfaces
      • FHRP 101
      • DHCP 101
      • DNS 101
      • ARP 101
      • IPv4 101
      • Tunnel Interfaces
        • GRE Tunnels
      • BFD – Bidirectional Forwarding Detection
    • IPv4 Routing
      • How the routing table is built
        • How CEF works
        • Routing Order of Operations
        • NSF – Non Stop Forwarding
      • RIP
        • RIP 101
      • EIGRP
        • EIGRP 101
        • EIGRP Metric
        • More EIGRP Features
      • OSPF
        • OSPF 101
        • OSPF Areas
        • OSPF LSAs
        • OSPF Mechanics
      • IS-IS
        • IS-IS 101
        • IS-IS Mechanics – CLNP
      • BGP
        • BGP 101
        • BGP Attributes
        • More BGP
      • Route Redistribution
      • Policy based Routing
      • PfR 101 – Perfromance Routing
      • ODR
  • IPv6
    • IPv6-101
    • IPv6 Routing
    • Interconnecting IPv6 and IPv4
  • MPLS
    • MPLS 101
    • MPLS L3 VPN
  • Multicast
    • Multicast 101
    • PIM 101
    • IGMP 101
    • Inter Domain Multicast
    • IPv6 Multicast
    • Multicast features on switches
  • Security
    • NAT 101
    • NAT for Overlapping Networks
    • ACLs 101
    • ACLs 102
    • Cisco IOS Firewall
    • Zone Based Firewall
    • AAA 101
    • Controlling CLI Access
    • Control Plane
    • Switch Security
      • Switchport Traffic Control
      • Switchport Port Security
      • DHCP Snooping and DAI
      • 802.1x
      • Switch ACLs
    • IPSec VPN 101
      • IKE / ISAKMP 101
      • IPSEC Crypto Maps 101
      • IPSEC VTI 101
      • DMVPN 101
    • EAP 101
  • Network Services
    • NTP 101
    • HTTP 101
    • File Transfer 101 – TFTP & FTP
    • WCCP 101
  • QoS
    • QoS 101
    • Classification and Marking
    • Congestion Management
      • Legacy Congestion Management
      • SPD – Selective Packet Discard
      • CBWFQ
      • IP RTP Priority
    • Congestion Avoidance – WRED
    • Policing and Shaping
      • CAR 101
    • Compression and LFI
      • Header and Payload Compression
      • LFI for MultiLink PPP
    • Frame Relay QoS
      • Per VC Frame Relay QoS
    • RSVP 101
    • Switching QoS
  • Network Optimization
    • NetFlow 101 – TNF – Traditional NetFlow
    • NetFlow 102 – FNF – Flexible NetFlow
    • IP SLA 101
    • IP Accounting 101
    • Logging 101
    • SNMP and RMON 101
    • Cisco CLI Tips and Tricks
    • AutoInstall
    • Enhanced Object Tracking
    • Troubleshooting 101
    • SPAN, RSPAN, ERSPAN
  • Network Architecture
    • Hierarchical Network Architecture
    • SD Access
    • SD WAN
Powered by GitBook
On this page
  • DHCP Server
  • DHCP Pools
  • Manual Bindings
  • ODAP – On Demand Address Pool
  • DHCP Relay Agent
  • DHCP Classes for Option 82
  • DHCP Relay Agent
  • Option 82
  • 3DHCP Client

Was this helpful?

  1. IPv4
  2. IPv4 Addressing

DHCP 101

DHCP Server

DHCP Pools

On a router, you have to create one or more pools of DHCP addresses available for lease. When a DHCP server receives a DHCP request, it will know what pool to use based on the IP address of interface that received it. If the request came from a host that is not on that subnet, the router will try to match the GIADDR field which contains the IP address of the interface that received the DHCP request on the relay server. To define a pool, use:

R(config)# ip dhcp pool POOL

Now you can define the pool attributes:

R(dhcp-config)# network NETWORK-ADDR [NETMASK]
R(dhcp-config)# domain-name DOMAIN
R(dhcp-config)# dns-server SERVER1 [SERVER2 ...]
R(dhcp-config)# default-router GATEWAY1 [GATEWAY2 ...]
R(dhcp-config)# option CODE [instance NUMBER] {ascii STRING | hex STRING | IP-ADDR}
R(dhcp-config)# lease {DAYS [HOUR [MINUTES]]|infinte}
! default - 1 DAY
R(dhcp-config)# update {arp|dns}
! updates local arp and dns info with data from dhcp server.
! update arp is used for Authorized ARP - See ARP 101 article

You can exclude some IP’s from being used in the DHCP pool using:

R(config)# ip dhcp excluded-address START-IP [END-IP]

Manual Bindings

To make manual bindings you have to create additional pools, one for each static binding. In these pools you must specify the host IP-Address and an identifier for the host – Client ID or Hardware Address. Clients are matched by the hardware address only if they don’t send a client ID. Cisco routers always send a Client ID!

R(config)# ip dhcp pool STATIC-HOST-1
R(dhcp-config)# host IP-ADDR [NETMASK]
R(dhcp-config)# client-identifier CLIENT-ID
R(dhcp-config)# hardware-address MAC-ADDRESS [PROTOCOL-TYPE|HARDWARE-NUMBER]
R(dhcp-config)# client-name HOSTNAME

Defining one POOL for each client can become an administrative nightmare. Another option is to use static mappings from a file similar to the one that the router saves when using the database agent. To enable the use of a static file, use this command in a Network Pool:

R(dhcp-config)# origin file URL

ODAP – On Demand Address Pool

A pool can be configure to use one or more subnets from another DHCP or AAA server. This is usually used by providers to assign addresses from the same pool to different customers. To define an ODAP pool, use:

R(config)# ip dhcp pool ODAP-POOL
R(dhcp-config)# origin {dhcp|aaa|ipcp}
! Optionally the pool can be assigned to a vrf
R(dhcp-config)# vrf VRF-NAME
! Now you can import the dhcp options from the server into the current pool
R(dhcp-config)# import all

The ODAP server must also be configured to reply with the requested subnets. To do this, configure the server pool with:

R(config)# ip dhcp pool SERVER-POOL
R(dhcp-config)# network NETWORK-ADDR NETMASK
R(dchp-config)# subnet prefix LEN
! Defines size of the subnet that can be allocated to ODAP clients

DHCP Relay Agent

By default, the list of DHCP bindings is kept in memory by the router and they are lost once the router reloads. You can enable the router to use a database agent, that is a location where the router can save the list of the bindings. This file can also be used to recover the list in case of reloads. To enable this feature, use:

R(config)# ip dhcp database URL
! URL can be a local or a remoate location. Ex: flash:dhcp.txt

DHCP Classes for Option 82

R(config)# ip dhcp use class

When you configure a class, you actually define the option fields that the router will compare when it receives a DHCP request. The match is done bitwise.

R(config)# ip dhcp class CLASS-NAME
! Define option fields
R(config-dhcp-class)# option OPTION-NUMBER hex OPTION-HEX-VALUE [mask BITMASK]
! Add Relay Agent Information fields:
R(config-dhcp-class)# relay agent information
R(config-dhcp-class-relayinfo)# relay-information hex RELAY-HEX-VALUE [mask BITMASK]
! If missing, it matches anything

Then apply the class to an existing DHCP pool. When you do this, the pool will be used for allocation only if at least one class is matched by a DHCP request.

R(dhcp-config)# class CLASS-NAME
! You can assign a sub-range of the pool to this class:
R(config-dhcp-pool-class)# address range START END
! Or forward the requests to another DHCP server:
R(config-dhcp-pool-class)# relay target OTHER-DHCP-SERVER

The value of the Option82 field is also added back to the DHCP reply messages that the server sends to its clients.

If the relay agent inserts Option 82 but doesn’t add GIADDR field, the router will drop the DHCP message unless you configure it to trust such messages:

! Globally, for all interfaces:
R(config)# ip dhcp relay information trust-all
! or just for one interface:
R(config-if)# ip dhcp relay information trusted

Another option is to disable the insertion of Option82 on the switch:

Sw(config)# no ip dhcp snooping information option

DHCP Relay Agent

R(config-if)#ip helper-address REMOTE-SERVER

The requests will be sent as unicast and the relay agent will add the GIADDR information (IP address of the interface that received the DHCP request) Another option is to make the router forward DHCP requests from within a pool:

R(config)# ip dhcp pool POOL-NAME
! The relay source will match be used to match the incoming interface or GIADDR
R(dchp-config)# relay source NETWORK-ADDR MASK
! The relay destination will define where the DCHP request is forwarded
R(dhcp-config)# relay destination REMOTE-SERVER

When using classes, you can define a relay target for each class:

R(config-dhcp-pool-class)# relay target OTHER-DHCP-SERVER

Option 82

The DHCP relay can be configured to add Option82 information to the DHCP requests that it forwards. You can enable this globally or per interface:

R(config)# ip dhcp information option
Rack1R4(config-if)#ip dhcp relay information option-insert [none]

Also by default, the router will also check the reply messages from the server before forwarding them to the host. If they don’t have the Option82 information echoed back in the reply packet, it will be dropped. You can disable this check globally, or per interface:

R(config)# no ip dhcp relay information check
R(config-if)# ip dhcp relay information check-reply [none]
! Use none to disable

A Cisco switch can insert Option82 information into a DHCP request. When it receives DHCP requests that already have this information attached, the router will replace it with its own. You can configure how it should treat these packets with any of the following commands:

R(config)# ip dhcp relay information policy {drop|keep|replace}
R(config-if)# ip dhcp relay information policy-action {drop|keep|replace}

Again, if the relay agent inserts Option 82 but doesn’t add GIADDR field, the router will drop the DHCP message unless you configure it to trust such messages:

! Globally, for all interfaces:
R(config)# ip dhcp relay information trust-all
! or just for one interface:
R(config-if)# ip dhcp relay information trusted

3DHCP Client

Settings for DHCP clients can be configured globally, or on each interface:

! Global DHCP Client config
R(config)# ip dhcp-client ?
  broadcast-flag     Set the broadcast flag
  default-router     Set DHCP default router related information
  forcerenew         Enable forcerenew client processing
  network-discovery  Configure parameters for network discovery
  update             Configure automatic updates
! Interface DHCP Client config
R(config-if)# ip dhcp client ?
  class-id   Specify Class-ID to use
  client-id  Specify Client-ID to use
  hostname   Specify hostname to use
  lease      Requested address lease time
  mobile     Mobile client configuration parameters
  request    Specify options (not) to request
  route      Options for routes installed by dhcp
  update     Dynamically update information

Another option is to specify the information when you enable the DHCP client:

R(config-if)# ip address dhcp [client-id INTERFACE][hostname NAME]

A DHCP router will always include a client-id in it’s request. This means that a Cisco DHCP server will not use it’s mac-address when searching for a host pool used for address assignment. You can see what is the value of the client-id sent by the router in it’s DHCP requests with:

R#sh dhcp lease

If you want to match this value on the DHCP server, you will have to use the hex-value but in a dotted format. So a better option would be to change the client id before sending the request. To see debug information for the client, use:

R# debug dhcp

You can use 2 exec commands to release or renew the DHCP address:

R# release dhcp INTERFACE
R# renew dhcp INTERFACE
PreviousFHRP 101NextDNS 101

Last updated 3 years ago

Was this helpful?

When a host requests an address via DHCP, the server uses the incoming interface IP or the GIADDR field in the DHCP request (filled by a relay agent with it’s incoming interface IP) that would match the network address defined for a pool. Additionally, it can use the client-id or hardware-address for specific manual bindings. Option 82 is a special field in a DHCP packet that can contain additional information that may identify a host. Switches can be configured to insert information in this field (and in the Relay Information Option field). See . To process this information, the DHCP server on a router needs to use DHCP classes. By default, DHCP classes are on, but if disabled, they can be enabled again with:

You can forward DHCP requests to another server using the feature of . For DHCP, the following command should be enough:

DHCP Snooping
forwarding UDP protocols