Académique Documents
Professionnel Documents
Culture Documents
Abstract: This document describes the typical application environment and configuration
examples for DHCP snooping Option 82.
Acronyms:
Table of Contents
5 References ................................................................................................................................... 10
1 Feature Overview
Option 82 is the relay agent option which records the location information of the
DHCP client. When a DHCP snooping device receives a clients request, it adds
Option 82 to the request message and sends it to the server. Then, the DHCP server
can assign a proper IP address and other parameters for the client. The administrator
can also use Option 82 to implement security control and accounting.
2 Application Scenarios
DHCP server
Eth1/1
DHCP snooping
Eth1/2 Eth1/3
VLAN 2
Host A Host B
DHCP client DHCP client
Typically, a DHCP server assigns an IP address based on the giaddr filed of the
clients request or the IP address of the interface that received the clients request. In
Figure 1 , the DHCP server assign IP addresses to Host A and Host B from the
network segment where the clients belong.
A clients ID can be recognized by Option 82. Therefore, the DHCP server can assign
a unique IP address to each client, to further implement QoS, security and accounting
management.
3 Configuration Guidelines
z The DHCP snooping Option 82 function can take effect only after you enable
DHCP snooping.
z DHCP snooping does not support link aggregation. If a Layer 2 Ethernet
interface is added into an aggregation group, DHCP snooping configuration on
it will not take effect. When the interface is removed from the group, DHCP
snooping can take effect.
z The DHCP snooping enabled device does not work if it resides between a
DHCP relay agent and DHCP server, and it can work when it resides between a
DHCP client and relay agent or between a DHCP client and server.
z You are recommended to enable the DHCP snooping Option 82 function on the
DHCP snooping device closest to the DHCP client for locating the client
accurately.
z The DHCP snooping enabled device cannot act as a DHCP server or DHCP
relay agent.
z You are not recommended to enable the DHCP client, BOOTP client, and
DHCP snooping on the same device. Otherwise, DHCP snooping entries may
fail to be generated, or the BOOTP client/DHCP client may fail to obtain an IP
address.
4 Configuration Example
The work area of an enterprise is divided into three groups, group 1, group 2, and
group 3, which are located in three rooms. A DHCP server is deployed to assign IP
addresses of different segments to the three groups.
It is required that:
Note:
The following configurations are made on devices that are using default settings and
verified in a lab environment. When using the following configurations on your devices
in a live network, make sure they do not conflict with your current configurations to
prevent potential negative impact on your network.
I. Configuration steps
<Switch> system-view
[Switch] dhcp-snooping
I. Configuration steps
You can use the following two methods to configure Option 82:
For the second method, the circuit ID sub-option format is as shown in Figure 3 .
For example, for clients connected to Ethernet 1/1, the circuit ID sub-option is padded
with group 1. The circuit ID sub-option in DHCP packets should contain the following
information: 0x010667726F757031, in which 0106 refers to the number and length of
the circuit ID sub-option, and 67726F757031 refers to the hexadecimal value of the
character string group 1.
In this example, IP addresses are assigned according to the group number; therefore,
the DHCP server only needs to assign IP addresses based on the group number
padded in the circuit ID sub-option.
Note:
The DHCP server is configured on a Cisco Catalyst 3745 switch with software version
IOS 12.3(11)T2. To configure a device of another type or version as the DHCP server,
refer to the related user manual.
Server> enable
Server# configure terminal
Server(config)# interface fastethernet 0/0
# Enable DHCP server, and configure the DHCP server to assign IP addresses based
on Option 82.
# Create a DHCP class for clients in group 1, and specify the corresponding circuit ID
sub-option for matching. For the content not to be matched, enter the wildcard *.
# Create a DHCP class for clients in group 2, and specify the corresponding circuit ID
sub-option for matching.
# Create a DHCP class for clients in group 3 and specify the corresponding circuit ID
sub-option for matching.
# Create a DHCP address pool named office, and specify the lease time, gateway
address, DNS server address, and WINS server address for clients.
4.4.3 Verification
After completing the above configurations, the DHCP server can automatically assign
IP addresses of the specified range, gateway address, DNS server address, and
WINS server address for clients of each group in the work area.
5 References
z RFC 2131: Dynamic Host Configuration Protocol
z RFC 3046: DHCP Relay Agent Information Option
Copyright 2008 Hangzhou H3C Technologies Co., Ltd. All rights reserved.
No part of this manual may be reproduced or transmitted in any form or by any means without prior written consent of