Interface Configuration
7210 SAS-X OS Services Guide Page 937
• Drop — The DHCP packet is dropped and a counter is incremented.
• Keep — The existing information is kept on the packet and the router does not add any
additional information. On egress the information option is not stripped and is sent on to
the downstream node.
In accordance with the RFC, the default behavior is to keep the existing information; except if the
giaddr of the packet received is identical to a local IP address on the router, then the packet is
dropped and an error incremented regardless of the configured action.
The maximum packet size for a DHCP relay packet is 1500 bytes. If adding the Option 82
information would cause the packet to exceed this size, the DHCP relay request will be forwarded
without the Option 82 information. This packet size limitation exists to ensure that there will be no
fragmentation on the end Ethernet segment where the DHCP server attaches.
In the downstream direction, the inserted Option 82 information should not be passed back
towards the client (as per RFC 3046, DHCP Relay Agent Information Option). To enable
downstream stripping of the option 82 field, DHCP snooping should be enabled on the SDP or
SAP connected to the DHCP server.
Trusted and Untrusted
There is a case where the relay agent could receive a request where the downstream node added
Option 82 information without also adding a giaddr (giaddr of 0). In this case the default behavior
is for the router to drop the DHCP request. This behavior is in line with the RFC.
The 7210 SAS supports a command trusted, which allows the router to forward the DHCP request
even if it receives one with a giaddr of 0 and Option 82 information attached. This could occur
with older access equipment. In this case the relay agent would modify the request's giaddr to be
equal to the ingress interface. This only makes sense when the action in the information option is
keep, and the service is IES or VPRN. In the case where the Option 82 information gets replaced
by the relay agent, either through explicit configuration or the VPLS DHCP Relay case, the
original Option 82 information is lost, and the reason for enabling the trusted option is lost.
DHCP Snooping
To support DHCP based address assignment in L2 aggregation network, 7210 supports DHCP
snooping. 7210 can copy packets designated to the standard UDP port for DHCP (port 67) to its
control plane for inspection, this process is called DHCP snooping.
DHCP snooping can be performed in two directions:
To Next Page
Loading...
