[c-nsp] Setting relay agent IP on 4500

Jason Lixfeld jason at lixfeld.ca
Fri Aug 4 11:05:48 EDT 2017

> On Aug 4, 2017, at 3:57 AM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
> On 03/08/17 21:27, Jason Lixfeld wrote:
>>> On Jul 31, 2017, at 12:17 PM, Phil Mayers <p.mayers at imperial.ac.uk> wrote:
>>> I guess you could use a dummy relay that added a fake RFC3527 option but yuck...
>> What do you mean by this, exactly?  Relay to a relay?  Didn’t think that was possible because a relay only accepts broadcasts… or am I lacking clue?
> You can chain relays e.g. client to router, router to relay in PoP, PoP to DHCP server. It's pretty rare AIUI and not especially useful in many cases, but it does work.
> e.g. from the ISC dhcrelay man page:
> """
> The DHCP Relay Agent listens for DHCPv4 or DHCPv6 queries
> from clients or other relay agents
> """             ^^^^^^^^^^^^^^^^^^
> One problem with all of this of course, is that even if you get the relay stuff working, it'll only help you in the INIT, SELECTING and REQUESTING / REBINDING states. RENEWING (unicast DHCPREQUEST at T1) usually don't get touched by the relay in a router-as-relay setup.
> (Various option82 setups need or force the relay to intervene even on unicast renews, but AFAIK IOS doesn't do this for L3 interface helpers)

I guess ISC is a little more robust in that sense.  I was thinking (hoping) that if it came down to it, I’d be able to do it with IOS/XE/XR boxen so as not to have to burden my systems folks with maintaining an ISC farm.

Alas, a bit more research and testing has yielded positive results in that later versions of XE for 4500s support the vpn option, which is the hook that was preventing this from working previously:

ip dhcp relay information option vpn
ip dhcp compatibility suboption link-selection standard

Now it works as expected. No cascading relays or other funkiness required.

On a separate tangent, I couldn’t find useful command references for the various versions of IOS XE to see if the command was supported.  I had to actually upgrade a box.  Maybe my expectations are too high, but I seem to remember a time when one was able to look at a version specific command reference.

More information about the cisco-nsp mailing list