[j-nsp] EX9200 DHCP Relay

Ben Dale bdale at comlinx.com.au
Fri Sep 19 00:19:03 EDT 2014 

SELECTING means that an OFFER has been sent to the client (or at least the switch thinks it has relayed it), but the REQUEST hasn't come back from the client.

I have seen this in some instances where the client is expecting a Unicast reply from the relay agent rather than a broadcast or vice-versa - fix with:

set forwarding-options dhcp-relay overrides layer2-unicast-replies

Nice tip on the route-suppression statement William - that one has been annoying me for a while with JDHCPd on the SRX...

Cheers,

Ben

On 19 Sep 2014, at 12:01 am, Chris Jones <chris at sdnessentials.com> wrote:

> My DHCP clients are all stuck in SELECTING state. Has anyone ever seen that, or maybe know what causes it?
> 
> root at DVT-EX9200> show dhcp relay binding
> 
> IP address        Session Id  Hardware address   Expires     State      Interface
> 0.0.0.0           18          00:25:90:3d:76:34  0           SELECTING  irb.30
> 0.0.0.0           19          00:25:90:3d:e5:13  0           SELECTING  irb.30
> 0.0.0.0           17          00:25:90:6d:f0:c3  0           SELECTING  irb.30
> 0.0.0.0           23          d4:be:d9:95:b6:4f  0           SELECTING  irb.16
> 
> 
> 
> 
>> On Sep 16, 2014, at 3:13 PM, William McLendon <wimclend at gmail.com> wrote:
>> 
>> this is a working DHCP config on EX9200s — make sure you include the forward-snooped-clients all-interfaces statement, or any transit DHCP packet that traverses an interface without DHCP relay configured will be eaten by the EX9200 — its the most asinine thing in the world to have (a carryover from MX some sort of DHCP security i’m sure), but its completely undocumented it does this from what i’ve seen.
>> 
>>   dhcp-relay {
>>       forward-snooped-clients all-interfaces;
>>       server-group {
>>           CAMPUS {
>>               192.168.168.168;
>>           }
>>       }
>>       active-server-group CAMPUS;
>>       route-suppression {
>>           destination;
>>       }
>>       group LOCAL-NETS {
>>           interface ge-5/0/0.304;
>>           interface irb.9;
>>       }
>>   }
>> }
>> 
>> 
>> the route-suppression destination statement also prevents it from installing access-internal host routes and permanent ARP entries for every DHCP lease.
>> 
>> 
>> will
>> _______________________________________________
>> juniper-nsp mailing list juniper-nsp at puck.nether.net
>> https://puck.nether.net/mailman/listinfo/juniper-nsp
> 
> Chris Jones, JNCIE-ENT #272 / JNCIP-SP
> SDN Engineer
> www.sdnessentials.com
> Cell: 858-888-0373
> E-Mail: chris at sdnessentials.com 
> 
> 
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp

More information about the juniper-nsp mailing list