[j-nsp] Subscriber management / dual stacked VLAN / DHCP help

Nathan Ward juniper-nsp at daork.net
Sun Oct 9 21:00:53 EDT 2022


Hi,

So, firstly, you shouldn’t need to do IP demux (i.e. demux0 etc.) - as your users appear to be on different VLANs.
IP demux is for situations where you have a single VLAN with multiple subscribers - but in your case you want “VLAN demux”.
The Juniper docs and examples are unfortunately not very clear about this (or at least weren’t when I last looked) - and a lot of people end up configuring IP demux like you have from examples. I work with a lot of customers untangling complicated configs built around unnecessary IP demux.
You can do $junos-interface-ifd-name in place of demux0, and a few other things (drop underlying interface etc.), and it will create ae0 subinterfaces for you rather than demux0 - and is a much cleaner way to operate.

Note that dual stack is not supported on IP demux - your BNG will have sessions for IPv4 and IPv6 as distinct subscribers. When doing VLAN demux, you can do a dual-stack-group config and have a single L3 subscriber session for each subscriber (in addition to the L2 VLAN subscriber of course).


That said, this should obviously still work.
I don’t think you need to attach the DHCP subnet on the router - though presumably you will want the address that dhcp-local-server offers as the router bound to lo0.0 - that can be a /32. Make sure you have a static discard for the pool, so your BNG advertises the pool (or you configure your policy to advertise /32s).
My best guess at the minute is that it’s not able to find an appropriate pool without that router address on lo0.0, but I would expect to see more in the logs for that.

It looks like the logs might not be complete? Feel free to send me the full log off list. Full config will help too if you are able to share.

What does `show dhcp server binding detail` show - does it also not show any bindings?

What is "service-profile user-profile” for - what’s in “user-profile” ? Do you have service dynamic-profiles configured (and do you need them)?


> On 10/10/2022, at 03:17, Matthew Crocker via juniper-nsp <juniper-nsp at puck.nether.net> wrote:
> 
> 
> Hello,
> 
> I’m working with a Juniper MX204 to support DHCP subscriber management over stacked-VLANs with dynamic profiles.  I’ve followed a bunch of examples and I can’t seem to get the DHCP server & clients to communicate properly.
> 
> I believe I have the stacked-vlan demuxing working but I can’t get the DHCP part to work.
> 
> I think I need to terminate DHCP subnet on the router somewhere but I’m not sure what interface to attach it to (loopback?)
> 
> I have an Adtran TA5k attached to the ae0 interface with 3 ONTs and 3 residential gateways running DHCP clients.
> I see the stack vlans getting demuxed as subscribers
> 
> show subscribers
> Interface             IP Address/VLAN ID                      User Name                      LS:RI
> demux0.3221225472     0x8100.302 0x8100.12                                              default:default
> demux0.3221225473     0x8100.302 0x8100.11                                              default:default
> demux0.3221225474     0x8100.302 0x8100.303                                             default:default
> 
> I don’t see any  DHCP assigned addresses
> 
> DHCP log:
> 
> Oct  9 13:36:58.335016 [MSTR][DEBUG] jdhcpd_packet_info_new: PACKET - Allocated new v4 packet 0xaccd858
> Oct  9 13:36:58.335065 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP   from == 0.0.0.0, port == 68 ]--
> Oct  9 13:36:58.335077 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP   size == 300, op == 1 ]--
> Oct  9 13:36:58.335086 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP  flags == 0 ]--
> Oct  9 13:36:58.335095 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP  htype == 1, hlen == 6 ]--
> Oct  9 13:36:58.335103 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP   hops == 0, xid == 519c0224 ]--
> Oct  9 13:36:58.335112 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP   secs == 65535, flags == 0000 ]--
> Oct  9 13:36:58.335122 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP ciaddr == 0.0.0.0 ]--
> Oct  9 13:36:58.335131 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP yiaddr == 0.0.0.0 ]--
> Oct  9 13:36:58.335140 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP siaddr == 0.0.0.0 ]--
> Oct  9 13:36:58.335149 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP giaddr == 0.0.0.0 ]--
> Oct  9 13:36:58.335165 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP chaddr == e8 2c 6d e8 1e 90 00 00 00 00 00 00 00 00 00 00 ]--
> Oct  9 13:36:58.335174 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP  sname ==  ]--
> Oct  9 13:36:58.335182 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ DHCP/BOOTP   file ==  ]--
> Oct  9 13:36:58.335193 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ OPTION code  53, len   1, data DHCP-DISCOVER ]--
> Oct  9 13:36:58.335203 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ OPTION code  57, len   2, data 02 40 ]--
> Oct  9 13:36:58.335216 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ OPTION code  55, len  10, data 01 03 06 0c 0f 1c 2a 2b 79 d4 ]--
> Oct  9 13:36:58.335229 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ OPTION code  60, len  14, data 38 33 34 2d 35 2d 53 4d 41 52 54 2f 4f 53 ]--
> Oct  9 13:36:58.335241 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] --[ OPTION code  12, len  10, data 38 33 34 2d 35 2d 31 45 39 30 ]--
> Oct  9 13:36:58.335250 [MSTR][INFO] [default:default][SVR][INET][demux0.3221225473] --[ OPTION code 255, len   0 ]--
> Oct  9 13:36:58.335260 [MSTR][INFO]  jdhcpd_is_alq_topology_discover_configured: There is no relay configuration in routing context default.default
> 
> Oct  9 13:36:58.335280 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] jdhcpd_find_client_from_client_pdu: BOOTPREQUEST could not find client table ent
> Oct  9 13:36:58.335289 [MSTR][DEBUG] jdhcpd_packet_map_to_wholesale_client: No wholesale clients moved out routing instance default:default
> Oct  9 13:36:58.335297 [MSTR][DEBUG] jdhcpd_packet_map_to_wholesale_client: Client entry NOT found
> Oct  9 13:36:58.335305 [MSTR][NOTE]  jdhcpd_packet_handle: RECEIVE DISCOVER: stats_safd 0x0 , safd 0xac1e100 demux0.3221225473
> Oct  9 13:36:58.335318 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] jdhcpd_process_forward_only_or_drop: Returning ... forward-only flags not set (flags=deaddead, rc_flags 8a4080d) for routing context 0
> Oct  9 13:36:58.335371 [MSTR][DEBUG][default:default][SVR][INET][SID=0] jdhcpd_packet_handle: new client table entry created for ifindex 536870986
> Oct  9 13:36:58.335385 [MSTR][DEBUG][default:default][SVR][INET][demux0.3221225473] jdhcpd_process_offer_advertise_delay: Returning ... offer delay not set (flags=0, rc_flags 8a4080d) for routing context 0, rc(acac000)
> Oct  9 13:36:58.335396 [MSTR][DEBUG][default:default][SVR][INET][SID=0] jdhcpd_packet_handle: Set client next-hop mac addr:  e8 2c 6d e8 1e 90 state(0)
> Oct  9 13:36:58.335415 [MSTR][INFO]  jdhcpd_client_set_pkt: *********** Setting v4 packet 0xaccd858
> Oct  9 13:36:58.335633 [MSTR][INFO] [default:default][SVR][INET][demux0.3221225473][SID=1283] jdhcpd_get_v4_v6_protocol_attributes: get configured protocol-attributes
> 
> Relevant configs below
> 
> --- JUNOS 19.4R3.11 Kernel 64-bit  JNPR-11.0-20200922.4042921_buil
> 
> show configuration interfaces ae0
> description "TA5K SMA";
> flexible-vlan-tagging;
> auto-configure {
>    stacked-vlan-ranges {
>        dynamic-profile Auto-Stacked-VLAN-Demux {
>            accept any;
>            ranges {
>                302-399,any;
>            }
>        }
>    }
> }
> 
> show configuration dynamic-profiles
> Auto-Stacked-VLAN-Demux {
>    interfaces {
>        demux0 {
>            unit "$junos-interface-unit" {
>                demux-source inet;
>                proxy-arp;
>                vlan-tags outer "$junos-stacked-vlan-id" inner "$junos-vlan-id";
>                demux-options {
>                    underlying-interface "$junos-interface-ifd-name";
>                }
>                family inet {
>                    unnumbered-address lo0.0 preferred-source-address 100.100.100.1/32;
>                }
>            }
>        }
>    }
> }
> DHCP-IP-Demux {
>    interfaces {
>        demux0 {
>            unit "$junos-interface-unit" {
>                proxy-arp;
>                demux-options {
>                    underlying-interface "$junos-underlying-interface";
>                }
>                family inet {
>                    demux-source {
>                        $junos-subscriber-ip-address;
>                    }
>                    unnumbered-address lo0.0 preferred-source-address 100.100.100.1/32;
>                }
>            }
>        }
>    }
> }
> 
> show configuration system services dhcp-local-server
> service-profile user-profile;
> group gpon-data1 {
>    dynamic-profile DHCP-IP-Demux;
>    interface ae0.0;
>    interface demux0.0;
> }
> 
> address-assignment {
>    pool FTTH1 {
>        family inet {
>            network 66.59.55.0/24;
>            range FTTH1 {
>                low 66.59.55.5;
>                high 66.59.55.254;
>            }
>            dhcp-attributes {
>                name-server {
>                    8.8.8.8;
>                    8.8.4.4;
>                }
>                router {
>                    66.59.55.1;
>                }
>            }
>        }
>    }
> _______________________________________________
> juniper-nsp mailing list juniper-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/juniper-nsp



More information about the juniper-nsp mailing list