cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

159
Views
0
Helpful
0
Replies
Cisco Employee

ACI DHCP Relay minimum config

Hi,

 

I am trying to understand how exact ACI DHCP relay works. After reading the ACI DHCP relay technote, I still have questions.

 

So I did the following tests, with dhcp_server in epg-A (tn-A, app-A, ctx-A, BD-A, subnet-[A]), and dhcp_client in epg-B (tn-B, ctx-B, BD-B, subnet-[B]), I created DHCP Relay DHCP_Help under Fabric (/uni/infra/relayp-DHCP_HELP), with provider tn-A/app-A/epg-A/dhcp_server ip address, and also DHCP label under tn-B (uni/tn-B/BD-B/dhcplbl-DHCP_HELP). Then I tested the following scenarios:

 

1. In tn-A, create epg subnet-[A] w scope Shared between VRFs; create contract permit_all, w scope global, and export to tn-B; add epg-A as provider of this contract. In tn-B, let epg-B consume the imported contract interface; and set subnet-[B] scope to shared between vrf. This way, we have a full two-way communication path between epg-A and epg-B.

2. In tn-A, create epg subnet-[A] w scope Shared between VRFs; create contract permit_all, w scope VRF (or simply use common/default); let epg-A provide this contract (or common/default).

3. In tn-A, create epg subnet-[A] w scope Shared between VRFs;

4. Nothing else

 

I cleared the EP learning cache of the learned IP address by flapping the unicast routing setting of BD-B before each test. The result is that, DHCP relay works in scenarios 1, 2, 3, not in 4.

 

Now I am trying to understand why.

Packet capture shows that the dhcp replay received by dhcp_client has the IP address of the subnet-[B] default gatway as both the default-gateway option 3, and server-id option 54. The real ip address of dhcp_server is not included in dhcp reply message. It seems that the server network (subnet-[A]) is not visible to the client in this case. However, the technote mentioned that the "Not Visible" mode is no longer supported. My apic version is 3.2(o). Not sure if what this is "Not Visible" mode or not.

 

Since server IP is not in dhcp reply message received by dhcp_client, that explains why epg-B does not need to consume any contract and not need to set subnet-[B] scope to Shared between VRF's, as the client only needs to talk to its default gateway in subnet-[B].

 

Could one of you experts explain what is the absolute minimum configuration needed for dhcp relay to work? What additional contracts or scope changes are needed. How do you normally configure for dhcp relay in ACI?

 

Thanks a lot.

 

CreatePlease to create content
Content for Community-Ad
August's Community Spotlight Awards