cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
208
Views
0
Helpful
0
Replies
Highlighted

DHCP relay in VRF lite and Windows 2016 : No DHCP release being forwarded through DHCP relay agent

Hi Everyone,

 

I am testing a DHCP relay in a VRF lite LAB, the goal is to have a central DHCP server to allocate client IP addresses for subnets that are not directly reachable.

 

To achieve this I am using the helper-address global and ip dhcp relay information options (config below), everything works OK in regards to initial DHCP request and renew, meaning that the DHCP traffic is catch by the VLAN's SVI (in VRF) and forwarded to the DHCP server (in GLOBAL) sourced by the designated source interface.

Windows 2016 improves this design because allows the use of option 82 sub option 5 : link-selection

 

What I am unable to achieve is to forward in the same fashion DHCP release messages that are unicast messages (I have tried this on Windows 7 and Linux).

 

Is that something I am missing or this is a design limitation of the DHCP relay agent feature ?

 

image.png

 

version 15.2
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
service compress-config
!
hostname CORE
!
boot-start-marker
boot-end-marker
!
!
logging buffered 50000
logging console discriminator EXCESS
!
no aaa new-model
clock timezone CET 1 0
!
!
!
!
!
vtp mode transparent
no ip icmp rate-limit unreachable
!
ip vrf A
 rd 1:1
!
ip dhcp-relay information option server-override
ip dhcp relay information option vpn
ip dhcp relay information option
!
!
no ip domain-lookup
ip cef
no ipv6 cef
!
!
!
spanning-tree mode pvst
spanning-tree extend system-id
!
!
vlan 8
 name VL008_SERVERS
!
vlan 128
 name VL128_WORKSTATIONS
!
vlan 129
 name VL129_WORKSTATIONS_VRF_A
!
vlan 130
 name VL130_WORKSTATIONS_VRF_A
!
vlan 253-254
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface Loopback0
 ip address 10.100.1.254 255.255.255.0
!
interface Ethernet0/0
 description Win2016_DC
 switchport access vlan 8
 switchport mode access
 spanning-tree portfast edge
!
interface Ethernet0/1
 Description ASA
 switchport trunk encapsulation dot1q
 switchport mode trunk
 spanning-tree portfast network
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet1/0
!
interface Ethernet1/1
!
interface Ethernet1/2
!
interface Ethernet1/3
!
interface Ethernet2/0
!
interface Ethernet2/1
!
interface Ethernet2/2
!
interface Ethernet2/3
!
interface Ethernet3/0
 description Lin-1
 switchport access vlan 129
 switchport mode access
 spanning-tree portfast edge
!
interface Ethernet3/1
 description Win-1
 switchport access vlan 128
 switchport mode access
 spanning-tree portfast edge
!
interface Ethernet3/2
 description Win-2
 switchport access vlan 129
 switchport mode access
 spanning-tree portfast edge
!
interface Ethernet3/3
 description Win-3
 switchport access vlan 129
 switchport mode access
 spanning-tree portfast edge
!
interface Vlan1
 no ip address
 shutdown
!
interface Vlan8
 ip address 10.100.8.254 255.255.255.0
 no ip redirects
 no ip proxy-arp
!
interface Vlan128
 ip address 10.100.128.254 255.255.255.0
 ip helper-address 10.100.8.1
 no ip redirects
 no ip proxy-arp
!
interface Vlan129
 ip vrf forwarding A
 ip dhcp relay information option server-id-override
 ip dhcp relay information option-insert
 ip dhcp relay source-interface Loopback0
 ip address 10.100.129.254 255.255.255.0
 ip helper-address global 10.100.8.1
 no ip redirects
 no ip proxy-arp
!
interface Vlan130
 ip vrf forwarding A
 ip dhcp relay information option vpn-id
 ip dhcp relay source-interface Loopback0
 ip address 10.100.130.254 255.255.255.0
 ip helper-address global 10.100.8.1
 no ip redirects
 no ip proxy-arp
!
interface Vlan253
 ip address 10.100.253.254 255.255.255.0
!
interface Vlan254
 ip vrf forwarding A
 ip address 10.100.254.254 255.255.255.0
!
ip forward-protocol nd
!
ip tcp synwait-time 5
ip http server
!
ip route 0.0.0.0 0.0.0.0 10.100.253.220
ip route vrf A 0.0.0.0 0.0.0.0 10.100.254.220
ip ssh server algorithm encryption aes128-ctr aes192-ctr aes256-ctr
ip ssh client algorithm encryption aes128-ctr aes192-ctr aes256-ctr
!
!
access-list 100 permit ip any host 10.100.8.1
!
!
!
control-plane
!
!
line con 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line aux 0
 exec-timeout 0 0
 privilege level 15
 logging synchronous
line vty 0 4
 login
!
!
!
end

 

Everyone's tags (4)
CreatePlease to create content
Content for Community-Ad

Spotlight awards-March 2019