06-15-2009 04:49 AM - edited 03-06-2019 06:15 AM
Hello guys,
Do you have any solution for vrf-aware dhcp-relay on 6500-sw that running 12.2-23.SXI IOS?
Best regards
Hieu Nguyen
06-15-2009 06:23 AM
Hi,
By default the 6500 will use the vrf associated to the interface to resolve the helper address.
If the server belongs to another VPN, you can use the ip helper vrf command.
HTH
Laurent.
06-15-2009 06:59 AM
Hi Laurent, the problem is that I can not find "vrf option" under the command "ip helpër-address" on the interface config.
6500-sw(config-if)#ip helper-address ?
A.B.C.D
I should be like:
6500-sw(config-if)#ip helper-address ?
A.B.C.D
vrf
Questions are:
-Does 6500-platfporm with SXI IOS support vrf-aware dhcp-relay?
-If not, do we have any good solutions to solve this problem without importing of VRFs?
Best Regards
Hieu Nguyen
06-15-2009 07:34 AM
I made further searching and actually it's not supported (the documentation is wrong).
So your only solution is to import the DHCP address into the VRF.
Sorry for the inconvenience.
Laurent.
06-16-2009 01:39 AM
Thanks Laurent, can you give me the configuration example for importing only DHCP address into VRF?
best regards
Hieu
06-16-2009 05:12 AM
Hieu,
The PE connected to your DHCP server needs to export the subnet with a RT value.
Then on each PE, you have DHCP client, import this RT.
You will need more configuration i fyou want to support overlapping:
http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ftdhmpls.html
HTH
Laurent.
06-16-2009 05:39 AM
Thank you very much, Laurent...I will test your suggestion when i have time.
Have a nice day...
Hieu Nguyen
11-13-2009 05:18 AM
Don't know if Hieu got the chance to test this, but I think it didn't work.
The link to the document "DHCP Relay-MPLS Support" states the supported platforms, but the 6500 is not in the list.
Also in the document, the configuration should say:
ip dhcp relay information option vpn
!
interface ethernet 0/1
ip helper-address vrf red 10.44.23.7
But on the 6500 with 12.2.33SXI, there are noe "vpn" choice after the "ip dhcp relay information option". This is the only statement for that command.
Does this functionallity also apply for other protocols like UDP port 14000 to an ip helper-address?
I will try this, with the command ip dhcp relay information option, and give a feedback. And if it doesn't work, what are the options for 6500?
Br
Geir Sand-Strand
11-13-2009 05:31 AM
Well it didn't work.
There was no option for entering vrf with the ip helper-address.
(ip helper-address vrf...)
The vrf options seems not to be supported.
So how can this the be solved?
BR
Geir
11-13-2009 09:18 AM
Hello Geir,
as Laurent as explained briefly in its post of 16 June if this vrf option is not supported you need to create a VPN extranet:
if the client is in VRF B and the DHCP server is in VRF A.
The IP prefix for DHCP server has to be advertised in BGP multihop with an additional route-target BGP extended community so that
VRF A can import the prefix and what is more important it can reach the server via the MPLS backbone.
if you have placed the DHCP server in a common services VRF you can import in VRF A the route target.
ip vrf CommonServices
route-target export 100:201
on PE node where the client connects
ip vrf clientA
route-target import 100:201
Hope to help
Giuseppe
11-14-2009 05:34 AM
I'm not very familiar with VRF, BGP and MPLS yet, so I'm having a bit difficulty understanding what to do.
We have a 6500 with FWSM and have created VRF's around the fwsm. The VRF's contains one or more vlan's.
To go from one vrf to another you pass thru the fwsm. Everyting works fine, except forwarding of upd, like dhcp and udp 14000 (one application needs this port).
The 6500 2 VRF's that need to pass the dhcp requests and 14000, are configured like this:
ip vrf client
rd 65512:13
route-target export 65512:13
route-target import 65512:13
ip vrf server
rd 65512:10
route-target export 65512:10
route-target import 65512:10
The vlan's are created and put in the vrf with ip vrf forwarding command in the Interface vlan config.
If I understand you correctly, I need to add the following to ip vrf server:
route-target export 65512:13
and add the following to ip vrf client:
route-target import 65512:10
Or am I way off?
Geir
11-15-2009 02:16 PM
09-16-2010 02:08 AM
Hi,
I had some what of the same problem. Did you do a whireshark if you did and you find out that the relay ip address is empty ore all zero's. Than you have to do the following enable "service dhcp" or first disable and re-enable it. It worked for me hope this helps.
With kind regards,
Niels
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide