All_about_network

This post is brief introduction to configuration of DHCP relay with option 82 on S3900,S5600 and S6500.

Scenario I
Let’s use S3900 as an aggregation switch and relay directly from there. As the S5600 is almost the same I expect that configuration of these two devices are the same (and the configuration as well). Actually the config options are much better than on S6500.
Vlans 10 and 100 are used for the realization of the relay function.

Sample Configuration

#
sysname S3952
#
dhcp-server 1 ip 10.1.1.100
dhcp relay information enable
dhcp relay information strategy replace
#
vlan 10
description data-vlan
#
vlan 100
description to_core
#
interface Vlan-interface10
description data-vlan-to-client
ip address 192.168.11.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface100
description to_core
ip address 10.101.0.1 255.255.0.0
#
interface Ethernet1/0/1
description access
port link-type trunk
port trunk permit vlan 1 10 20 30
port trunk pvid vlan 10
#
interface GigabitEthernet0/0/1
description uplink
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 100
#

As you will see later the configuration is the same as in case of S6500, but S3900 and S5600 have more configurable options (like sending of hostname instead of mas address in the second sub option).

Scenario II
Let’s use S3900 as an access switch and relay from S5600 which will serve us as aggregation switch.

As you can see below in the configuration example the dhcp snooping is enabled on the access S3900. This is for security reason (and because option 82 could be applied even though the relay is not used on the device).

Sample Configuration of S3900

#
sysname S3952
#
dhcp-snooping information enable
dhcp-snooping information strategy replace
#
vlan 10
description data
#
interface Ethernet1/0/1
description access
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30
port trunk pvid vlan 10
#
interface Ethernet1/0/22
description uplink
undo port trunk permit vlan 1
port trunk permit vlan 10 20 30 1000
#
dhcp-snooping
#

Sample Configuration of S5600

#
sysname S5600
#
dhcp-server 0 ip 20.20.20.21
dhcp relay information strategy keep
#
vlan 10
description access
#
vlan 20
description to_DHCP
#
interface Vlan-interface10
ip address 10.10.10.10 255.255.255.0
dhcp-server 0
#
interface Vlan-interface20
ip address 20.20.20.20 255.255.255.0
#
interface GigabitEthernet1/0/1
description to_dhcp
port access vlan 20
#
interface GigabitEthernet1/0/24
description fro_access
port link-type trunk
port trunk permit vlan 1 10 20
#

Scenario III
Let’s use S6500 as an aggregation switch and relay directly from there. I am using vlan 10 as access from client and vlan 100 as uplink to core. As the routing functions are needed the vlan interfaces are used. On this switch the possibilities os configuring the option 82 are very limited. Actually you can just enable the relay information and decide if you want to keep the option values received or replace by your own. In this usage is better to replace the information for security reasons.

Sample Configuration

#
sysname Quidway S6506R
#
dhcp-server 1 ip 10.1.1.100
dhcp relay information enable
dhcp relay information strategy replace
#
vlan 10
description data-vlan
#
vlan 100
description to_core
#
interface Vlan-interface10
description data-vlan-to-client
ip address 192.168.11.1 255.255.255.0
dhcp-server 1
#
interface Vlan-interface100
description to_core
ip address 10.101.0.1 255.255.0.0
#
interface Ethernet1/0/1
description access
port link-type trunk
port trunk permit vlan 1 10 20 30
port trunk pvid vlan 10
#
interface GigabitEthernet0/0/1
description uplink
port link-type trunk
undo port trunk permit vlan 1
port trunk permit vlan 100
#