SRX

 View Only

IMPORTANT MODERATION NOTICE

This community is currently under full moderation, meaning  all posts will be reviewed before appearing in the community. Please expect a brief delay—there is no need to post multiple times. If your post is rejected, you'll receive an email outlining the reason(s). We've implemented full moderation to control spam. Thank you for your patience and participation.



  • 1.  services dhcp-local-server vs service dhcp and vlan

    Posted 07-12-2016 09:49

    with a SRX240 Junos 12.1X44-D40.2

    scope to assign a ip to a mac address !

     

    at the moment I have around 20 services dhcp pool definite and propagate each corrispond a vlan.

    I tried to use static-binding but it doesn't work .

     

     

    most of the comments I found suggest to use dhcp-local-server,

    my first question is: what is it the difference between "service dhcp pool" and "access address-assignment"?

     

    show system services dhcp pool 192.168.114.0/24 {
    address-range low 192.168.114.50 high 192.168.114.254;
    name-server {
    8.8.8.8;
    }
    router {
    192.168.114.1;
    }
    propagate-settings vlan.114;
    show system services dhcp pool 192.168.115.0/24 {
    address-range low 192.168.115.50 high 192.168.115.254;
    name-server {
    8.8.8.8;
    }
    router {
    192.168.115.1;
    }
    propagate-settings vlan.115; 

     convert this to a "set access",

    second questtion: how can I associate the first to vlan.114 and second to vlan.115 using access ?

    access address-assignment {
        pool LAN114 {
            family inet {
                network 192.168.114.0/24;
                range wired {
                    low 192.168.114.50;
                    high 192.168.114.254;
                }
                dhcp-attributes {
                    name-server {
                        8.8.8.8;    
                    }
                    router {
                        192.168.114.1;
                    }
                }
            }
      pool LAN115 {
            family inet {
                network 192.168.115.0/24;
                range wired {
                    low 192.168.115.50;
                    high 192.168.115.254;
                }
                dhcp-attributes {
                    name-server {
                        8.8.8.8;    
                    }
                    router {
                        192.168.115.1;
                    }
                }
            }
        }
    

     


    #host
    #STATICIP
    #DHCP
    #address-assignment
    #vlan
    #Access


  • 2.  RE: services dhcp-local-server vs service dhcp and vlan
    Best Answer

    Posted 07-14-2016 00:01

    what is it the difference between "service dhcp pool" and "access address-assignment"?

     

    Both configuration parts are handled by seperate daemons.  "service dhcp pool" is handled by DHCPD whereas "access address-assignment" is handled by JDHCPD. 

     

    JDHCPD has several enhancements over DHCPD such as support for routing-instance, logical systems etc and this is why it was recommended to you. 

     

    Propogate Settings can be configued under [edit access address‐assignment pool <> family inet ]

     

    dhcp‐attributes {                      

    propagate‐settings ge‐0/0/2.0;                  } 

     

    Cheers,

    Sameer

    If this worked for you please flag my post as an "Accepted Solution" so others can benefit. A kudo would be cool if you think I earned it.



  • 3.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-22-2016 10:30

    thanks for your help,

    anyway after upgraded SRX240 to 12.1X46-D40.2 and make factory reset still the default configuration have "service dhcp pool" instead JDHCP.

     

     

     



  • 4.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-22-2016 22:26

    Factory default configuration will only have config specific to DHCPD. 

     

    DHCPD will become obsolete in newer versions and then we can expect to see JDHCPD config as default.



  • 5.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-22-2016 23:17

    as jsameer already wrote, dhcpd will be obsolete. Actually from 15.1X49-D60 (released 3 days ago) the dhcpd-configpart is hidden and a warning shows at each commit stating that you should convert to jdhcpd config.

     

    15.1X49 is for the new SRX300 series, 550M and 1500 so I don't expect this behaviour to be put into 12.1X or 12.3X for the legacy SRX200 series... so as long as you have your SRX240 then you are not forced to change DHCP daemon 🙂



  • 6.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-23-2016 00:17

    Refer to below link for more details:

    https://kb.juniper.net/InfoCenter/index?page=content&id=TSB16991&smlogin=true&actp=search

     

    The TSB will continue to be updated as the deprecation plan progresses.



  • 7.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-23-2016 07:13

    @jonashauge wrote:

     

    15.1X49 is for the new SRX300 series, 550M and 1500 so I don't expect this behaviour to be put into 12.1X or 12.3X for the legacy SRX200 series... so as long as you have your SRX240 then you are not forced to change DHCP daemon 🙂


    I have SRX240H2 , what you mean you are not forced to change ?



  • 8.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-25-2016 11:59

    Correct, for now no changes are expected to happen to 12.1X and 12.3X software trains.



  • 9.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-27-2016 06:10

    Sometime is wrong with the arp timeout or refeshing the dhcp table in this case jdhcp table

     

        dhcp-local-server {
                group JDHCP {
                    interface vlan.1;
                    interface vlan.2;
                    interface vlan.3;
                   
               }

    and 

    pool LAN3 {
        family inet {
            network 192.168.3.0/24;
            range wired {
                low 192.168.3.50;
                high 192.168.3.254;         
            }                               
            dhcp-attributes {               
                name-server {                        
                    8.8.8.8;                
                }                           
                router {                    
                    192.168.3.1;            
                }                           
                propagate-settings vlan.3;  
            }                               
            host maclaptop {                 
                hardware-address AA:BB:XX:XX:XX:XX;
                ip-address 192.168.3.20;    
            }                               
        }                                   
    }     

    after added "host maclaptop" to get internal static ip, the IP remains the same (192.168.3.50) only after I rebooted the SRX240 I get the IP 192.168.3.20, look like it doesn't refresh the ip after the commit 

    now another example if I remove the "host maclaptop" and I commit  the ip of the maclaptop remain 192.168.3.20 it doesn't get ip from the pool range 192.168.3.50-254 ,even after "renew DHCP lease" on mac or unplug and plug the cable from the laptop.

     

    run show arp 
    MAC Address       Address         Name                      Interface           Flags
    
    AA:BB:XX:XX:XX 192.168.3.15    192.168.3.15              vlan.3              permanent
    

    any idea ?



  • 10.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-27-2016 23:12

    This is a knwn behaviour of JDHCPD: https://kb.juniper.net/InfoCenter/index?page=content&id=KB28646

     

    Looks like you're trying to change IP before lease expires and arp will be permanent until then.

     

    I remember seing a place where you can disable this behaviour of JDHCPD but I cannot find the reference/documentation. Maybe someone else in here can confirm og deny this functionality being possible.



  • 11.  RE: services dhcp-local-server vs service dhcp and vlan

    Posted 09-28-2016 02:00

    yes you are right,

    for testing: I changed the maximum-lease-time 5second and then I unlplugged/wait/plugged again and the IP changed !

    or manually I can do this "clear dhcp server binding" , it also works 

     

    So both of the above solutions are working but  my point is , if you change configuration from this 

    host maclaptop {                 
                hardware-address AA:BB:XX:XX:XX:XX;
                ip-address 192.168.3.20;    
            }      

    to 

    host maclaptop {                 
                hardware-address AA:BB:XX:XX:XX:XX;
                ip-address 192.168.3.30;    
            }      

     then

    commit
    

     

     

    the Juniper I guess should clear the row of this IP automatically or probabily this is a normal behavior .