Routing

Expand all | Collapse all

PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

Jump to Best Answer
  • 1.  PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

    Posted 06-10-2020 22:31

    Hello,

     

    We have a setup where one set of DHCP servers deliver IP configuration to clients and another set of DHCP servers deliver the PXE options. This setup works only if we configure dhcp-relay without forward-only option. The issue is that this eats up licences and this is something we would like to avoid. We have tried the setup with forward-only-replies option as well. When I monitor traffic on the client switch port I see only the DHCP packets providing IP configuration.

     

     I've tried to go through documentation but I haven't found an explanation how the DHCP relay works with different configurations. The observed behaviour suggests that only the DHCP packets from the first responder are let through and others are dropped. I wish I could change this behaviour so that all DHCP packet would be allowed to flow through.

     

    Could anyone give me more details how the DHCP relay actually works with different configuration? The router is MX10003 and it's running Junos 18.2R3.4.

     

    Cheers, 

     

    Matti



  • 2.  RE: PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

    Posted 06-10-2020 22:44

    Hi Matti,

     

    The DHCP relay agent operates as the interface between DHCP clients and the server. The DHCP Relay Agent relays DHCP messages between DHCP clients and DHCP servers on different IP networks.

     

    A Juniper Networks device operating as a DHCP relay agent forwards incoming requests from BOOTP and DHCP clients to a specified BOOTP or DHCP server. Client requests can pass through a virtual private network (VPN) tunnels. You cannot configure a single device interface to operate as both a DHCP client and a DHCP relay.

     

    In a typical carrier edge network configuration, the DHCP client is on the subscriber’s computer, and the DHCP relay agent is configured on the router between the DHCP client and one or more DHCP servers.

     

    The below link has more details-

    https://www.juniper.net/documentation/en_US/junos/topics/topic-map/dhcp-relay-agent-security-devices.html

     

    In case you are looking for how DHCP works in a specific configuration, please elaborate so that we can provide you details.

     

    Hope this answers your query 🙂

     

    Please mark "Accepted Solution" if this helps you!

    Kudos are always appreciated! 



  • 3.  RE: PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

     
    Posted 06-10-2020 22:59

    Hello mjsaarin,

     

    Greetings!

     

    Please go through the below document for DHCP Configuration for PXE Environment

    https://kb.juniper.net/InfoCenter/index?page=content&id=KB16160&actp=METADATA

     

    This above KB holds good for MX as-well. 

     

    Preboot xEecution Environement (PXE) - is an environment to boot computers using a network interface independent of available data storage devices or installed operating systems.

    The term PXE client only refers to the role that the machine takes in the PXE boot process. A PXE client can be a server, desktop, laptop or any other machine that is equipped with PXE boot code

    The PXE protocol is approximately a combination of DHCP and TFTP.

    1) Configure a pool of IP addresses for DHCP clients on a subnet. When a client joins the network, the DHCP server dynamically allocates an IP address from this pool.

    2) Set the boot filename advertised to clients. The client uses the boot image stored in the boot file to complete configuration.

    3) Set the server that contains the boot file.

    4) Define the default and maximum lease times, in seconds.

    5) Specify the DNS server that maintains the database of client name to IP address mappings.

    6) Specify IP address for routers on the client’s subnetwork. Routers are listed in order of preference.

    7) Set the next-server statement which is used to specify the host address of the server from which the initial boot file is to be loaded, this address could be from tftp, or ftp or nfs or something else that the host will use. It is asumed that the client either knows what to do next, or that information is in the bootfile.
     

    To know more about the DHCP-Relay options, please follow the below documentation:

    https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/dhcp-relay-edit-forwarding-options.html

     

    I hope this helps. Please mark this post "Accept as solution" if this answers your query.

     

    Kudos are always appreciated! Smiley Happy

     

    Best Regards,

    Lingabasappa H


    #DHCP
    #PXE


  • 4.  RE: PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

    Posted 06-10-2020 23:06

    Hello Matti

     

     This might be largely because DHCP works on a broadcast principle. The clients are going to broadcast for the first DHCP server that answers with an acceptable offer, which they will take. If you have a mixture of local DHCP servers and relays, the local servers will respond faster and may not provide the configuration you want to deploy at best. At worst, you will have a mix of acceptable responses and a lot of potential for conflicting addresses. On any network segment where you're using DHCP relays, the local server needs to be disabled.

     

    With the additional helper, there's a semi-random chance that the DHCP request will be answered by the PXE server or the primary DHCP server. If it's answered by the first one, PXE works correctly. If it's answered by the second, PXE fails.



  • 5.  RE: PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

    Posted 06-10-2020 23:30

    Hi!

     

    Thanks for all the replies. It seems I need to learn to describe my issue better.

     

    None of the DHCP servers are local. All are listed under the same server group within the routing instance where the clients are. All the servers see the requests and send the replies. For some reason, the setup work only when there is no forward-only setting. The working setting is similar to the one below:

    me@r> show configuration routing-instances VRF-MY-VRF forwarding-options dhcp-relay
    relay-option-82 {
    circuit-id;
    }
    server-group {
    MY-DHCP-SERVERS {
    /* IP configuration server 1 */
    192.168.10.10;
    /* IP configuration server 2 */
    192.168.10.20;
    /* PXE configuration server 1 */
    192.168.200.10;
    /* PXE configuration server 2 */
    192.168.200.20;
    /* PXE configuration server 3 */
    192.168.200.30;
    }
    }
    route-suppression {
    destination;
    }
    group MY-DHCP-DEFAULT {
    active-server-group MY-DHCP-SERVERS;
    interface et-0/1/9.314;
    interface et-0/1/9.278;
    }
    no-snoop;



  • 6.  RE: PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

     
    Posted 06-10-2020 23:33

    Hi mjsaarin,

     

    Good day

     

    Please remove this part of the configuration and also remove the “forward-only” and then check if the dhcp relay works.

     

    When using forward-only, option-82 is a requirement.

     

    To avoid the option-82 requirement you would need to remove “forward-only”.

     

    We have 2 option, or without “forward-only” or with “forward-only” and “option-82”(like the configuration above, this is the reason why it works with "trusted; no-option82 " )

     

    DHCP packets forwarded with the forward-only statement do not consider other configurations except for the trust-option-82 option. The DHCP relay agent ignores all other configured options.

     

    The information can be found here:

     

    https://www.juniper.net/documentation/en_US/junos/topics/reference/configuration-statement/forward-only-edit-forwarding-options-default-action.html

     

    Please mark "Accepted Solution" if this helps.

     

    Kudos are always appreciated

     

    Thanks

    Suraj



  • 7.  RE: PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.

    Posted 06-11-2020 00:20

    Hi Suraj,

     

    Thanks for the clarification. I've still got difficulties in understandind why the replies from one set of DHCP servers are relayed but the replies from the other set appear to be dropped. I wish the relay could be configured as transparent as possible.

     

    Cheers,

     

    Matti



  • 8.  RE: PXE options not delivered to DHCP clients when dhcp-relay configured with forward-only.
    Best Answer

     
    Posted 06-11-2020 00:50

    HI mjsaarin,

     

    With “forward-only” MX maintains bindings for DHCP and doesn’t transmitor rely on DHCP Option 82 information.
    Without “forward-only” MX copies the incoming interface info into “DHCPDiscover Option 82” to know the interface where DHCP Discover was received.
    DHCP server should simply copy this info back in the “OFFER” packet.


    Following tech pub document briefly explains the above process with respect to bootp (legacy daemon) and the same is applicable to DHCP relay with “forward-only” also.
    https://www.juniper.net/documentation/en_US/junos/topics/usage-guidelines/policy-configuring-routers-or-interfaces-as-dhcp-and-bootp-relay-agents.html

     

    I’ve reviewed the data and verified that the MX is functioning as designed, exactly as KB30596 Explains the issue.

    Here is the article where we found this option to try (KB30596): https://kb.juniper.net/InfoCenter/index?page=content&id=KB30596

     

    Please mark "Accepted Solution" if this helps.

    Kudos are always appreciated

     

    Thanks

    Suraj