This chapter provides information about using DHCP, including theory, supported features and configuration process overview.
In a Triple Play network, client devices (such as a routed home gateway, a session initiation protocol (SIP) phone or a set-top box) use Dynamic Host Configuration Protocol (DHCP) to dynamically obtain their IP address and other network configuration information.
DHCP is defined and shaped by several RFCs and drafts in the IETF DHC working group including the following:
The DHCP operation is shown in Figure 14.
Since DHCP requests are broadcast packets that normally will not propagate outside of their IP subnet, a DHCP relay agent intercepts such requests and forwards them as unicast messages to a configured DHCP server.
When forwarding a DHCP message, the relay agent sets the giaddr (gateway IP address) in the packet to the IP address of its ingress interface. This allows DHCP clients to use a DHCP server on a remote network. From both a scalability and a security point of view, it is recommended that the DHCP relay agent is positioned as close as possible to the client terminals.
DHCP relay is used in a Layer 3 environment, and thus is only supported in IES services and VPRN services. VPRN is supported on the 7750 SR only.
When DHCP clients and servers are in different VPRN routing instances of which one is the Base routing instance, route leaking (GRT-leaking) should be used to relay DHCPv4 and DHCPv6 messages between a VRPN and the Global Routing Table (GRT).
While DHCP relay is not implemented in a VPLS, it is still possible to insert or modify Option 82 information.
In a Routed CO environment in the 7750 SR, the subscriber interface’s group interface DHCP relay is stateful.
In network deployments where DHCPv4 client subnets cannot be leaked in the DHCPv4 server routing instance, unicast renewal messages (DHCP ACKs) cannot be routed in the DHCPv4 server routing instance, as shown in Figure 15. The DHCP server sets the destination IP address of the DHCP ACK to the Client IP address (ciaddr) as received in the DHCP REQUEST message. Because there is no route available for the client subnet in the DHCP server routing instance, the DHCP ACK cannot be delivered.
The unicast renewal routing problem shown in Figure 15 can be solved with a relay proxy function that enhances the DHCPv4 relay. With the relay-proxy command in the DHCPv4 relay on a regular interface or group-interface, the unicast renewals are now also relayed to the DHCPv4 server, as described below and shown in Figure 16:
When relay-proxy is enabled, the gi-address can be configured to any local address that is configured in the same routing instance. The gi-address is the only address that must be leaked in the DHCPv4 server routing instance because a DHCPv4 server always sends the response on a relayed packet to the relay agent using the gi-address as the destination IP address.
By default, unicast DHCPv4 RELEASE messages are forwarded transparently by a relay proxy function. The optional release-update-src-ip flag updates the source IP address with the value that is used for all relayed DHCPv4 messages, as shown in Figure 16.
The relay-proxy command can also be used to hide the DHCPv4 server address for DHCP clients. This prevents the client from learning the DHCPv4 server infrastructure details such as the IP address and number of servers. Hiding infrastructure details helps in Denial of Service (DoS) prevention.
The optional siaddr-override ip-address parameter in relay-proxy enables DHCPv4 server IP address hiding towards the client. The client interacts with the relay proxy as if it is the DHCP server. In addition to the relay proxy functions as described earlier, the following actions are performed when DHCPv4 server IP address hiding is configured:
The siaddr-override ip-address parameter can be any local address in the same routing instance. If DHCP relay lease split is enabled, siaddr-override ip-address has priority over the emulated-server ip-address configured in the proxy-server and will be used as the source IP address.
The active DHCPv4 server IP address obtained from the DHCP OFFER selection is required for the IP address hiding function and is stored in the lease state record. Therefore lease-populate must be enabled on the interface when siaddr-override ip-address is configured.
Figure 17 shows the initial lease binding phase of a relay proxy with DHCP server address hiding enabled. In the absence of a DHCP lease state in the initial lease binding phase, the DHCP server IP address resulting from the OFFER selection is stored in a DHCP transaction cache. After successful lease binding, the DHCP server IP address is added to the lease state record.
In a host creation failure scenario, if no transaction cache or lease state is available when a DHCP REQUEST message is received, then the DHCP REQUEST is silently dropped. The drop reason can be found by enabling DHCP debug.
Figure 18 shows the lease renewal phase of a relay proxy with DHCP server address hiding enabled. A unicast REQUEST (renew) is relayed only to the DHCP server owning the lease. A broadcast REQUEST (rebind) is relayed to all configured DHCP servers.
During lease renewal, the DHCP server IP address can be updated in the lease state if the DHCP ACK is received from a different server. This optimizes the DHCP proxy relay operation in a DHCP server failover scenario. This is shown in Figure 19.
Figure 20 shows the release in a relay proxy scenario with DHCP server address hiding enabled. The RELEASE message is sent only to the DHCP server owning the lease. Optionally, the source IP address can be updated.
Relay proxy can be enabled on subscriber group-interfaces and regular interfaces in an IES or VPRN service.
For retail subscriber interfaces, relay-proxy is configured at the subscriber-interface dhcp CLI context, as shown in the example that follows.
A relay proxy function is not supported in combination with a double DHCPv4 relay (Layer 3 DHCPv4 relay in front of a 7750 DHCPv4 relay with relay-proxy enabled).
Configuration example
Option 82, or the relay information option is specified in RFC 3046, DHCP Relay Agent Information Option, and allows the router to append some information to the DHCP request that identifies where the original DHCP request came from.
There are two sub-options under Option 82:
Both sub-options are supported and can be used separately or together.
Inserting Option 82 information is supported independently of DHCP relay. However in a VPLS (when DHCP Relay is not configured), DHCP snooping must be enabled on the SAP to be able to insert Option 82 information.
When the circuit id sub-option field is inserted, it can take following values:
For VPRN, the ifindex is unique only within a VRF. The DHCP relay function automatically prepends the VRF ID to the ifindex before relaying a DHCP Request. VPRN is supported on the 7750 SR only.
When a DHCP packet is received with Option 82 information already present, the system can do one of three things. The available actions are:
In accordance with the RFC, the default behavior is to keep the existing information; except if the giaddr of the packet received is identical to a local IP address on the router, then the packet is dropped and an error incremented regardless of the configured action.
The maximum packet size for a DHCP relay packet is 1500 bytes. If adding the Option 82 information would cause the packet to exceed this size, the DHCP client packet will be discarded. This packet size limitation exists to ensure that there will be no fragmentation on the end Ethernet segment where the DHCP server attaches.
In the downstream direction, the inserted Option 82 information should not be passed back towards the client (as per RFC 3046, DHCP Relay Agent Information Option). To enable downstream stripping of the option 82 field, DHCP snooping should be enabled on the SDP or SAP connected to the DHCP server.
There is a case where the relay agent could receive a request where the downstream node added Option 82 information without also adding a giaddr (giaddr of 0). In this case the default behavior is for the router to drop the DHCP request. This behavior is in line with the RFC.
The trusted command is supported which allows the router to forward the DHCP request even if it receives one with a giaddr of 0 and Option 82 information attached. This could occur with older access equipment. In this case the relay agent would modify the request’s giaddr to be equal to the ingress interface. This only makes sense when the action in the information option is keep, and the service is IES or VPRN. In the case where the Option 82 information gets replaced by the relay agent, either through explicit configuration or the VPLS DHCP Relay case, the original Option 82 information is lost, and the reason for enabling the trusted option is lost.
This section discusses the Nokia routers acting as a Broadband Subscriber Aggregator (BSA) with Layer 2 aggregation towards a Broadband Subscriber Router (BSR).
A typical initial DHCP scenario is shown in Figure 21.
But, when the client already knows its IP address, it can skip the discover, as shown in Figure 22.
The BSA can copy packets designated to the standard UDP port for DHCP (port 67) to its control plane for inspection, this process is called DHCP snooping.
DHCP snooping can be performed in two directions:
The DHCP lease state table has a central role in the BSA operation (Figure 23). For each SAP on each service it maintains the identities of the hosts that are allowed network access.
When the command lease-populate is enabled on a SAP, the DHCP lease state table is populated by snooping DHCP ACK messages on that SAP, as described in the DHCP Snooping section.
Entries in the DHCP lease state table remain valid for the duration of the IP address lease. When a lease is renewed, the expiry time is updated. If the lease expires and is not renewed, the entry is removed from the DHCP lease state table.
For VPLS, DHCP snooping must be explicitly enabled (using the snoop command) on the SAP and/or SDP where DHCP messages requiring snooping ingress the VPLS instance. For IES interfaces and VPRN IP interfaces (VPRN is supported on the 7750 SR only), using the lease-populate command also enables DHCP snooping for the subnets defined under the IP interface. Lease state information is extracted from snooped or relayed DHCP ACK messages to populate DHCP lease state table entries for the SAP or IP interface.
For IES and VPRN services, if ARP populate is configured, no statics ARPs are allowed. For IES and VPRN services, if ARP populate is not configured, then statics ARPs are allowed.
The retained DHCP lease state information representing dynamic hosts can be used in a variety of ways:
Note that if the system is unable to execute any of these tasks, the DHCP ACK message is discarded without adding a new lease state entry or updating an existing lease state entry; and an alarm is generated.
The default mode of operation for DHCP snooping is that the DHCP snooping agent instantiates a DHCP lease state based on information in the DHCP packet, the client IP address and the client hardware address.
The mode of operation can be changed for DHCP snooping so that the Layer 2 header MAC address is used instead of the client hardware address from the DHCP packet for the DHCP lease state instantiation. This mode is selected by enabling l2-header in the lease-populate configuration command at the DHCP level. Because SR-Series routers do not have the ability to verify the DHCP information (both the src-ip and src-mac of the packet will be those of the previous relay point) anti-spoofing must be performed at the access node prior to the SR-Series routers. This mode provides compatibility with MAC concentrator devices, and cable modem termination system (CMTS) and WiiMAX Access Controller (WAC).
A configuration example of a cable/wireless network together with subscriber management is shown in Figure 24. The subnet used to connect to the CMTS/WAC must be defined as a subnet in the subscriber interface of the Layer 3 CO model under which the hosts will be defined. This means that all subscriber lease states instantiated on BSR must be from a “local” subscriber-subnet, even if those are behind the router, as there will be no additional layer 3 route installed pointing to them.
The important items to notice are static hosts at the subscriber interface side:
When dual-homing is used the CMTS/WAC may be configured with the same MAC for both upstream interfaces. If that is not possible the BSR can be configured with an optional MAC address. The BSR will then use the configured MAC address when instantiating the DHCP lease states.
Similar to DHCPv4, the subscriber interface SAP must be on the data path between the subscriber host and the DHCPv6 server. The SAP snoops the DHCPv6 message exchanged between the server and the client. An ESM host is created upon snooping a “reply” message from the DHCPv6 server.
DHCPv6 messages differ from a DHCPv4 messages because it is not mandatory to have the client MAC inside the header or options. The DUID in the DHCPv6 option can be a random generated number instead of the subscriber host’s MAC. The source MAC of the DHCPv6 Ethernet header cannot be used either, because a Layer 3 aggregation network will replace the client’s MAC via routing. From the perspective of the BNG, all DHCPv6 message from the same downstream router will have the same source MAC. By default, the BNG utilizes the DHCPv6 Ethernet header source MAC as a host entry identifier. Therefore, it is mandatory to use the interface-id in addition to the source MAC to identify a host individually. If the interface-id is unavailable, it is possible to use python to copy another unique ID, such as DUID or remote-id, into the interface id. The interface-id option must be on the same level as the relay-forward header. Together, the interface-id and the DHCP relay MAC address will be used as an identifier internally in the BNG.
If the interface-id option is on the subscriber native DHCP message (such as solicit), it is simply ignored.
The downstream router must resolve the BNG MAC before it is able to route traffic to the BNG. Traditionally, a BNG sends router advertisement to directly connected hosts to help them resolve their default gateway and MAC address. However, routers differ from hosts and neighbor advertisements are used to resolve the neighbor’s MAC instead. The downstream router has two options when programming the BNG as the next hop. It can either use the BNG subscriber interface link-local address or the subscriber interface GUA address. If an IPv6 prefix was configured on the BNG subscriber interface, then the downstream router must use the BNG link local as the next hop. If the subscriber interface is configured as an IPv6 address, then the downstream router can configure the GUA or the link-local as the next hop. In order to forward traffic bidirectionally, the downstream router interface MUST be modeled as a static host with both IP and MAC. IP-only static host is not supported.
The DHCP relay agent use one of its interface as a IP source address in the DHCP relay-forward message. The BNG forwards a DHCP relay-reply message from the DHCP server back to the relay agent using that exact same source IP address. There are restrictions for the IP source address used by the DHCP relay agent and it depends if the relay agent is a few hops way or is directly connected to the BNG. In the case where relay agent is a few hops away, the source address used by the relay agent must not fall under the subnet or prefix range configured on the subscriber interface. For example, the loopback or the egress interface address of the DHCP relay agent can be used instead. To forward the DHCP6 relay-forward message back to the relay agent, simply add a static route for the relay agent source IP address. The static route will have the static IPv6 host as the next hop. In the case where the relay agent is directly connected to the BNG, there are two options. In the first option, the IPv6 static host configured on the BNG is actually an interface on the relay agent. If the relay agent use this as the relay-forward source address, no additional configuration is required on the BNG to forward relay-reply back to the relay-agent. The other option is to use an interface address on the relay agent which does not fall under the subnet or prefix under the subscriber interface. Similar to the scenario where the relay-agent is a few hops away, a static route is required to forward the DHCP relay-reply message back to the relay agent. Again the static route must use the IPv6 static host as the next hop.
A default host is supported for IPv6 host as well. It is generally used as a failover mechanism where the host can continue to forward traffic without a host entry on the backup BNG.
For IPv6 ESM host, it is mandatory that each host have a unique /64 prefix. Service providers who wish to share the /64 prefix among multiple WAN host can utilize the DHCPv6 filter bypass-host-creation na” option. All bypass hosts in general require a default host creation as well.
While ESM hosts are subject to QoS and filters rules specified in sub-profile and sla-profile, default-host follows the QoS and filters specified directly on the subscriber SAP.
DHCP6 filters perform actions based on the options inside the relay-forward DHCP message. The options must be set on the innermost level, such as, DHCP solicit. The filter will ignore options set on relay-forward levels.
ESMv6 host created via DHCP snooping is not supported with the following:
The local-dhcp-server functions only if there is a relay (gateway) in front of it. Either a GI address is needed to find a subnet or Option 82, which is inserted by the relay, to perform authentication in the local-user-db.
A local DHCP server functions only if there is a relay agent (gateway) in front of it. The local DHCP server must be configured to assign addresses in one of the following ways:
When both options are configured and a pool name is specified in the DHCP client message options, then the use-pool-from-client option has precedence over the use-gi-address option.
Note: Note: The local DHCP server will not allocate any address if none of the above options are configured (no user-db, no use-gi-address, no use-pool-from-client). |
Options and identification strings can be defined on several levels. In principle, these options are copied into the DHCP reply, but if the same option is defined several times, the following precedence is taken:
A local DHCP server must be bound to a specified interface by referencing the server from that interface. The DHCP server will then be addressable by the IP address of that interface. A normal interface or a loopback interface can be used.
A DHCP client is defined by the MAC address and the circuit-id. This implies that for a certain combination of MAC and circuit-id, only one IP-address can be returned. If you ask 1 more, you get same address again. The same address will be returned if a re-request is made.
Typically, the DHCP server can be configured to perform as follows:
Note: When the no use-gi, no use-pool-from-client and no user-db commands are specified, the DHCP server does not act. |
Three applications are targeted for the local DHCP server:
DHCP server scenarios include:
DHCP servers are configurable and can be used in the bridged CO, routed CO, VPRN wholesaler, and dual-homing models.
In the stateful auto-configuration model, hosts obtain interface addresses and/or configuration information and parameters from a server. Servers maintain a database that keeps track of which addresses have been assigned to which hosts. The stateful auto-configuration protocol allows hosts to obtain addresses, other configuration information or both from a server.
When the server unicast option is present in a DHCP message from the server, the option is stripped from the message before sending to the clients.
The prefix delegation options described in RFC 3633, IPv6 Prefix Options for Dynamic Host Configuration Protocol (DHCP) version 6, provide a mechanism for automated delegation of IPv6 prefixes using DHCP. This mechanism is intended for delegating a long-lived prefix from a delegating router to a requesting router, across an administrative boundary, where the delegating router does not require knowledge about the topology of the links in the network to which the prefixes will be assigned. For example, the delegating router can get a /48 prefix via DHCPv6 and assign /64 prefixes to multiple requesting routers. Prefix delegation is supported for the delegating router (not the requesting router).
This is similar to ARP populate for IPv4. When it is turned on, an SR OS needs to populate the link-layer address to IPv6 address mapping into the neighbor database based on the DHCPv6 lease information received.
If the IPv6 address of the host doesn’t belong to the subnets of the interface, such a neighbor record should not be created. This could happen when there is a downstream DHCPv6 relay router or prefix delegation requesting router.
DHCPv6 lease persistency is supported.
The following features are enabled:
Local proxy neighbor discovery is similar to local proxy ARP. It is useful in the residential bridging environment where end users are not allowed to talk to each other directly.
When local proxy ND is turned on for an interface, the router:
This feature adds support for dual-stack IPoE hosts behind bridged clients, receiving globally-routable address using SLAAC or DHCPv6. The feature also provides configurable support for handing out /128 addresses to bridged hosts from same /64 prefix or a unique /64 prefix per host. Bridged hosts that share the same /64 prefix are required to be all SLAAC hosts or DHCPv6 hosts, and are required to be associated with the same SAP. For SLAAC based assignment, downstream neighbor-discovery is automatically enabled to resolve the assigned address.
This feature provides the capability to select prefix pools for WAN or PD allocations based on configured Link-Address. The scope of selection is the pool or a prefix range within the pool.
This feature extends lease identification criterion beyond DUID (default) for DHCPv6 leases held in the lease database for a configured period after the lease times out. DHCPv6 leases can be held in the lease database for a configurable period of time, after the lease time has expired. A large configured timeout value allows for address and prefix “stickiness”. When a subscriber requests a lease via DHCPv6 (IA_NA or PD), existing lease is looked-up and handed out. The lease identification match criterion has been extended beyond DUID to also include interface-id or interface-id and link-local address.
In case of dual-stack Layer 3 RGs or dual-stack hosts behind Layer 2 CPEs, it is beneficial to have the ability to optionally link Ipv6oE host management to DHCP state for v4. This feature provides configurable support to use circuit-id in DHCPv4 option-82 to authenticate DHCPv6. Also, a SLAAC host is created based on DHCPv4 authentication if RADIUS returns IPv6 framed-prefix. IPv6oE host is deleted when the linked IPv4oE host is deleted. In addition, with v4 and v6 linkage configured, sending of unsolicited unicast RA towards the client can be configured when v4 host state is created and IPv6 is configured for the client. The linkage between IPv4 and IPv6 is based on SAP and MAC address. The sharing of circuit-id from DHCPv4 for authentication of DHCPv6 (or SLAAC) allows the SR series router to work around lack of support for LDRA on Access-nodes.
This feature provides support to perform SHCV checks on the global unicast address (assigned via SLAAC or DHCPv6 IA_NA) and link-local address of a L3 RG or a bridged host. SHCV uses IPv6 NS and NA messages. The configuration is similar to IPv4 support in SHCV. The host-connectivity-check command is extended to be configured for IPv6 or both IPv4 and IPv6.
A DHCPv6-relay user-db can be configured on an IES or VPRN IP interface. This allows the insertion of a to-client and to-server option on the client's DHCPv6 message. The VPRN or IES IP interface must be the first relay agent for the subscriber. The interface must also have lease-populate enabled. The interface can store up to eight leases per DHCPv6 (relay) reply. If the interface contains both RADIUS and user-db, RADIUS will always take precedence. The to-client and to-server option will be inserted in the inner most level of the DHCPv6 packet.ESM IPoE subscriber can also utilize the user-db to insert to-server option. IPoE ESM subscribers are not limited to only to-client and to-server option, and can utilize all other parameters configurable under config>subscr-mgmt>loc-user-db>ipoe>host> in LUDB.
Host identification plays a critical role during the assignment of the parameters to the host via LUDB. The parameters that can be assigned to the subscriber host can range from the IP addressing parameters and the subscriber identification string all the way to the parameters that define the service to which the subscriber is entitled.
LUDB access in the context of IPoE hosts is triggered by DHCP messages passing through the interface on which the LUDB access is configured. This is true regardless of the direction of the DHCP message flow (ingress/egress).
The parameters that define the characteristics of the host will be represented by an LUDB host entry. The parameters in the LUDB entry can be unique for each individual host, or they can be shared for a group of hosts. In the former case, the identification field for the LUDB host entry must be host specific while in the latter case the identification field for LUDB host entry could be derived from DHCP options that are common to a set of host.
The host identification in the LUDB can be based on a fixed set of predefined fields within the 7750 SR and 7450 ESS. If this predefined set of fields is not flexible enough, a custom identification field can be constructed from the DHCP options that are processed by the Python script. Once this custom identifier is constructed, its value can be preserved for the duration of the DHCP transaction and it is used by the LUDB for the host identification.
An example of how this can be used is the following:
A Python script is installed in 7750 SR and 7450 ESS. This Python script will intercept incoming DHCP messages on the access side (Discover/Solicit/Request/Renew/Rebind) and it will consequently create a host identification string based on DHCP options in the packet. This string will then be cached and used for host identification in LUDB in both directions (access ingress and network ingress).
This functionality is supported for DHCPv4/DHCPv6 hosts.
Subscriber host identification via LUDB is performed upon the arrival of the incoming DHCP messages on both, the access and the network side, while the host instantiation and ESM string assignment is performed only during the processing of the DHCP ACK/Reply messages. In other words, if Python without the caching is used for subscriber host identification and classification (into proper service class by means of deriving ESM strings), the DHCP options required for host identification must be present in all DHCP messages – even the ones sent by the DHCP servers. However, DHCP servers are not required to echo DHCP options sent by the clients and relay-agents. Consequently, the missing options from the server side would cause the subscriber host instantiation to fail.
To remedy this situation and cover all deployments models (even the ones where the DHCP options are not echoed back by the DHCP servers), a caching mechanism is introduced whereby the results of the Python processing on ingress access are locally stored in 7750 SR and 7450 ESS. This will ensure that the information about the subscriber host is readily available when the DHCP packet from the DHCP server arrives. Furthermore, since we already have the cached information, no additional Python processing on the network ingress is needed.
The caching is performed in a DHCP Transaction Cache (DTC), which is accessible to Python and to the ESM module. Python will write the result of its processing to it and the Enhanced Subscriber Management (ESM) module within 7750 SR and 7450 ESS will be able to access those results.
The cache entries are relatively short lived, with the lifetime of a DHCP transaction. DHCP transaction is defined as a pair of DHCP messages that have the same DHCP transaction-id number (<Discover, Offer>, <Request, Ack>, <Solicit, Advertize>,<Request,Reply>, <Renew, Ack>, etc).
One of the facilities for flexible creation and assignment of subscriber host parameters is through Python scripting.
There are two models that allow assignment of the subscriber hosts parameters based on the Python processing, one without the utilizing the internal cache (DTC) and the other with the internal cache (DTC).
Parameters (ESM strings, IP addresses, and so on) present in the DTC will have priority over any other source that is providing overlapping parameters when it comes to ESM processing. In other words, if the same parameter is provided via DTC (Python), LUDB and RADIUS, the one provided via DTC will be in effect. This prioritization will occur automatically without the need for any additional CLI.
For example, if the IPv4 address is provided via DTC during DHCP Discovery processing, then the mode of operation for this host will be proxy-to-dhcp (ESM will terminate DHCP, without going to the server), regardless of whether the IP address is also provided via LUDB or RADIUS.
This functionality is supported for DHCPv4/DHCPv6 hosts.
The following are the Python variables and APIs related to DTC:
Subscriber Host Identification
alc.dtc.derivedId — A read/write (from the Python perspective) string to store the LUDB lookup key for subscriber host identification. This key is derived from the contents of the packet. This string will be used as a match criteria in LUDB. The derived-id can only be used when the lookup is performed in ESM. If the LUDB is attached to the local DHCP server, then the lookup based on the derived-id cannot be performed as the DHCP server has no means to derive such an ID from the DHCP message.
Caching Any Data During the Lifetime of a Transaction
alc.dtc.store(key,value) => the operator can store any data he desires in one or more entries. The key can be any arbitrary string (printable ASCII characters), up to 32 bytes in length. The value part is ‘unlimited’ (memory permitting) in size.
alc.dtc.retrieve(key) => retrieve data from the DTC. The key must be an existing key, which is a string consisting of printable ASCII characters, up to 32 bytes in length.
For example, this can be used to cache the DHCP options that the client inserts but the server does not echo back. Those options can still be retrieved in 7750 SR and 7450 ESS via cache in case that their presence is needed for any reason.
The lifespan of the cached data is tied to a DHCP transaction (a pair or corresponding DHCP messages flowing in opposite direction).
ESM Related Parameters (ESM strings, routing context)
DTC provides an API to supply a subset of configuration parameters that can otherwise come from RADIUS and LUDB and are used by the ESM code to setup the subscriber host.
DTC parameters as defined below should NOT be considered as DHCP options that can be blindly returned to the DHCP client, but instead they should be considered as real configuration settings. For example, the lease-time option is used in LUDB to enforce the lease time for the client. As such, the ESM keeps state of the lease-time. The following parameters can be used to setup a subscriber host:
alc.dtc.setESM (key-from-below, value) => store data that is used by ESM. This data is write-only.
The keys will be predefined (only these can be used) and are described in Table 42. These keys are read-only static variables.
The LUDB column indicates the configuration option under the config>subscr-mgmt>loc-user-db>ipoe>host context in LUDB.
DTC Variable | Type | LUDB | RADIUS Attribute | Comment |
alc.dtc.subIdent | string | identification-strings >subscriber-id | Alc-Subsc-ID-Str | |
alc.dtc.subProfileString | string | identification-strings >sub-profile-string | Alc-Subsc-Prof-Str | |
alc.dtc.slaProfileString | string | identification-strings >sla-profile-string | Alc-SLA-Prof-Str | |
alc.dtc.ancpString | string | identification-strings >ancp-string | Alc-ANCP-Str | |
alc.dtc.appProfileString | string | identification-strings >app-profile-string | Alc-App-Prof-Str | |
alc.dtc.intDestId | string | identification-strings >inter-dest-id | Alc-Int-Dest-Id-Str | |
alc.dtc.catMapString | string | identification-strings >category-map-name | Alc-Credit-Control- CategoryMap | |
alc.dtc.ipAddress | string | address | Framed-IPAddress | |
alc.dtc.defGw | string | options>default-router | Alc-Default- Router | |
alc.dtc.subnetMask | string | address | Framed-IPNetmask | |
alc.dtc.ipv4LeaseTime | integer | options>lease-time | Alc-Lease-Time | |
alc.dtc.ipv4PrimDns | string | options>dns-server | Alc-Primary-Dns Client-DNS-Pri | |
alc.dtc.ipv4SecDns | string | NA | Alc-Secondary- Dns Client-DNS-Sec | |
alc.dtc.primNbns | string | options>netbios-name-server | Alc-Primary-Nbns RB-Client-NBNSPri | |
alc.dtc.secNbns | string | NA | Alc-Secondary- Nbns RB-Client-NBNSSec | |
alc.dtc.msapGroupInterface | string | msap-defaults>group-interface | Alc-MSAP-Interface | |
alc.dtc.msapPolicy | string, integer | msap-defaults>policy | Alc-MSAP-Policy | |
alc.ServiceId | string, integer | msap-defaults>service | Alc-MSAP-Serv-Id | |
alc.dtc.retailServiceId | string | Retail-service-id | Alc-Retail-Serv-Id | |
alc.dtc.ipv6Address | string | ipv6-address | Alc-Ipv6-Address | |
alc.dtc.ipv6DelegatedPrefix | string | ipv6-delegated-prefix | Delegated-IPv6- Prefix | |
alc.dtc.ipv6SlaacPrefix | string | ipv6-slaac-prefix | Framed-IPv6- Prefix | |
alc.dtc.ipv6WanPool | string | ipv6-slaac-prefix-pool | Framed-IPv6-Pool | |
alc.dtc.ipv6PrefixPool | string | ipv6-delegated-prefix-pool | Alc-Delegated- IPv6-Pool | |
alc.dtc.ipv6DelegatedPrefixLength | integer | ipv6-delegated-prefix-len | Alc-Delegated- IPv6-Prefix- Length | |
alc.dtc.accountingPolicy | string | acct-policy | N/A | |
alc.dtc.dhcpv4GIAddr | string | gi-address | N/A | |
alc.dtc.dhcv4ServerAddress | string | server | N/A | |
alc.dtc.dhcp4Pool | string | address>pool | Framed-Pool Ip-Address-Pool- Name | prim | sec (“|” – delimiter) |
alc.dtc.linkAddress | string | link-address | N/A | |
alc.dtc.dhcv6ServerAddr | string | server6 | N/A | |
alc.dtc.setDhcpv6LinkAddr | string | link-address | N/A | This API applies only to regular numbered/unnumbered IPv6 interfaces (no ESM) |
alc.dtc.setDhcpv6ServerAddr | string | server6 | N/A | This API applies only to regular numbered/unnumbered IPv6 interfaces (no ESM) |
alc.dtc.ipv6PrimDns | string | options6>dns-server | Alc-Ipv6-Primary- Dns | |
alc.dtc.ipv6SecDns | string | NA | Alc-Ipv6- Secondary-Dns | |
alc.dtc.dhcpv6PreferredLifetime | integer | ipv6-lease-times>preferred-lifetime | Alc-v6-Preferred-Lifetime | |
alc.dtc.dhcpv6RebindTimer | integer | ipv6-lease-times>rebind-timer | Alc-Dhcp6-Rebind-Time | |
alc.dtc.dhcpv6RenewTimer | integer | ipv6-lease-times>renew-timer | Alc-Dhcp6-Renew-Time | |
alc.dtc.dhcpv6ValidLifetime | integer | ipv6-lease-times>valid-lifetime | Alc-v6-Valid-Lifetime |
For example, an IP address is assigned to a DTC variable as a string:
alc.dtc.ipAddress = 192.168.0.10 — This is performed through the following ALU API: alc.dtc.setESM(alc.dtc.ipAddress, 192.168.0.10). The DTC logic then parses this variable and converts it into appropriate format for consumption by ESM code.
The values defined above are the ones that are mostly defined in the LUDB. Main use, however, is assigning ESM strings for the subscriber host instantiation phase during the processing of DHCP ACK/Reply messages. Consequently the Python script needs to be run only on DHCP Request messages (no need to run it on Discoveries for ESM string assignment, unless the LUDB derived ID is also needed).
DHCP options that are blindly returned to the DHCP client without the ESM code being aware of them cannot be configured via DTC. Such options should be configured via RADIUS (Alc-ToCLient-Dhcp-Options – IPv4 only) or they can be inserted directly into DHCP messages via Python (bypassing DTC).
Other possible uses for DTC variables are:
DTC debugging is part of the generic DHCP debugging facility that is enabled by the flowing commands:
If the DTC cache is populated via Python, the corresponding DTC entries will be shown as part of the matching DHCP message debug.
The virtual-subnet command in the sub-if>dhcp context allows the system to snoop and record the default router address in DHCP ACK messages for a DHCPv4 ESM host. The system can answer ping or traceroute request even if the default router address is not configured on the subscriber-interface.
This feature eliminates the need to configure every default-gw address on subscriber interface. Beside default router address, the system will also calculate host’s subnet by using an assigned address and the subnet mask option in ACK. Both recorded default router address and the subnet can be displayed with the show service id virtual-subnet command.
Every ESM subscriber only has one set of default router address and subnet.
Address reservation for sticky leases adds support in local DHCP servers to provide IP address reservation for the assignment of sticky leases. These leases are pre-provisioned in the server (via SNMP or CLI) with a given set of user-identification parameters. This set of parameters must be unique for each pool to avoid duplicate leases. For management purposes, these leases also have an additional hostname parameter to easily retrieve them via SNMP. When a sticky lease is created, the corresponding requested IP address is allocated from the specified pool and this address afterwards can only be used by DHCP if they match the specified user identification parameters. It is not possible to make an existing DHCP lease sticky.
Sticky leases are persistent but not synchronized in multi-chassis synchronization. To support multi-chassis redundancy, a management system can allocate the lease on one 7750 SR, immediately retrieve the lease and populate it again on the redundant router. For this to work sticky leases should not be combined with any other allocation method (for example, regular DHCP leases, or Local Address Assignment because these methods can already allocate the address on the standby node).
This feature targets two scenarios:
This section describes the implementation of a proxy DHCP server capability provide a standards- based DHCP server which will front end to downstream DHCP client and DHCP relay enabled devices and interface with RADIUS to authenticate the IP host and subscriber and will obtain the IP configuration information for DHCP client devices.
The proxy DHCP server is located between an upstream DHCP server and downstream DHCP clients and relay agents when RADIUS is not used to provide client IP information.
Service providers can introduce DHCP into their networks without the need to change back-end subscriber management systems that are typically based around RADIUS (AAA). Service providers can support the use of DHCP servers and RADIUS AAA servers concurrently to provide IP information for subscriber IP devices (Figure 25).
DHCP is the predominant client-to-server based protocol used to request IP addressing and necessary information to allow an IP host device to connect to the network.
By implementing DHCP, the complexity of manually configuring every IP device that requires connectivity to the network is avoided. IP devices with DHCP can dynamically request the appropriate IP information to enable network access.
DHCP defines three components that are implemented in a variety of device types:
DHCP is the predominant address management protocol in the enterprise community, however in the provider market PPP has traditionally been the means by which individual subscribers are identified, authenticated and provided IP addressing information.
The use of DHCP in the provider market is a growing trend for managing subscriber IP addressing, as well as supporting newer devices such as IP-enabled IP phones and set-top boxes. The majority of subscriber management systems rely heavily on RADIUS (RFC 2865, Remote Authentication Dial In User Service (RADIUS)) as the means for identifying and authorizing individual subscribers (and devices), deciding whether they will be allowed access to the network, and which policies should be put in place to control what the subscriber can do within network.
The proxy DHCP server capability enables the deployment of DHCP into a provider network, by acting as a proxy between the downstream DHCP devices and the upstream RADIUS based subscriber management system.
Figure 26 shows a typical DHCP initial boot-up sequence with the addition of RADIUS authentication. The proxy DHCP server will interface with downstream DHCP client devices and then authenticate upstream using RADIUS to a providers subscriber management system.
In addition to granting the authentication of DHCP hosts, the RADIUS server can include RADIUS attributes (standard and vendor-specific attributes (VSAs)) which are then used by the edge router to:
This feature offers the ability for a customer to integrate DHCP to the subscriber while maintaining their existing subscriber management system typically based around RADIUS. This provides the opportunity to control shifts to an all DHCP environment or to deploy a mixed DHCP and RADIUS subscriber management system.
In order to maximize its applicability VSAs of legacy BRAS vendors can be accepted so that a network provider is not forced to reconfigure its RADIUS databases (or at least with minimal changes).
To receive data from the RADIUS server the following are supported:
The following attributes can be sent to RADIUS:
The complete list of Nokia VSAs is available on a file included on the compact flash shipped with the image.
7750 SR and 7450 ESS DHCP server multi-homing ensures continuity of the IP address and prefix assignment and renewal processes when an entire 7750 SR and 7450 ESS DHCP server fails or in case of a failure of the active link that connects clients to one of the 7750 SR and 7450 ESS DHCP servers in the access part of the network. DHCP server multi-homing is an integral part of the overall subscriber management multi-chassis protection scheme.
Although the subscriber synchronization process and the DHCP lease states synchronization process use the same synchronization infrastructure within 7750 SR and 7450 ESS (Multi Chassis Redundancy protocol), they are in essence two separate processes that are not aware of each other. As such, the mechanisms that drive their switchover are different. For example, the mechanism that drives subscriber switchover from one node to the other is driven by the access protection mechanism (SRRP/MC-LAG) while the switchover (or takeover) of the IP address-range/prefixes in a DHCP pool is driven by the state of the intercommunication link over which the leases are synchronized. The failure of an entire node makes those differences irrelevant since the access-link failure coincides with the intercommunication link failure and vice versa. However, link-only failures become critical when it comes to their interpretation by the protection mechanisms (SRRP/MC-LAG/DHCP server multi-homing). Regardless of nature of the failure, overall DHCP server multi-chassis protection scheme must be devised in such fashion that the two 7750 SR and 7450 ESS DHCP servers never allocate the same IP address/prefix to two different clients. Otherwise IP address/prefix duplication will ensue. Unique IP address/prefix allocation is achieved by making only one 7750 SR and 7450 ESS DHCP server responsible for IP address/prefix delegation out of the shared IP address-range/prefix.
There are two basic models for DHCP server dual-homing:
Consider the following when contemplating deployment of the two described models:
DHCP server leases are synchronized over Multi-Chassis Synchronization (MCS) protocol. A DHCP lease synchronization message is sent to the peering node just before the DHCP ACK/Reply is sent to the client.
For example, the message flow for DHCPv4 lease establishment is the following:
DHCP Discover | ; DHCP client — DHCP server |
DHCP Offer | ; DHCP server — DHCP client |
DHCP Request | ; DHCP client — DHCP server |
DHCP Sync Message | ; DHCP server — via MCS to the peering DHCP server |
DHCP Ack | ; DHCP server— DHCP client |
DHCP server failover mechanism in the local-remote IP address-range/prefix model relies on the detection of the failure of the link over which DHCP states are synchronized (via MCS protocol). This link is normally disjoint from the access links towards the clients. MCS protocol normally runs over a direct link between the two redundant nodes (1) or over backbone links (2) in case that the direct link is not present. This is shown in Figure 27.
In the access-driven IP address-range/prefix model, the DHCP server address-ranges/prefixes are not tied to the state of the intercommunication link. Instead, the DHCP server selection for IP address assignment is only governed by the path selected by the path protection mechanism (SRRP/MC-LAG) deployed in the access part of the network.
7750 SR and 7450 ESS DHCP server is a client of Multi-chassis Synchronization (MCS) application with 7750 SR and 7450 ESS. Once MCS transitions into out-of-sync state, the 7750 DHCP server redundancy assumes that there is a failure in the network. In essence, the DHCP server failure in dual-chassis configuration relies on the failure detection mechanism of MCS.
MCS runs over TCP, port 45067 and it is using either data traffic or keepalives to detect failure on the communication link between the two nodes. In the absence of any MCS data traffic for more than 0.5 seconds, MCS will send its own keepalive to the peer. If a reply is not received within 3 seconds, MCS will declare its operational state as DOWN and the DB Sync state as out-of-sync. MCS will consequently notify its clients (DHCP Server being one of them) of this condition.
MCS Clients (applications) can optimally send their own proprietary keepalive messages to its partner over MCS to detect failure. DHCP Server does not utilize this method and it strictly relies on the failure notifications by MCS.
Note that the intercommunication link failure does not necessarily assume the same failed fate for the access links. In other words, it is perfectly possible (although unlikely) that both access links are operational while the inter-chassis communication link is broken.
The failure detection of the intercommunication link will lead to certain failover state transitions on the DHCP server. The DHCP lease handling in the local-remote model will depend on the particular failover state on the DHCP server and the duration of each failover state is determined by preconfigured timers.
7750 SR and 7450 ESS DHCP server state synchronization is different from the lease state synchronization of the subscriber host itself.
The concern is with the latter, the 7750 SR and 7450 ESS DHCP server lease state synchronization. To ensure un-interrupted IP lease renewal process after a failure in the network, the DHCP server lease time that is synchronized between the 7750 SR and 7450 ESS DHCP servers must always lead the currently assigned lease time for the period of the anticipated lease time in the next period.
For comparison purposes the two flow diagrams are juxtaposed in Figure 28:
On the left side of the graph, the lease time is synchronized to the same value to which it was renewed.
In point 3, the primary DHCP server renews the lease time but fails to synchronize it due to its own failure (crash). The secondary server (2) has the old lease time A’ in its database. The next time the client tries to REBIND its address/prefix, the lease in the secondary server will be expired (4). As a result, the IP address/prefix will not be renewed.
To remedy this situation, the primary server must synchronize the lease time as the current RENEW time + the next lease-time. In this fashion, as depicted in point 3, when the REBIND reaches server 2, the lease in its DB will still be active (4) and the server 2 will be able to extend the lease for the client.
Maximum Client Lead Time (MCLT) is the maximum time that the 7750 SR and 7450 ESS DHCP Server can extend the lease time to its clients beyond the lease time currently know by the 7750 SR and 7450 ESS DHCP partner node. By default this time is relatively short (10min).
The purpose of the MCLT is explained in the following scenario:
The local DHCP server assigns a new IP lease to the client but it crashes before it sends a sync update to the partner server. Because of the local DHCP server failure, the remote DHCP server is not aware of the IP address/prefix that has been allocated on the local DHCP server. This condition creates the possibility that the remote DHCP server allocates the same address/prefix to another client. This would cause IP address/prefix duplication. MCLT is put in place to prevent this scenario.
MCLT based solution is shown in Figure 29.
The sequence of events is the following:
Since the remote DHCP server is not aware of the lease state that was assigned by the local DHCP server, there is a chance that the remote DHCP server assigns to the new client the same IP address/prefix already allocated by the local DHCP server just before it crashed. This is why the remote DHCP server needs to wait for the MCLT time to expire so that the IP addresses/prefixes allocated (but never synchronized) by the local DHCP server can time out.
When the communication channel between the chassis is interrupted, two scenarios are possible:
Access-driven DHCP server redundancy model will ensure uninterrupted IP address assignment service from a single IP address-range/prefix in case that an access link forwards BNG fails. To avoid duplicate address allocation, there MUST be a single active path available from the clients to only one of the 7750 SR and 7450 ESS DHCP servers in redundant configuration. This single active path is ensured via a protection mechanism in dual-homed environment in the access side of the network. The supported protection mechanisms in the access in 7750 SR and 7450 ESS are SRRP or MC-LAG.
In access-driven DHCP redundancy model, the DHCP relay in each 7750 SR and 7450 ESS node must point only to the IP address of the local DHCP server. In other words, the DHCP messages received on one DHCP server should never be relayed to the other. Since the IP address-ranges/prefixes are shared between the DHCP servers, accessing both DHCP servers with the same DHCP request can cause DHCP lease duplication. Moreover, the IP addresses of both DHCP servers must be the same in both nodes. Otherwise the DHCP renew process would fail.
Granting new leases out of the shared IP address-ranges or prefixes that are configured as access-driven is not dependent on the state of the inter-chassis communication link (MCS). Instead, the new leases can be granted from both nodes simultaneously and it is the role of the protection mechanism in the access to ensure that a single path to either server is always active.
This model will allow the newly active node, after a SRRP/MC-LAG switchover, to be able to serve new clients immediately from the same (shared) IP range or prefix. At the same time, upon the switchover, the corresponding subscriber-interface route is re-evaluated for advertisement with a higher routing metric to the network side via SRRP awareness. The end result is that by aligning the subscriber-interface routes or prefixes with access-driven DHCP address ranges or prefixes in DHCP server, the IP address ranges or prefixes will be advertised to the network side only from the actively serving node (SRRP Master or active MC-LAG node). This will be performed indirectly via the corresponding subscriber-interface route that is aligned (by configuration) with the DHCP address range or prefix in access-driven mode.
In case that SRRP or MC-LAG is not deployed in conjunction with the access-driven configuration option, the IP address duplication could occur.
Note that multi-chassis redundancy relies on MCS to synchronize various client applications. (subscriber states, DHCP states, IGMP states, etc) between the two chassis. Therefore the links over which MCS peering session is established must be highly redundant. Failed MCS peering session will render dual-chassis redundancy non-operational. Considering this fact, the DHCP failover scenario with SRRP/MC-LAG and shared IP address range should be evaluated considering the following cases described in Table 43.
Access Related Failure | Inter-Chassis Link State | Number of Failures | Action |
None | None | None | Only the MASTER SRRP BNG will grant IP leases. The subnet tied to the SRRP instance is advertised to the network side on the MASTER SRRP node. |
None | COMM-INT | Possibly multiple | Only the MASTER SRRP BNG will grant IP leases. Communication link between the two chassis has failed and the DHCP states cannot be synchronized. Operator is required to restore the links between the chassis. |
None | PARTNER-DOWN | Possibly multiple | Same as above. The premise of this deployment model in general (SRRP/MC-LAG + access-driven) is that there is only one path leading to the DHCP server active. This path is governed by SRRP. Therefore there is no change in behavior between the PARTNER-DOWN and COMM-INT states in this particular scenario. |
Access Link Towards the Master SRRP | NORMAL | Single | SRRP will switch over. The new IP lease grants will continue from new SRRP Master using the same IP address range. IP leases will be synched OK. Subnets will be advertised from new Master via SRRP awareness. |
Access Link Towards the Master SRRP | COMM-INT | Multiple | SRRP will switch over. The new leases can be handed from the DHCP server on the newly SRRP Master node. However, this DHCP server may not have its lease state table up to date since the inter-chassis communication link is non-operational. Consequently, new SRRP Master node may start handing out leases that are already allocated on the node with the failed link. In this case, IP address duplication would ensue. This is why it of utmost importance that the intercommunication chassis link is well protected and the only event that causes it to go down is when the entire node goes down. Otherwise the nodes becomes isolated from each other and synchronization becomes non-operational. |
Access Link Towards the Master SRRP | PARTNER-DOWN | Multiple | Same as above. |
Access Link Towards the Standby SRRP | NORMAL | Single | No effect on the operation since everything is active on the Master SRRP node anyway. |
Access Link Towards the Standby SRRP | COMM-INT | Multiple | Intercommunication link is broken. The Master SRRP node will continue handing out the new leases and renewing the old ones. However, they will not be synchronized to the peering node. |
Access Link Towards the Standby SRRP | PARTNER-DOWN | Multiple | Same as above. |
Entire Master Node | COMM-INT | Single | SRRP will switch over. However, lease duplication may occur on the newly Master since the intercommunication link is broken and this newly SRRP Master is not aware of DHCP leases that the peer (failed node) may have allocated to the clients while the intercommunication-link was broken. |
Entire Master Node | PARTNER-DOWN | Single | Same as above. |
Entire Standby Node | COMM-INT | Single | Operation continues OK but multi-chassis redundancy is lost. |
Entire Standby Node | PARTNER-DOWN | Single | Same as above. |
A possible deployment scenario is shown in Figure 30.
Some deployments require that the remote IP address/prefix range starts delegating new IP addresses/prefixes upon the failure of the intercommunication link, without waiting for the intercommunication link to transition from the COMM-INT state into the PARTNER-DOWN state and the MCLT to expire while in PARTNER-DOWN state.
In other words, the takeover of the remote IP address-range/prefix should follow the failure of the intercommunication link, without any significant delays.
This can be achieved by configuring both of the following two items under the dhcp failover CLI hierarchy:
But if one could ensure that the intercommunication link is always available, then the DHCP nodes would stay in sync and the two timers would not be needed. This is why it is of utmost importance that in this mode of operation, the intercommunication link is well protected by providing multiple paths between the two DHCP nodes. The only event that should cause intercommunication link to fail is the entire nodal failure. This failure is acceptable since in this case only one DHCP node is available to provide new IP addresses/prefixes.
Since there is no classical DHCP lease state maintained for local PPPoX pools, the IP addresses will not be synchronized via DHCP Server. Instead they will be synchronized via PPPoX clients. Once the PPPoX subscriber is synchronized, the respective IP address lease will be updated in the respective local pool.
For example:
One artifact of this behavior (IP address assignment in local DHCP pools is synchronized via PPPoX clients and not via DHCP server synchronization mechanism) is that during the node boot, the DHCP server must wait for the completion of PPPoX subscriber synchronization via MCS so that it learns which addresses/prefixes are already allocated on the peering node. Since the DHCP server can theoretically start assigning IP addresses before the PPPoX sync is completed, a duplicate address assignment my occur. For example an IP address lease can be granted via DHCP local pools while PPPoX sync is still in progress. Once the PPPoX sync is completed, the DHCP server may discover that the granted IP lease has already been allocated by the peering node. The most recent lease will be kept and the other will be removed from both systems. To prevent this scenario, a configurable timer can be set to an arbitrary value that will render sub-if non-operational until the timer expires. The purpose of this timer is to allow the PPPoX sync to complete before subscribers under the sub-intf can be served.
In the stateless auto-configuration model, hosts can be assigned address statically or dynamically. For static prefix assignment, LUDB and RADIUS can be used. For dynamic assignment, a pool name returned from LUDB or RADIUS and the local DHCPv6 server is used for address management. Although, the DHCPv6 server is used there are no lease time associated with the SLAAC prefix assigned to hosts. To utilize the local pool for SLAAC prefix assignment, the command local-address-assignment is used under group-interface. The client-application type ppp-slaac and/or ipoe-slaac must first be specified. Afterwards, the server name of the local-address-server must also be provisioned.