RE: Firming Up Understanding of DHCP Details

Yes is the answer to your lengthy email. Option 82 information is not
inserted without DHCP snooping enabled also.

Regards,
 
Tyson Scott - CCIE #13513 R&S, Security, and SP
Technical Instructor - IPexpert, Inc.
Mailto: tscott_at_ipexpert.com
Telephone: +1.810.326.1444, ext. 208
Live Assistance, Please visit: www.ipexpert.com/chat
eFax: +1.810.454.0130

-----Original Message-----
From: nobody_at_groupstudy.com [mailto:nobody_at_groupstudy.com] On Behalf Of
Justin Mann
Sent: Tuesday, May 11, 2010 12:33 AM
To: ccielab_at_groupstudy.com
Subject: Firming Up Understanding of DHCP Details

GS,

First ever post, appreciate any feedback as I don't currently have a
sniffer/WS setup in my remote rack to clarify some of this but will
otherwise continue labbing my own tests - around some of the finer DHCP
implementation questions and verification that my current understanding is
accurate...

- IOS acts as a DHCP RA when the "ip-helper address x.x.x.x" is set on an
interface and it will then unicast the DHCP request to the configured helper
address after first updating the "giaddrr" field of the DHCP packets with
the address of the interface on which it was received (this will be used by
the server to determine the appropriate pool and unicast reply destination)
- Additionally the IOS RA can update the Option 82 information in the
forwarded packet if the task states the the server will use it be enabling
"ip dhcp relay information option" either globally or per interface (this is
not done by default).
QUESTION: Will setting this when the DHCP server does not support Option 82
break the request?
QUESTION: At this point, in a multi-hop topology, does anything else need
to be set on the additional L3 interfaces in the path to allow this to work
if the DHCP server requires Option 82 information?

- If an IOS RA receives a DHCP packet with Option 82 Information but nothing
set in the "giaddr" field (ie 0.0.0.0) it will drop the packet, this could
happen as a result of the "ip dhcp snooping information option" which is
enabled by default on IOS switches whenever DHCP Snooping is configured - if
this might happen I need to set one of several "dhcp relay information
option trust" options on the L3 RA or I can disable the insertion of the
Option 82 info on the switch
QUESTION: Will IOS switch ports still update this Option 82 information
even withOUT DHCP Snooping configured? NOTE: I didn't have a sniffer set
up to check this.
QUESTION: I only need to be worried about the first L3 hop/IOS RA correct?
Assumption is that the first L3 RA/helper-address configured router will
unicast the packet across the network to the server, transit interfaces
won't be checking the Option 82 info or "giaddr" fields in the unicast
packet correct? Or do I need to be concerned about each hop in transit and
how it handles the Option82 information?

Apologies for the lengthy email - sincere appreciation for anyone who has
time to pick through and provide answers or clarification (or maybe
confirmation) where required.

- j

Blogs and organic groups at http://www.ccie.net
Received on Tue May 11 2010 - 01:12:45 ART