-
Cisco IOS IP Addressing Services Command Reference
-
Introduction
-
ARP Commands
-
DHCP Commands: accounting (DHCP) through ip dhcp excluded-address
-
DHCP Commands: ip dhcp limit lease through lease
-
DHCP Commands: netbios-name-server through vrf (DHCP pool)
-
DNS Commands: ddns (DDNS-update-method) through ip dns server queue limit
-
DNS Commands: ip dns spoofing through view (DNS)
-
IP Addressing Commands
-
NAT Commands
-
NHRP Commands
-
Table Of Contents
show ip dhcp relay information trusted-sources
show ip dhcp server statistics
show ip dhcp snooping database
netbios-name-server
To configure NetBIOS Windows Internet Naming Service (WINS) name servers that are available to Microsoft Dynamic Host Configuration Protocol (DHCP) clients, use the netbios-name-server command in DHCP pool configuration mode. To remove the NetBIOS name server list, use the no form of this command.
netbios-name-server address [address2...address8]
no netbios-name-server
Syntax Description
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
One IP address is required, although you can specify up to eight addresses in one command line. Servers are listed in order of preference (address1 is the most preferred server, address2 is the next most preferred server, and so on).
Examples
The following example specifies the IP address of a NetBIOS name server available to the client:
netbios-name-server 10.12.1.90Related Commands
netbios-node-type
To configure the NetBIOS node type for Microsoft Dynamic Host Configuration Protocol (DHCP) clients, use the netbios-node-type command in DHCP pool configuration mode. To remove the NetBIOS node type, use the no form of this command.
netbios-node-type type
no netbios-node-type
Syntax Description
type
Specifies the NetBIOS node type. Valid types are:
•
b-node—Broadcast
•
•
•
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
The recommended type is h-node (hybrid).
Examples
The following example specifies the client's NetBIOS type as hybrid:
netbios node-type h-nodeRelated Commands
network (DHCP)
To configure the network number and mask for a DHCP address pool primary or secondary subnet on a Cisco IOS DHCP server, use the network command in DHCP pool configuration mode. To remove the subnet number and mask, use the no form of this command.
network network-number [{mask | /prefix-length} [secondary]]
no network network-number [{mask | /prefix-length} [secondary]]
Syntax Description
Defaults
This command is disabled by default.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
This command is valid for DHCP subnetwork address pools only.
The DHCP server assumes that all host addresses are available. The system administrator can exclude subsets of the address space by using the ip dhcp excluded-address global configuration command. However, the ip dhcp excluded-address command cannot be used to exclude addresses from VRF-associated pools.
You cannot configure manual bindings within the same pool that is configured with the network command.
If a default router list is configured for the pool or subnet from which the address was allocated, the DHCP server selects an IP address from that default router list and provides it to the client. The DHCP client uses that router as the first hop for forwarding messages.
Removing a secondary subnet also removes the default router list for that subnet. Removing the primary subnet removes only the primary subnet definition but not the network-wide default router list.
To display the DHCP address pool information configured by the network command, use the show ip dhcp pool command.
Examples
The following example configures 172.16.0.0/12 as the subnetwork number and mask of the DHCP pool named pool1. The IP addresses in pool1 range from 172.16.0.0 to 172.31.255.255.
Router(config)# ip dhcp pool pool1Router(dhcp-config)# network 172.16.0.0 255.240.0.0The following example configures 192.0.2.0/24 as the subnetwork number and mask of the DHCP pool named pool2 and then adds the DHCP pool secondary subnet specified by the subnet number and mask 192.0.4.0/30. The IP addresses in pool2 consist of two disjoint subnets: the addresses from 192.0.2.1 to 192.0.2.254 and the addresses from 192.0.4.1 to 192.0.4.2.
Router(config)# ip dhcp pool pool2Router(dhcp-config)# network 192.0.2.0 255.255.255.0Router(dhcp-config)# network 192.0.4.0 255.255.255.252 secondaryRelated Commands
next-server
To configure the next server in the boot process of a Dynamic Host Configuration Protocol (DHCP) client, use the next-server command in DHCP pool configuration mode. To remove the boot server list, use the no form of this command.
next-server address [address2...address8]
no next-server address
Syntax Description
Defaults
If the next-server command is not used to configure a boot server list, the DHCP server uses inbound interface helper addresses as boot servers.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
You can specify up to eight servers in the list. Servers are listed in order of preference (address1 is the most preferred server, address2 is the next most preferred server, and so on).
Examples
The following example specifies 10.12.1.99 as the IP address of the next server in the boot process:
next-server 10.12.1.99Related Commands
option
To configure Dynamic Host Configuration Protocol (DHCP) server options, use the option command in DHCP pool configuration mode. To remove the options, use the no form of this command.
option code [instance number] {ascii string | hex {string | none} | ip address}
no option code [instance number]
Syntax Description
Defaults
The default instance number is 0.
Command Modes
DHCP pool configuration (dhcp-config)
Command History
Usage Guidelines
DHCP provides a framework for passing configuration information to hosts on a TCP/IP network. Configuration parameters and other control information are carried in tagged data items that are stored in the options field of the DHCP message. The data items themselves are also called options. The current set of DHCP options are documented in RFC 2131, Dynamic Host Configuration Protocol.
Examples
The following example configures DHCP option 19, which specifies whether the client should configure its IP layer for packet forwarding. A value of 0 means disable IP forwarding; a value of 1 means enable IP forwarding. IP forwarding is enabled in the following example:
Router(config)# ip dhcp pool redRouter(dhcp-config)# option 19 hex 01The following example configures DHCP option 72, which specifies the World Wide Web servers for DHCP clients. World Wide Web servers 172.16.3.252 and 172.16.3.253 are configured in the following example:
Router(config)# ip dhcp pool redRouter(dhcp-config)# option 72 ip 172.16.3.252 172.16.3.253Related Commands
ip dhcp pool
Configures a DHCP address pool on a Cisco IOS DHCP server and enters the DHCP pool configuration mode.
option hex
To enable the Cisco IOS relay agent to make forwarding decisions based on DHCP options inserted in the client-generated DHCP message, use the option hex command in DHCP class configuration mode. To disable this functionality, use the no form of this command.
option code hex hex-pattern [*] [bit bit-mask-pattern]
no option code hex hex-pattern [*] [mask bit-mask-pattern]
Syntax Description
Command Default
This command is disabled by default.
Command Modes
DHCP class configuration
Command History
Usage Guidelines
The option hex command enhances DHCP class support to allow the relay agent to relay client-generated messages to different DHCP servers based on the content of the following four options:
•
•
•
•
Each option identifies the type of client sending the DHCP message.
Table 16 describes the CLI variations possible for the hex hex-pattern keyword and argument combination.
Table 16 option hex CLI Variations
You must know the hexadecimal value of each byte location in the options to be able to configure the option hex command. The format may vary from product to product. Contact the relay agent vendor for this information.
Examples
In the following example, client-generated DHCP messages containing option 60 and belonging to class VOIP will be forwarded to the DHCP server located at 10.30.5.1:
!ip dhcp class VOIPoption 60 hex 010203!! The following is the relay poolip dhcp pool redrelay source 10.2.2.0 255.255.255.0class VOIPrelay target 10.30.5.1Related Commands
origin
To configure an address pool as an on-demand address pool (ODAP) or static mapping pool, use the origin command in DHCP pool configuration mode. To disable the ODAP, use the no form of this command.
origin {dhcp | aaa | ipcp | file url} [subnet size initial size [autogrow size]]
no origin {dhcp | aaa | ipcp | file url} [subnet size initial size [autogrow size]]
Syntax Description
Defaults
The default size value is /0.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
If you do not configure the pool as an autogrow pool, the pool will not request additional subnets if one subnet is already in the pool.
Use the dhcp keyword to obtain subnets from DHCP, the aaa keyword to obtain subnets from the AAA server, and the ipcp keyword to obtain subnets from IPCP negotiation. If you expect that the utilization of the pool may grow over time, use the autogrow size option.
If a pool has been configured with the autogrow size option, ensure that the source server is capable of providing more than one subnet to the same pool. Even though the Cisco IOS software specifies the requested subnet size, it can accept any offered subnet size from the source server.
Examples
The following example shows how to configure an address pool named green to use DHCP as the subnet allocation protocol with an initial subnet size of 24 and an autogrow subnet size of 24:
ip dhcp pool pool1vrf pool1origin dhcp subnet size initial /24 autogrow /24utilization mark high 80utilization mark low 20The following example shows how to configure the location of the external text file:
ip dhcp pool abcpoolorigin file tftp://10.1.0.1/staticbindingfileRelated Commands
override default-router
To define a default router list for the DHCP pool secondary subnet, use the override default-router command in DHCP pool secondary subnet configuration mode. To remove the default router list for this secondary subnet, use the no form of this command.
override default-router address [address2 ... address8]
no override default-router
Syntax Description
Command Default
No default router list is defined for the DHCP pool secondary subnet.
Command Modes
DHCP pool secondary subnet configuration
Command History
12.2(33)SRB
This command was introduced.
12.4(15)T
This command was integrated into Cisco IOS Release 12.4(15)T.
Usage Guidelines
When an IP address is assigned to the DHCP client from a secondary subnet for which no subnet-specific default router list is defined, the default router list (configured by using the default-router command in DHCP pool configuration mode) will be used.
The IP address of every router in the list should be on the same subnet as the client subnet. You can specify up to eight routers in the list. Routers are listed in order of preference (address is the most preferred router, address2 is the next most preferred router, and so on).
To display the default router lists, use the show running-config command. If default router lists are configured for a DHCP pool, the commands used to configure those lists are displayed following the ip dhcp pool command that configures the DHCP pool.
Examples
The following example configures 10.1.1.1/29 as the subnetwork number and mask of the DHCP pool named pool1, adds the DHCP pool secondary subnet specified by the subnet number and mask 10.1.1.17/29, then configures a subnet-specific default router list for that subnet:
Router(config)# dhcp pool pool1Router(config-dhcp)# network 10.1.1.1 255.255.255.248Router(config-dhcp)# network 10.1.1.17 255.255.255.248 secondaryRouter(config-dhcp-secondary-subnet)# override default-router 10.1.1.100 10.1.1.200Related Commands
override utilization high
To configure the high utilization mark of the current secondary subnet size, use the override utilization high command in DHCP pool secondary subnet configuration mode. To remove the high utilization mark, use the no form of this command.
override utilization high percentage-number
no override utilization high percentage-number
Syntax Description
Command Default
The default high utilization mark is 100 percent of the current subnet size.
Command Modes
DHCP pool secondary subnet configuration (config-dhcp-subnet-secondary)
Command History
Usage Guidelines
If you use the utilization mark {high | low} log command, a system message can be generated for a DHCP secondary subnet when the subnet utilization exceeds the configured high utilization threshold. A system message can also be generated when the subnet's utilization is detected to be below the configured low utilization threshold.
The override utilization high command overrides the value specified by the utilization mark high global configuration command.
Examples
The following example shows how to set the high utilization mark of the secondary subnet to 40 percent of the current subnet size:
Router(config)# ip dhcp pool pool2Router(dhcp-config)# utilization mark high 80 logRouter(dhcp-config)# utilization mark low 70 logRouter(dhcp-config)# network 192.0.2.0 255.255.255.0Router(dhcp-config)# network 192.0.4.0 255.255.255.252 secondaryRouter(config-dhcp-subnet-secondary)# override utilization high 40Router(config-dhcp-subnet-secondary)# override utilization low 30Related Commands
override utilization low
To configure the low utilization mark of the current secondary subnet size, use the override utilization low command in DHCP pool secondary subnet configuration mode. To remove the low utilization mark, use the no form of this command.
override utilization low percentage-number
no override utilization low percentage-number
Syntax Description
Command Default
The default low utilization mark is 0 percent of the current subnet size.
Command Modes
DHCP pool secondary subnet configuration (config-dhcp-subnet-secondary)
Command History
Usage Guidelines
If you use the utilization mark {high | low} log command, a system message can be generated for a DHCP secondary subnet when the subnet utilization falls below the configured low utilization threshold. A system message can also be generated when the subnet's utilization exceeds the configured high utilization threshold.
The override utilization low command overrides the value specified by the utilization mark low global configuration command.
Examples
The following example shows how to set the low utilization mark of the secondary subnet to 30 percent of the current subnet size:
Router(config)# ip dhcp pool pool2Router(dhcp-config)# utilization mark high 80 logRouter(dhcp-config)# utilization mark low 70 logRouter(dhcp-config)# network 192.0.2.0 255.255.255.0Router(dhcp-config)# network 192.0.4.0 255.255.255.252 secondaryRouter(config-dhcp-subnet-secondary)# override utilization high 40Router(config-dhcp-subnet-secondary)# override utilization low 30Related Commands
relay agent information
To enter relay agent information option configuration mode, use the relay agent information command in DHCP class configuration mode. To disable this functionality, use the no form of this command.
relay agent information
no relay agent information
Syntax Description
This command has no arguments or keywords.
Defaults
No default behavior or values
Command Modes
DHCP class configuration
Command History
Usage Guidelines
If this command is omitted for Dynamic Host Configuration Protocol (DHCP) class-based address allocation, then the DHCP class matches to any relay agent information option, whether it is present or not.
Using the no relay agent information command removes all patterns in the DHCP class configured by the relay-information hex command.
Examples
The following example shows the relay information patterns configured for DHCP class 1.
ip dhcp class CLASS1relay agent informationrelay-information hex 01030a0b0c02050000000123relay-information hex 01030a0b0c02*relay-information hex 01030a0b0c02050000000000 bitmask 0000000000000000000000FFip dhcp class CLASS2relay agent informationRelated Commands
relay-information hex
Specifies a hexadecimal string for the full relay agent information option.
relay destination
To configure an IP address for a relay destination to which packets are forwarded by a Dynamic Host Configuration Protocol (DHCP) relay agent functioning as a DHCP server, use the relay destination command in DHCP pool configuration mode. To disable the IP address, use the no form of this command.
relay destination [vrf vrf-name | global] ip-address
no relay destination [vrf vrf-name | global] ip-address
Syntax Description
Defaults
No destination IP address to which packets are forwarded is configured.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
The relay destination command serves the same function as the relay target command, except that the relay target command specifies the DHCP server to which packets should be forwarded only for the class under which it is configured, and the relay destination command specifies the DHCP server to which packets should be forwarded for the pool itself. The relay target command overrides the relay destination command in cases in which the configured class name has been specified by the service gateway (SG).
When using the relay destination command, the ip-address argument is assumed to be in the same VRF as the address pool under which the command was configured. If the relay destination IP address is in a different VRF, or in the global address space, then the vrf vrf-name or global keywords need to be specified.
relay-information hex
To specify a hexadecimal string for the full relay agent information option, use the relay-information hex command in relay agent information option configuration mode. To remove the configuration, use the no form of this command.
relay-information hex pattern [*] [bitmask mask]
no relay-information hex pattern [*] [bitmask mask]
Syntax Description
pattern
String of hexadecimal values. This string creates a pattern that is matched against the named DHCP class.
*
(Optional) Wildcard character.
bitmask mask
(Optional) Hexadecimal bitmask.
Defaults
No default behavior or values
Command Modes
Relay agent information option configuration
Command History
Usage Guidelines
The relay-information hex command sets a pattern that is used to match against defined DHCP classes. You can configure multiple relay-information hex commands for a DHCP class. This is useful to specify a set of relay information options that can not be summarized with a wildcard or a bitmask.
The pattern itself, excluding the wildcard, must contain a whole number of bytes (a byte is two hexadecimal numbers). For example, 010203 is 3 bytes (accepted) and 01020 is 2.5 bytes (not accepted).
If you omit this command, no pattern is configured and it is considered a match to any relay agent information value, but the relay information option must be present in the DHCP packet.
You must know the hexadecimal value of each byte location in option 82 to be able to configure the relay- information hex command. The option 82 format may vary from product to product. Contact the relay agent vendor for this information.
Examples
The following example shows the configured relay agent information patterns. Note that CLASS 2 has no pattern configured and will "match to any" class.
ip dhcp class CLASS1relay agent informationrelay-information hex 01030a0b0c02050000000123relay-information hex 01030a0b0c02*relay-information hex 01030a0b0c02050000000000 bitmask 0000000000000000000000FFip dhcp class CLASS2relay agent informationrelay source
To configure an IP address for a relay source from which packets are forwarded by a Dynamic Host Configuration Protocol (DHCP) server, use the relay source command in DHCP-pool configuration mode. To disable the IP address, use the no form of this command.
relay source ip-address subnet-mask
no relay source ip-address subnet-mask
Syntax Description
ip-address
IPv4 address of DHCP server from which the DHCP client packets are relayed.
subnet-mask
Subnet mask that matches the subnet of the incoming interface of the DHCP client packet.
Defaults
No IP address from which IP packets are forwarded is configured.
Command Modes
DHCP pool configuration
Command History
Examples
The following example shows how to configure a source IP address from which DHCP client packets are relayed:
ip dhcp pool abc1relay source 10.0.0.0 255.255.0.0relay destination 10.5.1.1Related Commands
relay target
To configure an IP address for a relay target to which packets are forwarded by a Dynamic Host Configuration Protocol (DHCP) server, use the relay target command in DHCP pool class configuration mode. To disable the IP address, use the no form of this command.
relay target [vrf vrf-name | global] ip-address
no relay target [vrf vrf-name | global] ip-address
Syntax Description
Defaults
No target IP address is configured.
Command Modes
DHCP pool class configuration
Command History
Usage Guidelines
The relay target command serves the same function as the relay destination command, except that the relay target command specifies the DHCP server to which packets should be forwarded only for the class under which it is configured, and the relay destination command specifies the DHCP server to which packets should be forwarded for the pool itself. The relay target command overrides the relay destination command in cases in which the configured class name has been specified by the SG.
Examples
The following example shows how to configure a relay target if a service gateway (SG)-supplied class name is used to select a DHCP server to which packets are relayed:
ip dhcp pool abc1relay source 10.0.0. 255.255.0.0.relay destination 10.5.1.1class classname1relay target 10.1.1.1class classname2relay target 10.2.2.2class classname3In the above example, classname1 relays the DHCP DISCOVER packet to the server at 10.1.1.1, while classname2 relays the DHCP DISCOVER packet to the server at 10.2.2.2.
If the SG returned classname3, then the default pool at 10.5.1.1 is used. If the SG returns any other class name other than classname1, classname2, or classname3, then no relay action is taken.
The relay target configuration with respect to any configured DHCP pool works in the exact same way as a relay destination configuration works.
Related Commands
release dhcp
To perform an immediate release of a Dynamic Host Configuration Protocol (DHCP) lease for an interface, use the release dhcp command in user EXEC or privileged EXEC mode.
release dhcp interface-type interface-number
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
The release dhcp command immediately releases the DHCP lease on the interface specified by the interface-type and interface-number arguments. If the router interface was not assigned a DHCP IP address by the DHCP server, the release dhcp command fails and displays the following error message:
Interface does not have a DHCP originated address
This command does not have a no form.
Examples
The following example shows how to release a DHCP lease for an interface.
release dhcp ethernet 3/1Related Commands
renew deny unknown
To configure the renewal policy for unknown DHCP clients, use the renew deny unknown command in DHCP pool configuration mode. To disable the renewal policy, use the no form of this command.
renew deny unknown
no renew deny unknown
Syntax Description
This command has no arguments or keywords.
Command Default
The DHCP server ignores a client request for an IP address that is not leased to the client.
Command Modes
DHCP pool configuration (dhcp-config)
Command History
12.4(15)T
This command was introduced.
12.2 SXH
This command was integrated into 12.2 SXH.
Usage Guidelines
In some usage scenarios, such as a wireless hotspot, where both DHCP and secure ARP are configured, a connected client device might go to sleep or suspend for a period of time. If the suspended time period is greater than the secure ARP timeout (default of 91 seconds), but less than the DHCP lease time, the client can awake with a valid lease, but the secure ARP timeout has caused the lease binding to be removed because the client has been inactive. When the client awakes, the client still has a lease on the client side but is blocked from sending traffic. The client will try to renew its IP address but the DHCP server will ignore the request because the DHCP server has no lease for the client. The client must wait for the lease to expire before being able to recover and send traffic again.
To remedy this situation, use the renew deny unknown command in DHCP pool configuration mode. This command forces the DHCP server to reject renewal requests from clients if the requested address is present at the server but is not leased. The DHCP server sends a DHCPNAK denial message to the client, which forces the client back to its initial state. The client can then negotiate for a new lease immediately, instead of waiting for its old lease to expire.
Examples
The following example shows how to secure ARP table entries to DHCP leases. The renew deny unknown command allows the DHCP server to renew the lease of a DHCP client whose lease has been cleared because of a secure ARP timeout.
Router# configure terminalRouter(config)# ip dhcp pool redRouter(dhcp-config)# update arpRouter(dhcp-config)# renew deny unknownRelated Commands
update arp
Secures dynamic ARP entries in the ARP table to their corresponding DHCP bindings.
renew dhcp
To perform an immediate renewal of a Dynamic Host Configuration Protocol (DHCP) lease for an interface, use the renew dhcp command in user EXEC or privileged EXEC mode.
renew dhcp interface-type interface-number
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
The renew dhcp command immediately renews the DHCP lease for the interface specified by the interface-type and interface-number arguments. If the router interface was not assigned an IP address by the DHCP server, the renew dhcp command fails and displays the following error message:
Interface does not have a DHCP originated address
This command does not have a no form.
Examples
The following example shows how to renew a DHCP lease for an interface:
renew dhcp Ethernet 3/1Related Commands
reserved-only
To restrict address assignments from the Dynamic Host Configuration Protocol (DHCP) address pool only to the preconfigured reservations, use the reserved-only command in DHCP pool configuration mode. To disable the configuration, use the no form of this command.
reserved-only
no reserved-only
Syntax Description
This command has no arguments or keywords.
Command Default
Disabled. (Address assignments from the DHCP address pool are not restricted only to the preconfigured reservations.)
Command Modes
DHCP pool configuration (dhcp-config)
Command History
Usage Guidelines
When the DHCP port-based assignment feature is configured on multiple switches, devices connected to one switch may receive an IP address assignment from the neighboring switches rather than from the local DHCP address pool switch. If you want the switch to serve only the client directly connected to the switch, you can configure a group of switches with pools that share a common IP subnet but ignore the requests from other clients (not connected to this switch).
Examples
The following example shows how to restrict address assignments from the DHCP address pool only to the preconfigured reservations:
Router# configure terminalRouter(config)# ip dhcp pool redRouter(dhcp-config)# reserved-onlyRelated Commands
service dhcp
To enable the Dynamic Host Configuration Protocol (DHCP) server and relay agent features on your router, use the service dhcp command in global configuration mode. To disable the DHCP server and relay agent features, use the no form of this command.
service dhcp
no service dhcp
Syntax Description
This command has no arguments or keywords.
Defaults
DHCP is enabled.
DHCP is not running.
Port 67 is closed.Command Modes
Global configuration (config)
Command History
Usage Guidelines
The BOOTP and DHCP servers in Cisco IOS software both use the Internet Control Message Protocol (ICMP) port (port 67) by default. ICMP "port unreachable messages" will only be returned to the sender if both the BOOTP server and DHCP server are disabled. Disabling only one of the servers will not result in ICMP port unreachable messages.
Port 67 is closed in the Cisco IOS DHCP/BOOTP default configuration. There are two logical parts to the service dhcp command: service enabled and service running. The DHCP service is enabled by default, but port 67 is not opened until the DHCP service is running. A DHCP address pool must be configured for the DHCP service to be running. If the service is running, the show ip sockets detail or show sockets detail commands displays port 67 as open.
Examples
The following example shows to enable DHCP services on the DHCP server:
service dhcpRelated Commands
show ip sockets
Displays IP socket information.
show sockets
Displays IP socket information.
set ip next-hop dynamic dhcp
To set the next hop to the gateway that was most recently learned by the Dynamic Host Configuration Protocol (DHCP) client, use the set ip next-hop dynamic dhcp command in route-map configuration mode. To restore the default setting, use the no form of this command.
set ip next-hop dynamic dhcp
no set ip next-hop dynamic dhcp
Syntax Description
This command has no arguments or keywords.
Defaults
This command is disabled by default.
Command Modes
Route-map configuration
Command History
Usage Guidelines
The set ip next-hop dynamic dhcp command supports only a single DHCP interface. If multiple interfaces have DHCP configured, the gateway that was most recently learned among all interfaces running DHCP will be used by the route map.
Examples
The following example configures a local routing policy that sets the next hop to the gateway that was most recently learned by the DHCP client:
access list 101 permit icmp any host 172.16.23.7 echoroute map MY-LOCAL-POLICY permit 10match ip address 101set ip next-hop dynamic dhcp!ip local policy route-map MY-LOCAL-POLICYRelated Commands
show ip dhcp binding
To display address bindings on the Cisco IOS Dynamic Host Configuration Protocol (DHCP) server, use the show ip dhcp binding command in user EXEC or privileged EXEC mode.
Cisco IOS Release 12.0(1)T, 12.2(28)SB, and Later Releases
show ip dhcp binding [ip-address]
Cisco IOS Release 12.2(33)SRC and Subsequent 12.2SR Releases
show ip dhcp binding [vrf vrf-name] [ip-address]
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
This command is used to display DHCP binding information for IP address assignment and subnet allocation. If the address is not specified, all address bindings are shown. Otherwise, only the binding for the specified client is displayed. The output from this command displays binding information for individual IP address assignment and allocated subnets. The output that is generated for DHCP IP address assignment and subnet allocation is almost identical, except that subnet leases display an IP address followed by the subnet mask (which shows the size of the allocated subnet). Bindings for individual IP address only display an IP address and are not followed by a subnet mask.
Examples
IP Address Assignment Example
The following examples show the DHCP binding address parameters, including an IP address, an associated MAC address, a lease expiration date, and the type of address assignment that have occurred. Table 17 describes the significant fields shown in the displays.
Router# show ip dhcp binding 192.0.2.0IP address Hardware address Lease expiration Type192.0.2.0 00a0.9802.32de Feb 01 1998 12:00 AM AutomaticRouter# show ip dhcp binding 192.0.2.1IP address Hardware address Lease expiration Type192.0.2.1 02c7.f800.0422 Infinite Manual
Subnet Allocation Example
The following example shows the subnet lease to MAC address mapping, the lease expiration, and the lease type (subnet lease bindings are configured to be automatically created and released by default). The output that is generated for DHCP IP address assignment and subnet allocation is almost identical, except that subnet leases display an IP address followed by the subnet mask (which shows the size of the allocated subnet) in classless inter-domain routing (CIDR) bit count notation. Bindings for an individual IP address only display an IP address and are not followed by a subnet mask.
Table 18 describes the significant fields shown in the display.
Router# show ip dhcp bindingBindings from all pools not associated with VRF:IP address Client-ID/ Lease expiration TypeHardware address/User name192.0.2.2/24 0063.6973.636f.2d64. Mar 29 2003 04:36 AM Automatic656d.6574.6572.2d47.4c4f.4241.4c
Related Commands
clear ip dhcp binding
Deletes an automatic address binding from the Cisco IOS DHCP server database.
show ip dhcp vrf
Displays VRF information on the DHCP server.
show ip dhcp conflict
To display address conflicts found by a Dynamic Host Configuration Protocol (DHCP) server when addresses are offered to the client, use the show ip dhcp conflict command in user EXEC or privileged EXEC mode.
show ip dhcp conflict [ip-address]
Syntax Description
Command Modes
User EXEC
Privileged EXECCommand History
Usage Guidelines
The server uses ping to detect conflicts. The client uses gratuitous Address Resolution Protocol (ARP) to detect clients. If an address conflict is detected, the address is removed from the pool and the address is not assigned until an administrator resolves the conflict.
Examples
The following example displays the detection method and detection time for all IP addresses the DHCP server has offered that have conflicts with other devices. Table 19 describes the significant fields shown in the display.
Router# show ip dhcp conflictIP address Detection Method Detection time172.16.1.32 Ping Feb 16 1998 12:28 PM172.16.1.64 Gratuitous ARP Feb 23 1998 08:12 AM
Related Commands
show ip dhcp database
To display Dynamic Host Configuration Protocol (DHCP) server database agent information, use the show ip dhcp database command in privileged EXEC mode.
show ip dhcp database [url]
Syntax Description
Defaults
If a URL is not specified, all database agent records are shown. Otherwise, only information about the specified agent is displayed.
Command Modes
Privileged EXEC
Command History
Examples
The following example shows all DHCP server database agent information. Table 20 describes the significant fields shown in the display.
Router# show ip dhcp databaseURL : ftp://user:password@172.16.4.253/router-dhcpRead : Dec 01 1997 12:01 AMWritten : NeverStatus : Last read succeeded. Bindings have been loaded in RAM.Delay : 300 secondsTimeout : 300 secondsFailures : 0Successes : 1
Related Commands
ip dhcp database
Configures a Cisco IOS DHCP server to save automatic bindings on a remote host called a database agent.
show ip dhcp import
To display the option parameters that were imported into the Dynamic Host Configuration Protocol (DHCP) server database, use the show ip dhcp import command in privileged EXEC command.
show ip dhcp import
Syntax Description
This command has no arguments or keywords.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Imported option parameters are not part of the router configuration and are not saved in NVRAM. Thus, the show ip dhcp import command is necessary to display the imported option parameters.
Examples
The following is sample output from the show ip dhcp import command:
Router# show ip dhcp importAddress Pool Name:2Domain Name Server(s): 10.1.1.1NetBIOS Name Server(s): 10.3.3.3The following example indicates the address pool name:
Address Pool Name:2The following example indicates the imported values, which are domain name and NetBIOS name information:
Domain Name Server(s): 10.1.1.1NetBIOS Name Server(s): 10.3.3.3Related Commands
import all
Imports option parameters into the DHCP database.
show ip dhcp database
Displays Cisco IOS server database information.
show ip dhcp limit lease
To display the number of times the lease limit threshold has been violated, use the show ip dhcp limit lease command in user EXEC or privileged EXEC mode.
show ip dhcp limit lease [type number]
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
You can control the number of subscribers at the global level by using the ip dhcp limit lease per interface command and at the interface level by using the ip dhcp limit lease command. The show ip dhcp limit lease command displays the number of lease limit violations per interface or at the global level.
Examples
In the following example, the number of lease violations is displayed. If the ip dhcp limit lease log command is enabled, the show output will indicate that lease limit logging is enabled:
Router# show ip dhcp limit leaseDHCP limit lease logging is enabledInterface CountSerial0/0.1 5Serial1 3Related Commands
show ip dhcp pool
To display information about the Dynamic Host Configuration Protocol (DHCP) address pools, use the show ip dhcp pool command in privileged EXEC mode.
show ip dhcp pool [name]
Syntax Description
name
(Optional) Displays information about a specific address pool. If not specified, displays information about all address pools.
Command Modes
Privileged EXEC
Command History
Usage Guidelines
Use this command to determine the subnets allocated and to examine the current utilization level for the pool or all the pools if the name argument is not used.
Examples
The following example shows DHCP address pool information for an on-demand address pool (ODAP), pool 1. Table 21 describes the significant fields in the display.
Router# show ip dhcp pool 1Pool 1:Utilization mark (high/low) : 85 / 15Subnet size (first/next) : 24 / 24 (autogrow)VRF name : abcTotal addresses : 28Leased addresses : 11Pending event : none2 subnets are currently in the pool :Current index IP address range Leased addresses10.1.1.12 10.1.1.1 - 10.1.1.14 1110.1.1.17 10.1.1.17 - 10.1.1.30 0Interface Ethernet0/0 address assignment 10.1.1.1 255.255.255.24810.1.1.17 255.255.255.248 secondaryThe following example shows DHCP address pool information for a network pool, pool 2. Table 21 describes the significant fields in the display.
Router# show ip dhcp pool 2Pool pool2 :Utilization mark (high/low) : 80 / 70Subnet size (first/next) : 0 / 0Total addresses : 256Leased addresses : 0Excluded addresses : 2Pending event : none2 subnets are currently in the pool:Current index IP address range Leased/Excluded/Total10.0.2.1 10.0.2.1 - 10.0.2.254 0 / 1 / 25410.0.4.1 10.0.4.1 - 10.0.4.2 0 / 1 / 2The following example shows that the preassigned address was correctly reserved in the DHCP pool:
Router# show ip dhcp pool dhcppoolPool dhcp pool:Utilization mark (high/low) : 100 / 0Subnet size (first/next) : 0 / 0Total addresses : 254Leased addresses : 0Excluded addresses : 3Pending event : none1 subnet is currently in the pool:Current index IP address range Leased/Excluded/Total10.1.1.1 10.1.1.1 - 10.1.1.254 0 / 3 / 2541 reserved address is currently in the poolAddress Client10.1.1.7 Et1/0
show ip dhcp relay information trusted-sources
To display all interfaces configured to be a trusted source for the Dynamic Host Configuration Protocol (DHCP) relay information option, use the show ip dhcp relay information trusted-sources command in user EXEC or privileged EXEC mode.
show ip dhcp relay information trusted-sources
Syntax Description
This command has no arguments or keywords.
Command Modes
user EXEC
privileged EXECCommand History
Usage Guidelines
This command is not supported on Cisco 7600 series routers that are configured with a Supervisor Engine 2.
Examples
The following is sample output when the ip dhcp relay information trusted-sources command is configured. Note that the display output lists the interfaces that are configured to be trusted sources.
Router# show ip dhcp relay information trusted-sourcesList of trusted sources of relay agent information option:Ethernet1/1 Ethernet1/2 Ethernet1/3 Serial4/1.1Serial4/1.2 Serial4/1.3The following is sample output when the ip dhcp relay information trust-all global configuration command is configured. Note that the display output does not list the individual interfaces.
Router# show ip dhcp relay information trusted-sourcesAll interfaces are trusted source of relay agent information option Serial4/1.1Related Commands
show ip dhcp server statistics
To display Dynamic Host Configuration Protocol (DHCP) server statistics, use the show ip dhcp server statistics command in privileged EXEC mode.
show ip dhcp server statistics
Syntax in Cisco IOS Release 12.2(33)SRC and Subsequent 12.2SR Releases
show ip dhcp server statistics [type number]
Syntax Description
Command Modes
Privileged EXEC
Command History
Examples
The following example displays DHCP server statistics. Table 22 describes the significant fields in the display.
Router# show ip dhcp server statisticsMemory usage 40392Address pools 3Database agents 1Automatic bindings 190Manual bindings 1Expired bindings 3Malformed messages 0Secure arp entries 1Renew messages 0Message ReceivedBOOTREQUEST 12DHCPDISCOVER 200DHCPREQUEST 178DHCPDECLINE 0DHCPRELEASE 0DHCPINFORM 0Message SentBOOTREPLY 12DHCPOFFER 190DHCPACK 172DHCPNAK 6
Related Commands
show ip dhcp snooping
To display the DHCP snooping configuration, use the show ip dhcp snooping command in privileged EXEC mode.
show ip dhcp snooping
Syntax Description
This command has no arguments or keywords.
Defaults
This command has no default settings.
Command Modes
Privileged EXEC
Command History
12.2(18)SXE
Support for this command was introduced on the Supervisor Engine 720.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
Examples
This example shows how to display the DHCP snooping configuration:
Router# show ip dhcp snoopingSwitch DHCP snooping is enabledDHCP snooping is configured on following VLANs:5 10Insertion of option 82 is enabledInterface Trusted Rate limit (pps)-------------------- ------- ----------------FastEthernet6/11 no 10FastEthernet6/36 yes 50Related Commands
show ip dhcp snooping binding
To display the DHCP snooping binding entries, use the show ip dhcp snooping binding command in privileged EXEC mode.
show ip dhcp snooping binding [ip-address] [mac-address] [vlan vlan]
[interface type number]Syntax Description
Command Default
If no argument is specified, the switch displays the entire DHCP snooping binding table.
Command Modes
User EXEC
Privileged EXECCommand History
12.2(18)SXE
Support for this command was introduced on the Supervisor Engine 720.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
Usage Guidelines
DHCP snooping is enabled on a VLAN only if both the global snooping and the VLAN snooping are enabled.
Examples
This example shows how to display the DHCP snooping binding entries for a switch:
Router# show ip dhcp snooping bindingMacAddress IP Address Lease(seconds) Type VLAN Interface----------- ----------- -------------- ------------- ----- --------------0000.0100.0201 10.0.0.1 600 dhcp-snooping 100 FastEthernet3/1This example shows how to display an IP address for DHCP snooping binding entries:
Router# show ip dhcp snooping binding 172.16.101.102MacAddress IP Address Lease (seconds) Type VLAN Interface----------- ----------- --------------- ------------- ----- ------------0000.0100.0201 172.16.101.102 1600 dhcp-snooping 100 FastEthernet3/1This example shows how to display the MAC address for the DHCP snooping binding entries:
Router# show ip dhcp snooping binding 10.5.5.2 0002.b33f.3d5fMacAddress IpAddress Lease(sec) Type VLAN Interface------------------ --------- ---------- ------------- ---- ----------------00:02:B3:3F:3D:5F 10.5.5.2 492 dhcp-snooping 99 FastEthernet6/36 Router#This example shows how to display the DHCP snooping binding entries' MAC address for a specific VLAN:
Router# show ip dhcp snooping binding 10.5.5.2 0002.b33f.3d5f vlan 99MacAddress IpAddress Lease(sec) Type VLAN Interface----------------- --------- ---------- ------------- ---- ----------------00:02:B3:3F:3D:5F 10.5.5.2 479 dhcp-snooping 99 FastEthernet6/36This example shows how to display the DHCP snooping binding entries on VLAN 100:
Router# show ip dhcp snooping binding vlan 100MacAddress IP Address Lease(seconds) Type VLAN Interface-------------- ---------- -------------- ------------- ---- --------------0000.0100.0201 10.0.0.1 1600 dhcp-snooping 100 FastEthernet3/1This example shows how to display the DHCP snooping binding entries on Fast Ethernet interface 3/1:
Router# show ip dhcp snooping binding interface fastethernet3/1MacAddress IP Address Lease(seconds) Type VLAN Interface-------------- ---------- -------------- ------------- ---- --------------0000.0100.0201 10.0.0.1 1600 dhcp-snooping 100 FastEthernet3/1Table 23 describes the fields in the show ip dhcp snooping command output.
Related Commands
show ip dhcp snooping database
To display the status of the DHCP snooping database agent, use the show ip dhcp snooping database command in privileged EXEC mode.
show ip dhcp snooping database [detail]
Syntax Description
Defaults
This command has no default settings.
Command Modes
Privileged EXEC
Command History
12.2(18)SXE
Support for this command was introduced on the Supervisor Engine 720.
12.2(33)SRA
This command was integrated into Cisco IOS Release 12.2(33)SRA.
Examples
This example shows how to display the DHCP snooping database:
Router# show ip dhcp snooping databaseAgent URL :Write delay Timer : 300 secondsAbort Timer : 300 secondsAgent Running : NoDelay Timer Expiry : Not RunningAbort Timer Expiry : Not RunningLast Succeded Time : NoneLast Failed Time : NoneLast Failed Reason : No failure recorded.Total Attempts : 0 Startup Failures : 0Successful Transfers : 0 Failed Transfers : 0Successful Reads : 0 Failed Reads : 0Successful Writes : 0 Failed Writes : 0Media Failures : 0This example shows how to view additional operating statistics:
Router# show ip dhcp snooping database detailAgent URL : tftp://10.1.1.1/directory/fileWrite delay Timer : 300 secondsAbort Timer : 300 secondsAgent Running : NoDelay Timer Expiry : 7 (00:00:07)Abort Timer Expiry : Not RunningLast Succeded Time : NoneLast Failed Time : 17:14:25 UTC Sat Jul 7 2001Last Failed Reason : Unable to access URL.Total Attempts : 21 Startup Failures : 0Successful Transfers : 0 Failed Transfers : 21Successful Reads : 0 Failed Reads : 0Successful Writes : 0 Failed Writes : 21Media Failures : 0First successful access: ReadLast ignored bindings counters :Binding Collisions : 0 Expired leases : 0Invalid interfaces : 0 Unsupported vlans : 0Parse failures : 0Last Ignored Time : NoneTotal ignored bindings counters:Binding Collisions : 0 Expired leases : 0Invalid interfaces : 0 Unsupported vlans : 0Parse failures : 0Related Commands
show ip dhcp vrf
To display the VPN routing and forwarding (VRF) instance information on the Cisco IOS Dynamic Host Configuration Protocol (DHCP) server, use the show ip dhcp vrf command in user EXEC or privileged EXEC mode.
show ip dhcp vrf vrf-name binding {ip-address | *}
Syntax Description
Command Modes
User EXEC (>)
Privileged EXEC (#)Command History
Usage Guidelines
This command is used to display VRF information on the Cisco IOS DHCP server. If an IP address is specified, VRF information for the specific client is displayed. If an asterisk (*) is specified, then VRF information for all the clients is displayed.
Examples
The following example shows the bindings associated with the VRF instance named red:
Router# show ip dhcp vrf red binding *Bindings from VRF pool red:IP address Client-ID/ Lease expiration TypeHardware address/User name192.0.2.0 0063.6973.636f.2d30. Mar 11 2007 04:36 AM Automatic3030.312e.3030.3131.2e30.3032.342d.4574.302f.30192.0.2.1 0063.6973.636f.2d30. Mar 11 2007 04:37 AM Automatic3032.322e.3030.3333.2e30.3034.342d.4574.302f.30The following example shows the bindings associated with a specific IP address in the VRF instance named red:
Router# show ip dhcp vrf red binding 192.0.2.2IP address Client-ID/ Lease expiration TypeHardware address/User name192.0.2.2 0063.6973.636f.2d30. Mar 11 2007 04:37 AM Automatic3032.322e.3030.3333.2e30.3034.342d.4574.302f.30Table 24 describes the significant fields shown in the displays.
Related Commands
clear ip dhcp binding
Deletes an automatic address binding from the Cisco IOS DHCP server database.
show ip dhcp binding
Displays address bindings on the Cisco IOS DHCP server.
show ip route dhcp
To display the routes added to the routing table by the Dynamic Host Configuration Protocol (DHCP) server and relay agent, use the show ip route dhcp command in privileged EXEC configuration mode.
show ip route [vrf vrf-name] dhcp [ip-address]
Syntax Description
vrf
(Optional) Specifies VPN routing and forwarding (VRF) instance.
vrf-name
(Optional) Name of the VRF.
ip-address
(Optional) Address about which routing information should be displayed.
Defaults
No default behavior or values
Command Modes
Privileged EXEC
Command History
Usage Guidelines
To display information about global routes, use the show ip route dhcp command. To display routes in the VRF routing table, use the show ip route vrf vrf-name dhcp command.
Examples
The following is sample output from the show ip route dhcp command when entered without an address. This command lists all routes added by the DHCP server and relay agent.
Router# show ip route dhcp10.5.5.56/32 is directly connected, ATM0.210.5.5.217/32 is directly connected, ATM0.2The following is sample output from the show ip route dhcp command when an address is specified. The output shows the details of the address with the server address (who assigned it) and the lease expiration time.
Router# show ip route dhcp 10.5.5.21710.5.5.217 is directly connected, ATM0.2DHCP Server: 10.9.9.10 Lease expires at Nov 08 2001 01:19 PMThe following is sample output from the show ip route vrf vrf-name dhcp command when entered without an address:
Router# show ip route vrf abc dhcp10.5.5.218/32 is directly connected, ATM0.2The following is sample output from the show ip route vrf vrf-name dhcp command when an address is specified. The output shows the details of the address with the server address (who assigned it) and the lease expiration time.
Router# show ip route vrf red dhcp 10.5.5.21810.5.5.218/32 is directly connected, ATM0.2DHCP Server: 10.9.9.10 Lease expires at Nov 08 2001 03:15PMRelated Commands
clear ip route dhcp
Removes routes from the routing table added by the DHCP server and relay agent for the DHCP clients on unnumbered interfaces.
snmp-server enable traps dhcp
To enable DHCP Simple Network Management Protocol (SNMP) trap notifications, use the snmp-server enable traps dhcp command in global configuration mode. To disable DHCP trap notifications, use the no form of this command.
snmp-server enable traps dhcp [duplicate] [interface] [pool] [subnet] [time]
no snmp-server enable traps dhcp [duplicate] [interface] [pool] [subnet] [time]
Syntax Description
Command Default
DHCP trap notifications are not sent.
Command Modes
Global configuration (config)
Command History
Usage Guidelines
If you do not specify any of the optional keywords, all DHCP trap notifications are enabled.
Examples
The following example shows how to send SNMP trap notifications to the SNMP manager when the secondary subnet utilization falls below or exceeds the configured threshold:
Router(config)# ip dhcp pool pool2Router(dhcp-config)# utilization mark high 80 logRouter(dhcp-config)# utilization mark low 70 logRouter(dhcp-config)# network 192.0.2.0 255.255.255.0Router(dhcp-config)# network 192.0.4.0 255.255.255.252 secondaryRouter(config-dhcp-subnet-secondary)# override utilization high 40Router(config-dhcp-subnet-secondary)# override utilization low 30!Router(config)# snmp-server enable traps dhcp subnetIn the following example, all DHCP trap notifications will be sent to the SNMP manager in response to DHCP server events:
!Router(config)# snmp-server enable traps dhcpsubnet prefix-length
To configure a subnet allocation pool and determine the size of subnets that are allocated from the pool, use the subnet prefix-length command in DHCP pool configuration mode. To unconfigure subnet pool allocation, use the no form of this command.
subnet prefix-length prefix-length
no subnet prefix-length prefix-length
Syntax Description
prefix-length
Configures the IP subnet prefix length in classless interdomain routing (CIDR) bit count notation. The range is from 1 to 31.
Defaults
No default behavior or values.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
This command is used to configure a Cisco IOS router as a subnet allocation server for a centralized or remote Virtual Private Network (VPN) on-demand address pool (ODAP) manager. This command is configured under a DHCP pool. The prefix-length argument is used to determine the size of the subnets that are allocated from the subnet allocation pool. The values that can be configured for the prefix-length argument follow CIDR bit count notation format.
Configuring Global Subnet Pools
Global subnet pools are created in a centralized network. The ODAP server allocates subnets from the subnet allocation server based on subnet availability. When the ODAP manager allocates a subnet, the subnet allocation server creates a subnet binding. This binding is stored in the DHCP database for as long as the ODAP server requires the address space. The binding is destroyed and the subnet is returned to the subnet pool only when the ODAP server releases the subnet as address space utilization decreases.
Configuring VPN Subnet Pools
A subnet allocation server can be configured to assign subnets from VPN subnet allocation pools for Multiprotocol Label Switching (MPLS) VPN clients. VPN routes between the ODAP manager and the subnet allocation server are configured based on VRF name or VPN ID configuration. The VRF and VPN ID are configured to maintain routing information that defines customer VPN sites. This customer site is attached to a provider edge (PE) router. A VRF consists of an IP routing table, a derived Cisco Express Forwarding (CEF) table, a set of interfaces that use the forwarding table, and a set of rules and routing protocol parameters that control the information that is included in the routing table.
Configuring VPN Subnet Pools for VPN clients with VPN IDs
A subnet allocation server can also be configured to assign subnets from VPN subnet allocation pools based on the VPN ID of a client. The VPN ID (or Organizational Unique Identifier [OUI]) is a unique identifier assigned by the IEEE. VPN routes between the ODAP manager and the subnet allocation server are enabled by configuring the DHCP pool with a VPN ID that matches the VPN ID that is configured for the VPN client.
Examples
Global Configuration Example
The following example configures a router to be a subnet allocation server and creates a global subnet allocation pool named GLOBAL-POOL from the 10.0.0.0 network. The configuration of the subnet prefix-length command in this example configures each subnet that is allocated from the subnet pool to support 254 host IP addresses.
ip dhcp pool GLOBAL-POOLnetwork 10.0.0.0 255.255.255.0subnet prefix-length 24VPN Configuration Example
The following example configures a router to be a subnet allocation server and creates a VPN routing and forwarding (VRF) subnet allocation pool named VRF-POOL from the 172.16.0.0 network and configures the VPN to match the VRF named pool1. The configuration of the subnet prefix-length command in this example configures each subnet that is allocated from the subnet pool to support 62 host IP addresses.
ip dhcp pool VRF-POOLvrf pool1network 172.16.0.0 /16subnet prefix-length 26VPN ID Configuration Example
The following example configures a router to be a subnet allocation server and creates a VRF subnet allocation pool named VPN-POOL from the 192.168.0.0 network and configures the VRF named abc. The VPN ID must match the unique identifier that is assigned to the client site. The route target and route distinguisher are configured in the as-number:network number format. The route target and route distinguisher must match. The configuration of the subnet prefix-length command in this example configures each subnet that is allocated from the subnet pool to support 30 host IP addresses.
ip vrf abcrd 100:1route-target both 100:1vpn id 1234:123456!ip dhcp pool VPN-POOLvrf abcnetwork 192.168.0.0 /24subnet prefix-length /27Related Commands
update arp
To secure dynamic Address Resolution Protocol (ARP) entries in the ARP table to their corresponding DHCP bindings, use the update arp command in DHCP pool configuration mode. To disable this command and change secure ARP entries to dynamic ARP entries, use the no form of this command.
update arp
no update arp
Syntax Description
This command has no keywords or arguments.
Defaults
No default behavior or values.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
The update arp DHCP pool configuration command is used to secure ARP table entries and their corresponding DHCP leases. However, existing active leases are not secured. These leases will remain insecure until they are renewed. When the lease is renewed, it is treated as a new lease and will be secured automatically. If this feature is disabled on the DHCP server, all existing secured ARP table entries will automatically change to dynamic ARP entries.
This command can be configured only under the following conditions:
•
•
The configuration of this command is not visible to the client. When this command is configured, secured ARP table entries that are created by a DHCP server cannot be removed from the ARP table by the clear arp-cache command. This is designed behavior. If a secure ARP entry created by the DHCP server must be removed, the clear ip dhcp binding command can be used. This command will clear the DHCP binding and secured ARP table entry.
Note
Examples
The following example configures the Cisco IOS DHCP server to secure ARP table entries to their corresponding DHCP leases within the DHCP pool named WIRELESS-POOL:
ip dhcp pool WIRELESS-POOLupdate arpRelated Commands
clear arp-cache
Deletes all dynamic entries from the ARP cache.
clear ip dhcp binding
Deletes an automatic address binding from the Cisco IOS DHCP Server database.
utilization mark high
To configure the high utilization mark of the current address pool size, use the utilization mark high command in DHCP pool configuration mode. To remove the high utilization mark, use the no form of this command.
utilization mark high percentage-number [log]
no utilization mark high percentage-number [log]
Syntax Description
percentage-number
Percentage of the current pool size.
log
(Optional) Enables the logging of a system message.
Defaults
The default high utilization mark is 100 percent of the current pool size.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
The current pool size is the sum of all addresses in all the subnets in the pool. If the utilization level exceeds the configured high utilization mark, the pool will schedule a subnet request.
This command can be used with both network and on-demand pools. However, in the case of a network pool, only the log option of this command can be used. In the case of an on-demand pool, the autogrow size option of the origin command must be configured.
In certain network deployments, it is important for the network administrator to receive asynchronous notification when the DHCP pools are nearly exhausted so that preventive action can be taken. One common method for such notification is the generation of a system message.
If you use the log option, a system message can be generated for a DHCP pool when the pool utilization exceeds the configured high utilization threshold. A system message can also be generated when the pool's utilization is detected to be below the configured low utilization threshold.
Examples
The following example sets the high utilization mark to 80 percent of the current pool size:
utilization mark high 80The following pool configuration using the log keyword option generates a system message:
! ip dhcp pool abcutilization mark high 30 logutilization mark low 25 lognetwork 10.1.1.0 255.255.255.248!The following system message is generated when the second IP address is allocated from the pool:
00:02:01: %DHCPD-6-HIGH_UTIL: Pool "abc" is in high utilization state (2 addresses used out of 6). Threshold set at 30%.The following system message is generated when one of the two allocated IP addresses is returned to the pool:
00:02:58: %DHCPD-6-LOW_UTIL: Pool "abc" is in low utilization state (1 addresses used out of 6). Threshold set at 25%.Related Commands
origin
Configures an address pool as an on-demand address pool.
utilization mark low
Configures the low utilization mark of the current address pool size.
utilization mark low
To configure the low utilization mark of the current address pool size, use the utilization mark low command in DHCP pool configuration mode. To remove the low utilization mark, use the no form of this command.
utilization mark low percentage-number
no utilization mark low percentage-number
Syntax Description
Defaults
The default low utilization mark is 0 percent of the current pool size.
Command Modes
DHCP pool configuration
Command History
Usage Guidelines
The current pool size is the sum of all addresses in all the subnets in the pool. If the utilization level drops below the configured low utilization mark, a subnet release is scheduled from the address pool.
This command can be used with both network and on-demand pools. However, in the case of a network pool, only the log option of this command can be used. In the case of an on-demand pool, the autogrow size option of the origin command must be configured.
In certain network deployments, it is important for the network administrator to receive asynchronous notification when the DHCP pools are nearly exhausted so that preventive action can be taken. One common method for such notification is the generation of a system message.
If you use the log option, a system message can be generated for a DHCP pool when the pool utilization exceeds the configured high utilization threshold. A system message can also be generated when the pool's utilization is detected to be below the configured low utilization threshold.
Examples
The following example sets the low utilization mark to 20 percent of the current pool size:
utilization mark low 20Related Commands
origin
Configures an address pool as an on-demand address pool.
utilization mark high
Configures the high utilization mark of the current address pool size.
vrf (DHCP pool)
To associate the on-demand address pool with a VPN routing and forwarding instance (VRF) name, use the vrf command in DHCP pool configuration mode. To remove the VRF name, use the no form of this command.
vrf name
no vrf name
Syntax Description
Defaults
No default behavior or values
Command Modes
DHCP pool configuration
Command History
12.2(8)T
This command was introduced.
12.2(33)SRC
This command was integrated into Cisco IOS Release 12.2(33)SRC.
Usage Guidelines
Associating a pool with a VRF allows overlapping addresses with other pools that are not on the same VRF. Only one pool can be associated with each VRF. If the pool is configured with the origin dhcp command or origin aaa command, the VRF information is sent in the subnet request. If the VRF is configured with an RFC 2685 VPN ID, the VPN ID will be sent instead of the VRF name.
Examples
The following example associates the on-demand address pool with a VRF named pool1:
ip dhcp pool pool1origin dhcp subnet size initial 24 autogrow 24utilization mark high 85utilization mark low 15vrf pool1Related Commands
