Downloads |
Table Of Contents
Configuring the Cisco IOS DHCP Client
Restrictions for Configuring the DHCP Client
Information About the DHCP Client
How to Configure the DHCP Client
Forcing a Release or Renewal of a DHCP Lease for a DHCP Client
Enabling FORCERENEW-Message Handling
Configuration Examples for the DHCP Client
Example: Configuring the DHCP Client
Example: Customizing the DHCP Client Configuration
Example: Configuring an ATM Point-to-Point Subinterface Using aal5snap Encapsulation
Example: Configuring an ATM Point-to-Point Subinterface Using aal5nlpid Encapsulation
Example: Configuring an ATM Point-to-Point Subinterface Using aal5mux PPP Encapsulation
Example: Releasing a DHCP Lease
Example: Renewing a DHCP Lease
Feature Information for the DHCP Client
Configuring the Cisco IOS DHCP Client
First Published: May 2, 2005Last Updated: March 25, 2011Cisco IOS DHCP client software provides the flexibility to include various configuration options for the DHCP client. A DHCP client is defined as an Internet host using DHCP to obtain configuration parameters such as an IP address. This module describes the concepts and tasks needed to configure the Cisco IOS DHCP client. It includes information on the Cisco DHCP FORCERENEW feature, which provides entity authentication and message authentication.
Finding Feature Information
Your software release may not support all the features documented in this module. For the latest feature information and caveats, see the release notes for your platform and software release. To find information about the features documented in this module, and to see a list of the releases in which each feature is supported, see the "Feature Information for the DHCP Client" section.
Use Cisco Feature Navigator to find information about platform support and Cisco software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Contents
•
Restrictions for Configuring the DHCP Client
•
•
•
•
Restrictions for Configuring the DHCP Client
The DHCP client can be configured on Ethernet interfaces and on PPP over ATM (PPPoA) and certain ATM interfaces. The DHCP client works with ATM point-to-point interfaces and will accept any encapsulation type. For ATM multipoint interfaces, the DHCP client is supported using only the aal5snap encapsulation type combined with Inverse Address Resolution Protocol (ARP). Inverse ARP, which builds an ATM map entry, is necessary to send unicast packets to the server (or relay agent) on the other end of the connection. Inverse ARP is supported only for the aal5snap encapsulation type.
For multipoint interfaces, an IP address can be acquired using other encapsulation types because broadcast packets are used. However, unicast packets to the other end will fail because there is no ATM map entry and thus DHCP renewals and releases also fail.
Information About the DHCP Client
•
DHCP Client Operation
DHCP provides a framework for passing configuration information to hosts on a TCP/IP network. A DHCP client is an Internet host that uses DHCP to obtain configuration parameters such as an IP address. Figure 1 shows the basic steps that occur when a DHCP client requests an IP address from a DHCP server. The client, Host A, sends a DHCPDISCOVER broadcast message to locate a DHCP server. A DHCP server offers configuration parameters (such as an IP address, a MAC address, a domain name, and a lease for the IP address) to the client in a DHCPOFFER unicast message.
Figure 1 DHCP Request for an IP Address from a DHCP Server
A DHCP client may receive offers from multiple DHCP servers and can accept any one of the offers; however, the client usually accepts the first offer it receives. Additionally, the offer from the DHCP server is not a guarantee that the IP address will be allocated to the client; however, the server usually reserves the address until the client has had a chance to formally request the address.
The client returns a formal request for the offered IP address to the DHCP server in a DHCPREQUEST broadcast message. The DHCP server confirms that the IP address has been allocated to the client by returning a DHCPACK unicast message to the client.
DHCP Client Overview
The configurable DHCP client functionality allows a DHCP client to use a user-specified client identifier, class identifier, or suggested lease time when requesting an address from a DHCP server.
Configuration parameters and other control information are carried in tagged data items that are stored in the options field of the DHCP message. The DHCP client provides flexibility by allowing the following options to be configured for a DHCP client:
•
•
•
•
•
•
•
•
Note
If the DHCP server returns both a classless static route option and a router option, the DHCP client ignores the router option.•
DHCP Client on WAN Interfaces
The DHCP client on WAN interfaces allows a DHCP client to acquire an IP address over PPPoA and certain ATM interfaces. By using DHCP rather than the IP Control Protocol (IPCP), a DHCP client can acquire other useful information such as Domain Name System (DNS) addresses, the DNS default domain name, and the default route.
The configuration of PPPoA and Classical IP and ARP over ATM already allows for a broadcast capability over the interface (using the broadcast keyword on the ATM interface). Most changes in this feature are directed at removing already existing restrictions on what types of interfaces are allowed to send out DHCP packets (previously, dialer interfaces have not been allowed). This feature also ensures that DHCP RELEASE messages are sent from the interface before a connection is allowed to be broken.
DHCP FORCERENEW
The Cisco DHCP FORCERENEW feature provides entity authentication and message authentication, in accordance with RFC 3118, by which DHCP clients and servers authenticate the identity of other DHCP entities and verify that the content of a DHCP message has not been changed during delivery through the network.
The message authentication mechanism allows servers to determine whether a request for DHCP information comes from a client that is authorized to use the network. It also allows clients to verify that a DHCP server can be trusted to provide a valid configuration.
The Cisco DHCP FORCERENEW feature requires authentication. All client-server exchanges must be authenticated; the ip dhcp client authentication mode and key chain commands must be configured.
When the client gets a FORCERENEW message, it does the following:
•
–
–
•
•
The client discards any multicast FORCERENEW message or message that fails authentication.
When the ip dhcp client authentication key-chain or ip dhcp client authentication mode command is configured, authentication is enabled for all the DHCP messages including FORCERENEW messages that are received through the interface. To configure DHCP authentication only for FORCERENEW messages, use the forcerenew keyword.
How to Configure the DHCP Client
This section contains the following tasks:
•
•
Configuring the DHCP Client
Perform this task to configure the DHCP client.
Cisco routers running Cisco IOS software include DHCP server and relay agent software, which are enabled by default. Your router can act as both the DHCP client and DHCP server. Use the ip address dhcp command to obtain IP address information for the configured interface.
Prerequisites
You must configure the ip dhcp client commands before entering the ip address dhcp command on an interface to ensure that the DHCPDISCOVER messages that are generated contain the correct option values. The ip dhcp client commands are checked only when an IP address is acquired from DHCP. If any of the ip dhcp client commands are entered after an IP address has been acquired from DHCP, it will not take effect until the next time the router acquires an IP address from DHCP. This means that the new configuration will take effect only after either the ip address dhcp command or the release dhcp and renew dhcp EXEC commands have been configured.
SUMMARY STEPS
1.
2.
3.
4.
5.
6.
7.
8.
9.
10.
DETAILED STEPS
Troubleshooting Tips
To verify the configuration, you can use the debug dhcp detail command to display the DHCP packets that were sent and received. To display the server side of the DHCP interaction, use the debug ip dhcp server packets command.
The following are troubleshooting tips for DHCP clients on WAN interfaces:
•
•
•
•
•
Forcing a Release or Renewal of a DHCP Lease for a DHCP Client
Perform this task to force a release or renewal of a DHCP lease for a DHCP client.
Forcing a release or renewal of a DHCP lease for a DHCP client provides the ability to perform two independent operations from the CLI in EXEC mode:
•
•
This functionality provides the following benefits:
•
•
•
The release dhcp command starts the process to immediately release a DHCP lease for the specified interface. After the lease is released, the interface address is removed. The release dhcp command does not remove the ip address dhcp command specified in the configuration file for the interface. During a write memory or show running configuration file action, or if the router is rebooted, the ip address dhcp command tries to acquire a DHCP address for the interface.
The original IP address for the interface must be assigned by the DHCP server. If the interface is not assigned an IP address by the DHCP server, the release dhcp command fails and displays the following error message:
Interface does not have a DHCP originated address
The renew dhcp command advances the DHCP lease timer to the next stage, at which point one of the following occurs:
•
•
If there is no response to the RENEW request, the interface remains in the RENEW state. In this case, the lease timer will advance to the REBIND state and subsequently send a REBIND request.
If a NAK response is sent in response to the RENEW request, the interface is deconfigured.
The original IP address for the interface must be assigned by the DHCP server. If the interface is not assigned an IP address by the DHCP server, the renew dhcp command fails and displays the following error message:
Interface does not have a DHCP originated address
Note
Prerequisites
The DHCP client must be assigned an IP address by the DHCP server.
Restrictions
If the DHCP client is not assigned an IP address by the DHCP server, the DHCP release and renew CLI commands will fail.
SUMMARY STEPS
1.
2.
3.
DETAILED STEPS
Enabling FORCERENEW-Message Handling
Perform this task to specify the type of authentication to be used in DHCP messages on the interface, specify the key chain to be used in authenticating a request, and enable FORCERENEW-message handling on the DHCP client when authentication is enabled.
Prerequisites
You must configure the same authentication mode and the same secret ID and secret value that were configured in the key chain command, on both the client and the server.
SUMMARY STEPS
1.
2.
1.
2.
3.
4.
5.
6.
7.
8.
DETAILED STEPS
Configuration Examples for the DHCP Client
This section provides the following configuration examples:
•
•
•
•
•
•
•
Example: Configuring the DHCP Client
Figure 2 shows a simple network diagram of a DHCP client on an Ethernet LAN. This configuration allows the DHCP client to acquire an IP address from the DHCP server through an Ethernet interface.
Figure 2 Topology Showing a DHCP Client with a Ethernet Interface
On the DHCP server, the configuration is as follows:
ip dhcp pool 1network 10.1.1.0 255.255.255.0lease 1 6On the DHCP client, the configuration is as follows on interface E2:
interface Ethernet2ip address dhcpExample: Customizing the DHCP Client Configuration
The following example shows how to customize the DHCP client configuration with various options on Ethernet interface 1:
interface Ethernet 1ip dhcp client client-id ascii my-test1ip dhcp client class-id my-class-idip dhcp client lease 0 1 0ip dhcp client hostname host1no ip dhcp client request tftp-server-addressip address dhcpExample: Configuring an ATM Primary Interface (Multipoint) Using aal5snap Encapsulation and Inverse ARP
In the following example, the protocol ip 255.255.255.255 broadcast configuration is needed because there must be an ATM map entry to recognize the broadcast flag on the permanent virtual circuit (PVC). You can use any ATM map entry. The protocol ip inarp configuration is needed so that the ATM Inverse ARP can operate on the interface such that the system can be pinged once an address is assigned by DHCP.
interface atm0ip address dhcppvc 1/100encapsulation aal5snapbroadcastprotocol ip 255.255.255.255 broadcastprotocol ip inarpExample: Configuring an ATM Point-to-Point Subinterface Using aal5snap Encapsulation
The following example shows an ATM point-to-point subinterface configuration using aal5snap encapsulation:
interface atm0.1 point-to-pointip address dhcppvc 1/100encapsulation aal5snapbroadcastExample: Configuring an ATM Point-to-Point Subinterface Using aal5nlpid Encapsulation
The following example shows an ATM point-to-point subinterface configuration using aal5nlpid encapsulation:
interface atm0.1 point-to-pointip address dhcppvc 1/100encapsulation aal5nlpidbroadcastExample: Configuring an ATM Point-to-Point Subinterface Using aal5mux PPP Encapsulation
The following example shows an ATM point-to-point subinterface configuration using aal5mux PPP encapsulation:
interface atm0.1 point-to-pointpvc 1/100encapsulation aal5mux ppp virtual-template1broadcast!interface virtual-template1ip address dhcpExample: Releasing a DHCP Lease
In the following example, a DHCP release is performed on an interface that was originally assigned an IP address by the DHCP server:
Router# release dhcp ethernet 3/1In the following example, an attempt is made to release the DHCP lease on an interface that was not originally assigned an IP address by the DHCP server:
Router# release dhcp ethernet 3/1Interface does not have a DHCP originated address
Example: Renewing a DHCP Lease
In the following example, the DHCP lease is renewed on an interface that was originally assigned an IP address by the DHCP server:
Router# renew dhcp ethernet 3/1In the following example, an attempt is made to renew the DHCP lease on an interface that was not originally assigned an IP address by the DHCP server:
Router# renew dhcp ethernet 3/1Interface does not have a DHCP originated address
In the following example, the renew dhcp command is executed without specifying the type and number arguments:
Router# renew dhcpIncomplete command.
Additional References
Related Documents
Cisco IOS commands
DHCP commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples.
DHCP conceptual information
"DHCP Overview" module
DHCP server configuration
DHCP server on-demand address pools
"Configuring the DHCP Server On-Demand Address Pool Manager" module
DHCP relay agent configuration
DHCP advanced features
"Configuring DHCP Services for Accounting and Security" module
DHCP enhancements for edge-session management
"Configuring DHCP Enhancements for Edge-Session Management" module
Standards
No new or modified standards are supported, and support for existing standards has not been modified.
—
MIBs
RFCs
Technical Assistance
Feature Information for the DHCP Client
Table 1 lists the features in this module and provides links to specific configuration information.
Use Cisco Feature Navigator to find information about platform support and software image support. Cisco Feature Navigator enables you to determine which software images support a specific software release, feature set, or platform. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Note
Table 1 Feature Information for the Cisco IOS DHCP Client
Cisco DHCP FORCERENEW
12.4(22)YB
15.0(1)MThis feature enhances security by providing entity authentication and message authentication.
The following commands were introduced or modified: ip dhcp client authentication key-chain, ip dhcp client authentication mode, ip dhcp-client forcerenew, ip dhcp client request
Configurable DHCP Client
12.2(28)SB
12.3(8)TThe Configurable DHCP Client feature provides the flexibility to include various configuration options for the DHCP client. A DHCP client is defined as an Internet host using DHCP to obtain configuration parameters such as an IP address.
The following section provides information about this feature:
The following commands were introduced: ip dhcp client class-id, ip dhcp client client-id, ip dhcp client hostname, ip dhcp client lease, ip dhcp client request
DHCP Client on WAN Interfaces
12.2(8)T
12.2(28)SBThe DHCP Client on WAN Interfaces feature extends the DHCP to allow a DHCP client to acquire an IP address over PPP over ATM (PPPoA) and certain ATM interfaces.
The following section provides information about this feature:
•
No commands were introduced or modified by this feature.
DHCP Release and Renew CLI in EXEC Mode
12.2(28)SB
12.2(33)SRC
12.3(4)TThis feature provides the ability to perform two independent operations from the CLI:
•
•
The following section provides information about this feature:
•
The following commands were introduced: release dhcp, renew dhcp
DHCP User Auth CLI for Forcerenew
15.1(4)M
This feature provides the flexibility to configure DHCP authentication only for FORCERENEW messages.
The following section provides information about this feature:
The following commands were introduced or modified:
ip dhcp client authentication key-chain, ip dhcp client authentication mode
Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)
Any Internet Protocol (IP) addresses and phone numbers used in this document are not intended to be actual addresses and phone numbers. Any examples, command display output, network topology diagrams, and other figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses or phone numbers in illustrative content is unintentional and coincidental.
© 2005-2011 Cisco Systems, Inc. All rights reserved.
