Users Guide
Option-82 is enabled by default.
If you disable Option-82 Globally or at a specific Interface, Option-82 sub-options such as option 1,2,5,11,151,152 are also
disabled.
If Global DHCP snooping is enabled after disabling Option-82 globally, an error message displays. Similarly, if you disable
Option-82 Globally after enabling Global DHCP snooping, an error message displays.
If you enable DHCP snooping at the Interface level, you cannot disable the VLAN interface level Option-82. Similarly, if you
disable Option-82 in the VLAN, you cannot enable DHCP snooping at the VLAN interface level.
DHCP relay agent options
When enabled on VLANs, DHCP Option-82 is inserted by the DHCP relay agent. When a network device, such as a DHCP client,
is connected to the VLAN on an untrusted interface sends a DHCP request, the relay agent inserts information about the client
network location into the packet header (the options field of the DHCP packet is Option-82 circuitid) of that request.
The relay agent then sends the request to the DHCP server. The DHCP server reads the Option-82 information in the packet
and uses it to determine the IP address or another parameter assignments for the client. After receiving the response from the
DHCP server, the relay agent strips the DHCP Option-82 and forwards it to the client.
Use Option-82 to uniquely identify the domain in which the DHCP client is connected. Option-82 carries two sub-options:
circuit-id and remote-id (for snooping-enabled VLANs).
● circuit-id: This sub option contains the VLAN and port information of the DHCP client. VLAN id and Port name are used for
this option. The circuit- id is added in the <VLANID>-<INTERFACE_NAME> format. For example: vlan100-eth1/1/1.
The DHCP relay packet is appended to the circuit id and the circuit id becomes the interface port number.
● remote-id: This sub option contains the system identification. System MAC address is used for this sub-option. For example:
00:04:89:76:62:78, for dhcp snooping.
Additionally, DHCPv4 Option-82 sub-options include:
● Server ID override suboption Sub-option 11(0xb)
● Link selection suboption- Sub-option 5(0x5)
● DHCPv4 virtual subnet selection option - Sub-option 151(0x97)
● DHCPv4 virtual subnet selection control - Sub-option 152(0x98)
● source-interface CLI for relay agents. The gateway address (giaddr) field carries the source interface address.
Server ID override suboption sub-option 11(0xb)
The server ID override suboption allows the DHCP relay agent to specify a new value for the server ID option, which is inserted
by the DHCP server in the reply packet. This suboption allows the DHCP relay agent to act as the proxy for the DHCP server so
that the renew requests comes to the relay agent rather than to the DHCP server directly.
The server ID override suboption carries the virtual anycast gateway IP (which is the IP address on the relay agent) that is
accessible from the client. The DHCP client uses this information to send all renew and release request packets to the relay
agent. The relay agent adds all of the appropriate suboptions and then forwards the renew and release request packets to the
original DHCP server.
If configured, the server identifier (ID) override suboption carries virtual anycast gateway IP. Otherwise, the option is not sent in
the DHCP request.
Link selection suboption- Sub-option 5(0x5)
The link selection suboption provides a mechanism to separate the subnet or link on which the DHCP client resides from the
gateway address (giaddr). Use this gateway address to communicate with the relay agent by the DHCP server. The relay
agent sets the suboption to the correct subscriber IP and the DHCP server uses that value to assign an IP address from that
subnet rather than the giaddr value.
NOTE:
The DHCP server allocates the IP address based on the link-selection suboption. If the link-selection is not present,
the giaddr option is used to allocate IP address.
The DHCPv4 relay agent must support link selection sub-option 5 based on the following order of precedence:
● If the IP address configured on interface, use the interface IP as the subnet IP for sub-option 5.
● If you configure the virtual anycast gateway IP address on interface, use the virtual anycast gateway IP as the subnet IP for
sub-option 5.
DHCP source-Interface
284
System management