R3166-R3206-HP High-End Firewalls Network Management Configuration Guide-6PW101
151
[Firewall] interface GigabitEthernet 0/1
[Firewall-GigabitEthernet0/1] dhcp select relay
# Correlate GigabitEthernet 0/1 to DHCP server group 1.
[Firewall-GigabitEthernet0/1] dhcp relay server-select 1
After the preceding configuration is complete, DHCP clients can obtain IP addresses and other network
parameters through the DHCP relay agent from the DHCP server. You can use the display dhcp relay
statistics command to view statistics of DHCP packets forwarded by DHCP relay agents. After you enable
address check of the DHCP relay agents with the dhcp relay address-check enable command, use the
display dhcp relay security command to view bindings of DHCP relay agents.
NOTE:
• Because the DHCP relay agent and server are on different subnets, you must configure a static route or
dynamic routing protocol to make them reachable to each other.
• DHCP server configuration is also required to guarantee the client-server communication via the DHCP
relay agent. For DHCP server configuration information, see the chapter “DHCP server configuration.”
DHCP relay agent Option 82 support configuration example
Network requirements
• As shown in Figure 76, enable Option 82 on the DHCP relay agent (Firewall).
• Configure the handling strategy for DHCP requests containing Option 82 as replace.
• Configure the padding content for the circuit ID sub-option as company001 and for the remote ID
sub-option as device001.
• Firewall forwards DHCP requests to the DHCP server (Router B) after replacing Option 82 in the
requests, so that the DHCP clients can obtain IP addresses.
Configuration procedure
# Specify IP addresses for the interfaces (omitted).
# Enable DHCP.
<Firewall> system-view
[Firewall] dhcp enable
# A d d D H C P s e r v e r 10 .1.1.1 i n t o D H C P s e r v e r g r o u p 1.
[Firewall] dhcp relay server-group 1 ip 10.1.1.1
# Enable the DHCP relay agent on GigabitEthernet 0/1.
[Firewall] interface GigabitEthernet 0/1
[Firewall-GigabitEthernet 0/1] dhcp select relay
# Correlate GigabitEthernet 0/1 to DHCP server group 1.
[Firewall-GigabitEthernet 0/1] dhcp relay server-select 1
# Enable the DHCP relay agent to support Option 82, and perform Option 82-related configurations.
[Firewall-GigabitEthernet 0/1] dhcp relay information enable
[Firewall-GigabitEthernet 0/1] dhcp relay information strategy replace
[Firewall-GigabitEthernet 0/1] dhcp relay information circuit-id string company001
[Firewall-GigabitEthernet 0/1] dhcp relay information remote-id string device001