Just a quick one today about setting up an SRX as a DHCP server.
First you need to define the DHCP parameters..
dhcp {
router {
192.168.1.1;
}
pool 192.168.1.0/24 {
address-range low 192.168.1.2 high 192.168.1.254;
default-lease-time 3600;
domain-name blogger.net.au;
name-server {
192.168.1.1;
}
}
}
Then you need to add DHCP as an allowed inbound service under the interface that will receive the request. The new section is added in bold.
zones {
security-zone trust {
host-inbound-traffic {
system-services {
telnet;
ssh;
ping;
}
protocols {
all;
}
}
interfaces {
vlan.0 {
host-inbound-traffic {
system-services {
dhcp;
}
}
}
}
}
Naturally the IP address of the interface in question (vlan.0) is in the same subnet as the pool. The DHCP assigned router is the actual interface of vlan.0
vlan {
unit 0 {
family inet {
address 192.168.1.1/24;
}
}
}
Finally, if as in this case, DHCP is the first thing your adding as an allowed service under the interface, you will lock yourself out of your device (inband) unless you duplicate the system services currently under the zone to be under the interface as well..
security-zone trust {
host-inbound-traffic {
system-services {
telnet;
ssh;
ping;
}
protocols {
all;
}
}
interfaces {
vlan.0 {
host-inbound-traffic {
system-services {
dhcp;
ssh;
telnet;
ping;
}
}
}
}
}
Here is the evidence that the DHCP is working..
root> show system services dhcp binding
IP address Hardware address Type Lease expires at
192.168.1.2 00:26:b9:b6:61:af dynamic 2012-02-14 12:57:28 UTC
root> show system services dhcp binding detail
IP address Hardware address Type Lease expires State
192.168.1.2 00:26:b9:b6:61:af dynamic 2012-02-14 12:57:28 UTC active
root> show system services dhcp statistics
Packets dropped:
Total 12
Messages received:
BOOTREQUEST 0
DHCPDECLINE 0
DHCPDISCOVER 6
DHCPINFORM 2
DHCPRELEASE 0
DHCPREQUEST 13
Messages sent:
BOOTREPLY 0
DHCPOFFER 6
DHCPACK 12
DHCPNAK 0
Model: srx210he
JUNOS Software Release [11.4R1.6]
No comments:
New comments are not allowed.