Configuration Example, Routing
Cisco DHCP server & VRF
I had some issues while configuring some VRF’s on a Cisco router and using that router as a DHCP server. First of all the router wasn’t binding any DHCP request. The DHCP server configuration is defined below.
ip dhcp pool guest
vrf vrf-guest
network 10.10.0.0 255.255.252.0
default-router 10.10.0.1
domain-name internet-only.nl
dns-server 208.67.222.222 208.67.220.222
The configuration of the DHCP server is very straightforward. Exception is the use of the VRF interface to bind the DHCP server to. With this configuration the DHCP server isn’t working, because no IP addresses are bind to clients.
The magic to get DHCP working is found in the command ip dhcp use vrf connected. More information about the command can be found here or here.
The second issue is about configuring some IP address exclusions for the configured pool. This can be done via the command ip dhcp excluded-address vrf <vrf-name> <first ip-address> <last ip-address> (info). Depending on the IOS version used, this command isn’t available in CLI. I had this issue with the CIsco 2811 I was using, so I tried to ip dhcp class command. I added the following to the configuration of the DHCP server.
ip dhcp class dhcp_class_unsecure
remark limit IP addresses
!
ip dhcp pool unsecure
vrf unsecure
network 172.16.252.0 255.255.252.0
default-router 172.16.252.1
domain-name internet-only.nl
dns-server 208.67.222.222 208.67.220.220
class dhcp_class_unsecure
address range 172.16.253.1 172.16.253.255
This isn’t exactly the same as configuring IP exclusions, because the ip dhcp class command is used to group clients on specific characteristics. Clients that match these characteristics are assigned an IP address from the specific class. In my situation the use of the ip dhcp class command fixed the problem.
René Jorissen
Latest posts by René Jorissen (see all)
- MacOS Big Sur and SSLKEYFILELOG - November 23, 2021
- ClearPass, Azure AD, SSO and Object ID - August 12, 2021
- ClearPass – custom MPSK - July 20, 2021
Hi,
Since you ever configure Citrix, I want to share my experience with Cisco Switch DHCP pool.
Yesterday I encounter 1 problem which KMS server can’t update win7 license.
I found out that because AD DNS have wrong client ip.
So in order for Switch DHCP to working correctly, it need to tell AD DNS to update client ip. In other word it need to support DDNS.
I haven’t found article on how to configure DDNS dhcp in Switch except router.
My switch is Catalyst 4507.
If you found please email me.
Greetings from Brunei
Thank you!!
I am trying to implement path isolation using vrf lite. Essentially i want to separate the student network and the corporate network in a mid sized campus environment. I have a dhcp server that is used for the student network. If i configure the vrf for student and do the routing using eigrp in a hub and spoke topology, will the dhcp server need to be a part of the vrf ?
Thanks
thx!