Use dhcp conflict-ip-address offline to enable the IP conflicting user offline feature. When the IP addresses assigned to new DHCP clients and the IP addresses of online DHCP client conflict, the conflicting IP addresses are released, and both the new and existing online users are offline.

Use undo dhcp conflict-ip-address offline to restore the default.

Syntax

dhcp conflict-ip-address offline

undo dhcp conflict-ip-address offline

Default

The IP conflicting user offline feature is disabled. When the IP address assigned to a new DHCP client conflicts with the IP address of an online DHCP client, the online DHCP client still stays online.

Views

System view

Predefined user roles

network-admin

Usage guidelines

With this feature enabled on the DHCP relay agent, the relay agent processes the conflicts as follows:

· If the IP address assigned to a new user by the authentication and authorization module conflicts with the DHCP relay entry of an online client, the relay agent performs the following operations:

a. Sends a DHCP-RELEASE packet to the DHCP server to release the conflicting IP address.

b. Informs the access module of the new user that this IP address is not available.

· If the IP address in the DHCP reply for a new user conflicts with the DHCP relay entry of an online client, the relay agent performs the following operations:

a. Sends a DHCP-RELEASE packet to the server to release the conflicting IP address.

b. Drops the DHCP reply.

This feature takes effect on the DHCP relay agent only after you enable the recording of relay entries on it.

Examples

# Enable the IP conflicting user offline feature.

<Sysname> system-view

[Sysname] dhcp conflict-ip-address offline

Related commands

dhcp relay client-information record

dhcp dscp

Use dhcp dscp to set the DSCP value for DHCP packets sent by the DHCP relay agent.

Use undo dhcp dscp to restore the default.

Syntax

dhcp dscp dscp-value

undo dhcp dscp

Default

The DSCP value is 56 in DHCP packets sent by the DHCP relay agent.

Views

System view

Predefined user roles

network-admin

Parameters

dscp-value: Specifies the DSCP value for DHCP packets, in the range of 0 to 63.

Usage guidelines

The DSCP value of a packet specifies the priority level of the packet and affects the transmission priority of the packet. A bigger DSCP value represents a higher priority.

Examples

# Set the DSCP value to 30 for DHCP packets sent by the DHCP relay agent.

<Sysname> system-view

[Sysname] dhcp dscp 30

dhcp enable

Use dhcp enable to enable DHCP.

Use undo dhcp enable to disable DHCP.

Syntax

dhcp enable

undo dhcp enable

Default

DHCP is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

DHCP related configuration takes effect only after you enable DHCP.

Enable DHCP before you configure the DHCP relay agent.

Examples

# Enable DHCP.

<Sysname> system-view

[Sysname] dhcp enable

dhcp select

Use dhcp select to enable the DHCP server or DHCP relay agent on an interface.

Use undo dhcp select to disable the DHCP server or DHCP relay agent on an interface. The interface will discard incoming DHCP packets.

Syntax

dhcp select { relay | server }

undo dhcp select { relay | server }

Default

The interface operates in the DHCP server mode and responds to DHCP requests with configuration parameters.

Views

Interface view

Predefined user roles

network-admin

Parameters

relay: Enables the DHCP relay agent on the interface.

server: Enables the DHCP server on the interface.

Usage guidelines

The authorized ARP entries might conflict with ARP entries that are created after the DHCP server changes to operate as a DHCP relay agent.

Examples

# Enable the DHCP relay agent on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp select relay

Related commands

dhcp relay always-unicast

dhcp server request-ip-address check

dhcp smart-relay enable

dhcp session-mismatch action

Use dhcp session-mismatch action to specify a DHCP request processing method for roaming DHCP clients.

Use undo dhcp session-mismatch action to restore the default.

Syntax

dhcp session-mismatch action { fast-renew | roam }

undo dhcp session-mismatch action

Default

The DHCP device discards DHCP address requests sent from roaming DHCP clients.

Views

Interface view

Predefined user roles

network-admin

Parameters

fast-renew: Releases existing leases for roaming clients and assigns new IP addresses to them.

roam: Assigns addresses to roaming clients based on their existing address leases and renews the leases.

Usage guidelines

When a DHCP client roams in a network, the client sends an offline request to the DHCP device (DHCP server or relay agent) before requesting a new address. If the DHCP device does not receive the offline request, it will discard the DHCP client's new address request because it determines that the request is an attack packet.

This feature allows the DHCP device to process address requests as follows upon receiving them from roaming DHCP clients:

· If the fast-renew keyword is specified:

¡ The DHCP relay agent informs the DHCP server to release existing address leases of roaming clients and forwards the requests to the DHCP server.

· If the roam keyword is specified:

¡ The DHCP relay agent forwards the address requests of the roaming clients to the DHCP server.

The roam keyword allows the clients to use the original IP addresses to access the network without another access authentication.

This feature might make online users go offline. Enable this feature for roaming DHCP clients only when no DHCP attacks exist in the network.

Examples

# On GigabitEthernet 1/0/12, configure the DHCP server to use the fast-renew method for roaming clients.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp session-mismatch action fast-renew

remote-server

Use remote-server to specify DHCP servers for an IP pool.

Use undo remote-server to remove DHCP servers from an IP pool.

Syntax

remote-server ip-address&<1-8> [ public | vpn-instance vpn-instance-name ]

undo remote-server [ ip-address&<1-8> ]

Default

No DHCP server is specified for an IP pool.

Views

IP pool view

Predefined user roles

network-admin

Parameters

ip-address&<1-8>: Specifies a space-separated list of up to eight DHCP server addresses.

public: Specifies the DHCP servers on the public network.

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the DHCP servers belong. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If the servers belong to the public network, do not specify this option.

Usage guidelines

In the IP pool on the ODAP client, you can use this command to specify ODAP servers. The ODAP client requests subnets from these ODAP servers.

If you execute this command multiple times, the most recent configuration takes effect.

If you do not specify any DHCP server address, the undo remote-server command removes all DHCP servers from the IP pool.

If neither the public keyword nor the vpn-instance vpn-instance-name option is specified, DHCP servers on the same network as the DHCP client are selected.

Examples

# Specify DHCP server 10.1.1.1 for IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] remote-server 10.1.1.1

DHCP server commands

address range

Use address range to configure an IP address range in an IP pool for dynamic allocation.

Use undo address range to restore the default.

Syntax

address range start-ip-address end-ip-address

undo address range

Default

No IP address range exists.

Views

IP pool view

Secondary network segment view

Predefined user roles

network-admin

mdc-admin

Parameters

start-ip-address: Specifies the start IP address.

end-ip-address: Specifies the end IP address.

Usage guidelines

If no IP address range is specified in IP pool view or secondary network segment view, the following addresses are assignable

· All IP addresses in the network segment specified by the network command.

· All IP addresses in the secondary network segment specified by the network secondary command.

If you specify an IP address range in IP pool view or secondary network segment view, only addresses in the specified address range are assignable.

The address range specified in IP pool view must be within the network segment specified by the network command.

The address range specified in the secondary network segment view must be within the secondary network segment specified by the network secondary command.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify an address range of 192.168.8.1 through 192.168.8.150 in IP pool 1.

<Sysname> system-view

[Sysname] ip pool 1

[Sysname-ip-pool-1] network 192.168.8.1 mask 255.255.255.0

[Sysname-ip-pool-1] address range 192.168.8.1 192.168.8.150

# Specify an address range of 192.168.8.1 through 192.168.8.150 for the secondary network segment in IP pool 1.

<Sysname> system-view

[Sysname] ip pool 1

[Sysname-ip-pool-1] network 192.168.8.1 secondary

[Sysname-ip-pool-1-secondary] address range 192.168.8.1 192.168.8.150

Related commands

class

dhcp class

display ip pool

network

allocate-new-ip enable

Use allocate-new-ip enable to enable random IP address allocation.

Use undo allocate-new-ip enable to disable random IP address allocation.

Syntax

allocate-new-ip enable

undo allocate-new-ip enable

Default

Random IP address allocation is disabled.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

By default, the DHCP server tries to allocate the same IP address as the previous allocation to the same user.

With this feature enabled, the DHCP server tries to allocate a new IP address to a user every time the user acquires an IP address. This feature is applicable to the scenarios where each user is identified by IP address. In such a network scenario, it is required that a user must obtain different IP addresses for each IP address acquisition.

Examples

# Enable random IP address allocation.

<Sysname> system-view

[Sysname] ip pool 1

[Sysname-ip-pool-1] allocate-new-ip enable

This command will enable the random address allocation mode. Enable it? [Y/N]:

binding

Use binding to bind an IP pool to a UP device.

Use undo binding to restore the default.

Syntax

binding { interface interface-type { interface-number | interface-number.subnumber } | up-address ip-address }

undo binding

Default

An IP pool is not bound to any UP devices.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

interface interface-type { interface-number | interface-number.subnumber }: Specifies a UP-side interface or subinterface. The interface-type argument specifies the interface type. The interface-number specifies the interface number, and the subnumber specifies the subinterface number in the range of 1 to 4094.

ip-address: Specifies the IP address of a UP device.

Usage guidelines

Execute this command on the CP device that uses an IP pool group to assign IP addresses to UP-side users on a control-/user-plane separated (CUPS) network.

Choose the binding method as follows:

· To assign IP addresses in an IP pool to users that are connected to one UP device, you can bind the IP pool to the IP address of the UP device.

· To assign IP addresses in an IP pool to users that are connected to one interface or subinterface of a UP device, bind the IP pool to the UP-side interface or subinterface.

If you bind a common IP pool, IP addresses in this IP pool are assigned to requesting users directly. If you bind a remote BAS IP pool, the CP device sends the user DHCP requests to DHCP servers that are specified in the remote BAS IP pool.

You can bind multiple IP pools to one UP device, or UP-side interface or subinterface.

When you bind an IP pool to a UP device, make sure you specify the correct UP-side interface or subinterface, or UP address. You cannot modify the binding after the IP pool dynamically assigns IP addresses.

Examples

# Bind IP pool pool1 to UP address 1.1.1.2.

<Sysname> system-view

[Sysname] ip pool pool1

[Sysname-ip-pool-pool1] binding up-address 1.1.1.2

# Bind IP pool pool1 to UP-side interface Remote-GE 1024/1/0/1.

<Sysname> system-view

[Sysname] ip pool pool1

[Sysname-ip-pool-pool1] binding interface remote-ge 1024/1/0/1

Related commands

ip pool-group

bims-server

Use bims-server to specify the IP address, port number, and shared key of the BIMS server in an IP pool.

Use undo bims-server to restore the default.

Syntax

bims-server ip ip-address [ port port-number ] sharekey { cipher | simple } string

undo bims-server

Default

No BIMS server information is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip ip-address: Specifies the IP address of the BIMS server.

port port-number: Specifies the port number of the BIMS server, in the range of 1 to 65534.

cipher: Specifies a key in encrypted form.

simple: Specifies a key in plaintext form. For security purposes, the key specified in plaintext form will be stored in encrypted form.

string: Specifies the key string. Its plaintext form is a case-sensitive string of 1 to 16 characters. Its encrypted form is a case-sensitive string of 1 to 53 characters. The DHCP client uses the shared key to encrypt packets sent to the BIMS server.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify BIMS server IP address 1.1.1.1, port number 80, and shared key aabbcc in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] bims-server ip 1.1.1.1 port 80 sharekey simple aabbcc

Related commands

display ip pool

bootfile-name

Use bootfile-name to specify a configuration file name or URL.

Use undo bootfile-name to restore the default.

Syntax

bootfile-name { bootfile-name | url }

undo bootfile-name

Default

No configuration file name or URL is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

bootfile-name: Specifies the configuration file name, a case-sensitive string of 1 to 63 characters.

url: Specifies the HTTP URL of the configuration file. It is a case-sensitive string of 1 to 63 characters.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

To specify a configuration file on a TFTP server, use the bootfile-name argument.

To specify a configuration file on an HTTP server, use the url argument.

Examples

# Specify configuration file name boot.cfg in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] bootfile-name boot.cfg

# Specify configuration file URL http://10.1.1.1/boot.cfg in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] bootfile-name http://10.1.1.1/boot.cfg

Related commands

display ip pool

next-server

tftp-server domain-name

tftp-server ip-address

class ip-pool

Use class ip-pool to specify an IP pool for a DHCP user class.

Use undo class ip-pool to remove the IP pool specified for a DHCP user class.

Syntax

class class-name ip-pool pool-name

undo class class-name ip-pool

Default

No IP pool is specified for a DHCP user class.

Views

DHCP policy view

Predefined user roles

network-admin

mdc-admin

Parameters

class-name: Specifies a DHCP user class by its name, a case-insensitive string of 1 to 63 characters.

pool-name: Specifies an IP pool by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

You can specify only one IP pool for a DHCP user class in a DHCP policy. If you execute this command multiple times for a user class, the most recent configuration takes effect.

Examples

# Specify IP pool pool1 for DHCP user class test in DHCP policy 1.

<Sysname> system-view

[Sysname] dhcp policy 1

[Sysname-dhcp-policy-1] class test ip-pool pool1

Related commands

default ip-pool

dhcp policy

ip pool

class option-group

Use class option-group to specify a DHCP option group for a DHCP user class.

Use undo class option-group to remove the configuration.

Syntax

class class-name option-group option-group-number

undo class class-name option-group

Default

No DHCP option group is specified for a DHCP user class.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

class-name: Specifies a DHCP user class by its name, a case-insensitive string of 1 to 63 characters.

option-group-number: Specifies a DHCP option group by its number in the range of 1 to 32768.

Usage guidelines

When receiving a DHCP-DISCOVER message, the server compares the client against the user classes in the order that they are specified by this command. If a match is found, the server assigns the client the DHCP options in the option group. If multiple matches are found, the server selects option groups by using the following methods:

· If the option groups have options in common, the server selects the option group specified for the first matching user class.

· If the option groups have different options, the server selects all the matching option groups.

You can specify only one option group for a DHCP user class in an IP pool. If you execute this command multiple times for a user class, the most recent configuration takes effect.

Examples

# Specify DHCP option group 1 for user class user in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] class user option-group 1

Related commands

dhcp option-group

class range

Use class range to specify an IP address range for a DHCP user class.

Use undo class range to remove the IP address range for the DHCP user class.

Syntax

class class-name range start-ip-address end-ip-address

undo class class-name range

Default

No IP address range is specified for a DHCP user class.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

class-name: Specifies a DHCP user class name, a case-insensitive string of 1 to 63 characters. If the specified user class does not exist, the DHCP server will not assign the addresses in the address range specified for the user class to any clients.

start-ip-address: Specifies the start IP address.

end-ip-address: Specifies the end IP address.

Usage guidelines

The class range command allows you to divide an address range into multiple address ranges for different DHCP user classes. The address range for a user class must be within the primary network segment specified by the network command. If the DHCP client does not match any DHCP user class, the DHCP server selects an address in the IP address range specified by the address range command. If the address range has no assignable IP addresses or no address range is configured, the address allocation fails.

After you specify an address range for a user class, you cannot use the network secondary command to specify a secondary network segment in the IP pool.

You can specify only one address range for a DHCP user class in an IP pool. If you execute this command multiple times for a DHCP user class, the most recent configuration takes effect.

Examples

# Specify an IP address range of 192.168.8.1 through 192.168.8.150 for DHCP user class user in IP pool 1.

<Sysname> system-view

[Sysname] ip pool 1

[Sysname-ip-pool-1] class user range 192.168.8.1 192.168.8.150

Related commands

address range

dhcp class

display ip pool

default ip-pool

Use default ip-pool to specify the default IP pool.

Use undo default ip-pool to restore the default.

Syntax

default ip-pool pool-name

undo default ip-pool

Default

No default IP pool is specified.

Views

DHCP policy view

Predefined user roles

network-admin

mdc-admin

Parameters

pool-name: Specifies an IP pool by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

In a DHCP policy, the DHCP server uses the default IP pool to assign IP addresses and other parameters to clients that do not match any user classes. If no default IP pool is specified or the default IP pool does not have assignable IP addresses, the address assignment fails.

You can specify only one default IP pool in a DHCP policy. If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify IP pool pool1 as the default IP pool in DHCP policy 1.

<Sysname> system-view

[Sysname] dhcp policy 1

[Sysname-dhcp-policy-1] default ip-pool pool1

Related commands

class ip-pool

dhcp policy

dhcp apply-policy

Use dhcp apply-policy to apply a DHCP policy to an interface.

Use undo dhcp apply-policy to restore the default.

Syntax

dhcp apply-policy policy-name

undo dhcp apply-policy

Default

No DHCP policy is applied to an interface.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

policy-name: Specifies a DHCP policy by its name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

You can apply only one DHCP policy to an interface. If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Apply DHCP policy test to GigabitEthernet 1/0/1. (Applicable to routers.)

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] dhcp apply-policy test

# Apply DHCP policy test to VLAN-interface 10. (Applicable to switches.)

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] dhcp apply-policy test

Related commands

dhcp policy

dhcp authorized-ip-conflict ignore

Use dhcp authorized-ip-conflict ignore to ignore authorized IP address conflicts.

Use undo dhcp authorized-ip-conflict ignore to restore the default.

Syntax

dhcp authorized-ip-conflict ignore

undo dhcp authorized-ip-conflict ignore

Default

Authorized IP address conflicts are not ignored. After DHCP is enabled on the DHCP server, the server performs conflict detection for authorized IP addresses.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

An AAA server might authorize a new user an IP address the same as the IP address of an online user. The DHCP server can detect this conflict and inform the access module that this IP address is not available. As a result, the new user cannot come online.

In some networks, a user might come online and go offline frequently, and the AAA server might authorize the user the same IP address each time the user comes online. To ensure that the user can obtain the IP address and come online successfully, configure the DHCP server to ignore authorized IP address conflicts. For more information about AAA, see Security Configuration Guide.

This feature is applicable only to PPPoE access networks. For more information about PPPoE, see Layer 2—WAN Access Configuration Guide.

Examples

# Ignore authorized IP address conflicts.

<Sysname> system-view

[Sysname] dhcp authorized-ip-conflict ignore

dhcp class

Use dhcp class to create a DHCP user class and enter its view, or enter the view of an existing DHCP user class.

Use undo dhcp class to delete the specified DHCP user class.

Syntax

dhcp class class-name

undo dhcp class class-name

Default

No DHCP user classes exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

class-name: Specifies the name of a DHCP user class, a case-insensitive string of 1 to 63 characters.

Usage guidelines

In the DHCP user class view, you can use the if-match command to configure match rules to group clients to the user class.

Examples

# Create DHCP user class test and enter DHCP user class view.

<Sysname> system-view

[Sysname] dhcp class test

[Sysname-dhcp-class-test]

Related commands

address range

class ip-pool

class option-group

class range

dhcp policy

if-match

dhcp option-group

Use dhcp option-group to create a DHCP option group and enter its view, or enter the view of an existing DHCP option group.

Use undo dhcp option-group to delete a DHCP option group.

Syntax

dhcp option-group option-group-number

undo dhcp option-group option-group-number

Default

No DHCP option groups exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

option-group-number: Assigns a number to the DHCP option group, in the range of 1 to 32768.

Examples

# Create DHCP option group 1 and enter DHCP option group view.

<Sysname> system-view

[Sysname] dhcp option-group 1

[Sysname-dhcp-option-group-1]

Related commands

class option-group

option

dhcp policy

Use dhcp policy to create a DHCP policy and enter its view, or enter the view of an existing DHCP policy.

Use undo dhcp policy to delete a DHCP policy.

Syntax

dhcp policy policy-name

undo dhcp policy policy-name

Default

No DHCP policies exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

policy-name: Assigns a name to the DHCP policy. The policy name is a case-insensitive string of 1 to 63 characters.

Usage guidelines

In DHCP policy view, you can specify IP pools for different user classes. Clients matching a user class will obtain IP addresses and other parameters from the specified IP pool.

For a DHCP policy to take effect, you must apply it to an interface.

Examples

# Create DHCP policy test and enter its view.

<Sysname> system-view

[Sysname] dhcp policy test

[Sysname-dhcp-policy-test]

Related commands

class ip-pool

default ip-pool

dhcp apply-policy

dhcp class

dhcp server allocated-ip threshold

Use dhcp server allocated-ip threshold to set the IP address allocation success rate threshold. The success rate is the rate of successfully allocated IP addresses to received DHCP requests within 5 minutes.

Use undo dhcp server allocated-ip threshold to restore the default.

Syntax

dhcp server allocated-ip threshold threshold-value

undo dhcp server allocated-ip threshold

Default

No SNMP notification is sent for an IP address allocation success rate threshold violation.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

threshold-value: Specifies the success rate threshold in percentage in the range of 1 to 100.

Usage guidelines

If the IP address allocation success rate is lower than the threshold, the DHCP module sends an SNMP notification to report the event.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the IP address allocation success rate threshold to 85%.

<Sysname> system-view

[Sysname] dhcp server allocated-ip threshold 85

Related commands

snmp-agent trap enable dhcp server

dhcp server always-broadcast

Use dhcp server always-broadcast to enable the DHCP server to always broadcast responses.

Use undo dhcp server always-broadcast to restore the default.

Syntax

dhcp server always-broadcast

undo dhcp server always-broadcast

Default

The DHCP server reads the broadcast flag in a DHCP request to decide whether to broadcast or unicast the response.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command enables the DHCP server to ignore the broadcast flag in DHCP requests and always broadcast all responses.

The DHCP server always unicasts a response in the following situations, regardless of whether this command is executed:

· The DHCP request is from a DHCP client that has an IP address (the ciaddr field is not 0).

· The DHCP request is forwarded by a DHCP relay agent from a DHCP client (the giaddr field is not 0).

Examples

# Enable the DHCP server to always broadcast all responses.

<Sysname> system-view

[Sysname] dhcp server always-broadcast

dhcp server apply ip-pool

Use dhcp server apply ip-pool to apply an IP pool to an interface.

Use undo dhcp server apply ip-pool to restore the default.

Syntax

dhcp server apply ip-pool pool-name

undo dhcp server apply ip-pool

Default

No IP pool is applied to an interface

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Parameters

pool-name: Specifies the name of an IP pool, a case-insensitive string of 1 to 63 characters.

Usage guidelines

Upon receiving a DHCP request from the interface, the DHCP server searches for a static binding for the client from all IP pools. If no static binding is found, the server assigns configuration parameters from the IP pool applied on the interface to the client. If the IP pool has no assignable IP address or does not exist, the DHCP client cannot obtain an IP address.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Apply IP pool 0 to GigabitEthernet 1/0/1. (Applicable to routers.)

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] dhcp server apply ip-pool 0

# Apply IP pool 0 to VLAN-interface 2. (Applicable to switches.)

<Sysname> system-view

[Sysname] interface vlan-interface 2

[Sysname-Vlan-interface2] dhcp server apply ip-pool 0

Related commands

ip pool

dhcp server bootp ignore

Use dhcp server bootp ignore to configure the DHCP server to ignore BOOTP requests.

Use undo dhcp server bootp ignore to restore the default.

Syntax

dhcp server bootp ignore

undo dhcp server bootp ignore

Default

The DHCP server does not ignore BOOTP requests.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

The lease duration of IP addresses obtained by BOOTP clients is unlimited. For scenarios that do not allow unlimited leases, you can configure the DHCP server to ignore BOOTP requests.

Examples

# Configure the DHCP server to ignore BOOTP requests.

<Sysname> system-view

[Sysname] dhcp server bootp ignore

dhcp server bootp reply-rfc-1048

Use dhcp server bootp reply-rfc-1048 to enable the sending of BOOTP responses in RFC 1048 format.

Use undo dhcp server bootp reply-rfc-1048 to disable this feature.

Syntax

dhcp server bootp reply-rfc-1048

undo dhcp server bootp reply-rfc-1048

Default

This feature is disabled. The DHCP server does not process the Vend field of RFC 1048-incompliant requests but copies the Vend field into responses.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Not all BOOTP clients can send requests compliant with RFC 1048. This command enables the DHCP server to fill the Vend field in RFC 1048-compliant format in DHCP responses to RFC 1048-incompliant requests sent by BOOTP clients.

Examples

# Enable the sending of BOOTP responses in RFC 1048 format on the DHCP server.

<Sysname> system-view

[Sysname] dhcp server bootp reply-rfc-1048

dhcp server check mac-address

Use dhcp server check mac-address to enable MAC address check on the DHCP server.

Use undo dhcp server check mac-address to disable MAC address check on the DHCP server.

Syntax

dhcp server check mac-address

undo dhcp server check mac-address

Default

MAC address check is disabled on the DHCP server.

Views

Interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This feature enables the DHCP server to compare the chaddr field of a received DHCP request with the source MAC address in the frame header. If they are the same, the DHCP server verifies the packet legal and continues processing the packet. If they are not the same, the DHCP server discards the request.

Examples

# Enable MAC address check on the DHCP server. (Applicable to routers.)

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] dhcp server check mac-address

# Enable MAC address check on the DHCP server. (Applicable to switches.)

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] dhcp server check mac-address

dhcp server database filename

Use dhcp server database filename to configure the DHCP server to back up the DHCP bindings to a file.

Use undo dhcp server database filename to restore the default.

Syntax

dhcp server database filename { filename | url url [ username username [ password { cipher | simple } string ] ] }

undo dhcp server database filename

Default

The DHCP server does not back up the DHCP bindings.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

filename: Specifies the name of a local backup file. For information about the filename argument, see Fundamentals Configuration Guide.

url url: Specifies the URL of a remote backup file, a case-sensitive string of 1 to 255 characters. Do not include a username or password in the URL.

username username: Specifies the username for accessing the URL of the remote backup file, a case-sensitive string of 1 to 32 characters. Do not specify this option if a username is not required for accessing the URL of the remote backup file.

cipher: Specifies a password in encrypted form.

simple: Specifies a password in plaintext form. For security purposes, the password specified in plaintext form will be stored in encrypted form.

string: Specifies the password. Its plaintext form is a case-sensitive string of 1 to 32 characters. Its encrypted form is a case-sensitive string of 1 to 73 characters. Do not specify this argument if a password is not required for accessing the URL of the remote backup file.

Usage guidelines

The command automatically creates the file if you specify a nonexistent file.

With this command executed, the DHCP server backs up its bindings immediately and runs auto backup. The server, by default, waits 300 seconds after a binding change to update the backup file. You can use the dhcp server database update interval command to change the waiting time. If no DHCP binding changes, the backup file is not updated.

As a best practice, back up the bindings to a remote file. If you use the local storage medium, the frequent erasing and writing might damage the medium and then cause the DHCP server to malfunction.

When the backup file is on a remote device, follow these restrictions and guidelines to specify the URL, username, and password:

· If the file is on an FTP server, enter URL in the following format: ftp://server address:port/file path, where the port number is optional.

· If the file is on a TFTP server, enter URL in the following format: tftp://server address:port/file path, where the port number is optional.

· The username and password must be the same as those configured on the FTP server. If the server authenticates only the username, the password can be omitted.

· If the IP address of the server is an IPv6 address, enclose the address in a pair of brackets, for example, ftp://[1::1]/database.dhcp.

· You can also specify the DNS domain name for the server address field, for example, ftp://company/database.dhcp.

Examples

# Configure the DHCP server to back up its bindings to file database.dhcp.

<Sysname> system-view

[Sysname] dhcp server database filename database.dhcp

# Configure the DHCP server to back up its bindings to file database.dhcp in the working directory of the FTP server at 10.1.1.1.

<Sysname> system-view

[Sysname] dhcp server database filename url ftp://10.1.1.1/database.dhcp username 1 password simple 1

Related commands

dhcp server database update interval

dhcp server database update now

dhcp server database update stop

dhcp server database update interval

Use dhcp server database update interval to set the waiting time for the DHCP server to update the backup file after a DHCP binding change.

Use undo dhcp server database update interval to restore the default.

Syntax

dhcp server database update interval interval

undo dhcp server database update interval

Default

The DHCP server waits 300 seconds to update the backup file after a DHCP binding change. If no DHCP binding changes, the backup file is not updated.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

interval: Specifies the waiting time in the range of 60 to 864000 seconds.

Usage guidelines

When a DHCP binding is created, updated, or removed, the waiting period starts. The DHCP server updates the backup file when the waiting period is reached. All bindings changed during the period will be saved to the backup file.

The waiting time takes effect only after you configure the DHCP binding auto backup by using the dhcp server database filename command.

Examples

# Set the waiting time to 10 minutes for the DHCP server to update the backup file.

<Sysname> system-view

[Sysname] dhcp server database update interval 600

Related commands

dhcp server database filename

dhcp server database update now

dhcp server database update stop

dhcp server database update now

Use dhcp server database update now to manually save the DHCP bindings to the backup file.

Syntax

dhcp server database update now

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Each time this command is executed, the DHCP bindings are saved to the backup file.

For this command to take effect, you must configure the DHCP auto backup by using the dhcp server database filename command.

Examples

# Manually save the DHCP bindings to the backup file.

<Sysname> system-view

[Sysname] dhcp server database update now

Related commands

dhcp server database filename

dhcp server database update interval

dhcp server database update stop

Use dhcp server database update stop to terminate the download of DHCP bindings from the backup file.

Syntax

dhcp server database update stop

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

The DHCP server does not provide services during the binding download process. If the connection disconnects during the process, the waiting timeout timer is 60 minutes. When the timer expires, the DHCP server stops waiting and starts providing address allocation services.

To enable the DHCP server to provide services without waiting for the connection to be repaired, use this command to terminate the download immediately. The IP addresses associated with the undownloaded bindings will be assigned to clients. Address conflicts might occur.

Examples

# Terminate the download of the backup DHCP bindings.

<Sysname> system-view

[Sysname] dhcp server database update stop

Related commands

dhcp server database filename

dhcp server database update interval

dhcp server database update now

dhcp server forbidden-ip

Use dhcp server forbidden-ip to exclude IP addresses from dynamic allocation globally.

Use undo dhcp server forbidden-ip to remove the configuration.

Syntax

dhcp server forbidden-ip start-ip-address [ end-ip-address ] [ vpn-instance vpn-instance-name ]

undo dhcp server forbidden-ip start-ip-address [ end-ip-address ] [ vpn-instance vpn-instance-name ]

Default

No IP addresses are excluded from dynamic allocation globally.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

start-ip-address: Specifies the start IP address.

end-ip-address: Specifies the end IP address, which cannot be lower than the start-ip-address. If you do not specify this argument, only the start-ip-address is excluded from dynamic allocation.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If the excluded IP addresses belong to the public network, do not specify this option.

Usage guidelines

The IP addresses of some devices such as the gateway and FTP server cannot be assigned to clients. Use this command to exclude such addresses from dynamic allocation.

If the excluded IP address is in a static DHCP binding, the address can still be assigned to the client.

The address or address range specified in the undo dhcp server forbidden-ip command must be the same as that specified in the dhcp server forbidden-ip command. To remove an IP address from the specified address range, you must remove the entire address range.

You can execute this command multiple times to exclude multiple IP address ranges from dynamic allocation.

Examples

# Exclude the IP addresses of 10.110.1.1 through 10.110.1.63 from dynamic allocation globally.

<Sysname> system-view

[Sysname] dhcp server forbidden-ip 10.110.1.1 10.110.1.63

Related commands

forbidden-ip

static-bind

dhcp server multi-ip per-mac enable

Use dhcp server multi-ip per-mac enable to enable allocation of different IP addresses to DHCP clients with the same MAC address.

Use undo dhcp server multi-ip per-mac enable to disable allocation of different IP addresses to DHCP clients with the same MAC address.

Syntax

dhcp server multi-ip per-mac enable

undo dhcp server multi-ip per-mac enable

Default

This feature is disabled.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

If the DHCP server has assigned IP addresses to DHCP clients, you cannot enable or disable this feature. If you do so, the system displays an error message.

Examples

# Enable allocation of different IP addresses to DHCP clients with the same MAC address.

<Sysname> system-view

[Sysname] dhcp server multi-ip per-mac enable

dhcp server ping packets

Use dhcp server ping packets to set the maximum number of ping packets.

Use undo dhcp server ping packets to restore the default.

Syntax

dhcp server ping packets number

undo dhcp server ping packets

Default

The maximum number of ping packets is 1.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

number: Sets the maximum number of ping packets, in the range of 0 to 10. To disable the address conflict detection, set the value to 0.

Usage guidelines

To avoid IP address conflicts, the DHCP server pings an IP address before assigning it to a DHCP client.

If a ping attempt succeeds, the server determines that the IP address is in use and picks a new IP address. If all the ping attempts fail, the server assigns the IP address to the requesting DHCP client.

Examples

# Set the maximum number of ping packets to 10.

<Sysname> system-view

[Sysname] dhcp server ping packets 10

Related commands

dhcp server ping timeout

display dhcp server conflict

reset dhcp server conflict

dhcp server ping timeout

Use dhcp server ping timeout to set the ping response timeout time on the DHCP server.

Use undo dhcp server ping timeout to restore the default.

Syntax

dhcp server ping timeout milliseconds

undo dhcp server ping timeout

Default

The ping response timeout time is 500 milliseconds.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

milliseconds: Specifies the timeout time in the range of 0 to 10000 milliseconds. To disable the ping operation for address conflict detection, set the value to 0 milliseconds.

Usage guidelines

To avoid IP address conflicts, the DHCP server pings an IP address before assigning it to a DHCP client.

Examples

# Set the response timeout time to 1000 milliseconds.

<Sysname> system-view

[Sysname] dhcp server ping timeout 1000

Related commands

dhcp server ping packets

display dhcp server conflict

reset dhcp server conflict

dhcp server policy-first enable

Use dhcp server policy-first enable to enable policy-first IP pool selection for IPoE users.

Use undo dhcp server policy-first enable to restore the default.

Syntax

dhcp server policy-first enable

undo dhcp server policy-first enable

Default

The device uses the AAA authorized IP pool for IPoE users.

Views

Layer 3 Ethernet interface

Layer 3 Ethernet subinterface view

Layer 3 aggregate interface

Layer 3 aggregate subinterface view

Layer 3 RPR logical interface view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This feature enables the DHCP server to preferentially select the IP pool specified for the DHCP policy for IPoE users.

You must determine the IP pool selection method before IPoE users come online. If you modify the IP pool selection method after IPoE users come online, IPoE users that have obtained addresses cannot correctly extend the lease duration. When an address lease expires, the IPoE user goes offline, and the IPoE session is deleted.

Example

# Enable policy-first IP pool selection for IPoE users on GigabitEthernet 1/0/1. (Applicable to routers.)

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] dhcp server policy-first enable

# Enable policy-first IP pool selection for IPoE users on VLAN-interface 10. (Applicable to switches.)

<Sysname> system-view

[Sysname] interface vlan-interface 10

[Sysname-Vlan-interface10] dhcp server policy-first enable

Related commands

authorization-attribute (Security Command Reference)

dhcp server relay information enable

Use dhcp server relay information enable to enable the DHCP server to handle Option 82.

Use undo dhcp server relay information enable to configure the DHCP server to ignore Option 82.

Syntax

dhcp server relay information enable

undo dhcp server relay information enable

Default

The DHCP server handles Option 82.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Upon receiving a DHCP request that contains Option 82, the server copies the original Option 82 into the response. If the server is configured to ignore Option 82, the response will not contain Option 82.

Examples

# Configure the DHCP server to ignore Option 82.

<Sysname> system-view

[Sysname] undo dhcp server relay information enable

dhcp server reply-exclude-option60

Use dhcp server reply-exclude-option60 to disable the DHCP server from encapsulating Option 60 in DHCP replies.

Use undo dhcp server reply-exclude-option60 to restore the default.

Syntax

dhcp server reply-exclude-option60

undo dhcp server reply-exclude-option60

Default

The DHCP server can encapsulate Option 60 in DHCP replies.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

If you do not disable the capability, the DHCP server encapsulates Option 60 in a DHCP reply in the following situations:

· The received DHCP packet contains Option 60.

· Option 60 is configured for the IP pool.

If you disable the capability, the DHCP server does not encapsulate Option 60 in DHCP replies.

Examples

# Disable the DHCP server from encapsulating Option 60 in DHCP replies.

<Sysname> system-view

[Sysname] dhcp server reply-exclude-option60

dhcp server request-ip-address check

Use dhcp server request-ip-address check to enable the DHCP server to return a DHCP-NAK message if the client notions of their IP addresses are incorrect.

Use undo dhcp server request-ip-address check to restore the default.

Syntax

dhcp server request-ip-address check

undo dhcp server request-ip-address check

Default

The DHCP server does not return a DHCP-NAK message if the client notions of their IP addresses are incorrect.

Views

System view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

A DHCP client can send a DHCP-REQUEST message directly or upon receiving a DHCP-OFFER message. Upon receiving the request, the DHCP server will check if the client notion of its IP address is correct. If the requested IP address is different from the allocated one or has no matching lease record, the DHCP server remains silent by default. After the allocated IP address lease for the client expires, the DHCP server will make response to request from the client.

This feature enables the DHCP server to return DHCP-NAK messages if the client notions of their IP addresses are incorrect. After receiving the DHCP-NAK message, the DHCP client will request an IP address again.

Examples

# Enable the DHCP server to return a DHCP-NAK message if the client notions of their IP addresses are incorrect.

<Sysname> system-view

[Sysname] dhcp server request-ip-address check

Related commands

dhcp select server

display dhcp server conflict

Use display dhcp server conflict to display information about IP address conflicts.

Syntax

display dhcp server conflict [ interface interface-type interface-number | ip ip-address | up-address ip-address | up-backup-group up-groupid | vxlan vxlan-id ] [ vpn-instance vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

ip ip-address: Specifies an IP address.

up-address ip-address: Specifies the IP address of a UP device.

up-backup-group up-groupid: Specifies a UP backup group ID.

vxlan vxlan-id: Specifies a VXLAN by its ID.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays information about IP address conflicts for the public network.

Usage guidelines

The DHCP server generates IP address conflict information in the following situations:

· Before assigning an IP address to a DHCP client, the DHCP server pings the IP address and discovers that another host is using the address.

· The DHCP client sends a DECLINE packet to the DHCP server to inform the server of an IP address conflict.

· The DHCP server discovers that the only assignable address in the IP pool is its own IP address.

If you do not specify any parameters, this command displays information about all IP address conflicts.

Examples

# Display information about all IP address conflicts.

<Sysname> display dhcp server conflict

IP address Detect time

4.4.4.1 Apr 25 16:57:20 2019

4.4.4.2 Apr 25 17:00:10 2019

Table 1 Command output

Field	Description
IP address	Conflicted IP address.
Detect time	Time when the conflict was discovered.

Related commands

reset dhcp server conflict

display dhcp server database

Use display dhcp server database to display information about DHCP binding auto backup.

Syntax

display dhcp server database

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Examples

# Display information about DHCP binding auto backup.

<Sysname> display dhcp server database

File name : database.dhcp

Username :

Password :

Update interval : 600 seconds

Latest write time : Feb 8 16:09:53 2014

Status : Last write succeeded.

Table 2 Command output

Field	Description
File name	Name of the DHCP binding backup file.
Username	Username for accessing the URL of the remote backup file.
Password	Password for accessing the URL of the remote backup file. This field displays ****** if a password is configured.
Update interval	Waiting time in seconds after a DHCP binding change for the DHCP server to update the backup file.
Latest write time	Time of the latest update.
Status	Update state: · Writing—The backup file is being updated. · Last write succeeded—The backup file was successfully updated. · Last write failed—The backup file failed to be updated.

display dhcp server expired

Use display dhcp server expired to display the lease expiration information.

Syntax

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

ip ip-address: Specifies an IP address.

mac mac-address: Specifies a MAC address.

up-address ip-address: Specifies the IP address of a UP device.

up-backup-group up-groupid: Specifies a UP backup group ID in the range of 1 to 16384.

vxlan vxlan-id: Specifies a VXLAN by its ID.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays the lease expiration information for the public network.

pool pool-name: Displays lease expiration information about the specified IP pool. The pool name is a case-insensitive string of 1 to 63 characters.

verbose: Displays detailed lease expiration information. If you do not specify this keyword, the command displays brief lease expiration information about all IP addresses.

Usage guidelines

DHCP assigns these expired IP addresses to DHCP clients when all available addresses have been assigned.

If you do not specify any parameters, this command displays lease expiration information about all IP addresses.

Examples

# Display all lease expiration information.

<Sysname> display dhcp server expired

IP address Client-identifier/Hardware address Lease expiration

4.4.4.6 3030-3066-2e65-3230-302e-3130-3234 Apr 25 17:10:47 2019

-2d45-7468-6572-6e65-7430-2f31

Table 3 Command output

Field	Description
IP address	Expired IP address.
Client-identifier/Hardware address	Client ID or MAC address.
Lease expiration	Time when the lease expired.

# Display detailed lease expiration information about all IP addresses.

<Sysname> display dhcp server expired verbose

IP address: 192.168.56.3

Pool name: 1

Client-identifier: N/A

Hardware address type: Ethernet

Hardware address: 0000-0000-0002

Lease expiration: Mar 16 16:00:22 2017

Remaining reservation time: 136 years 2 months 6 hours 28 minutes 11 seconds

IP address reservation mode: Based on client MAC

IP address: 5.5.5.5

Pool name: 2

Client-identifier: 0061-6161-612e-6161-6161-2e61-6161-612d-4745-302f-302f-33

Hardware address type: Ethernet

Hardware address: 0000-0000-0003

Lease expiration: Mar 16 16:00:33 2017

Remaining reservation time: 136 years 2 months 6 hours 28 minutes 22 seconds

IP address reservation mode: Based on client ID

IP address: 3.3.3.5

Pool name: abc

Client-identifier: 0100-0000-0000-05

Hardware address type: Ethernet

Hardware address: 0000-0000-0005

Lease expiration: Mar 16 16:10:33 2017

Remaining reservation time: 2 months 6 hours 27 minutes 22 seconds

IP address reservation mode: Based on client MAC

Table 4 Command output

Field	Description
IP address	Expired IP address.
Pool name	IP pool to which the expired IP address belongs.
Client-identifier	Client ID. If the request does not contain Option 61, this field displays N/A.
Hardware address type	Hardware address type of the client: Ethernet, Token ring, or Unknown.
Lease expiration	Time when the lease expired.
Remaining reservation time	Remaining time for reserving the expired IP address. If the reservation time expires, this field displays 0, and the expired IP address is deleted.
IP address reservation mode	Reservation mode of the expired IP address: · Based on client ID—Reserve an expired IP address based on the client ID. · Based on client MAC—Reserve an expired IP address based on the client MAC address.

Related commands

reserve expired-ip enable

reset dhcp server expired

display dhcp server free-ip

Use display dhcp server free-ip to display information about assignable IP addresses.

Syntax

display dhcp server free-ip [ pool pool-name | vpn-instance vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

pool pool-name: Displays assignable IP addresses in the specified IP pool. The pool name is a case-insensitive string of 1 to 63 characters. If you do not specify an IP pool, this command displays all assignable IP addresses for all IP pools.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays assignable IP addresses in IP pools for the public network.

Examples

# Display assignable IP addresses in all IP pools.

<Sysname> display dhcp server free-ip

Pool name: 1

Network: 10.0.0.0 mask 255.0.0.0

IP ranges from 10.0.0.10 to 10.0.0.100

IP ranges from 10.0.0.105 to 10.0.0.255

Secondary networks:

10.1.0.0 mask 255.255.0.0

IP ranges from 10.1.0.0 to 10.1.0.255

10.2.0.0 mask 255.255.0.0

IP Ranges from 10.2.0.0 to 10.2.0.255

Pool name: 2

Network: 20.1.1.0 mask 255.255.255.0

IP ranges from 20.1.1.0 to 20.1.1.255

Table 5 Command output

Field	Description
Pool name	Name of the IP pool.
Network	Assignable network.
IP ranges	Assignable IP address range.
Secondary networks	Assignable secondary networks.

Related commands

address range

ip pool

network

display dhcp server ip-in-use

Use display dhcp server ip-in-use to display binding information about assigned IP addresses.

Syntax

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number.

ip ip-address: Specifies an IP address.

subnet network-address mask-length: Specifies a subnet by the network address and subnet mask length.

up-address ip-address: Specifies the IP address of a UP device.

up-backup-group up-groupid: Specifies a UP backup group ID in the range of 1 to 16384.

vxlan vxlan-id: Specifies a VXLAN by its ID.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command displays binding information about assigned IP addresses for the public network.

pool pool-name: Displays binding information about assigned IP addresses in the specified IP pool. The pool name is a case-insensitive string of 1 to 63 characters.

Usage guidelines

If you do not specify any parameters, this command displays binding information about all assigned IP addresses.

The binding information can be used by other security modules only when the DHCP server is configured on the gateway of DHCP clients.

If the lease deadline exceeds the year 2100, the lease expiration time is displayed as After 2100.

If you do not specify any parameters, this command displays binding information about all assigned IP addresses.

Examples

# Display binding information about all assigned DHCP addresses.

<Sysname> display dhcp server ip-in-use

IP address Client identifier/ Lease expiration Type

Hardware address

10.1.1.1 4444-4444-4444 Not used Static(F)

10.1.1.2 0030-3030-2e30-3030- May 1 14:02:49 2015 Auto(C)

662e-3030-3033-2d45-

7468-6572-6e65-74

10.1.1.3 0133-3037-392e-3933- May 1 14:18:22 2016 Auto(C)

3037-2e39-3030-32

10.1.1.4 1111-1111-1111 After 2100 Static(C)

Table 6 Command output

Field	Description
IP address	IP address assigned.
Client identifier/Hardware address	Client ID or hardware address. Client ID is specified as a string of hexadecimal numbers, in which the first two characters represents the hardware type value. · If an ASCII string is used, the hardware type value is 00, which means no type. · If the hardware type is Ethernet, the type value is 01. · If the hardware type is token ring, the type value is 06.
Lease expiration	Lease expiration time: · Exact time (May 1 14:02:49 2015 in this example)—Time when the lease will expire. · Not used—The IP address of the static binding has not been assigned to the specific client. · Unlimited—Infinite lease expiration time. · After 2100—The lease will expire after 2100.
Type	Binding types: · Static(F)—A free static binding whose IP address has not been assigned. · Static(O)—An offered static binding whose IP address has been selected and sent by the DHCP server in a DHCP-OFFER packet to the client. · Static(C)—A committed static binding whose IP address has been assigned to the DHCP client. · Auto(O)—An offered dynamic binding whose IP address has been dynamically selected by the DHCP server and sent in a DHCP-OFFER packet to the DHCP client. · Auto(C)—A committed dynamic binding whose IP address has been dynamically assigned to the DHCP client.

Related commands

reset dhcp server ip-in-use

display dhcp server statistics

Use display dhcp server statistics to display the DHCP server statistics.

Syntax

display dhcp server statistics [ pool pool-name | vpn-instance vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

pool pool-name: Specifies an IP pool by its name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, this command displays information about all IP pools.

Examples

# Display the DHCP server statistics.

<Sysname> display dhcp server statistics

Pool number: 1

Pool utilization: 0.39%

Bindings:

Automatic: 1

Manual: 0

Expired: 0

Conflict: 1

Messages received: 10

DHCPDISCOVER: 5

DHCPREQUEST: 3

DHCPDECLINE: 0

DHCPRELEASE: 2

DHCPINFORM: 0

BOOTPREQUEST: 0

ODAP DHCPOFFER: 0

ODAP DHCPACK: 0

ODAP DHCPNAK: 0

ODAP DHCPDISCOVER: 0

ODAP DHCPREQUEST: 0

ODAP DHCPRELEASE: 0

ODAP DHCPDECLINE: 0

ODAP DHCPFORCERENEW: 0

Messages sent: 6

DHCPOFFER: 3

DHCPACK: 3

DHCPNAK: 0

BOOTPREPLY: 0

ODAP DHCPOFFER: 0

ODAP DHCPACK: 0

ODAP DHCPNAK: 0

ODAP DHCPDISCOVER: 0

ODAP DHCPREQUEST: 0

ODAP DHCPRELEASE: 0

ODAP DHCPDECLINE: 0

ODAP DHCPFORCERENEW: 0

Bad Messages: 0

# Display statistics about IP pool pool1.

<Sysname> display dhcp server statistics pool pool1

Total IP addresses: 255

Free IP addresses: 100

Used: 0

Pool utilization: 60.94%

Bindings:

Automatic: 0

Manual: 0

Expired: 0

Conflicts: 0

Table 7 Command output

Field	Description
Pool number	Total number of IP pools. This field is not displayed when you display statistics for a specific IP pool.
Total IP addresses	Total number of IP addresses in the IP pool.
Free IP addresses	Total number of free addresses in the IP pool.
Used	Total number of IP addresses that have been assigned.
Pool utilization	IP pool usage.
Bindings	Bindings of the following types: · Automatic—Number of dynamic bindings. · Manual—Number of static bindings. · Expired—Number of expired bindings.
Conflict	Total number of conflicting addresses.
Messages received	‌ DHCP packets received from clients: · DHCPDISCOVER. · DHCPREQUEST. · DHCPDECLINE. · DHCPRELEASE. · DHCPINFORM. · BOOTPREQUEST. · ODAP DHCPOFFER · ODAP DHCPACK · ODAP DHCPNAK · ODAP DHCPDISCOVER · ODAP DHCPREQUEST · ODAP DHCPRELEASE · ODAP DHCPDECLINE · ODAP DHCPFORCERENEW This field is not displayed if you display statistics for a specific IP pool.
Messages sent	‌ DHCP packets sent to clients: · DHCPOFFER. · DHCPACK. · DHCPNAK. · BOOTPREPLY. · ODAP DHCPOFFER · ODAP DHCPACK · ODAP DHCPNAK · ODAP DHCPDISCOVER · ODAP DHCPREQUEST · ODAP DHCPRELEASE · ODAP DHCPDECLINE · ODAP DHCPFORCERENEW This field is not displayed if statistics about a specific IP pool are displayed.
Bad Messages	Number of error messages. This field is not displayed if you display statistics for a specific IP pool.

Related commands

reset dhcp server statistics

display dhcp-access packet statistics

Use display dhcp-access packet statistics to display packet statistics for the DHCP access module.

Syntax

display dhcp-access packet statistics

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Examples

# Display packet statistics for the DHCP access module.

<Sysname> display dhcp-access packet statistics

Received packets

Received from clients : 0

DHCPDISCOVER : 0

DHCPREQUEST : 0

DHCPDECLINE : 0

DHCPRELEASE : 0

DHCPINFORM : 0

Received from servers : 0

DHCPOFFER : 0

DHCPACK : 0

DHCPNAK : 0

Sent packets

Send to clients : 0

DHCPOFFER : 0

DHCPACK : 0

DHCPNAK : 0

Send to servers : 0

DHCPDISCOVER : 0

DHCPREQUEST : 0

DHCPDECLINE : 0

DHCPRELEASE : 0

Table 8 Command output

Field	Description
Received packets	Statistics about received packets.
Received from clients	Number of packets received from DHCP clients.
DHCPDISCOVER	Number of received DHCP-DISCOVER packets.
DHCPREQUEST	Number of received DHCP-REQUEST packets.
DHCPDECLINE	Number of received DHCP-DECLINE packets.
DHCPRELEASE	Number of received DHCP-RELEASE packets.
DHCPINFORM	Number of received DHCP-INFORM packets.
Received from servers	Number of packets received from DHCP servers.
DHCPOFFER	Number of received DHCP-OFFER packets.
DHCPACK	Number of received DHCP-ACK packets.
DHCPNAK	Number of received DHCP-NAK packets.
Send packets	Statistics about sent packets.
Send to clients	Number of packets sent to DHCP clients.
DHCPOFFER	Number of sent DHCP-OFFER packets.
DHCPACK	Number of sent DHCP-ACK packets.
DHCPNAK	Number of sent DHCP-NAK packets.
Send to servers	Number of packets sent to DHCP servers.
DHCPDISCOVER	Number of sent DHCP-DISCOVER packets.
DHCPREQUEST	Number of sent DHCP-REQUEST packets.
DHCPDECLINE	Number of sent DHCP-DECLINE packets.
DHCPRELEASE	Number of sent DHCP-RELEASE packets.

Related commands

reset dhcp-access packet statistics

display dhcp-access user-table

Use display dhcp-access user-table to display information about DHCP users.

Syntax

display dhcp-access user-table [ index index-value | mac-address mac-address | user-id user-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

index index-value: Specifies a DHCP user index in the range of 1 to 4294967294.

mac-address mac-address: Specifies the MAC address of a user, in the format of H-H-H.

user-id user-id: Specifies a user ID, in the range of 1 to ffffffff. The user ID is case insensitive.

Usage guidelines

If you do not specify any parameters, this command displays information about all DHCP users on the device.

Examples

# Display information about all DHCP users on the device.

<Sysname> display dhcp-access user-table

DHCP-ACCESS-USER-INFO-BRIEF(Total:2)

User ID : 0x40000001

User index : 1

Interface : GigabitEthernet1/0/1

SVLAN : N/A

CVLAN : N/A

User MAC address : 0000-0000-0007

User state : ONLINE

VPN instance : N/A

User IP address : 10.1.1.254(RADIUS)

Primary DNS Server : 10.1.1.2

Second DNS Server : N/A

Address pool name : test_dhcp

User ID : 0x40000002

User index : 2

Interface : GigabitEthernet1/0/1

SVLAN : N/A

CVLAN : N/A

User MAC address : 0000-0000-0008

User state : ONLINE

VPN instance : N/A

User IP address : 10.1.1.200(RADIUS)

Primary DNS Server : 10.1.1.2

Second DNS Server : N/A

Address pool name : test_dhcp

# Display information about the DHCP user with MAC address 0050-ba50-7349.

<Sysname> display dhcp-access user-table mac-address 0050-ba50-7349

User ID : 0x40000001

User index : 2

Interface : GigabitEthernet1/0/1

SVLAN : N/A

CVLAN : N/A

User MAC address : 0000-0000-0008

User state : ONLINE

VPN instance : N/A

User IP address : 10.1.1.200(RADIUS)

Renew Time : 3200s

Rebind Time : 75600s

Gateway : N/A

Primary DNS Server : N/A

Second DNS Server : N/A

Address Pool Name : 1

Option60 String : N/A

Client ID : 010050ba507349

Table 9 Command output

Field	Description
DHCP-ACCESS-USER-INFO-BRIEF (Total:x)	Brief information about a DHCP user, and the number of DHCP users.
User ID	ID of the DHCP user, in hexadecimal notation.
User index	Index of the DHCP user, in decimal notation.
Interface	Interface from which the DHCP user comes online.
SVLAN	SVLAN to which the DHCP user belongs. If the user does not belong to any SVLAN, this field displays N/A.
CVLAN	CVLAN to which the DHCP user belongs. If the user does not belong to any CVLAN, this field displays N/A.
User MAC address	MAC address of the DHCP user.
User state	Status of the DHCP user: · INIT—Initial state. · WAIT_UCM_REQ_ACK—Expecting an acknowledgment from UCM. · WAIT_SERVER_OFFER—Expecting a DHCP-OFFER from the DHCP server. · WAIT_CLIENT_REQ—Expecting a DHCP-REQUEST from the DHCP client. · WAIT_SERVER_ACK—Expecting a DHCP-ACK from the DHCP server. · WAIT_UCM_UP_ACK—Expecting a lease acknowledgment from UCM. · ONLINE—The user is online. · WAIT_UCM_DOWN_ACK—Expecting an acknowledgment for lease release from UCM. · RENEW_WAIT_SERVER_REPLY—Expecting a DHCP-ACK for a lease renewal request from the DHCP server. · WAIT_SERVER_ACK—Expecting a DHCP-ACK from the DHCP server.
VPN instance	VPN instance to which the DHCP user belongs. If the user is on the public network, this field displays N/A.
User IP address	IP address that the DHCP user has obtained.
Renew Time	Lease renewal time.
Rebind Time	Lease rebind time.
Gateway	Default gateway.
Primary DNS Server	IP address of the primary DNS server.
Second DNS Server	IP address of the secondary DNS server.
Address pool name	Name of the IP pool to which the user IP address belongs.
Option60 String	Vendor information string. If Option 60 is not contained in user packets, this field displays N/A.
Client ID	DHCP client ID.

display ip pool

Use display ip pool to display information about IP pools.

Syntax

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

name pool-name: Specifies the name of an IP pool, a case-insensitive string of 1 to 63 characters.

bas: Displays information about BAS IP pools.

nat: Displays information about remote NAT IP pools.

nat-local: Displays information about local NAT IP pools.

odap-client [ host ]: Displays information about IP pools on the ODAP client. The host keyword specifies IP pools of the ODAP host type. If you do not specify this keyword, the command displays information about IP pools of the non-host type on the ODAP client.

odap-server: Displays information about IP pools on the ODAP server.

subnet-alloc: Displays information about IP pools that support dynamic subnet allocation.

Usage guidelines

If you do not specify the bas, nat, nat-local, odap-client, odap-server, or subnet-alloc keyword, this command displays information about common IP pools.

Examples

# Display information about all common IP pools.

<Sysname> display ip pool

Pool name: 0

network 20.1.1.0 mask 255.255.255.0

dhcp-server nak-count 10

class a range 20.1.1.50 20.1.1.60

bootfile-name abc.cfg

dns-list 20.1.1.66 20.1.1.67 20.1.1.68

domain-name www.aabbcc.com

bims-server ip 192.168.0.51 sharekey cipher $c$3$K13OmQPi791YvQoF2Gs1E+65LOU=

option 2 ip-address 1.1.1.1

expired day 1 hour 2 minute 3 second 0

reserve expired-ip enable

reserve expired-ip mode client-id time 4294967295 limit 256000

Pool name: 1

network 20.1.1.0 mask 255.255.255.0

dhcp-server nak-count 10

secondary networks:

20.1.2.0 mask 255.255.255.0

20.1.3.0 mask 255.255.255.0

bims-server ip 192.168.0.51 port 50 sharekey cipher $c$3$K13OmQPi791YvQoF2Gs1E+65LOU=

forbidden-ip 20.1.1.22 20.1.1.36 20.1.1.37

forbidden-ip 20.1.1.22 20.1.1.23 20.1.1.24

gateway-list 1.1.1.1 2.2.2.2 4.4.4.4

nbns-list 5.5.5.5 6.6.6.6 7.7.7.7

netbios-type m-node

option 2 ip-address 1.1.1.1

expired day 1 hour 0 minute 0 second 0 allow-hint

reserve expired-ip disable

reserve expired-ip mode client-id time 4294967295 limit 256000

Pool name: 2

network 20.1.1.0 mask 255.255.255.0

dhcp-server nak-count 10

address range 20.1.1.1 to 20.1.1.15

class departmentA range 20.1.1.20 to 20.1.1.29

class departmentB range 20.1.1.30 to 20.1.1.40

next-server 20.1.1.33

tftp-server domain-name www.dian.org.cn

tftp-server ip-address 192.168.0.120

voice-config ncp-ip 10.1.1.2

voice-config as-ip 10.1.1.5

voice-config voice-vlan 3 enable

voice-config fail-over 10.1.1.1 123*

option 2 ip-address 1.1.1.3

expired day 1 hour 0 minute 0 second 0

reserve expired-ip enable

reserve expired-ip mode mac time 100 limit 100

Pool name: 3

static bindings:

ip-address 10.10.1.2 mask 255.0.0.0

hardware-address 00e0-00fc-0001 ethernet

ip-address 10.10.1.3 mask 255.0.0.0

client-identifier aaaa-bbbb

expired unlimited

reserve expired-ip disable

reserve expired-ip mode client-id time 4294967295 limit 256000

# Display information about BAS IP pools.

<Sysname> display ip pool bas

Pool name: 10

gateway 11.1.1.0 mask 255.255.255.0

dhcp-server nak-count 10

class a range 11.1.1.50 20.1.1.60

bootfile-name abc.cfg

dns-list 11.1.1.66 20.1.1.67 11.1.1.68

domain-name www.aabbcc.com

bims-server ip 192.168.0.51 sharekey cipher $c$3$K13OmQPi791YvQoF2Gs1E+65LOU=

unr tag 100

option 2 ip-address 1.1.1.1

expired day 1 hour 2 minute 3 second 0

reserve expired-ip enable

reserve expired-ip mode client-id time 4294967295 limit 256000

# Display information about IP pools that support dynamic subnet allocation.

<Sysname> display ip pool subnet-alloc

Pool name: pool1

network 10.1.1.0 mask 255.255.0.0

dhcp-server nak-count 10

subnet mask-length: 24

subnet idle-time: 30

subnet export-route disable

subnet alloc-mode: up-address

bootfile-name abc.cfg

dns-list 10.1.1.66 10.1.1.67 10.1.1.68

domain-name www.aabbcc.com

bims-server ip 192.168.0.51 sharekey cipher $c$3$K13OmQPi791YvQoF2Gs1E+65LOU=

option 2 ip-address 1.1.1.1

expired day 1 hour 2 minute 3 second 0

reserve expired-ip enable

reserve expired-ip mode client-id time 4294967295 limit 256000

sub-networks:

BKGROUP: N/A MASTER_UPID: 1025 UPID: 1025 Interface: Remote-GE1025/0/0/1 VXLAN: N/A UP_ADDR: 13.1.1.1 1.1.0.0/24 Leased: 1 Expired: 0 Free: 252

Expired-time: Apr 18 13:30:55 2020

gateway-list 1.1.0.254 export-route

BKGROUP: N/A MASTER_UPID: 1024 UPID: 1024 Interface: Remote-GE1024/0/0/1 VXLAN: N/A UP_ADDR: 12.1.1.1 1.1.1.0/24 Leased: 1 Expired: 0 Free: 252

Expired-time: Apr 18 13:30:57 2020

gateway-list 1.1.1.254 export-route

# Display information about IP pools on the ODAP client.

<Sysname> display ip pool odap-client

Pool name: pool2

Origin dhcp subnet mask-length: 26

Subnetgiaddr: 192.168.56.10

Subnet utilization mark high: 80

Subnet utilization mark low: 20

subnet alloc-mode: pool-name

subnet export-route preference 65 tag 0

dhcp-server nak-count 10

expired day 1 hour 0 minute 0 second 0

reserve expired-ip enable

reserve expired-ip mode client-id time 4294967295 limit 256000

remote server 192.168.56.11

active remote server (all)

ip-in-use threshold 100

odap-sub-network(s):

BKGROUP: N/A MASTER_UPID: 1025 UPID: 1025 INTERFACE: Remote-GE1025/0/0/1 VXLAN: N/A UP_ADDR: 13.1.1.1 1.1.0.0/24 Leased: 1 Expired: 0 Free: 252

Expired-time: Apr 18 13:30:55 2020

gateway 1.1.0.254 mask 255.255.255.0

BKGROUP: N/A Master_UPID: 1024 UPID: 1024 Interface: Remote-GE1024/0/0/1 VXLAN: N/A UP_ADDR: 12.1.1.1 1.1.1.0/24 Leased: 1 Expired: 0 Free: 252

Expired-time: Apr 18 13:30:57 2020

gateway 1.1.1.254 mask 255.255.255.0

# Display information about IP pools on the ODAP server.

<Sysname> display ip pool odap-server

Pool name: pool7

Network: 1.1.1.0 mask 255.255.255.0

Subnet mask-length: 27

dhcp-server nak-count 10

expired day 1 hour 0 minute 0 second 0

reserve expired-ip enable

reserve expired-ip mode client-id time 4294967295 limit 256000

ip-in-use threshold 100

Table 10 Command output

Field	Description
Pool name	Name of the IP pool.
gateway	Gateway IP address and network mask of the BAS IP pool.
network	Assignable network segment.
dhcp-server nak-count	Maximum number of DHCP-NAK packets that the DHCP relay agent can receive from a DHCP server.
subnet mask-length	Mask length of dynamically allocated subnets.
subnet idle-time	Delay time for the DHCP server to reclaim idle subnets.
subnet export-route disable	Advertising dynamically allocated subnets is disabled. This field is not displayed if subnet advertising is enabled.
Origin dhcp subnet mask-length	Subnet mask length that the ODAP client uses to request subnets from the ODAP server.
Subnet giaddr	IP address to fill the giaddr field in request packets sent by the ODAP client.
Subnet utilization mark high	High utilization mark of the IP pool size.
Subnet utilization mark low	Low utilization mark of the IP pool size.
subnet alloc-mode	Dynamic subnet allocation modes: · interface—Subnets are allocated based on the user-facing interfaces on the UP device. · up-address—Subnets are allocated based on the UP address of the VXLAN tunnel. · pool-name—IP addresses are selected from the subnets in the IP pool and assigned to users. · vxlan-id—Subnets are allocated based on the VXLAN ID of the user.
subnet export-route preference tag	Preference and tag value of the subnet route.
secondary networks	Assignable secondary network segments. This field is not displayed if the IP pool is of the ODAP type.
address range	Assignable address range. This field is not displayed if the IP pool supports dynamic subnet allocation or is of the ODAP type.
class class-name range	DHCP user class and its address range. This field is not displayed if the IP pool supports dynamic subnet allocation or is of the ODAP type.
static bindings	Static IP-to-MAC/client ID bindings. This field is not displayed if the IP pool supports dynamic subnet allocation or is of the ODAP type.
unr tag	Tag value of the network route.
option	Customized DHCP option.
expired	Lease duration. For example, expired day 1 hour 2 minute 3 second 4 indicates a lease of 1 day, 2 hours, 3 minutes, and 4 seconds. If the lease never expires, this field displays unlimited. If the DHCP server is allowed to use the DHCP client-suggested lease duration, allow-hint is displayed after the lease duration.
remote server	DHCP server address in the remote BAS IP pool. If you create a remote BAS IP pool on the DHCP relay agent and execute the remote-server command, this field is displayed.
active remote server	Active DHCP server address. If you create a remote BAS IP pool on the DHCP relay agent and execute the remote-server command, this field is displayed. The displayed value depends on the DHCP server selection algorithm configuration. · If the polling algorithm is used, this field displays all. The DHCP relay agent forwards DHCP requests to all DHCP servers. · If the master-backup algorithm is used, this field displays the IP address of the active DHCP server. The DHCP relay agent forwards DHCP requests to the master DHCP server first.
bootfile-name	Boot file name.
dns-list	DNS server IP address.
domain-name	Domain name suffix.
bims-server	BIMS server information.
ip-in-use threshold	IP pool usage threshold.
reserve expired-ip	Whether IP address reservation is enabled.
reserve expired-ip mode client-id time 4294967295 limit 256000	IP address reservation mode, reservation time for expired IP addresses, and the maximum number of IP addresses that can be reserved in the IP pool. In this example, the reservation mode is client ID, the reservation time is 4294967295 seconds, and the maximum number of IP addresses is 256000.
sub-networks	Subnets.
BKGROUP	UP backup group ID for subnet allocation.
Master_UPID	ID of the UP management instance for the backup group's master interface.
UPID	UP management instance ID. If subnets are not allocated by UP management instance ID, this field displays N/A
Interface	User-facing interface of the UP device. If subnets are not allocated by interface, this field displays N/A.
VXLAN	VXLAN of the users. If subnets are not allocated by VXLAN ID, this field displays N/A.
UP ADDR	UP address of the VXLAN tunnel. If subnets are not allocated by UP address, this field displays N/A.
Leased	Numbers of assigned IP addresses.
Expired	Number of expired IP addresses.
Free	Number of free IP addresses.
Expired-time	Time at which the subnet expired.
gateway mask	Gateway address and mask of the subnet.

Related commands

gateway

ip pool

display ip pool-group

Use display ip pool-group to display information about IP pool groups.

Syntax

display ip pool-group [ name pool-group-name ] [ vpn-instance vpn-instance-name ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

name pool-group-name: Specifies an IP pool group name, a case-insensitive string of 1 to 63 characters. If you do not specify this option, the command displays information about all IP pool groups.

Examples

# Display information about IP pool group group1.

<Sysname> display ip pool-group name group1

Pool-group: group1

VPN instance name: abc

Total IP addresses: 100

Used IP addresses: 0

Conflicting IP addresses: 0

Free IP addresses: 0

Static bindings: 0

Excluded IP addresses: 0

Current pool: pool1

Pool group usage: 0.00%

Bound pools: 1

pool1

# Display information about all IP pool groups on the public network.

<Sysname> display ip pool-group

Pool-group: group1

VPN instance name: N/A

Total IP addresses: 200

Used IP addresses: 0

Conflicting IP addresses: 0

Free IP addresses: 0

Static bindings: 0

Excluded IP addresses : 0

Current pool: pool2

Pool group usage: 0.00%

Bound pools: 2

Pool2

Pool3

Pool-group: group2

VPN-instance name: N/A

Total IP addresses: 300

Used IP addresses: 0

Conflicting IP addresses: 0

Free IP addresses: 0

Static bindings: 0

Excluded IP addresses: 0

Current pool: pool3

Pool group usage: 0.00%

Bound pools: 3

pool3

pool4

pool5

Table 11 Command output

Field	Description
Pool-group	Name of the IP pool group.
VPN instance name	‌ Name of the VPN instance to which the IP pool group is applied. This field displays N/A if the IP pool group is on the public network.
Total IP addresses	Total number of IP addresses in the IP pool group.
Used IP addresses	Number of allocated IP addresses in the IP pool group.
Conflicting IP addresses	Number of conflicting IP addresses in the IP pool group.
Free IP addresses	Number of free IP addresses in the IP pool group.
Static bindings	Number of statically bound IP addresses in the IP pool group.
Excluded IP addresses	Number of IP addresses excluded from dynamic allocation in the IP pool group.
Current pool	IP pool in use. If the IP pool group does not have any IP pools, this field displays N/A.
Pool group usage	Address usage in the IP pool group.
Bound pools	Number of bound IP pools and their names. Each IP pool name occupies one line.

Related commands

ip pool-group

dns-list

Use dns-list to specify DNS server addresses in an IP pool.

Use undo dns-list to remove DNS server addresses from an IP pool.

Syntax

dns-list ip-address&<1-8>

undo dns-list [ ip-address&<1-8> ]

Default

No DNS server address is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address&<1-8>: Specifies a space-separated list of up to eight DNS servers.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

If you do not specify any parameters, the undo dns-list command deletes all DNS server addresses in the IP pool.

Examples

# Specify DNS server address 10.1.1.254 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] dns-list 10.1.1.254

Related commands

display ip pool

domain-name

Use domain-name to specify a domain name in an IP pool.

Use undo domain-name to restore the default.

Syntax

domain-name domain-name

undo domain-name

Default

No domain name is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

domain-name: Specifies the domain name, a case-sensitive string of 1 to 50 characters.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify domain name company.com in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] domain-name company.com

Related commands

display ip pool

exhaustion log enable

Use exhaustion log enable to enable logging for IP address exhaustion.

Use undo exhaustion log enable to restore the default.

Syntax

exhaustion log enable

undo exhaustion log enable

Default

The DHCP module does not generate logs for IP address exhaustion events.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This feature enables the DHCP module to send a log message to the information center in one of the following conditions:

· The IP pool does not have assignable IP addresses.

· The IP pool usage drops below 90% after IP address exhaustion. The IP pool usage is calculated by using the formula:

(Total number of IP addresses – number of assignable IP addresses)/total number of IP addresses

For log messages to be sent correctly, you must also configure the information center. For information about the information center configuration, see Network Management and Monitoring Configuration Guide.

Examples

# Enable logging for IP address exhaustion in IP pool pool1.

<Sysname> system-view

[Sysname] ip pool pool1

[Sysname-ip-pool-pool1] exhaustion log enable

expired

Use expired to set the lease duration in an IP pool.

Use undo expired to restore the default lease duration for an IP pool.

Syntax

expired { allow-hint | { day day [ hour hour [ minute minute [ second second ] ] ] | unlimited } [ allow-hint ] }

undo expired

Default

The lease duration of a dynamic IP pool is 1 day.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

allow-hint: Allows the DHCP server to use the DHCP client-suggested lease duration. The DHCP server uses the DHCP client-suggested lease duration if the DHCP client-suggested lease duration is shorter than the lease duration in the IP pool. If you do not specify this keyword, the DHCP server always uses the lease duration in the IP pool.

day day: Specifies the number of days, in the range of 0 to 365.

hour hour: Specifies the number of hours, in the range of 0 to 23. The default is 0.

minute minute: Specifies the number of minutes, in the range of 0 to 59. The default is 0.

second second: Specifies the number of seconds, in the range of 0 to 59. The default is 0.

unlimited: Specifies the unlimited lease duration, which is actually 136 years.

Usage guidelines

The DHCP server assigns an IP address together with the lease duration to the DHCP client. Before the lease expires, the DHCP client must extend the lease duration.

· If the lease extension operation succeeds, the DHCP client can continue to use the IP address.

· If the lease extension operation does not succeed, both of the following events occur:

¡ The DHCP client cannot use the IP address after the lease duration expires.

¡ The DHCP server will label the IP address as expired.

Examples

# Set the lease duration to 1 day, 2 hours, 3 minutes, and 4 seconds in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] expired day 1 hour 2 minute 3 second 4

# Set the lease duration to 1 day, 2 hours, 3 minutes, and 4 seconds in IP pool 0. Allow the DHCP server to use the DHCP client-suggested lease duration.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] expired day 1 hour 2 minute 3 second 4 allow-hint

Related commands

display dhcp server expired

display ip pool

reset dhcp server expired

export host-route

Use export host-route to enable host route advertisement.

Use undo export host-route to disable host route advertisement.

Syntax

export host-route

undo export host-route

Default

Host route advertisement is disabled.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

The network export-route command enables the DHCP server to advertise the network route for each assigned IP address in the pool. If multiple pools share the same segment, the same network route will be advertised for assigned IP addresses in these pools. This will make the clients using these IP addresses inaccessible to external devices. To resolve this issue, enable host route advertisement for each IP pool to advertise a host route for each assigned IP address.

Before you enable host route advertisement for an IP pool, make sure this pool has not assigned any IP addresses.

Examples

# Enable host route advertisement for IP pool 1.

<Sysname> system-view

[Sysname] ip pool 1

[Sysname-ip-pool-1] export host-route

Related commands

ip pool

forbidden-ip

Use forbidden-ip to exclude IP addresses from dynamic allocation in an IP pool.

Use undo forbidden-ip to remove the configuration.

Syntax

forbidden-ip ip-address&<1-8>

undo forbidden-ip [ ip-address&<1-8> ]

Default

No IP addresses are excluded from dynamic allocation in an IP pool.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address&<1-8>: Specifies a space-separated list of up to eight excluded IP addresses.

Usage guidelines

The excluded IP addresses in an IP pool are still assignable in other IP pools.

You can exclude multiple IP addresses in an IP pool by executing this command multiple times.

If you do not specify any parameters, the undo forbidden-ip command removes all excluded IP addresses.

Examples

# Exclude IP addresses 192.168.1.3 and 192.168.1.10 from dynamic allocation in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] forbidden-ip 192.168.1.3 192.168.1.10

Related commands

dhcp server forbidden-ip

display ip pool

gateway

Use gateway to specify the gateway IP address and the network mask for a BAS IP pool.

Use undo gateway to restore the default

Syntax

gateway ip-address { mask | mask-len }

undo gateway

Default

No gateway IP address or network mask is specified for a BAS IP pool.

Views

Local BAS IP pool view

Remote BAS IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies the IP address of the gateway.

mask: Specifies the network mask in dotted decimal notation.

mask-len: Specifies the network mask length in the range of 1 to 30.

Usage guidelines

In a BAS network, execute this task on the DHCP server. When the DHCP server receives a DHCP request from an authenticated access user, the server selects an IP address from the IP pool and assigns it to the user.

A BAS IP pool supports only one gateway IP address and its network mask. If you execute this command multiple times, the most recent configuration takes effect.

After you modify the gateway IP address or network mask for an IP pool, leases of assigned IP addresses in this pool will be deleted.

Examples

# In local BAS IP pool p1, specify gateway IP address 1.1.1.1 and network mask length 24.

<Sysname> system-view

[Sysname] ip pool p1 bas local

[Sysname-ip-pool-p1] gateway 1.1.1.1 24

Related commands

display ip pool

gateway-list

Use gateway-list to specify gateway addresses to be assigned to DHCP clients.

Use undo gateway-list to remove the specified gateway addresses.

Syntax

gateway-list ip-address&<1-64> [ export-route ]

undo gateway-list [ ip-address&<1-64> ] [ export-route ]

Default

No gateway addresses are specified in an IP pool or a DHCP secondary network segment.

Views

IP pool view

DHCP secondary network segment view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address&<1-64>: Specifies a space-separated list of up to 64 gateway addresses. Gateway addresses must reside on the same subnet as the assignable IP addresses.

export-route: Binds the gateways to the device's MAC address in the address management module. The ARP module will use the entries to reply to ARP requests from the DHCP clients. If you do not specify this keyword, the gateways will not be bound to the device's MAC address.

Usage guidelines

The DHCP server assigns gateway addresses to clients on a secondary network segment in the following ways:

· If gateways are specified in both IP pool view and secondary network segment view, DHCP assigns those specified in the secondary network segment view.

· If gateways are specified in IP pool view but not in secondary network segment view, DHCP assigns those specified in IP pool view.

If you do not specify any parameters, the undo gateway-list command deletes all gateway addresses.

Examples

# Specify gateway address 10.1.1.1 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] gateway-list 10.1.1.1

Related commands

display ip pool

if-match

Use if-match to configure a match rule for a DHCP user class.

Use undo if-match to delete a match rule for a DHCP user class.

Syntax

if-match rule rule-number { hardware-address hardware-address mask hardware-address-mask | option option-code [ ascii ascii-string [ offset offset | partial ] | hex hex-string [ mask mask | offset offset length length | partial ] ] | relay-agent gateway-address }

undo if-match rule rule-number

Default

No match rules are configured for the DHCP user class.

Views

DHCP user class view

Predefined user roles

network-admin

mdc-admin

Parameters

rule rule-number: Assigns the match rule an ID in the range of 1 to 16. A smaller ID represents a higher match priority.

hardware-address hardware-address: Specifies a hardware address, a string of 4 to 39 characters. The string contains hyphen-separated hexadecimal numbers. The last hexadecimal number can be a two-digit or four-digit number, and the other hexadecimal numbers must be four-digit numbers. For example, aabb-ccdd-ee is valid, and aabb-c-dddd or aabb-cc-dddd is invalid.

mask hardware-address-mask: Specifies the mask to be ANDed with the specified hardware address for the match operation. The length of the mask must be the same as that of the hardware address.

option option-code: Specifies a DHCP option by its number in the range of 1 to 254.

ascii ascii-string: Specifies an ASCII string of 1 to 128 characters.

offset offset: Specifies the offset in bytes after which the match operation starts. The value range is 0 to 254. If you do not specify an offset value, the match starts from the first byte of the option content. If you specify an ASCII string, a packet matches the rule if the option after the offset has the same length and content as the ASCII string. If you specify a hexadecimal number, a packet matches the rule if the option after the offset has the same length and content as the hexadecimal number.

partial: Enables partial match. A packet matches a rule if the specified option in the packet contains the ASCII string or hexadecimal number specified in the rule. For example, if you specify abc in the rule, option content xabc, xyzabca, xabcyz, and abcxyz all match the rule.

hex hex-string: Specifies a hexadecimal number. The length of the hexadecimal number must be an even number in the range of 2 to 256.

mask mask: Specifies a hexadecimal mask for the match operation. The mask length must be an even number in the range of 2 to 256 and be the same as the hex-string length. The DHCP server selects option content of the mask length from the start and ANDs the selected option content and the specified hexadecimal number with the mask. The packet matches the rule if the two AND operation results are the same.

length length: Specifies the length of the option content to be matched, in the range of 1 to 128 bytes. The length must be the same as the hex-string length.

relay-agent gateway-address: Specifies a giaddr field value. The value is an IPv4 address in the dotted decimal notation. A packet matches the rule if its giaddr field value is the same as that in the rule.

Usage guidelines

If a DHCP request sent by a DHCP client matches a rule in a DHCP user class, the DHCP client matches the user class.

You can configure multiple match rules for a DHCP user class. Each match rule is uniquely identified by a rule ID within its type (hardware address, option, or relay agent address).

· If the rule that you are configuring has the same ID and type as an existing rule, the new rule overwrites the existing rule.

· If the rule that you are configuring has the same ID as an existing rule but a different type, the new rule takes effect and coexists with the existing rule. As a best practice, do not assign the same ID to rules of different types.

· Rules of different IDs cannot have the same rule content.

When you configure an if-match hardware-address rule, follow these guidelines:

· The hardware address type supports only the MAC address. A rule does not match clients with hardware addresses of other types.

· The specified hardware address must be of the same length as the client hardware addresses to be matched. To match MAC addresses, the specified hardware address must be six bytes long.

· The fs and 0s in the mask for the hardware match operation can be noncontiguous. For example, the rule if-match rule 1 hardware-address 0094-0000-1100 mask ffff-0000-ff00 matches hardware addresses in which the first two bytes are 0094 and the fifth byte is 11.

When you configure an if-match option rule, follow these guidelines:

· To match packets that contain an option, specify only the option-code argument.

· To match a hexadecimal number by AND operations, specify the option option-code hex hex-string mask mask options.

· To match a hexadecimal number directly, specify the option option-code hex hex-string [ offset offset length length | partial ] options. If you do not specify the offset, length, or partial parameter, a packet matches a rule if the option has the same length and content as the hexadecimal number.

· To match an ASCII string, specify the option option-code ascii ascii-string [ offset offset | partial ] options. If you do not specify the offset or partial parameter, a packet matches a rule if the option has the same length and content as the ASCII string.

Examples

# Configure match rule 1 for DHCP user class exam to match DHCP requests in which the hardware address is six bytes long and begins with 0094.

<Sysname> system-view

[Sysname] dhcp class exam

[Sysname-dhcp-class-exam] if-match rule 1 hardware-address 0094-0000-0101 mask ffff-0000-0000

# Configure match rule 2 for DHCP user class exam to match DHCP requests that contain Option 82.

<Sysname> system-view

[Sysname] dhcp class exam

[Sysname-dhcp-class-exam] if-match rule 2 option 82

# Configure match rule 3 for DHCP user class exam. The rule matches DHCP requests in which the highest bit of the fourth byte in Option 82 is the hexadecimal number 1.

<Sysname> system-view

[Sysname] dhcp class exam

[Sysname-dhcp-class-exam] if-match rule 3 option 82 hex 00000080 mask 00000080

# Configure match rule 4 for DHCP user class exam. The rule matches DHCP requests in which the first three bytes of Option 82 are the hexadecimal number 13ae92.

<Sysname> system-view

[Sysname] dhcp class exam

[Sysname-dhcp-class-exam] if-match rule 4 option 82 hex 13ae92 offset 0 length 3

# Configure match rule 5 for DHCP user class exam. The rule matches DHCP requests in which the Option 82 contains the hexadecimal number 13ae.

<Sysname> system-view

[Sysname] dhcp class exam

[Sysname-dhcp-class-exam] if-match rule 5 option 82 hex 13ae partial

# Configure match rule 6 for DHCP user class exam. The rule matches DHCP requests in which Option 61 contains the ASCII string abcd.

<Sysname> system-view

[Sysname] dhcp class exam

[Sysname-dhcp-class-exam] if-match rule 6 option 61 ascii abcd

# Configure match rule 7 for DHCP user class exam to match DHCP requests in which the giaddr field is 10.1.1.1.

<Sysname> system-view

[Sysname] dhcp class exam

[Sysname-dhcp-class-exam] if-match rule 7 relay-agent 10.1.1.1

Related commands

dhcp class

ip pool

Use ip pool to create an IP pool and enter its view, or enter the view of an existing IP pool.

Use undo ip pool to delete the specified IP pool.

Syntax

ip pool pool-name [ bas { local | remote } | nat | nat-local | odap-client [ host ] | odap-server | subnet-alloc ]

undo ip pool pool-name

Default

No IP pools exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

pool-name: Specifies an IP pool name, a case-insensitive string of 1 to 63 characters.

bas { local | remote }: Specifies an BAS IP pool. To create a local BAS IP pool, specify the local keyword. To create a remote BAS IP pool, specify the remote keyword.

nat: Specifies a remote NAT IP pool. This pool requests IP resources from remote servers and allocates them to the NAT module of the clients. For more information about NAT, see NAT configuration in Layer 3—IP Services Configuration Guide.

nat-local: Specifies a local NAT IP pool. This pool contains locally configured IP resources and assigns them to the NAT module of the UP devices.

odap-client [ host ]: Specifies an IP pool on the ODAP client. An IP pool of this type can only obtain subnets from the ODAP server and assign IP addresses to endpoint users. Subnet redivision is not supported. The host keyword specifies an IP pool of the ODAP host type. To create an IP pool of non-host type, do not specify this keyword. IP pools of the ODAP host type request only subnets with 32-bit mask length from the ODAP server.

odap-server: Specifies an IP pool on the ODAP server. The IP pool of this type can dynamically assign subnets to ODAP clients, but it cannot directly assign IP addresses to DHCP clients. The address resources in the IP pool are created by using the network command.

subnet-alloc: Specifies an IP pool for dynamic subnet allocation.

Usage guidelines

You can use this command to create an IP pool to accommodate your network requirements.

On a network (such as an IPoE network), access users can initiate DHCP-REQUEST only after passing authentication. In such network, configure a BAS IP pool according to the location of the BAS device and the DHCP server:

· If the DHCP server is configured on the BAS device, configure a local BAS IP pool on the BAS device.

· If the BAS device relays requests to the DHCP server, perform the following tasks:

a. On the BAS device, configure a remote BAS IP pool and execute the remote-server command to specify the DHCP server.

b. On the DHCP server, configure a local BAS IP pool.

The remote NAT IP pool is essentially an ODAP client. It requests subnets from the ODAP server and assigns them to the NAT module for address translation.

On a CUPS network without ODAP, configure NAT on the UP device and a local NAT IP pool on the CP device. When the NAT module needs IP addresses for address translation, the UP device requests a subnet from the CP device. The CP device then selects a subnet from the local NAT IP pool and assigns it to the UP device. Addresses in the subnet are only used for address translation.

On an ODAP network, the ODAP server manages multiple ODAP clients and allocates subnets to requesting ODAP clients. An ODAP client selects IP addresses in the obtained subnets and assigns them to its downstream DHCP clients. This structure provides flexible and efficient address management. To create an IP pool on the ODAP server, specify the odap-server keyword. To create an IP pool on the ODAP client, specify the odap-client keyword.

The IP pool for dynamic subnet allocation ensures flexible address management and is applicable to the CUPS network. In such a network, the CP divides the address space in the IP pool into multiple subnets and assigns IP addresses in these subnets to users connected to UPs. When all users on a subnet go offline, the CP device reclaims this subnet.

If you do not specify the bas, nat, nat-local, odap-client, odap-client host, odap-server, or subnet-alloc keyword, this command creates a common IP pool.

IP pool names must be unique on one device.

You can create multiple IP pools of the same type on one device.

Examples

# Create a local BAS IP pool and enter its view.

<Sysname> system-view

[Sysname] ip pool p1 bas local

[Sysname-ip-pool-bas-local-p1]

Related commands

display ip pool

subnet mask-length

ip pool-group

Use ip pool-group to create an IP pool group and enter its view, or enter the view of an existing IP pool group.

Use undo ip pool-group to delete an IP pool group.

Syntax

ip pool-group pool-group-name

undo ip pool-group pool-group-name

Default

No IP pool groups exist.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

pool-group-name: Specifies an IP pool group name, a case-insensitive string of 1 to 63 characters.

Usage guidelines

For a user that matches an IP pool group, the DHCP server selects an IP address from an available IP pool in the matching group.

If both an IP pool and an IP pool group exist in AAA authorized user attributes, authenticated users can only obtain IP addresses from the IP pool. The users cannot obtain IP addresses from the IP pool group even if the authorized IP pool has no assignable IP addresses.

Examples

# Create an IP pool group named poolgroup1 and enter its view.

<Sysname> system-view

[Sysname] ip pool-group poolgroup1

[Sysname-ip-pool-group-poolgroup1]

Related commands

display ip pool-group

pool

ip unr

Use ip unr to set an IPv4 user network route (UNR) tag.

Use undo ip unr to restore the default.

Syntax

ip unr { dynamic-pool-tag tag-value | framed-ip-address-tag tag-value | framed-ip-netmask-tag tag-value | framed-route-tag tag-value | local-pool-tag tag-value | remote-pool-tag tag-value } *

undo ip unr { dynamic-pool-tag | framed-ip-address-tag | framed-ip-netmask-tag | framed-route-tag | local-pool-tag | remote-pool-tag } *

Default

No IPv4 UNR tag is set.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

dynamic-pool-tag tag-value: Sets a UNR tag value for IP pools that support dynamic subnet allocation. The tag value range is 0 to 4294967295.

framed-ip-address-tag tag-value: Sets a tag value for host routes that are generated based on the Framed-IP-Address attribute assigned by the RADIUS server. The tag value range is 0 to 4294967295.

framed-ip-netmask-tag tag-value: Sets a tag value for network routes that are generated based on the Framed-IP-Netmask attribute assigned by the RADIUS server. The tag value range is 0 to 4294967295.

framed-route-tag tag-value: Sets a tag value for network routes that are generated based on the Framed-Routing attribute assigned by the RADIUS server. The tag value range is 0 to 4294967295.

local-pool-tag tag-value: Sets a UNR tag value for local BAS IP pools. The tag value range is 0 to 4294967295.

remote-pool-tag tag-value: Sets a UNR tag value for remote BAS IP pools. The tag value range is 0 to 4294967295.

Usage guidelines

When the DHCP server assigns an IP address, it adds the network route for the IP address to the route management module. In a BAS network, you can classify user network routes based on their UNR tag values for route redistribution.

The tag value modification does not affect the tag values for network routes that have been advertised.

You can set a route tag value in system view or in IP pool view. For BAS access users, the value set in IP pool view has higher priority than the one set in system view.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the UNR tag value to 1 for IP pools that support dynamic subnet allocation.

<Sysname> system-view

[Sysname] ip unr dynamic-pool-tag 1

Related commands

unr tag

ip-in-use threshold

Use ip-in-use threshold to set the IP pool usage threshold.

Use undo ip-in-use threshold to restore the default.

Syntax

ip-in-use threshold threshold-value

undo ip-in-use threshold

Default

The IP pool usage threshold is 100%.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

threshold-value: Specifies the usage threshold in percentage in the range of 0 to 100.

Usage guidelines

If the usage of an IP pool reaches or exceeds the threshold, the DHCP module sends an SNMP notification and a log message to report the event. You can optimize the IP pool configuration accordingly. When the IP pool usage drops below 90% of the threshold after the threshold violation, DHCP also sends an SNMP notification and a log message to the information center. If the threshold value is set to 100%, the DHCP module generates only an SNMP notification when the IP pool usage reaches 100% or drops below 90%.

For DHCP notifications to be sent correctly, you must configure SNMP on the device. For log messages to be sent correctly, you must configure the information center. For more information about SNMP configuration and the information center configuration, see Network Management and Monitoring Configuration Guide.

If you execute this command multiple times in the same IP pool view, the most recent configuration takes effect.

Examples

# Set the IP pool usage threshold to 75%.

<Sysname> system-view

[Sysname] ip pool pool1

[Sysname-ip-pool-pool1] ip-in-use threshold 75

Related commands

snmp-agent trap enable dhcp server

nbns-list

Use nbns-list to specify WINS server addresses in an IP pool.

Use undo nbns-list to remove the specified WINS server addresses.

Syntax

nbns-list ip-address&<1-8>

undo nbns-list [ ip-address&<1-8> ]

Default

No WINS server address is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address&<1-8>: Specifies a space-separated list of up to eight WINS server IP addresses.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

If you do not specify any parameters, the undo nbns-list command deletes all WINS server addresses.

Examples

# Specify WINS server address 10.1.1.1 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] nbns-list 10.1.1.1

Related commands

display ip pool

netbios-type

Use netbios-type to specify the NetBIOS node type in an IP pool.

Use undo netbios-type to restore the default.

Syntax

netbios-type { b-node | h-node | m-node | p-node }

undo netbios-type

Default

No NetBIOS node type is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

b-node: Specifies the broadcast node. A b-node client sends the destination name in a broadcast message to get the name-to-IP mapping from a server.

h-node: Specifies the hybrid node. An h-node client unicasts the destination name to a WINS server. If it does not receive a response, the h-node client broadcasts the destination name to get the mapping from a server.

m-node: Specifies the mixed node. An m-node client broadcasts the destination name. If it does not receive a response, the m-node client unicasts the destination name to the WINS server to get the mapping.

p-node: Specifies the peer-to-peer node. A p-node client sends the destination name in a unicast message to get the mapping from the WINS server.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the NetBIOS node type as p-node in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] netbios-type p-node

Related commands

display ip pool

nbns-list

network

Use network to specify a network segment for dynamic allocation in an IP pool.

Use undo network to remove the specified network segment.

Syntax

network network-address [ mask-length | mask mask ] [ secondary ] [ export-route [ preference preference | tag tag ] * ]

undo network network-address [ mask-length | mask mask ] [ secondary ]

Default

No network segment is specified in an IP pool.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

network-address: Specifies the network segment for dynamic allocation. If no mask length or mask is specified, the natural mask will be used.

mask-length: Specifies the mask length in the range of 1 to 30.

mask mask: Specifies the mask in dotted decimal notation.

secondary: Specifies the network segment as a secondary network segment. If you do not specify this keyword, this command specifies the primary network segment. If the addresses in the primary network segment are used up, the DHCP server can select addresses from a secondary network segment for clients.

export-route: Advertises the network route assigned to DHCP clients. If you do not specify this keyword, the network route will not be advertised.

preference preference: Sets a preference for the network route to be advertised, in the range of 1 to 255. The default preference is 70.

tag tag: Sets a tag value for the network route to be advertised, in the range of 0 to 4294967295. The default tag value is 0. Tags are route identifications for routing policies to filter routes. For more information about routing policies, see Layer 3—IP Routing Configuration Guide.

Usage guidelines

You can use the secondary keyword to specify a secondary network segment and enter its view. In secondary network segment view, you can specify gateways by using the gateway-list command for DHCP clients in the secondary network segment.

You can specify only one primary network segment for an IP pool. If you execute the network command multiple times, the most recent configuration takes effect.

You can specify up to 32 secondary network segments for an IP pool.

The primary network segment and secondary network segments in an IP pool must not have the same network address and mask.

If you have used the address range or class command in an IP pool, you cannot specify a secondary network segment in the same IP pool.

If the IP pool has assigned IP addresses, you cannot use the network command to modify or remove the network segments in the IP pool.

If you execute the network export-route command multiple times, the most recent configuration takes effect.

Examples

# Specify primary network segment 192.168.8.0/24 and secondary network segment 192.168.10.0/24 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] network 192.168.8.0 mask 255.255.255.0

[Sysname-ip-pool-0] network 192.168.10.0 mask 255.255.255.0 secondary

[Sysname-ip-pool-0-secondary]

Related commands

display ip pool

gateway-list

subnet alloc-mode

subnet export-route disable

subnet idle-time

subnet mask-length

next-server

Use next-server to specify the IP address of a server in an IP pool.

Use undo next-server to restore the default.

Syntax

next-server ip-address

undo next-server

Default

No server's IP address is specified in an IP pool.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies the IP address of a server.

Usage guidelines

Upon startup, the DHCP client obtains an IP address and the specified server IP address. Then it contacts the specified server, such as a TFTP server, to get other boot information.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify a server's IP address 10.1.1.254 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] next-server 10.1.1.254

Related commands

display ip pool

option

Use option to customize a DHCP option.

Use undo option to remove a customized DHCP option.

Syntax

option code { ascii ascii-string | hex hex-string | ip-address ip-address&<1-8> }

undo option code

Default

No DHCP option is customized.

Views

IP pool view

DHCP option group view

Predefined user roles

network-admin

mdc-admin

Parameters

code: Specifies the number of the customized option, in the range of 2 to 254, excluding 50 through 54, 56, 58, 59, 61, and 82.

ascii ascii-string: Specifies a case-sensitive ASCII string of 1 to 255 characters as the option content.

hex hex-string: Specifies a hexadecimal number as the option content. The length of the hexadecimal number must be an even number in the range of 2 to 256.

ip-address ip-address&<1-8>: Specifies a space-separated list of up to eight IP addresses as the option content.

Usage guidelines

The DHCP server fills the customized option with the specified ASCII string, hexadecimal number, or IP addresses, and sends it in a response to the client.

You can customize options for the following purposes:

· Add newly released options.

· Add options for which the vendor defines the contents, for example, Option 43.

· Add options for which the CLI does not provide a dedicated configuration command. For example, you can use the option 4 ip-address 1.1.1.1 command to define the time server address 1.1.1.1 for DHCP clients.

· Add all option values if the actual requirement exceeds the limit for a dedicated option configuration command. For example, the dns-list command can specify up to eight DNS servers. To specify more than eight DNS server, you must use the option 6 command to define all DNS servers.

DHCP options specified by dedicated commands take precedence over those specified by the option commands. For example, if a DNS server address is specified by both the dns-list command and the option 6 command, the server uses the address specified by the dns-list command.

DHCP options specified in DHCP option groups take precedence over those specified in IP pools.

If multiple DHCP option groups have the same option, the server selects the option in the DHCP option group first matching the user class.

If you execute this command multiple times with the same code specified, the most recent configuration takes effect.

Examples

# Configure Option 7 to specify log server address 2.2.2.2 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] option 7 ip-address 2.2.2.2

Related commands

display ip pool

origin dhcp subnet mask-length

Use origin dhcp subnet mask-length to specify a subnet mask length that the ODAP client uses to request subnets from the ODAP server.

Use undo origin dhcp subnet mask-length to restore the default.

Syntax

origin dhcp subnet mask-length mask-length

undo origin dhcp subnet mask-length

Default

The subnet mask length that the ODAP client uses to request subnets from the ODAP server is not specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

mask-length: Specifies a subnet mask length in the range of 1 to 30.

Usage guidelines

Do not use the origin dhcp subnet mask-length command to modify the mask length if the ODAP client has assigned IP addresses to DHCP clients. Otherwise, the subnets that the ODAP client has obtained will be released, and users in some networks might go offline (for example, an IPoE network).

Examples

# Create an IP pool named pool1 on the ODAP client, and configure the ODAP client to use the subnet mask length of 24 to request subnets from the ODAP server.

<Sysname> system-view

[Sysname] ip pool pool1 odap-client

[Sysname-ip-pool-pool1] origin dhcp subnet mask-length 24

pool

Use pool to add an IP pool to the IP pool group.

Use undo pool to remove an IP pool from the IP pool group.

Syntax

pool pool-name

undo pool [ pool-name ]

Default

No IP pools exist in an IP pool group.

Views

IP pool group view

Predefined user roles

network-admin

mdc-admin

Parameters

pool-name: Specifies an IP pool name, a case-insensitive string of 1 to 63 characters. The undo pool command removes all IP pools from the IP pool group if you do not specify this argument.

Usage guidelines

For a user that matches an IP pool group, the DHCP server selects an IP address from an available IP pool in the IP pool group based on the match order.

An IP pool supports a maximum of 1024 IP pools. An IP pool can be added to multiple IP pool groups.

Before you add an IP pool to an IP pool group, make sure the IP pool is on the public network or in the same VPN instance as the IP pool group.

Before you remove an IP pool from an IP pool group, make sure the IP pool has not assigned any IP addresses.

Examples

# Create an IP pool named poolgroup1, and assign IP pool pool1 to the IP pool group.

<Sysname> system-view

[Sysname] ip pool-group poolgroup1

[Sysname-ip-pool-group-poolgroup1] pool pool1

Related commands

ip pool-group

reserve expired-ip enable

Use reserve expired-ip enable to enable IP address reservation in an IP pool.

Use undo reserve expired-ip enable to disable IP address reservation in an IP pool.

Syntax

reserve expired-ip enable

undo reserve expired-ip enable

Default

IP address reservation is enabled.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This feature enables the DHCP server to reserve IP addresses for clients that are going offline. When a client goes offline, the DHCP server reserves the client IP address as an expired lease. When the client comes online again, the DHCP server assigns the IP address in the reserved lease to the client.

Disable the IP address reservation feature if you want the DHCP server to reclaim IP addresses immediately after clients go offline.

Examples

# Disable IP address reservation in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] undo reserve expired-ip enable

Related commands

reserve expired-ip mode

display dhcp server expired

reserve expired-ip mode

Use reserve expired-ip enable to configure the IP address reservation mode in an IP pool.

Use undo reserve expired-ip enable to restore the default.

Syntax

reserve expired-ip mode { client-id | mac } [ limit limit-number | time time ] *

undo reserve expired-ip mode

Default

With IP address reservation enabled, a DHCP server reserves IP addresses based on client IDs.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

client-id: Reserves IP addresses based on client IDs.

mac: Reserves IP addresses based on client MAC addresses.

limit limit-number: Specifies the maximum number of IP addresses that can be reserved in an IP pool. The value range is 1 to 256000, and the default value is 256000.

time time: Specifies the reservation time for expired IP addresses, in the range of 60 to 4294967295 seconds. If you do not specify this option, the reserved time is unlimited (about 136 years defined by the system).

Usage guidelines

With IP address reservation enabled, the DHCP server reserves IP addresses for DHCP clients in the following modes:

· Reservation based on client IDs—The DHCP server records the IP-to-client ID bindings for online clients. When these clients come online again, the server assigns them the IP addresses in the bindings based on their client IDs.

· Reservation based on client MAC addresses—The DHCP server records the IP-to-MAC bindings for online clients. When these clients come online again, the server assigns them the IP addresses in the bindings based on their MAC addresses.

When you change the IP address reservation mode, the device deletes all expired leases that are saved in the old reservation mode.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure the DHCP server to reserve IP addresses based on client IDs in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] reserve expired-ip enable

[Sysname-ip-pool-0] reserve expired-ip mode client-id

reset dhcp odap-client subnet

Use reset dhcp odap-client subnet to release obtained ODAP subnets.

Syntax

reset dhcp odap-client subnet [ vpn-instance vpn-instance-name ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance vpn-instance-name: Specifies the name of the MPLS L3VPN instance to which the IP pool belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command releases obtained ODAP subnets in the IP pool on the public network.

Usage guidelines

Execute this command before you perform one of the following tasks on the ODAP client:

· Use the origin dhcp subnet mask-length command to modify the mask length of subnets that the ODAP client requests from the ODAP server.

· Use the subnet alloc-mode command to modify the subnet allocation mode of the IP pool.

· Modify the VPN of the IP pool.

When the IP pool configuration changes on the ODAP server or user demand changes, configure the ODAP client to release obtained ODAP subnets so that it can obtain new subnets.

Execute this command only when no IP addresses are assigned to DHCP clients. Otherwise, releasing the subnets will make users go offline in some networks (for example, an IPoE network).

Examples

# Release the obtained ODAP subnets.

<Sysname> reset dhcp odap-client subnet

Related commands

ip pool

reset dhcp server conflict

Use reset dhcp server conflict to clear IP address conflict information.

Syntax

reset dhcp server conflict [ ip ip-address ] [ vpn-instance vpn-instance-name ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

ip ip-address: Clears conflict information about the specified IP address. If you do not specify this option, this command clears all address conflict information.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command clears conflict information about IP addresses for the public network.

Usage guidelines

Address conflicts occur when dynamically assigned IP addresses have been statically configured for other hosts. After you modify the IP pool configuration, the conflicted addresses might become assignable. To assign these addresses, use the reset dhcp server conflict command to clear the conflict information first.

Examples

# Clear all IP address conflict information.

<Sysname> reset dhcp server conflict

Related commands

display dhcp server conflict

reset dhcp server expired

Use reset dhcp server expired to clear binding information about expired IP addresses.

Syntax

reset dhcp server expired [ [ ip ip-address ] [ vpn-instance vpn-instance-name ] | pool pool-name ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

ip ip-address: Clears binding information about the specified expired IP address. If you do not specify an IP address, this command clears binding information about all expired IP addresses.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command clears lease expiration information about IP addresses for the public network.

pool pool-name: Clears binding information about the expired IP addresses in the specified IP pool. The pool name is a case-insensitive string of 1 to 63 characters. If you do not specify an IP pool, this command clears binding information about expired IP addresses in all IP pools.

Examples

# Clear binding information about all expired IP addresses.

<Sysname> reset dhcp server expired

Related commands

display dhcp server expired

reset dhcp server ip-in-use

Use reset dhcp server ip-in-use to clear binding information about assigned IP addresses.

Syntax

reset dhcp server ip-in-use [ [ ip ip-address ] [ vpn-instance vpn-instance-name ] | pool pool-name ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

ip ip-address: Clears binding information about the specified assigned IP address. If you do not specify an IP address, this command clears binding information about all assigned IP addresses.

pool pool-name: Clears binding information about assigned IP addresses in the specified IP pool. The pool name is a case-insensitive string of 1 to 63 characters. If you do not specify an IP pool, this command clears binding information about assigned IP addresses in all IP pools.

Usage guidelines

If you use this command to clear information about an assigned static binding, the static binding becomes a free static binding.

Examples

# Clear binding information about IP address 10.110.1.1.

<Sysname> reset dhcp server ip-in-use ip 10.110.1.1

Related commands

display dhcp server ip-in-use

reset dhcp server statistics

Use reset dhcp server statistics to clear DHCP server statistics.

Syntax

reset dhcp server statistics [ vpn-instance vpn-instance-name ]

Views

User view

Predefined user roles

network-admin

mdc-admin

Parameters

Examples

# Clear DHCP server statistics.

<Sysname> reset dhcp server statistics

Related commands

display dhcp server statistics

reset dhcp-access packet statistics

Use reset dhcp-access packet statistics to clear packet statistics for the DHCP access module.

Syntax

reset dhcp-access packet statistics

Views

User view

Predefined user roles

network-admin

mdc-admin

Examples

# Clear packet statistics for the DHCP access module.

<Sysname> reset dhcp-access packet statistics

Related commands

display dhcp-access packet statistics

snmp-agent trap enable dhcp server

Use snmp-agent trap enable dhcp server to enable SNMP notifications for the DHCP server.

Use undo snmp-agent trap enable dhcp server to disable SNMP notifications for the DHCP server.

Syntax

snmp-agent trap enable dhcp server [ address-exhaust | allocated-ip | ip-in-use ] *

undo snmp-agent trap enable dhcp server [ address-exhaust | allocated-ip | ip-in-use ] *

Default

SNMP notifications are enabled for the DHCP server.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

address-exhaust: Specifies notifications about the exhaustion or recovery of an IP pool.

allocated-ip: Specifies notifications about IP address allocation success rate threshold violation. The threshold is set by the dhcp server allocated-ip threshold command.

ip-in-use: Specifies notifications about the usage threshold violation and recovery in an IP pool. The threshold is set by the ip-in-use threshold command.

Usage guidelines

If you do not specify any parameters, this command enables SNMP notifications for all types of DHCP server events.

To report critical DHCP server events to an NMS, enable SNMP notifications for the DHCP server. For DHCP server event notifications to be sent correctly, you must also configure SNMP on the device. For more information about SNMP configuration, see the network management and monitoring configuration guide for the device.

Examples

# Enable SNMP notifications for all types of DHCP server events.

<Sysname> system-view

[Sysname] snmp-agent trap enable dhcp server

# Enable SNMP notifications for IP pool exhaustion or recovery.

<Sysname> system-view

[Sysname] snmp-agent trap enable dhcp server address-exhaust

# Enable SNMP notifications for IP address allocation success rate threshold violation.

<Sysname> system-view

[Sysname] snmp-agent trap enable dhcp server allocated-ip

# Enable SNMP notifications for IP pool usage threshold violation and recovery.

<Sysname> system-view

[Sysname] snmp-agent trap enable dhcp server ip-in-use

Related commands

dhcp server allocated-ip threshold

ip-in-use threshold

snmp-agent target-host (Network Management and Monitoring Command Reference)

static-bind

Use static-bind to statically bind a client ID or MAC address to an IP address.

Use undo static-bind to remove a static binding.

Syntax

static-bind ip-address ip-address [ mask-length | mask mask ] { client-identifier client-identifier | hardware-address hardware-address [ ethernet | token-ring ] }

undo static-bind ip-address ip-address

Default

No static binding is specified in an IP pool.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address ip-address: Specifies the IP address of the static binding. The natural mask is used if no mask length or mask is specified.

mask-length: Specifies the mask length in the range of 1 to 30.

mask mask: Specifies the mask, in dotted decimal format.

client-identifier client-identifier: Specifies the client ID of the static binding, a string of 4 to 254 characters. The string can contain only hexadecimal numbers and hyphen (-), in the format of H-H-H…. The last H can be a two-digit or four-digit hexadecimal number while the other Hs must be all four-digit hexadecimal numbers. For example, aabb-cccc-dd is correct, and aabb-c-dddd and aabb-cc-dddd are not correct.

hardware-address hardware-address: Specifies the client hardware address of the static binding, a string of 4 to 39 characters. The string can contain only hexadecimal numbers and hyphen (-), in the format of H-H-H…. The last H can be a two-digit or four-digit hexadecimal number while the other Hs must be all four-digit hexadecimal numbers. For example, aabb-cccc-dd is correct, and aabb-c-dddd and aabb-cc-dddd are not correct.

ethernet: Specifies the client hardware address type as Ethernet. The default type is Ethernet.

token-ring: Specifies the client hardware address type as token ring.

Usage guidelines

The IP address of a static binding must not be an interface address of the DHCP server. Otherwise, an IP address conflict occurs, and the bound client cannot obtain the IP address.

You can specify multiple static bindings in an IP pool. The total number of static bindings in all IP pools cannot exceed 8192.

An IP address can be bound to only one DHCP client. To modify the binding for a DHCP client, first execute the undo form of the command to delete the existing binding and then create a new binding.

The command is not available for IP pools that support dynamic subnet allocation, or the IP pool on the ODAP client or the ODAP server.

Examples

# Bind IP address 10.1.1.1/24 to client ID 00aa-aabb in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] static-bind ip-address 10.1.1.1 mask 255.255.255.0 client-identifier 00aa-aabb

Related commands

display ip pool

subnet alloc-mode

Use subnet alloc-mode to specify a subnet allocation mode for an IP pool.

Use undo subnet alloc-mode to restore the default.

Syntax

subnet alloc-mode { interface [ support-subnet-move ] [ support-physic ] | pool-name | up-address | vxlan-id [ support-subnet-move ] }

undo subnet alloc-mode

Default

Subnets are allocated based on VXLAN IDs in the IP pool.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

interface: Allocates subnets based on the user-facing interfaces on the UP device.

support-subnet-move: Supports subnet move between ODAP clients. If you do not specify this keyword, subnet move is not supported between ODAP clients.

support-physic: Allocates subnets to subinterfaces based on their main interfaces.

pool-name: Selects subnets one by one for subnet assignment. The next subnet is selected if the current subnet does not have assignable addresses.

up-address: Allocates a subnet to a UP based on the UP address of the VXLAN tunnel.

vxlan-id: Allocates a subnet to a UP based on the VXLAN ID of the user on the UP.

Usage guidelines

On a CUPS network, follow these rules to choose an allocation mode:

· If one UP device connects to different VXLANs, and each VXLAN accommodates users at the same location or of the same type (such as VoIP users and Video over IP users), specify the vxlan-id keyword.

· If multiple UP devices exist, and one UP device connects to users of the same type or at same location, specify the up-address keyword.

· If users of the same type or at same location are connected to the same interface of a UP, specify the interface keyword.

· If the user types and locations can be ignored for subnet assignment, specify the pool-name keyword as a best practice.

These rules also apply to an ODAP network with CUPS configured. In such a network, the ODAP client acts as the CP device and is connected to multiple UP devices.

On an ODAP network without CUPS configured, specify the pool-name keyword as a best practice.

The subnet allocation mode switchover causes the DHCP server to reclaim assigned subnets and perform re-allocation. As a best practice, determine the subnet allocation mode before configuring the DHCP server to allocate subnets.

Examples

# Configure the DHCP server to allocate subnet based on the UP address of the VXLAN tunnel.

<Sysname> system-view

[Sysname] ip pool pool1 subnet-alloc

[Sysname-ip-pool-pool1] subnet alloc-mode up-address

Related commands

network

subnet export-route

Use subnet export-route to set the preference and tag value for the subnet route.

Use undo subnet export-route to restore the default.

Syntax

subnet export-route preference preference tag tag

undo subnet export-route

Default

The preference and tag value for the subnet route are 65 and 0, respectively.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

preference preference: Sets a route preference, in the range of 1 to 255.

tag tag: Sets a tag value in the range of 0 to 4294967295. Tags are route identifications for routing policies to filter routes. For more information about routing policies, see Layer 3—IP Routing Configuration Guide.

Usage guidelines

When the ODAP client assigns an IP address in a subnet to the DHCP client, the ODAP client also deploys the subnet route. External devices can access the DHCP client based on the subnet route.

You can set a route tag value in system view or in IP pool view. The value set in IP pool view has higher priority than the one set in system view.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Create an IP pool named pool1 on the ODAP client, and set the route preference and tag value to 80 and 1, respectively.

<Sysname> system-view

[Sysname] ip pool pool1 odap-client

[Sysname-ip-pool-pool1] subnet export-route preference 80 tag 1

Related commands

ip pool

subnet export-route disable

Use subnet export-route disable to disable advertising dynamically allocated subnets.

Use undo subnet export-route disable to enable advertising dynamically allocated subnets.

Syntax

subnet export-route disable

undo subnet export-route disable

Default

Advertising dynamically allocated subnets is enabled.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

In the forwarding-control separation solution, the CP acts as the DHCP server. When the CP and UP are on the same device, only the network route rather than the subnet routes can be advertised to reduce the number of routes. In this case, you can disable advertising dynamically allocated subnets and execute the network export-route command to advertise the network route to the UP.

Examples

# Disable advertising dynamically allocated subnets.

<Sysname> system-view

[Sysname] ip pool pool1 subnet-alloc

[Sysname-ip-pool-pool1] subnet export-route disable

Related commands

network

subnet force-renew

Use subnet force-renew to renew information about the subnets allocated to ODAP clients.

Syntax

subnet force-renew

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

Since the ODAP server is not aware of the ODAP client error or disconnection, it cannot reclaim allocated subnets in such situation. To avoid the waste of subnet resources, you can configure this command to renew the allocated subnet information on the ODAP server.

The renew process is as follows:

1. The ODAP server sends a DHCP_FORCERENEW packet to all ODAP clients to ask for information about subnets that they have obtained.

2. Each ODAP client sends back their own subnet information in a DHCP_REQUEST packet.

3. The ODAP server collects statistics about subnets in all received DHCP REQUEST packets and reclaims subnets of which statistics are not returned.

Examples

# Renew information about the subnets that are assigned to ODAP clients for IP pool pool1.

<Sysname> system-view

[Sysname] ip pool pool1 odap-server

[Sysname-ip-pool-pool1] subnet force-renew

Related commands

ip pool

subnet idle-time

Use subnet idle-time to set the delay time for the DHCP server to reclaim idle subnets.

Use undo subnet alloc-mode to restore the default.

Syntax

subnet idle-time time

undo subnet idle-time

Default

The delay time for the DHCP server to reclaim idle subnets is 1 second.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

time: Sets the delay time for the DHCP server to reclaim idle subnets in seconds. The value range is 1 to 4294967295.

Usage guidelines

When all users on a subnet go offline, the CP reclaims the idle subnet. When the users come online again, the CP assigns them IP addresses in another subnet. To avoid assigning IP addresses of different subnets to a user that comes online and goes offline frequently, increase the delay time for the CP to reclaim idle subnets.

Examples

# Set the delay time for the CP to reclaim idle subnets to 10 seconds.

<Sysname> system-view

[Sysname] ip pool pool1 subnet-alloc

[Sysname-ip-pool-pool1] subnet idle-time 10

Related commands

network

subnet mask-length

Use subnet mask-length to specify the mask length for dynamically allocated subnets in an IP pool.

Use undo subnet alloc-mode to remove the configuration.

Syntax

subnet mask-length mask-len

undo subnet mask-length

Default

No mask length is specified for dynamically allocated subnets in an IP pool.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

mask-len: Specifies the subnet mask length. For IP pools that support dynamic subnet allocation, the value range for this argument is 1 to 30. For IP pools of the ODAP type, the value range for this argument is 1 to 32. The subnet mask length must be longer than or equal to the mask length specified in the network command in the IP pool.

Usage guidelines

After the DHCP server has assigned IP addresses, do not use the subnet mask-length command to modify the mask length. Doing so will release all dynamically allocated subnets in the IP pool.

To enable the ODAP server to assign subnets to IP pools of the ODAP host type, set the mask length to 32 for the IP pool on the ODAP server.

Examples

# Create IP pool pool1 that support dynamic subnet allocation and set the mask length to 24 for dynamically allocated subnets.

<Sysname> system-view

[Sysname] ip pool pool1 subnet-alloc

[Sysname-ip-pool-pool1] network 10.1.0.0 16

[Sysname-ip-pool-pool1] subnet mask-length 24

Related commands

ip pool

network

subnet giaddr

Use subnet giaddr to specify the IP address for the ODAP client to fill in the giaddr field in request packets.

Use undo subnet giaddr to restore the default.

Syntax

subnet giaddr ip-address

undo subnet giaddr

Default

The ODAP client uses IP address 0.0.0.0 to fill in the giaddr field in request packets.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies an IP address.

Usage guidelines

The ODAP client uses the specified IP address to fill in the giaddr field before sending the request to the ODAP server. The ODAP server uses this IP address as the destination IP address in the DHCP reply.

For the DHCP reply to reach the ODAP client, specify one of the following addresses as the address in the giaddr field:

· IP address of the interface that directly connects to the ODAP server on the ODAP client.

· IP address with a reachable route to the ODAP server (for example, the IP address of a loopback address).

Before you use this command to modify the IP address in the giaddr field of the packets sent by the ODAP client, make sure the ODAP client has not assigned any IP addresses to DHCP clients.

Examples

# In IP pool pool1 on the ODAP client, specify 1.1.1.1 as the IP address for the giaddr field in request packets.

<Sysname> system-view

[Sysname] ip pool pool1 odap-client

[Sysname-ip-pool-pool1] subnet giaddr 1.1.1.1

Related commands

ip pool

subnet utilization mark

Use subnet utilization mark to set the utilization marks of the IP pool size on the ODAP client.

Use undo subnet utilization mark to restore the default.

Syntax

subnet utilization mark high mark-high low mark-low

undo subnet utilization mark

Default

The high utilization mark is 100 and the low utilization mark is 0.

Views

IP pool

Predefined user roles

network-admin

mdc-admin

Parameters

high mark-high: Specifies the high utilization mark in percentage. The value range for the mark-high argument is 1 to 100.

low mark-low: Specifies the low utilization mark in percentage. The value range for the mark-low argument is 0 to 100. The low mark must be lower than the high mark.

Usage guidelines

The IP pool size refers to the total number of addresses in all subnets in the pool.

The utilization marks enable the ODAP client to manage the subnet resources efficiently.

· When the utilization level reaches the high mark, the ODAP client requests a new subnet from the ODAP server.

· When the utilization level is below the low mark, the ODAP client releases free subnets one by one.

· When the utilization level is between the high and low marks, the ODAP client does not request or release subnets.

Examples

# In IP pool pool1 on the ODAP client, set the high utilization mark to 90, and the low utilization mark to 20.

<Sysname> system-view

[Sysname] ip pool pool1 odap-client

[Sysname-ip-pool-pool1] subnet utilization mark high 90 low 20

Related commands

ip pool

tftp-server domain-name

Use tftp-server domain-name to specify a TFTP server name in an IP pool.

Use undo tftp-server domain-name to restore the default.

Syntax

tftp-server domain-name domain-name

undo tftp-server domain-name

Default

No TFTP server name is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

domain-name: Specifies the TFTP server name, a case-sensitive string of 1 to 63 characters.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify TFTP server name aaa in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] tftp-server domain-name aaa

Related commands

display ip pool

tftp-server ip-address

Use tftp-server ip-address to specify a TFTP server address in an IP pool.

Use undo tftp-server ip-address to restore the default.

Syntax

tftp-server ip-address ip-address

undo tftp-server ip-address

Default

No TFTP server address is specified.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

ip-address: Specifies the IP address of a TFTP server.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify TFTP server address 10.1.1.1 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] tftp-server ip-address 10.1.1.1

Related commands

display ip pool

tftp-server domain-name

unr tag

Use unr tag to set a UNR tag value for a BAS IP pool.

Use undo unr tag to restore the default.

Syntax

unr tag tag-value

undo unr tag

Default

No UNR tag value is set for a BAS IP pool.

Views

Local BAS IP pool view

Remote BAS IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

tag-value: Sets a UNR tag value, in the range of 0 to 4294967294.

Usage guidelines

The tag value modification does not affect the tag value for network routes that have been advertised.

This command takes effect only on BAS IP pools.

You can set a UNR tag value in system view or in IP pool view. For BAS access users, the value set in BAS IP pool view has higher priority than the one set in system view.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the UNR tag value to 1 for local BAS IP pool p1.

<Sysname> system-view

[Sysname] ip pool bas local p1

[Sysname-ip-pool-bas-local-p1] unr tag 1

Related commands

ip unr

valid class

Use valid class to add DHCP user classes to the whitelist.

Use undo valid class to remove DHCP user classes from the whitelist.

Syntax

valid class class-name&<1-8>

undo valid class class-name&<1-8>

Default

No DHCP user class is listed on the whitelist.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

class-name&<1-8>: Specifies a space-separated list of up to eight DHCP user classes by their names, a case-insensitive string of 1 to 63 characters.

Usage guidelines

For this command to take effect, you must enable the DHCP user class whitelist.

Examples

# Add DHCP user classes test1 and test2 to the whitelist in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] valid class test1 test2

Related commands

dhcp class

verify class

Use verify class to enable the DHCP user class whitelist.

Use undo verify class to disable the DHCP user class whitelist.

Syntax

verify class

undo verify class

Default

The DHCP user class whitelist is disabled.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

After you enable the DHCP user class whitelist, the DHCP server processes requests only from clients on the DHCP user class whitelist.

The DHCP user class whitelist does not take effect on clients that request static IP addresses, and the server always processes their requests.

Examples

# Enable the DHCP user class whitelist in IP pool 0.

[Sysname] system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] verify class

Related commands

valid class

voice-config

Use voice-config to configure the content for Option 184 in an IP pool.

Use undo voice-config to remove the Option 184 content from an IP pool.

Syntax

voice-config { as-ip ip-address | fail-over ip-address dialer-string | ncp-ip ip-address | voice-vlan vlan-id { disable | enable } }

undo voice-config [ as-ip | fail-over | ncp-ip | voice-vlan ]

Default

No Option 184 content is configured in an IP pool.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

as-ip ip-address: Specifies the IP address of the backup network calling processor.

fail-over ip-address dialer-string: Specifies the failover IP address and dialer string. The dialer-string is a string of 1 to 39 characters. Valid characters are digits and asterisk (*).

ncp-ip ip-address: Specifies the IP address of the primary network calling processor.

voice-vlan vlan-id: Specifies the voice VLAN ID in the range of 2 to 4094.

· disable: Disables the specified VLAN. DHCP clients will not take this VLAN as their voice VLAN.

· enable: Enables the specified VLAN. DHCP clients will take this VLAN as their voice VLAN.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure Option 184 in IP pool 0. The primary and backup network calling processors are at 10.1.1.1 and 10.2.2.2, respectively. The voice VLAN 3 is enabled. The failover IP address is 10.3.3.3. The dialer string is 99*.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] voice-config ncp-ip 10.1.1.1

[Sysname-ip-pool-0] voice-config as-ip 10.2.2.2

[Sysname-ip-pool-0] voice-config voice-vlan 3 enable

[Sysname-ip-pool-0] voice-config fail-over 10.3.3.3 99*

Related commands

display ip pool

vpn-instance (IP pool view)

Use vpn-instance to apply an IP pool to a VPN instance.

Use undo vpn-instance to restore the default.

Syntax

vpn-instance vpn-instance-name

undo vpn-instance

Default

The IP pool is not applied to any VPN instance.

Views

IP pool view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

If an IP pool is applied to a VPN instance, the DHCP server assigns IP addresses in this IP pool to clients in the specified VPN instance.

The DHCP server identifies the VPN instance to which a DHCP client belongs according to the following information:

· The client's VPN information stored in authentication modules.

· The VPN information of the DHCP server's interface that receives DHCP packets from the client.

The VPN information from authentication modules takes priority over the VPN information of the receiving interface.

Examples

# Apply IP pool 0 to VPN instance abc.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] vpn-instance abc

vpn-instance (IP pool group view)

Use vpn-instance to apply an IP pool group to a VPN instance.

Use undo vpn-instance to restore the default.

Syntax

vpn-instance vpn-instance-name

undo vpn-instance

Default

The IP pool group is not applied to any VPN instance.

Views

IP pool group view

Predefined user roles

network-admin

mdc-admin

Parameters

vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters.

Usage guidelines

If an IP pool group is applied to a VPN instance, the IP pool group provides DHCP services for DHCP clients in the specified VPN instance.

If an IP pool group is not applied to a VPN instance, the IP pool group provides DHCP services for DHCP clients on the public network.

Examples

# Apply IP pool group g1 to VPN instance abc.

<Sysname> system-view

[Sysname] dhcp pool-group g1

[Sysname-dhcp-pool-group-g1] vpn-instance abc

DHCP relay agent commands

dhcp-proxy enable

Use dhcp-proxy enable to enable DHCP proxy.

Use undo dhcp-proxy enable to disable DHCP proxy.

Syntax

dhcp-proxy enable

undo dhcp-proxy enable

Default

DHCP proxy is enabled.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

When DHCP proxy is enabled on the access device, the proxy forwards packets between DHCP clients and DHCP servers.

· When receiving DHCP requests from DHCP clients, the proxy forwards them to DHCP servers.

· When receiving DHCP responses from DHCP servers, the proxy changes the DHCP server's IP address in these responses to the IP address of the output interface, and sends the responses to the DHCP clients.

Examples

# Enable DHCP proxy on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp-proxy enable

dhcp relay always-unicast

Use dhcp relay always-unicast to enable the DHCP relay agent to always unicast relayed DHCP responses.

Use undo dhcp relay always-unicast to restore the default.

Syntax

dhcp relay always-unicast

undo dhcp relay always-unicast

Default

The DHCP relay agent reads the broadcast flag in a DHCP response to decide whether to broadcast or unicast the relayed response.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This command enables the DHCP server to ignore the broadcast flag in DHCP responses and always unicast all relayed responses.

Examples

# Enable the DHCP relay agent to always unicast relayed DHCP responses.

<Sysname> system-view

[Sysname] dhcp relay always-unicast

Related commands

dhcp select relay

dhcp relay check mac-address

Use dhcp relay check mac-address to enable MAC address check on the relay agent.

Use undo dhcp relay check mac-address to disable MAC address check on the relay agent.

Syntax

dhcp relay check mac-address

undo dhcp relay check mac-address

Default

The MAC address check feature is disabled.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

This feature enables the DHCP relay agent to compare the chaddr field of a received DHCP request with the source MAC address in the frame header. If they are the same, the DHCP relay agent forwards the request to the DHCP server. If they are not the same, the DHCP relay agent discards the request.

The MAC address check feature takes effect only when the dhcp select relay command has already been configured on the interface.

Enable the MAC address check feature only on the DHCP relay agent directly connected to the DHCP clients. A DHCP relay agent changes the source MAC address of DHCP packets before sending them.

Examples

# Enable MAC address check on the DHCP relay agent.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay check mac-address

Related commands

dhcp select relay

dhcp relay check mac-address aging-time

Use dhcp relay check mac-address aging-time to set the aging time for MAC address check entries on the DHCP relay agent.

Use undo dhcp relay check mac-address aging-time to restore the default.

Syntax

dhcp relay check mac-address aging-time time

undo dhcp relay check mac-address aging-time

Default

The aging time is 30 seconds.

Views

System view

Predefined user roles

network-admin

Parameters

time: Specifies the aging time for MAC address check entries, in the range of 30 to 600 seconds.

Usage guidelines

This command takes effect only after you execute the dhcp relay check mac-address command.

Examples

# Set the aging time to 60 seconds for MAC address check entries on the DHCP relay agent.

<Sysname> system-view

[Sysname] dhcp relay check mac-address aging-time 60

dhcp relay client-information record

Use dhcp relay client-information record to enable recording client information in relay entries.

Use undo dhcp relay client-information record to disable the feature.

Syntax

dhcp relay client-information record

undo dhcp relay client-information record

Default

The DHCP relay agent does not record client information in relay entries.

Views

System view

Predefined user roles

network-admin

Usage guidelines

Client information is recorded only when the DHCP relay agent is configured on the gateway of DHCP clients. A relay entry contains information about a client such as the client's IP and MAC addresses.

Disabling the recording of client information deletes all recorded relay entries.

Examples

# Enable the recording of relay entries on the relay agent.

<Sysname> system-view

[Sysname] dhcp relay client-information record

Related commands

dhcp conflict-ip-address offline

dhcp relay client-information refresh

dhcp relay client-information refresh enable

dhcp relay client-information refresh

Use dhcp relay client-information refresh to set the interval at which the DHCP relay agent refreshes relay entries.

Use undo dhcp relay client-information refresh to restore the default.

Syntax

dhcp relay client-information refresh [ auto | interval interval ]

undo dhcp relay client-information refresh

Default

The refresh interval is automatically calculated based on the number of relay entries.

Views

System view

Predefined user roles

network-admin

Parameters

auto: Automatically calculates the refresh interval. The more the entries, the shorter the refresh interval. The shortest interval is 50 ms.

interval interval: Specifies the refresh interval in the range of 1 to 120 seconds.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the refresh interval to 100 seconds.

<Sysname> system-view

[Sysname] dhcp relay client-information refresh interval 100

Related commands

dhcp relay client-information record

dhcp relay client-information refresh enable

Use dhcp relay client-information refresh enable to enable the DHCP relay agent to periodically refresh dynamic relay entries.

Use undo dhcp relay client-information refresh enable to disable the DHCP relay agent to periodically refresh dynamic relay entries.

Syntax

dhcp relay client-information refresh enable

undo dhcp relay client-information refresh enable

Default

The DHCP relay agent periodically refreshes relay entries.

Views

System view

Predefined user roles

network-admin

Usage guidelines

A DHCP client unicasts a DHCP-RELEASE message to the DHCP server to release its IP address. The DHCP relay agent conveys the message to the DHCP server and does not remove the IP-to-MAC entry of the client.

With this feature, the DHCP relay agent uses a client's IP address and the relay interface's MAC address to periodically send a DHCP-REQUEST message to the DHCP server.

· If the server returns a DHCP-ACK message or does not return any message within an interval, the DHCP relay agent performs the following operations:

¡ Removes the relay entry.

¡ Sends a DHCP-RELEASE message to the DHCP server to release the IP address.

· If the server returns a DHCP-NAK message, the relay agent keeps the entry.

With this feature disabled, the DHCP relay agent does not remove relay entries automatically. After a DHCP client releases its IP address, you must use the reset dhcp relay client-information command on the relay agent to remove the corresponding relay entry.

Examples

# Disable periodic refresh of relay entries.

<Sysname> system-view

[Sysname] undo dhcp relay client-information refresh enable

Related commands

dhcp relay client-information record

dhcp relay client-information refresh

reset dhcp relay client-information

dhcp relay dhcp-server timeout

Use dhcp relay dhcp-server timeout to set the DHCP server response timeout time for DHCP server switchover.

Use undo dhcp relay dhcp-server timeout to restore the default.

Syntax

dhcp relay dhcp-server timeout time

undo dhcp relay dhcp-server timeout

Default

The DHCP server response timeout time is 30 seconds.

Views

Interface view

Predefined user roles

network-admin

Parameters

time: Specifies the DHCP server response timeout time in the range of 1 to 65535 seconds.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the DHCP server response timeout time to 60 seconds for DHCP server switchover on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay dhcp-server timeout 60

Related commands

dhcp relay server-address algorithm

dhcp relay forward reply by-option82

Use dhcp relay forward reply by-option82 to configure the DHCP relay agent to forward DHCP replies based on Option 82.

Use undo dhcp relay forward reply by-option82 to restore the default.

Syntax

dhcp relay forward reply by-option82

undo dhcp relay forward reply by-option82

Default

The DHCP relay agent does not forward DHCP replies based on Option 82.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

This command takes effect only after you execute the dhcp relay information enable and dhcp relay information circuit-id commands.

Examples

# Configure the DHCP relay agent to forward DHCP replies based on Option 82.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay forward reply by-option82

Related commands

dhcp relay information circuit-id

dhcp relay information enable

dhcp relay gateway

Use dhcp relay gateway to specify the DHCP relay agent address to be padded to DHCP requests.

Use undo dhcp relay gateway to restore the default.

Syntax

dhcp relay gateway ip-address

undo dhcp relay gateway

Default

The primary IP address of the interface is padded to DHCP requests as the DHCP relay agent address.

Views

Interface view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the DHCP relay agent address. It must be an IP address of the interface.

Usage guidelines

The DHCP relay agent uses the specified IP address instead of the primary IP address of the relay interface as the DHCP relay agent address.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify 10.1.1.1 as the DHCP relay agent address to be padded to DHCP requests on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay gateway 10.1.1.1

Related commands

gateway-list

dhcp relay information circuit-id

Use dhcp relay information circuit-id to configure the padding mode and padding format for the Circuit ID sub-option of Option 82.

Use undo dhcp relay information circuit-id to restore the default.

Syntax

dhcp relay information circuit-id { bas [ sub-interface-vlan ] [ with-vxlan ] | string circuit-id | { normal | verbose [ node-identifier { mac | sysname | user-defined node-identifier } ] [ interface [ vlan-in-vlan ] ] } [ sub-interface-vlan ] [ format { ascii | hex } ] }

undo dhcp relay information circuit-id

Default

The padding mode is normal and the padding format is hex.

Views

Interface view

Predefined user roles

network-admin

Parameters

bas: Specifies the bas mode that fills in the Circuit ID sub-option with the interface information.

sub-interface-vlan: Specifies the VLAN ID of the L2VE subinterface as the content for the Circuit ID sub-option. If you do not specify this keyword, the VLAN ID of the interface on which you configure this command is written to the sub-option. This keyword is available only for L3VE interfaces.

with-vxlan: Specifies the bas mode with VXLAN ID. If you do not specify this keyword, you specify the bas mode without VXLAN ID.

string circuit-id: Specifies the string mode that uses a case-sensitive string of 3 to 63 characters as the content of the Circuit ID sub-option.

normal: Specifies the normal mode, in which the padding content consists of the VLAN ID and port number.

verbose: Specifies the verbose mode. The padding content includes the node identifier, interface information, and VLAN ID. The default node identifier is the MAC address of the access node. The default interface information consists of the Ethernet type (fixed to eth), chassis number, slot number, sub-slot number, and interface number.

node-identifier { mac | sysname | user-defined node-identifier }: Specifies the access node identifier.

· mac: Uses the MAC address of the access node as the node identifier.

· sysname: Uses the device name as the node identifier. You can set the device name by using the sysname command in system view. The padding format for the device name is always ASCII regardless of the specified padding format. If you specify this keyword, do not include any spaces when you set the device name. Otherwise, the DHCP relay agent fails to add or replace Option 82.

· user-defined node-identifier: Uses a case-sensitive string of 1 to 50 characters as the node identifier. The padding format for the specified character string is always ASCII regardless of the specified padding format.

interface: Uses the interface name as the interface information. If you specify this keyword, the padding format for the interface name and VLAN ID is always ASCII regardless of what padding format is specified.

vlan-in-vlan: Pads the Circuit ID sub-option with the inner and outer VLAN information of request packets. The padding format for the VLAN information is always ASCII. This field is supported only when sysname is specified as the node identifier.

format: Specifies the padding format for the Circuit ID sub-option.

ascii: Specifies the ASCII padding format.

hex: Specifies the hex padding format.

Usage guidelines

The Circuit ID sub-option cannot carry information about interface splitting or subinterfaces. For more information about interface splitting and subinterfaces, see Interface Configuration Guide.

If you execute this command multiple times, the most recent configuration takes effect.

The padding format for the string mode, the normal mode, or the verbose mode varies by command configuration. Table 12 shows how the padding format is determined for different modes.

Table 12 Padding format for different modes

Keyword (mode)	If no padding format is set	If the padding format is ascii	If the padding format is hex
string circuit-id	The padding format is ASCII, and is not configurable.	N/A	N/A
normal	Hex.	ASCII.	Hex.
verbose	Hex for the VLAN ID. ASCII for the node identifier, Ethernet type, chassis number, slot number, sub-slot number, and interface number.	ASCII.	ASCII for the node identifier and Ethernet type. Hex for the chassis number, slot number, sub-slot number, interface number, and VLAN ID.

Examples

# Specify the content mode as verbose, node identifier as the device name, and the padding format as ASCII for the Circuit ID sub-option.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay information enable

[Sysname-GigabitEthernet1/0/12] dhcp relay information strategy replace

[Sysname-GigabitEthernet1/0/12] dhcp relay information circuit-id verbose node-identifier sysname format ascii

Related commands

dhcp relay forward reply by-option82

dhcp relay information enable

dhcp relay information strategy

display dhcp relay information

dhcp relay information enable

Use dhcp relay information enable to enable the DHCP relay agent to support Option 82.

Use undo dhcp relay information enable to disable Option 82 support.

Syntax

dhcp relay information enable

undo dhcp relay information enable

Default

The DHCP relay agent does not support Option 82.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

This command enables the DHCP relay agent to add Option 82 to DHCP requests that do not contain Option 82 before forwarding the requests to the DHCP server. The content of Option 82 is determined by the dhcp relay information circuit-id and dhcp relay information remote-id commands. If the DHCP requests contain Option 82, the relay agent handles the requests according to the strategy configured with the dhcp relay information strategy command.

If this feature is disabled, the relay agent forwards requests that contain or do not contain Option 82 to the DHCP server.

Examples

# Enable Option 82 support on the relay agent.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay information enable

Related commands

dhcp relay forward reply by-option82

dhcp relay information circuit-id

dhcp relay information remote-id

dhcp relay information strategy

display dhcp relay information

dhcp relay information remote-id

Use dhcp relay information remote-id to configure the padding mode and padding format for the Remote ID sub-option of Option 82.

Use undo dhcp relay information remote-id to restore the default.

Syntax

dhcp relay information remote-id { normal [ format { ascii | hex } ] | string remote-id | sysname }

undo dhcp relay information remote-id

Default

The padding mode is normal and the padding format is hex.

Views

Interface view

Predefined user roles

network-admin

Parameters

normal: Specifies the normal mode in which the padding content is the MAC address of the receiving interface.

format: Specifies the padding format for the Remote ID sub-option. The default padding format is hex.

ascii: Specifies the ASCII padding format.

hex: Specifies the hex padding format.

string remote-id: Specifies the string mode that uses a case-sensitive string of 1 to 63 characters as the content of the Remote ID sub-option.

sysname: Specifies the sysname mode that uses the device name as the content of the Remote ID sub-option. You can set the device name by using the sysname command.

Usage guidelines

The padding format for the specified character string (string) or the device name (sysname) is always ASCII. The padding format for the normal mode is determined by the command.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify the padding content for the Remote ID sub-option of Option 82 as device001.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay information enable

[Sysname-GigabitEthernet1/0/12] dhcp relay information strategy replace

[Sysname-GigabitEthernet1/0/12] dhcp relay information remote-id string device001

Related commands

dhcp relay information enable

dhcp relay information strategy

display dhcp relay information

dhcp relay information strategy

Use dhcp relay information strategy to configure the strategy for the DHCP relay agent to handle messages containing Option 82.

Use undo dhcp relay information strategy to restore the default handling strategy.

Syntax

dhcp relay information strategy { drop | keep | replace }

undo dhcp relay information strategy

Default

The handling strategy for messages that contain Option 82 is replace.

Views

Interface view

Predefined user roles

network-admin

Parameters

drop: Drops DHCP messages that contain Option 82 messages.

keep: Keeps the original Option 82 intact and forwards the DHCP messages.

replace: Replaces the original Option 82 with the configured Option 82 before forwarding the DHCP messages.

Usage guidelines

This command takes effect only on DHCP requests that contain Option 82.

For DHCP requests that do not contain Option 82, the DHCP relay agent always adds Option 82 to the requests before forwarding the requests to the DHCP server.

If the handling strategy is replace, configure a padding mode and padding format for Option 82. If the handling strategy is keep or drop, you do not need to configure any padding mode or padding format. The settings do not take effect even if you configure them.

Examples

# Specify the handling strategy for Option 82 as keep.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay information enable

[Sysname-GigabitEthernet1/0/12] dhcp relay information strategy keep

Related commands

dhcp relay information enable

display dhcp relay information

dhcp relay master-server switch-delay

Use dhcp relay master-server switch-delay to enable the switchback to the master DHCP server and set the switchback delay time.

Use undo dhcp relay master-server switch-delay to restore the default.

Syntax

dhcp relay master-server switch-delay delay-time

undo dhcp relay master-server switch-delay

Default

The DHCP relay agent does not switch back to the master DHCP server.

Views

Interface view

Predefined user roles

network-admin

Parameters

delay-time: Specifies the delay time in the range of 1 to 65535 minutes.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure the DHCP relay agent to switch back to the master DHCP server 3 minutes after it switches to a backup DHCP server on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay master-server switch-delay 3

Related commands

dhcp relay server-address algorithm

dhcp relay release ip

Use dhcp relay release ip to release a client IP address.

Syntax

dhcp relay release ip ip-address [ vpn-instance vpn-instance-name ]

Views

System view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the IP address to be released.

vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the specified IP address belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. If you do not specify a VPN instance, this command releases the IP address on the public network.

Usage guidelines

After you execute this command, the relay agent sends a DHCP-RELEASE packet to the DHCP server and removes the relay entry of the IP address. Upon receiving the packet, the server removes binding information about the specified IP address to release the IP address.

Examples

# Release IP address 1.1.1.1.

<Sysname> system-view

[Sysname] dhcp relay release ip 1.1.1.1

dhcp relay server-address

Use dhcp relay server-address to specify DHCP servers on the DHCP relay agent.

Use undo dhcp relay server-address to remove DHCP servers.

Syntax

dhcp relay server-address ip-address

undo dhcp relay server-address [ ip-address ]

Default

No DHCP server is specified on the DHCP relay agent.

Views

Interface view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the IP address of a DHCP server. The DHCP relay agent forwards DHCP packets received from DHCP clients to this DHCP server.

Usage guidelines

The specified IP address of the DHCP server must not reside on the same subnet as the IP address of the DHCP relay agent interface. Otherwise, the DHCP clients might fail to obtain IP addresses.

You can specify a maximum of eight DHCP servers on an interface. The DHCP relay agent forwards the packets from the clients to all the specified DHCP servers.

If you do not specify an IP address, the undo dhcp relay server-address command removes all DHCP servers on the interface.

Examples

# Specify DHCP server address 1.1.1.1 on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay server-address 1.1.1.1

Related commands

dhcp select relay

display dhcp relay interface

dhcp relay server-address algorithm

Use dhcp relay server-address algorithm to specify the DHCP server selection algorithm.

Use undo dhcp relay server-address algorithm to restore the default.

Syntax

dhcp relay server-address algorithm { master-backup | polling }

undo dhcp relay server-address algorithm

Default

The polling algorithm is used. The DHCP relay agent forwards DHCP requests to all DHCP servers at the same time.

Views

Interface view

Predefined user roles

network-admin

Parameters

master-backup: Forwards DHCP requests to the master DHCP server first. If the master server is not available or does not have assignable IP addresses, the relay agent forwards DHCP requests to backup DHCP servers in the order they are specified.

polling: Forwards DHCP requests to all DHCP servers at the same time.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify master-backup as the DHCP server selection algorithm on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay server-address algorithm master-backup

Related commands

dhcp relay dhcp-server timeout

dhcp relay master-server switch-delay

dhcp relay server-address

remote-server algorithm

dhcp relay source-address

Use dhcp relay source-address to specify the source IP address for DHCP requests.

Use undo dhcp relay source-address to restore the default.

Syntax

dhcp relay source-address { ip-address [ option { 60 [ option-text ] | code } ] | gateway | relay-interface }

undo dhcp relay source-address { ip-address [ option { 60 [ option-text ] | code } ] | gateway | relay-interface }

Default

The relay agent chooses the default source IP address for relayed requests depending on whether its server-side interface and the DHCP server belong to the same VPN instance:

· If they belong to the same VPN instance, the relay agent uses the IP address of the output interface for relayed requests as the default source IP address.

· If they belong to different VPN instances, the relay agent uses the lowest IP address that is in the same VPN instance as the DHCP server as the default source address.

Views

Interface view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the source IP address for DHCP requests. This IP address will also be filled in the giaddr field.

option { 60 [ option-text ] | code }: Changes the source IP address and the giaddr field of a DHCP request if the DHCP request carries the specified option. If you do not specify any option, this command changes the source IP address and the giaddr field of all DHCP requests that the interface receives.

· 60 [ option-text ]: Identifies packets by the content of Option 60. The content is a case-sensitive string of 1 to 128 characters.

· code: Specifies an option code in the range of 1 to 59, and 61 to 254.

gateway: Uses the IP address in the giaddr field as the source IP address of the DHCP requests. If the giaddr field is empty, the relay agent follows the default rule to specify the source IP address for DHCP requests.

relay-interface: Uses the primary IP address of the relay interface as the source IP address. If this interface does not have an IP address, the relay agent follows the default rule to specify the source IP address for DHCP requests.

Usage guidelines

If you specify the ip-address argument, the relay agent changes not only the source IP address but also the giaddr field of a DHCP request. The DHCP server assigns the client an IP address on the same subnet as the specified IP address in the giaddr field. As a result, the DHCP client might not be on the same subnet as the DHCP relay interface (the gateway). To avoid this problem, you must configure Option 82 on the relay agent before specifying the ip-address argument. This configuration enables the DHCP relay agent to insert the primary IP address of the relay interface in Option 82. Based on this option, the DHCP server assigns an IP address on the same subnet as the IP address of the relay interface. The DHCP relay agent looks up the MAC address table for the output interface to forward the DHCP reply.

If you do not specify any options, the undo dhcp relay source-address command removes all configured source IP addresses for DHCP requests on the interface.

The source IP addresses specified by the following commands overwrite each other, whichever is configured the last:

· The dhcp relay source-address ip-address command without any DHCP options specified.

· The dhcp relay source-address gateway command.

· The dhcp relay source-address relay-interface command.

The dhcp relay source-address ip-address option { 60 [ option-text ] | code } and dhcp relay source-address { gateway | relay-interface } commands do not overwrite each other.

If multiple sources IP addresses are specified on an interface, their match order is as follows:

1. Source IP addresses specified with DHCP options are sorted in descending order of option values. A big DHCP option value has a priority. To match Option 60, the source IP address with the option-text argument takes precedence over the source IP address without the option-text argument.

2. Source IP addresses specified by the dhcp relay source-address ip-address commands without any DHCP options specified.

Examples

# Specify 1.1.1.1 as the source IP address for DHCP requests on GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp relay source-address 1.1.1.1

dhcp server

Use dhcp server to configure DHCP server liveness detection.

Use undo dhcp server to restore the default.

Syntax

dhcp server [ ip-address [ vpn-instance vpn-instance-name ] ] { dead-count dead-count-value | dead-time dead-time | nak-count nak-count-value | timeout timeout } *

undo dhcp server [ ip-address [ vpn-instance vpn-instance-name ] ] { dead-count | dead-time | nak-count | timeout } *

Default

If the DHCP relay agent does not receive a reply from a DHCP server within 25 seconds, the DHCP relay agent determines that the DHCP server is down or has no free addresses.

Views

System view

Predefined user roles

network-admin

Parameters

ip-address: Specifies an IP address of the DHCP server. If you do not specify this keyword, the criteria apply to all DHCP servers.

vpn-instance vpn-instance name: Specifies an MPLS L3VPN instance to which DHCP servers belongs. The vpn-instance-name argument specifies a VPN instance name, a case-sensitive string of 1 to 31 characters. If you do not specify this keyword, the criteria apply to DHCP servers on the public network.

dead-count dead-count-value: Specifies a maximum number of consecutive communication failures before the relay agent marks a DHCP server as down. The value range for the dead-count-value argument is 1 to 64, and the default value is 0.

dead-time dead-time: Specifies a time period in seconds for the relay agent to wait before communicating with the DHCP server. The value range for the dead-time augment is 1 to 65536, and the default value is 3.

nak-count nak-count-value: Specifies the maximum number of DHCP-NAK packets that the relay agent can receive. The value range for the nak-count-value argument is 0 to 255, and the default value is 10.

timeout timeout: Specifies a communication failure check timer in seconds. The value range for the argument is 1 to 60, and the default value is 25.

Usage guidelines

The command is applicable to a network where the relay agent selects a DHCP server from a remote BAS IP pool in an IP pool group.

This feature enables the relay agent to detect the liveness of the DHCP servers. Upon relaying the first DHCP request to a DHCP server, the DHCP relay agent starts the timeout timer and the request counter. If a reply is received within the timeout time, the relay agent resets packet counter and disables the timeout timer. The relay agent starts the timer and counter again if it relays a new request. A communication failure occurs if the relay agent does not receive a reply.

The relay agent uses the following principles to mark the DHCP server as down ("dead") or has no assignable IP addresses:

· At the end of every timeout period, the agent checks the total number of consecutive communication failures.

¡ If the failure count exceeds the dead-count-value value, the DHCP server is marked as dead.

¡ If the failure count does not exceed the dead-count-value value, the relay agent continues counting the number of requests. The DHCP server is marked as dead if the dead-count-value value is reached at next check.

· The total number of consecutively received DHCP-NAK for the relayed lease renewal packets reaches the nak-count value.

When a DHCP server is marked as dead, the relay agent starts the dead time for the server. Within the dead period, the relay agent does not relay any packets to this DHCP server. After the dead period expires, the relay agent determines that the DHCP server becomes alive, and starts forwarding packets to this server.

If all DHCP servers are marked as dead, the DHCP relay agent treats all DHCP servers as alive if it receives a new DHCP request.

If the DHCP server selection algorithm is set to polling, the longest timeout value among all DHCP servers is used as the check timer for all DHCP servers.

The liveness detection settings specific to a DHCP server have a higher priority than the shared settings. If no DHCP server-specific settings are configured, the shared ones apply.

You can specify multiple server liveness detection rules for different DHCP server addresses. If you do not specify a DHCP server for the command, you are creating a shared detection rule. The DHCP server-specific detection rule or the shared rule takes effect as follows:

· If you specify the same rule keyword but with different values in each command execution, the most recent configuration takes effect.

· If you specify different rule keywords in each command execution, all configurations take effect.

Examples

# Configure DHCP server liveness detection for DHCP server at 1.1.1.1. Set the maximum number of consecutive communication failures to 10, set the communication failure check timer to 20 seconds, and set the DHCP server dead period to 3 minutes.

<Sysname> system-view

[Sysname] dhcp server 1.1.1.1 dead-count 10 timeout 20 dead-time 3

Related commands

remote-server algorithm

dhcp-server nak-count

Use dhcp-server nak-count to set the maximum number of DHCP-NAK packets that the DHCP relay agent can receive from one DHCP server.

Use undo dhcp-server nak-count to restore the default.

Syntax

dhcp-server nak-count nak-count-value [ gateway-only ]

undo dhcp-server nak-count

Default

The DHCP relay agent can receive a maximum of 10 DHCP-NAK packets from one DHCP server.

Views

Remote BAS IP pool view

Predefined user roles

network-admin

Parameters

nak-count-value: Specifies the maximum number of DHCP-NAK packets, in the range of 0 to 255.

gateway-only: Disables the DHCP relay agent from sending a lease renew request to the next DHCP server. If you do not specify this keyword, the DHCP relay agent will turn to the next DHCP server when the maximum number of DHCP-NAK packets is reached.

Usage guidelines

This feature is applicable to a network where the DHCP relay agent uses the master-backup server selection in the remote BAS IP pool. In such a network, you can use the gateway-list command to specify gateway addresses for users that match the remote BAS IP pool. When the relay agent receives a lease renew request from a DHCP client, the relay agent forwards the request to the currently selected DHCP server. When the number of DHCP-NAK packets from the DHCP server reaches the upper limit, the DHCP relay agent performs one of the following operations, depending on the configuration:

· If the gateway-only keyword is not configured, the DHCP relay agent forwards the request to the next DHCP server.

· If the gateway-only keyword is configured and smart relay is enabled, the relay agent uses the next gateway address configured in the gateway-list command to fill the giaddr field.

· If the gateway-only keyword is not configured and smart relay is enabled, the relay agent performs the following operations:

a. Uses the next gateway address in the gateway-list command to fill the giaddr field.

b. Forwards the request to the next DHCP server.

If the value for the nak-count-value argument is set to 0, both the master/backup DHCP server selection algorithm setting and the smart relay feature do not take effect.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Allow the DHCP relay agent can receive the maximum number of 20 DHCP-NAK packets from a DHCP server.

<Sysname> system-view

[Sysname] ip poo1 1 bas remote

[Sysname-ip-pool-1] dhcp-server nak-count 20

Related commands

dhcp smart-relay enable

remote-server algorithm master-backup

dhcp-server source-address

Use dhcp-server source-address to specify the source IP address of the packets that the relay agent forwards to the DHCP server.

Use undo dhcp-server source-address to restore the default.

Syntax

dhcp-server source-address { ip-address | gateway | interface interface-type interface-number }

undo dhcp-server source-address

Default

The relay agent chooses the default source IP address for relayed requests depending on whether its server-side interface and the DHCP server belong to the same VPN instance:

· If they belong to the same VPN instance, the relay agent uses the IP address of the output interface for relayed requests as the default source IP address.

· If they belong to different VPN instances, the relay agent uses the lowest IP address that is in the same VPN instance as the DHCP server as the default source address.

Views

Remote BAS IP pool view

Predefined user roles

network-admin

Parameters

ip-address: Specifies the source IP address for DHCP requests.

interface interface-type interface-number: Uses the IP address of the specified interface as the source IP address. The interface-type interface-number argument specifies the interface type and the interface number.

Usage guidelines

This command is required if multiple relay interfaces share the same IP address or if a relay interface does not have routes to DHCP servers. You can use this command to specify the IP address of another interface, typically a loopback interface, on the DHCP relay agent as the source IP address for relayed DHCP requests.

If multiple relay interfaces share the same IP address, the DHCP relay agent cannot locate the output interface for DHCP reply packets based on the destination IP address. To avoid this problem, configure the DHCP relay agent to support Option 82 before executing dhcp-server source-address command. This configuration enables the DHCP relay agent to insert the subnet information in sub-option 5 in Option 82 for the received DHCP request. The DHCP server then assigns an IP address according to sub-option 5. The DHCP relay agent looks up the output interface in the MAC address table to forward the DHCP reply packets.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# In remote BAS IP pool 0, specify 1.1.1.1 as the source IP address for DHCP requests.

<Sysname> system-view

[Sysname] ip pool 0 bas remote

[Sysname-ip-pool-0] dhcp-server source-address 1.1.1.1

dhcp-server timeout

Use dhcp-server timeout to set the DHCP server response timeout time for DHCP server switchover.

Use undo dhcp-server timeout to restore the default.

Syntax

dhcp-server timeout time

undo dhcp-server timeout

Default

The DHCP server response timeout time is 30 seconds.

Views

IP pool view

Predefined user roles

network-admin

Parameters

time: Specifies the DHCP server response timeout time in the range of 1 to 65535 seconds.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Set the DHCP server response timeout time to 60 seconds for DHCP server switchover in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] dhcp-server timeout 60

Related commands

remote-server algorithm

dhcp smart-relay enable

Use dhcp smart-relay enable to enable the DHCP smart relay feature.

Use undo dhcp smart-relay enable to disable the DHCP smart relay feature.

Syntax

dhcp smart-relay enable

undo dhcp smart-relay enable

Default

The DHCP smart relay feature is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

The smart relay feature allows the relay agent to use secondary IP addresses as the gateway address when the DHCP server does not reply the DHCP-OFFER message. The relay agent initially encapsulates its primary IP address to the giaddr field before forwarding a request to the DHCP server. If no DHCP-OFFER is returned after two retries, the relay agent switches to secondary IP addresses.

Without this feature, the relay agent always uses the primary IP address as the gateway address.

Examples

# Enable the DHCP smart relay feature.

<Sysname> system-view

[Sysname] dhcp smart-relay enable

Related commands

dhcp select

gateway-list

display dhcp relay check mac-address

Use display dhcp relay check mac-address to display MAC address check entries on the relay agent.

Syntax

display dhcp relay check mac-address

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display MAC address check entries on the DHCP relay agent.

<Sysname> display dhcp relay check mac-address

Source-MAC Interface Aging-time

23f3-1122-adf1 GE1/0/12 10

23f3-1122-2230 GE1/0/13 30

Table 13 Command output

Field	Description
Source MAC	Source MAC address of the attacker.
Interface	Interface where the attack comes from.
Aging-time	Aging time of the MAC address check entry, in seconds.

display dhcp relay client-information

Use display dhcp relay client-information to display relay entries on the relay agent.

Syntax

display dhcp relay client-information [ interface interface-type interface-number | ip ip-address [ vpn-instance vpn-instance-name ] ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Displays relay entries on the specified interface. If you do not specify an interface, this command displays relay entries on all interfaces.

ip ip-address: Displays the relay entry for the specified IP address. If you do not specify an IP address, this command displays relay entries for all IP addresses.

Usage guidelines

The DHCP relay agent records relay entries only after you configure the dhcp relay client-information record command.

For WAN access users (such as IPoE and PPPoE users), the DHCP relay agent cannot record their IP addresses. To obtain the IP address information for such users, execute the display dhcp server ip-in-use command on the DHCP server.

Examples

# Display all relay entries on the relay agent.

<Sysname> display dhcp relay client-information

Total number of client-information items: 2

Total number of dynamic items: 1

Total number of temporary items: 1

IP address MAC address Type Interface VPN name

10.1.1.1 00e0-0000-0001 Dynamic GE1/0/12 N/A

# Display relay entries for the specified IP address.

<Sysname> display dhcp relay client-information ip 10.1.1.1

Total number of client-information items: 1

Total number of dynamic items: 1

Total number of temporary items: 0

IP address : 10.1.1.5

MAC address : 00e0-0000-0000

Type : Dynamic

Port index : N/A

Interface : Vlan2

VPN name : N/A

Server address : 12.1.1.2

Access type : CommonV4

Outer VLAN : N/A

Inner VLAN : N/A

Table 14 Command output

Field	Description
Total number of client-information items	Total number of relay entries.
Total number of dynamic items	Total number of dynamic relay entries.
Total number of temporary items	Total number of temporary relay entries.
IP address	IP address of the DHCP client.
MAC address	MAC address of the DHCP client.
Type	Relay entry type: · Dynamic—The relay agent creates a dynamic relay entry upon receiving an ACK response from the DHCP server. · Temporary—The relay agent creates a temporary relay entry upon receiving a REQUEST packet from a DHCP client.
Interface	Layer 3 interface connected to the DHCP client. N/A is displayed for relay entries without interface information.
VPN name	Name of the VPN instance to which the DHCP client belongs. If the DHCP client does not belong to any VPN, this field displays N/A.
Port index	Layer 2 port that receives the DHCP request. If the request is not received through a Layer 2 port, this field displays N/A.
Server address	IP address of the DHCP server.
Access type	Access type of the DHCP client: · Commonv4—Portal or DHCP.
Outer VLAN	Outer VLAN tag contained in the DHCP request. If the request does not contain an outer VLAN tag, this field displays N/A.
Inner VLAN	Inner VLAN tag contained in the DHCP request. If the request does not contain an inner VLAN tag, this field displays N/A.

Related commands

dhcp relay client-information record

reset dhcp relay client-information

display dhcp relay information

Use display dhcp relay information to display Option 82 configuration information for the DHCP relay agent.

Syntax

display dhcp relay information [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Displays Option 82 configuration information for the specified interface. If you do not specify an interface, this command displays Option 82 configuration information about all interfaces.

Examples

# Display Option 82 configuration information for all interfaces.

<Sysname> display dhcp relay information

Interface: GigabitEthernet1/0/12

Status: Enable

Strategy: Replace

Circuit ID Pattern: Verbose

Remote ID Pattern: Sysname

Circuit ID format: Undefined

Remote ID format: ASCII

Node identifier: aabbcc

Interface: GigabitEthernet1/0/13

Status: Enable

Strategy: Replace

Circuit ID Pattern: User Defined

Remote ID Pattern: User Defined

Circuit ID format: ASCII

Remote ID format: ASCII

User defined:

Circuit ID: vlan100

Remote ID: device001

Table 15 Command output

Field			Description
Interface			Interface name.
Status		Option 82 states: · Enable—DHCP relay agent support for Option 82 is enabled. · Disable—DHCP relay agent support for Option 82 is disabled.
Strategy	Handling strategy for request messages containing Option 82, Drop, Keep, or Replace.
Circuit ID Pattern	Padding content mode of the Circuit ID sub-option, Verbose, Normal, or User Defined.
Remote ID Pattern	Padding content mode of the Remote ID sub-option, Sysname, Normal, or User Defined.
Circuit ID format-type	Padding format of the Circuit ID sub-option, ASCII, Hex, or Undefined.
Remote ID format-type	Padding format of the Remote ID sub-option, ASCII, Hex, or Undefined.
Node identifier				Access node identifier.
User defined				Content of the user-defined sub-options.
Circuit ID				User-defined content of the Circuit ID sub-option.
Remote ID				User-defined content of the Remote ID sub-option.

display dhcp relay server-address

Use display dhcp relay server-address to display DHCP server addresses configured on an interface.

Syntax

display dhcp relay server-address [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Displays DHCP server addresses on the specified interface. If you do not specify an interface, this command displays DHCP server addresses on all interfaces.

Examples

# Display DHCP server addresses on all interfaces.

<Sysname> display dhcp relay server-address

Interface name Server IP address

GE1/0/12 2.2.2.2

# Display DHCP server addresses on GigabitEthernet 1/0/12.

<Sysname> display dhcp relay server-address interface gigabitethernet 1/0/12

Active server address: 2.2.2.2

Interface name Server IP address

GE1/0/12 2.2.2.2

Table 16 Command output

Field	Description
Active server address	Active DHCP server address. The displayed value depends on the DHCP server selection algorithm configuration. · If the polling algorithm is used, this field displays all. The DHCP relay agent forwards DHCP requests to all DHCP servers. · If the master-backup algorithm is used, this field displays the IP address of the active DHCP server. The DHCP relay agent forwards DHCP requests to the master DHCP server first.
Interface name	Interface name.
Server IP address	DHCP server IP address.

Related commands

dhcp relay server-address

display dhcp relay statistics

Use display dhcp relay statistics to display DHCP packet statistics on the DHCP relay agent.

Syntax

display dhcp relay statistics [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Displays DHCP packet statistics on the specified interface. If you do not specify an interface, this command displays all DHCP packet statistics on the DHCP relay agent.

Examples

# Display all DHCP packet statistics on the DHCP relay agent.

<Sysname> display dhcp relay statistics

DHCP packets dropped: 0

DHCP packets received from clients: 0

DHCPDISCOVER: 0

DHCPREQUEST: 0

DHCPINFORM: 0

DHCPRELEASE: 0

DHCPDECLINE: 0

BOOTPREQUEST: 0

DHCP packets received from servers: 0

DHCPOFFER: 0

DHCPACK: 0

DHCPNAK: 0

BOOTPREPLY: 0

DHCP packets relayed to servers: 0

DHCPDISCOVER: 0

DHCPREQUEST: 0

DHCPINFORM: 0

DHCPRELEASE: 0

DHCPDECLINE: 0

BOOTPREQUEST: 0

DHCP packets relayed to clients: 0

DHCPOFFER: 0

DHCPACK: 0

DHCPNAK: 0

BOOTPREPLY: 0

DHCP packets sent to servers: 0

DHCPDISCOVER: 0

DHCPREQUEST: 0

DHCPINFORM: 0

DHCPRELEASE: 0

DHCPDECLINE: 0

BOOTPREQUEST: 0

DHCP packets sent to clients: 0

DHCPOFFER: 0

DHCPACK: 0

DHCPNAK: 0

BOOTPREPLY: 0

Related commands

reset dhcp relay statistics

gateway-list

Use gateway-list to specify gateway addresses for DHCP clients in an IP pool.

Use undo gateway-list to remove gateway addresses from an IP pool.

Syntax

gateway-list ip-address&<1-64> [ export-route ]

undo gateway-list [ ip-address&<1-64> ] [ export-route ]

Default

No gateway address is specified in an IP pool.

Views

IP pool view

Predefined user roles

network-admin

Parameters

ip-address&<1-64>: Specifies a space-separated list of up to 64 addresses.

Usage guidelines

DHCP clients of the same access type can be classified into different types by their locations. In this case, the relay interface typically has no IP address configured. You can use the gateway-list command to specify gateway addresses for clients matching the same IP pool and bind the gateway addresses to the device's MAC address.

Upon receiving a DHCP DISCOVER or REQUEST from a client that matches an IP pool, the relay agent processes the packet as follows:

1. Fills the giaddr field of the packet with a specified gateway address.

2. Forwards the packet to all DHCP servers in the matching IP pool.

The DHCP servers select an IP pool according to the gateway address.

Examples

# Specify gateway address 10.1.1.1 in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] gateway-list 10.1.1.1

Related commands

dhcp smart-relay enable

master-server switch-delay

Use master-server switch-delay to enable the switchback to the master DHCP server and set the switchback delay time.

Use undo master-server switch-delay to restore the default.

Syntax

master-server switch-delay delay-time

undo master-server switch-delay

Default

The DHCP relay agent does not switch back to the master DHCP server.

Views

IP pool view

Predefined user roles

network-admin

Parameters

delay-time: Specifies the delay time in the range of 1 to 65535 minutes.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure the DHCP relay agent to switch back to the master DHCP server 3 minutes after it switches to a backup DHCP server in IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0

[Sysname-ip-pool-0] master-server switch-delay 3

Related commands

remote-server algorithm

Use remote-server algorithm to specify the DHCP server selection algorithm.

Use undo remote-server algorithm to restore the default.

Syntax

remote-server algorithm { master-backup | polling }

undo remote-server algorithm

Default

The polling algorithm is used. The DHCP relay agent forwards DHCP requests to all DHCP servers at the same time.

Views

IP pool view

Predefined user roles

network-admin

Parameters

polling: Forwards DHCP requests to all DHCP servers at the same time.

Usage guidelines

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Specify master-backup as the DHCP server selection algorithm in remote BAS IP pool 0.

<Sysname> system-view

[Sysname] ip pool 0 bas remote

[Sysname-ip-pool-0] remote-server algorithm master-backup

Related commands

dhcp relay server-address algorithm

dhcp server

dhcp-server timeout

master-server switch-delay

remote-server

reset dhcp relay client-information

Use reset dhcp relay client-information to clear relay entries on the DHCP relay agent.

Syntax

reset dhcp relay client-information [ interface interface-type interface-number | ip ip-address [ vpn-instance vpn-instance-name ] ]

Views

User view

Predefined user roles

network-admin

Parameters

interface interface-type interface-number: Clears relay entries on the specified interface. If you do not specify an interface, this command clears relay entries on all interfaces.

ip ip-address: Clears the relay entry for the specified IP address. If you do not specify an IP address, this command clears relay entries for all IP addresses.

Examples

# Clear all relay entries on the DHCP relay agent.

<Sysname> reset dhcp relay client-information

Related commands

display dhcp relay client-information

reset dhcp relay statistics

Use reset dhcp relay statistics to clear relay agent statistics.

Syntax

reset dhcp relay statistics [ interface interface-type interface-number ]

Views

User view

Predefined user roles

network-admin

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command clears all DHCP relay agent statistics.

Examples

# Clear all DHCP relay agent statistics.

<Sysname> reset dhcp relay statistics

Related commands

display dhcp relay statistics

DHCP client commands

dhcp client dad enable

Use dhcp client dad enable to enable duplicate address detection.

Use undo dhcp client dad enable to disable duplicate address detection.

Syntax

dhcp client dad enable

undo dhcp client dad enable

Default

Duplicate address detection is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

DHCP client detects IP address conflict through ARP packets. An attacker can act as the IP address owner to send an ARP reply. This makes the client unable to use the IP address assigned by the server. As a best practice, disable duplicate address detection when ARP attacks exist on the network.

Examples

# Disable the duplicate address.

<Sysname> system-view

[Sysname] undo dhcp client dad enable

dhcp client dscp

Use dhcp client dscp to set the DSCP value for DHCP packets sent by the DHCP client.

Use undo dhcp client dscp to restore the default.

Syntax

dhcp client dscp dscp-value

undo dhcp client dscp

Default

The DSCP value is 56 in DHCP packets sent by the DHCP client.

Views

System view

Predefined user roles

network-admin

Parameters

dscp-value: Sets the DSCP value for DHCP packets, in the range of 0 to 63.

Usage guidelines

The DSCP value of a packet specifies the priority level of the packet and affects the transmission priority of the packet. A bigger DSCP value represents a higher priority.

Examples

# Set the DSCP value to 30 for DHCP packets sent by the DHCP client.

<Sysname> system-view

[Sysname] dhcp client dscp 30

dhcp client identifier

Use dhcp client identifier to configure a DHCP client ID for an interface.

Use undo dhcp client identifier to restore the default.

Syntax

dhcp client identifier { ascii ascii-string | hex hex-string | mac interface-type interface-number }

undo dhcp client identifier

Default

An interface generates the DHCP client ID based on its MAC address. If the interface has no MAC address, it uses the MAC address of the first Ethernet interface to generate its client ID.

Views

Interface view

Predefined user roles

network-admin

Parameters

ascii ascii-string: Specifies a case-sensitive ASCII string of 1 to 63 characters as the client ID.

hex hex-string: Specifies a hexadecimal number of 4 to 64 characters as the client ID.

mac interface-type interface-number: Uses the MAC address of the specified interface as a DHCP client ID. The interface-type interface-number argument specifies an interface by its type and number.

Usage guidelines

A DHCP client ID is added to the DHCP option 61. A DHCP server can specify IP addresses for clients based on the DHCP client ID. You can specify a DHCP client ID by performing one of the following operations:

· Naming an ASCII string or hexadecimal number as the client ID.

· Using the MAC address of an interface to generate a client ID.

Whichever method you use, make sure the IDs for different DHCP clients are unique.

Examples

# Use the MAC address of GigabitEthernet 1/0/13 as the DHCP client ID for GigabitEthernet 1/0/12.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] dhcp client identifier mac gigabitethernet 1/0/13

Related commands

display dhcp client

Use display dhcp client to display DHCP client information.

Syntax

display dhcp client [ verbose ] [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

verbose: Displays detailed DHCP client information. If you do not specify this keyword, the command displays brief DHCP client information.

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays DHCP client information on all interfaces.

Examples

# Display brief DHCP client information on all interfaces.

<Sysname> display dhcp client

GigabitEthernet1/0/12 DHCP client information:

Current state: BOUND

Allocated IP: 40.1.1.20 255.255.255.0

Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds

DHCP server: 40.1.1.2

# Display detailed DHCP client information on all interfaces.

<Sysname> display dhcp client verbose

GigabitEthernet1/0/12 DHCP client information:

Current state: BOUND

Allocated IP: 40.1.1.20 255.255.255.0

Allocated lease: 259200 seconds, T1: 129600 seconds, T2: 226800 seconds

Lease from May 21 19:00:29 2012 to May 31 19:00:29 2012

DHCP server: 40.1.1.2

Transaction ID: 0x1c09322d

Default router: 40.1.1.2

Classless static routes:

Destination: 1.1.0.1, Mask: 255.0.0.0, NextHop: 192.168.40.16

Destination: 10.198.122.63, Mask: 255.255.255.255, NextHop: 192.168.40.16

DNS servers: 44.1.1.11 44.1.1.12

Domain name: ddd.com

Boot servers: 200.200.200.200 1.1.1.1

ACS parameter:

URL: http://192.168.1.1:7547/acs

Username: bims

Password: ******

Client ID type: acsii(type value=00)

Client ID value: 000c.29d3.8659-GE1/0/12

Client ID (with type) hex: 0030-3030-632e-3239-

6433-2e38-3635-392d-

4574-6830-2f30-2f32

T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.

Table 17 Command output

Field	Description
DHCP client information	Information about the interface that acts as the DHCP client.
Current state	Current state of the DHCP client: · HALT—The client stops applying for an IP address. · INIT—The initialization state. · SELECTING—The client has sent out a DHCP-DISCOVER message in search for a DHCP server and is waiting for the response from DHCP servers. · REQUESTING—The client has sent out a DHCP-REQUEST message requesting for an IP address and is waiting for the response from DHCP servers. · BOUND—The client has received the DHCP-ACK message from a DHCP server and obtained an IP address successfully. · RENEWING—The T1 timer expires. · REBOUNDING—The T2 timer expires.
Allocated IP	IP address allocated by the DHCP server.
Allocated lease	Allocated lease time.
T1	1/2 lease time (in seconds) of the DHCP client IP address.
T2	7/8 lease time (in seconds) of the DHCP client IP address.
Lease from….to….	Start and end time of the lease.
DHCP server	DHCP server IP address that assigned the IP address.
Transaction ID	Transaction ID, a random number chosen by the client to identify an IP address allocation.
Default router	Gateway address assigned to the client.
Classless static routes	Classless static routes assigned to the client.
Static routes	Classful static routes assigned to the client.
DNS servers	DNS server address assigned to the client.
Domain name	Domain name suffix assigned to the client.
Boot servers	PXE server addresses (up to 16 addresses) specified for the DHCP client, which are obtained through Option 43.
ACS parameter	Parameters about the ACS.
URL	URL of the ACS.
Username	Username for logging in to the ACS.
Password	Password for logging in to the ACS. If a password is configured, this field displays ******. If no password is configured, this field is not displayed.
Client ID type	DHCP client ID type: · If an ASCII string is used as the client ID value, the type value is 00. · If the MAC address of a specific interface is used as the client ID value, the type value is 01. · If a hexadecimal number is used as the client ID value, the type value is the first two characters in the string.
Client ID value	Value of the DHCP client ID.
Client ID (with type) hex	DHCP client ID with the type field, a hexadecimal number.
T1 will timeout in 1 day 11 hours 58 minutes 52 seconds.	How long the T1 (1/2 lease time) timer will timeout.

Related commands

dhcp client identifier

ip address dhcp-alloc

Use ip address dhcp-alloc to configure an interface to use DHCP for IP address acquisition.

Use undo ip address dhcp-alloc to cancel an interface from using DHCP.

Syntax

ip address dhcp-alloc

undo ip address dhcp-alloc

Default

An interface does not use DHCP for IP address acquisition.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

When you execute the undo ip address dhcp-alloc command, the interface sends a DHCP-RELEASE message to release the IP address obtained through DHCP. If the interface is down, the message cannot be sent out. This situation can occur when a subinterface obtained an IP address through DHCP, and the shutdown command is executed on its primary interface. The subinterface will fail to send a DHCP-RELEASE message.

Examples

# Configure GigabitEthernet 1/0/12 to use DHCP for IP address acquisition.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] ip address dhcp-alloc

BOOTP client commands

display bootp client

Use display bootp client to display information about a BOOTP client.

Syntax

display bootp client [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays BOOTP client information on all interfaces.

Examples

# Display BOOTP client information on GigabitEthernet 1/0/12.

<Sysname> display bootp client interface gigabitethernet 1/0/12

GigabitEthernet1/0/12 BOOTP client information:

Allocated IP: 169.254.0.2 255.255.0.0

Transaction ID: 0x3d8a7431

MAC Address: 00e0-fc0a-c3ef

Table 18 Command output

Field	Description
BOOTP client information	Information about the interface that acts as a BOOTP client.
Allocated IP	BOOTP client's IP address allocated by the BOOTP server.
Transaction ID	Value of the XID field in a BOOTP message. The BOOTP client chooses a random number for the XID field when sending a BOOTP request to the BOOTP server. It is used to match a response message from the BOOTP server. If the values of the XID field are different in the BOOTP response and request, the BOOTP client drops the BOOTP response.
Mac Address	MAC address of a BOOTP client.

Related commands

ip address bootp-alloc

Use ip address bootp-alloc to configure an interface to use BOOTP for IP address acquisition.

Use undo ip address bootp-alloc to cancel an interface from using BOOTP.

Syntax

ip address bootp-alloc

undo ip address bootp-alloc

Default

An interface does not use BOOTP for IP address acquisition.

Views

Interface view

Predefined user roles

network-admin

Examples

# Configure GigabitEthernet 1/0/12 to use BOOTP for IP address acquisition.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/12

[Sysname-GigabitEthernet1/0/12] ip address bootp-alloc

Related commands

display bootp client

04-Layer 3—IP Services Command Reference

DHCP commands

class range

dhcp server apply ip-pool

dhcp server multi-ip per-mac enable

dhcp server ping packets

subnet utilization mark

DHCP relay agent commands

dhcp relay always-unicast

dhcp relay check mac-address aging-time

dhcp relay client-information refresh enable

dhcp relay information strategy

dhcp relay server-address

display dhcp relay client-information

display dhcp relay server-address

display dhcp relay statistics

gateway-list

reset dhcp relay client-information

BOOTP client commands

Intelligent Terminal Products