Home > Security Appliances > DHCP > Configuring DHCP Relay

Configuring DHCP Relay

Table of contents
No headers

Dynamic Host Configuration Protocol (DHCP) allows a client device to automatically obtain the information for services and configuration necessary to operate on a given network. To initiate this protocol, the client first sends out a broadcast packet called a DHCP Discover, contextualized below:

83961a01-cc9a-4458-8b6a-0fef8ba08e8f

 

DHCP Discovers are restricted to a broadcast domain and cannot be routed. However, it is unnecessary to have a DHCP server for each subnet. DHCP relay agents (aka. iphelper) can be used to send these DHCP Discover packets to an appropriate DHCP server in a different broadcast domain using unicast.

 
In the following example, there are two VLANs behind a Layer 3 networking device which limits the broadcast domain. Because the client resides on VLAN 20 and is configured for a 192.168.0.0/24 address space, its DHCP discover packets cannot traverse the routing hop to the DHCP server on VLAN 10, which is configured for a 10.0.0.0/24 address space:

fef57272-6aed-4b36-9714-dba80bde44af

 

However, the DHCP Discover from the client can reach the DHCP server if the routing device is configured to act as a DHCP relay between VLAN 10 and VLAN 20 in the above example.

The Cisco Meraki MX Security Appliance supports the ability to configure DHCP relay on a per-subnet basis. For example, an MX in this example network should have the following configuration:
 

Note: The MX must have VLANs enabled in order to relay DHCP to another server.

Note: The DHCP server configured must be in a subnet configured on the MX, including directly-connected VLANs, static routes, and subnets participating in AutoVPN. DHCP servers sitting behind a 3rd-party VPN peer are not supported.

Note: If multiple relay servers are configured, the MX will forward DHCP requests to them all simultaneously.

To enable DHCP relay:

  1. Navigate to Security appliance > Configure > DHCP
  2. Locate the subnet in the list that should have DHCP relay enabled.
  3. For 'Client addressing', change the drop-down menu to 'Relay DHCP to another server'.
  4. In the 'DHCP server IP' box that appears, enter the IP address of the DHCP server that should serve this subnet.
  5. At the bottom of the page, click 'Save Changes'.

 

See Configuring DHCP services on the MX Security Appliance and Using packet capture to troubleshoot client-side DHCP issues for more information about DHCP. 

You must to post a comment.
Last modified
14:02, 12 Jul 2017

Tags

Classifications

This page has no classifications.

Article ID

ID: 1476

Contact Support

Most questions can be answered by reviewing our documentation, but if you need more help, Cisco Meraki Support is ready to work with you.

Open a Case

Ask the Community

In the Meraki Community, you can find answers provided by fellow Meraki users and ask questions of your own.

Visit the Community