Configure Dynamic Host Configuration Protocol (DHCP) Relay Settings on a Switch through the Command Line Interface (CLI)

Objective

Dynamic Host Configuration Protocol (DHCP) is a service that runs at the application layer of the Transmission Control Protocol/Internet Protocol (TCP/IP) stack to dynamically assign IP addresses to DHCP clients, and to allocate TCP/IP configuration information to DHCP clients. DHCP relay is a feature that is used by a switch, also known as the relay agent, to allow DHCP communication between hosts and remote DHCP servers that are not on the same network. When a client sends out a DHCP broadcast for an IP address, the relay agent forwards the request to the subnet at which the remote DHCP server resides.

Configuring DHCP relay properties on a switch allows you to enable DHCP relay globally and establish a connection between the switch and a remote DHCP server. Once the feature is enabled, the switch will include information about itself when it sends DHCP packets to and from clients to a DHCP server. This will add more security to the DHCP process by thoroughly identifying the connection. You can also enable DHCP relay to be applied on specified interfaces.

This article provides instructions on how to configure DHCP Properties through the Command Line Interface (CLI) of your switch.

Note: To learn how to configure the DHCP properties of your switch through the web-based utility, click here. To know how to configure the DHCP snooping settings on your switch, click here.

Applicable Devices | Software Version

• Sx300 Series | 1.4.7.05 (Download latest)
• Sx350 Series | 2.2.8.4 (Download latest)
• SG350X Series | 2.2.8.4 (Download latest)
• Sx500 Series | 1.4.7.05 (Download latest)
• Sx550X Series | 2.2.8.4 (Download latest)

Configure DHCP Relay on the Switch through the CLI

Configure Global IP DHCP Relay

Step 1. Log in to the switch console. The default username and password is cisco/cisco. If you have configured a new username or password, enter the credentials instead.

Note: The available commands or options may vary depending on the exact model of your device. In this example, the SG350X switch is accessed through Telnet.

Note: In this example, the switch is accessed through Telnet.

Step 2. In the Privileged EXEC mode of the switch, enter the Global Configuration context by entering the following:

SG350X#Configure Terminal

Step 3. The DHCP relay feature is disabled by default. To globally enable the DHCP relay feature on the switch, enter the following:

SG350X(config)#ip dhcp relay enable

Step 4. (Optional) To globally disable the DHCP relay feature, enter the following:

SG350X(config)#no ip dhcp relay enable

Step 5. To specify the DHCP server or servers available for the DHCP relay, enter the following:

SG350X(config)#ip dhcp relay address [ip-address]

• ip-address — Specifies the DHCP server IP address. You can define up to eight DHCP servers.

Note: In this example, the IP addresses of the servers are 124.167.1.1 and 124.200.1.1.

Step 6. (Optional) To remove a DHCP server from the list, enter the following:

SG350X(config)#no ip dhcp relay address [IP-Address]

Step 7. (Optional) To enable the DHCP Option 82 data insertion on the switch, enter the following:

SG350X(config)#ip dhcp information option

Note: Option 82 is used to protect the switch from attacks such as IP and Media Access Control (MAC) address spoofing. It provides information about the location of the DHCP client through the insertion of the circuit ID (interface name at which the DHCP client is connected and the Virtual Local Area Network (VLAN) name that corresponds to the interface) and the remote ID (MAC address of the switch) in the packet header of the DHCP packet. The DHCP server then uses this information to assign an IP address. DHCP Option 82 can only be enabled if DHCP relay or DHCP snooping is enabled.

Step 8. (Optional) To disable the DHCP Option 82 data insertion, enter the following:

SG350X(config)#no ip dhcp information option

Step 9. Enter the exit command to go back to the Privileged EXEC mode of the switch.

SG350X(config)#exit

Step 10. (Optional) In the Privileged EXEC mode of the switch, save the configured settings to the startup configuration file by entering the following:

SG350X#copy running-config startup-config

Step 11. (Optional) Press Y for Yes or N for No on your keyboard once the Overwrite file [startup-config]… prompt appears.

You should now have successfully configured the global IP DHCP Relay settings on your switch through the CLI.

To show the configured settings on the CLI of your switch, skip to Verify IP DHCP Relay Settings.

Configure IP DHCP Relay on the Switch Interface

The operational status of DHCP Relay on an interface is active if one of the following conditions exist:

• DHCP Relay is globally enabled, and there is an IP address defined on the interface.
• DHCP Relay is globally enabled, there is no IP address defined on the interface, the interface is a VLAN, and Option 82 is enabled.

Follow these steps to configure IP DHCP Relay settings on an interface:

Step 1. In the Privileged EXEC mode of the switch, enter the Global Configuration context by entering the following:

SG350X#Configure Terminal

Step 2. Enter the interface that you want to configure by entering the following:

SG350X(config)#interface vlan [vlan-id]

Note: In this example, vlan 50 is used.

Step 3. To enable DHCP relay on the interface, enter the following:

SG350X(config-if)#ip dhcp relay enable

Step 4. (Optional) To disable the DHCP relay agent feature on the interface, enter the following:

SG350X(config-if)#no ip dhcp relay enable

Step 5. (Optional) To define the DHCP servers available by the DHCP relay for DHCP clients connected to the interface, enter the following:

SG350X(config-if)#ip dhcp relay address [ip-address]

• ip-address — Specifies the DHCP server IP address. You can define up to eight DHCP servers.

Note: In this example, the IP address of the DHCP server is 124.167.1.1.

Step 6. (Optional) To remove the server from the list, enter the following:

SG350X(config-if)#no ip dhcp relay address [ip-address]

Step 7. Enter the end command to go back to the Privileged EXEC mode of the switch.

SG350X(config-if)#end

Step 8. (Optional) In the Privileged EXEC mode of the switch, save the configured settings to the startup configuration file by entering the following:

SG350X#copy running-config startup-config

Step 9. (Optional) Press Y for Yes or N for No on your keyboard once the Overwrite file [startup-config]… prompt appears.

You should now have successfully configured the IP DHCP Relay settings on the interface of your switch through the CLI.

To show the configured settings on the CLI of your switch, skip to Verify IP DHCP Relay Settings.

Verify IP DHCP Relay Settings

Step 1. In the Privileged EXEC mode of the switch, enter the following to display the global DHCP Relay settings:

SG350X#show ip dhcp relay

Note: In this example, DHCP relay and Option 82 are both globally enabled. DHCP relay is enabled on ports Gigabit Ethernet 1/0/5 and Ten Gigabit Ethernet 1/0/3, and VLANs 40 and 50. The DHCP servers are 124.167.1.1 and 124.200.1.1.

Step 2. To display the DHCP Option 82 configuration, enter the following:

SG350X#show ip dhcp information option

Note: In this example, Option 82 is enabled.

You should now have verified the configured DHCP Relay settings on your switch through the CLI.