Hi Laurent, the problem is that I can not find "vrf option" under the command "ip helpër-address" on the interface config.

6500-sw(config-if)#ip helper-address ?

A.B.C.D

I should be like:

6500-sw(config-if)#ip helper-address ?

A.B.C.D

vrf

Questions are:

-Does 6500-platfporm with SXI IOS support vrf-aware dhcp-relay?

-If not, do we have any good solutions to solve this problem without importing of VRFs?

Best Regards

Hieu Nguyen

I made further searching and actually it's not supported (the documentation is wrong).

So your only solution is to import the DHCP address into the VRF.

Sorry for the inconvenience.

Laurent.

Thanks Laurent, can you give me the configuration example for importing only DHCP address into VRF?

best regards

Hieu

Hieu,

The PE connected to your DHCP server needs to export the subnet with a RT value.

Then on each PE, you have DHCP client, import this RT.

You will need more configuration i fyou want to support overlapping:

http://www.cisco.com/en/US/docs/ios/12_2t/12_2t8/feature/guide/ftdhmpls.html

HTH

Laurent.

Thank you very much, Laurent...I will test your suggestion when i have time.

Have a nice day...

Hieu Nguyen

Don't know if Hieu got the chance to test this, but I think it didn't work.

The link to the document "DHCP Relay-MPLS Support" states the supported platforms, but the 6500 is not in the list.

Also in the document, the configuration should say:

ip dhcp relay information option vpn

!

interface ethernet 0/1

ip helper-address vrf red 10.44.23.7

But on the 6500 with 12.2.33SXI, there are noe "vpn" choice after the "ip dhcp relay information option". This is the only statement for that command.

Does this functionallity also apply for other protocols like UDP port 14000 to an ip helper-address?

I will try this, with the command ip dhcp relay information option, and give a feedback. And if it doesn't work, what are the options for 6500?

Br

Geir Sand-Strand

Well it didn't work.

There was no option for entering vrf with the ip helper-address.

(ip helper-address vrf...)

The vrf options seems not to be supported.

So how can this the be solved?

BR

Geir

Hello Geir,

as Laurent as explained briefly in its post of 16 June if this vrf option is not supported you need to create a VPN extranet:

if the client is in VRF B and the DHCP server is in VRF A.

The IP prefix for DHCP server has to be advertised in BGP multihop with an additional route-target BGP extended community so that

VRF A can import the prefix and what is more important it can reach the server via the MPLS backbone.

if you have placed the DHCP server in a common services VRF you can import in VRF A the route target.

ip vrf CommonServices

route-target export 100:201

on PE node where the client connects

ip vrf clientA

route-target import 100:201

Hope to help

Giuseppe

I'm not very familiar with VRF, BGP and MPLS yet, so I'm having a bit difficulty understanding what to do.

We have a 6500 with FWSM and have created VRF's around the fwsm. The VRF's contains one or more vlan's.

To go from one vrf to another you pass thru the fwsm. Everyting works fine, except forwarding of upd, like dhcp and udp 14000 (one application needs this port).

The 6500 2 VRF's that need to pass the dhcp requests and 14000, are configured like this:

ip vrf client

rd 65512:13

route-target export 65512:13

route-target import 65512:13

ip vrf server

rd 65512:10

route-target export 65512:10

route-target import 65512:10

The vlan's are created and put in the vrf with ip vrf forwarding command in the Interface vlan config.

If I understand you correctly, I need to add the following to ip vrf server:

route-target export 65512:13

and add the following to ip vrf client:

route-target import 65512:10

Or am I way off?

Geir

Just to give you a picture of the hw in use, I have attached a picture of how it is configured.

Geir