Validation of server response packets, Validation of server response packets -36 – HP 2610-PWR User Manual
Page 294
IP Routing Features
Configuring DHCP Relay
the next two relay agent hops (“B” and “C”). The server can then enforce an
IP addressing policy based on the Option 82 field generated by the edge relay
agent (“A”). In this example, the DHCP policy boundary is at relay agent 1.
VLAN
10
DHCP
Option
82
Server
Client
DROP
VLAN
20
VLAN
20
VLAN
30
VLAN
10
VLAN
20
APPEND
APPEND
Relay Agent “A”
Relay Agent “B”
Relay Agent “C”
Figure 7-15. Example Configured To Allow Multiple Relay Agents To Contribute an Option 82 Field
This is an enhancement of the previous example. In this case, each hop for
an accepted client request adds a new Option 82 field to the request. A DHCP
server capable of using multiple Option 82 fields can be configured to use this
approach to keep a more detailed control over leased IP addresses. In this
example, the primary DHCP policy boundary is at relay agent “A”, but more
global policy boundaries can exist at relay agents “B” and “C”.
Figure 7-16. Example Allowing Only an Upstream Relay Agent To Contribute an Option 82 Field
VLAN
10
DHCP
Option
82
Server
Client
DROP
VLAN
20
VLAN
20
VLAN
30
VLAN
10
VLAN
20
No Option 82
REPLACE
Relay Agent “A”
Relay Agent “B”
Relay Agent “C”
Like the first example, above, this configuration drops client requests with
spurious Option 82 fields from clients on the edge relay agent. However, in
this case, only the Option 82 field from the last relay agent is retained for use
by the DHCP server. In this case the DHCP policy boundary is at relay agent
“C”. In the previous two examples the boundary was with relay “A”.
Validation of Server Response Packets
A valid Option 82 server response to a client request packet includes a copy
of the Option 82 field(s) the server received with the request. With validation
disabled, most variations of Option 82 information are allowed, and the
corresponding server response packets are forwarded.
7-36