Creating DHCP Profiles with the SRC CLI
When the SAE receives a DHCP discover request from the router, it uses the client's MAC address to find a DHCP profile in cache or in the directory. If it finds a DHCP profile, the SAE uses the information in the profile to create a discover decision that it returns to the router. The discover decision includes information to select an IP address and DHCP options to configure the DHCP client.
When a DHCP subscriber logs in to the SAE through a Web portal, the SAE registers the subscriber's equipment and creates a cached DHCP profile in the o=AuthCache directory. These profiles are keyed by the MAC address of the DHCP client device. They are created by the grantPublicIp or the registerEquipment methods.
You can also create DHCP profiles manually with SDX Admin or by adding DHCP profile entries to the directory. DHCP profiles are stored in the o=AuthCache directory in the dhcpProfile object class. The dhcpProfile object class is subordinate to the cachedAuthenticationProfles object class. Manually created profiles are keyed by the cn (common name) attribute.
For more information about how the SAE handles DHCP subscribers, see:
Use the following configuration statements to create a DHCP profile:
shared auth-cache cached-dhcp-profilename
{descriptiondescription
; pool-namepool-name
; ip-addressip-address
; dhcp-optionsdhcp-options
; boot-server-nameboot-server-name
; boot-file-nameboot-file-name
; virtual-routervirtual-router
; local-interfacelocal-interface;
lease-timelease-time
; user-nameuser-name
; service-bundleservice-bundle
; radius-classradius-class
;}
- From configuration mode, enter the DCHP cached authentication profile configuration.
user@host#edit shared auth-cache cached-dhcp-profile default
- (Optional) Configure a description for the profile.
[edit shared auth-cache cached-dhcp-profile default]user@host#set description
description
- (Optional) Configure the name of the IP address pool on the JUNOSe router from which a DHCP address is selected.
[edit shared auth-cache cached-dhcp-profile default]user@host#set pool-name
pool-name
- (Optional) Configure the fixed IP address that is offered to the DHCP client if the client is part of a network in the configured DHCP pool.
[edit shared auth-cache cached-dhcp-profile default]user@host#set ip-address
ip-address
- (Optional) Configure the DHCP options that are used to configure DHCP clients.
[edit shared auth-cache cached-dhcp-profile default]user@host#set dhcp-options
dhcp-options
- (Optional) Configure the name of the server used to boot the DHCP client.
[edit shared auth-cache cached-dhcp-profile default]user@host#set boot-server-name
boot-server-name
- (Optional) Configure the name of a boot file used to boot the DHCP client.
[edit shared auth-cache cached-dhcp-profile default]user@host#set boot-file-name
boot-file-name
- (Optional) Configure the name of the JUNOSe virtual router that holds the IP address pool.
[edit shared auth-cache cached-dhcp-profile default]user@host#set virtual-router
virtual-router
- (Optional) Configure the name of the JUNOSe interface that is used to check the validity of system-created DHCP profiles.
[edit shared auth-cache cached-dhcp-profile default]user@host#set local-interface
local-interface
- (Optional) Configure the length of time the supplied IP address is valid.
[edit shared auth-cache cached-dhcp-profile default]user@host#set lease-time
lease-time
- (Optional) Configure the name of DHCP user without the domain name.
[edit shared auth-cache cached-dhcp-profile default]user@host#set user-name
user-name
- (Optional) Configure the vendor-specific RADIUS attribute that specifies the SRC service bundle to use.
[edit shared auth-cache cached-dhcp-profile default]user@host#set service-bundle
service-bundle
- (Optional) Configure the RADIUS attribute class.
[edit shared auth-cache cached-dhcp-profile default]user@host#set radius-class
radius-class
- (Optional) Verify your configuration.
[edit shared auth-cache cached-dhcp-profile default]user@host#show
description "This DHCP profile is used to select addresses from the \"default\"pool.";virtual-router *;local-interface *;