DHCP Lease Times for IP Addresses
DHCP Lease Timers
Subscriber management supports configurable timers that you can use to manage the DHCPv4 and DHCPv6 address leases provided by address-assignment pools. In addition to the maximum-lease-time timer, which sets the maximum time for which the DHCP local server can grant a lease, you can use DHCP client-specific attributes to configure timers that govern the lifetimes of existing leases that have been obtained from an address-assignment pool. Starting in Junos OS Release 17.2R1, this feature is supported for both DHCPv4 and DHCPv6; in earlier releases, only DHCPv6 is supported.
The following list describes the configurable timers for DHCPv4 and DHCPv6 address-assignment pools:
preferred-lifetime—Length of time that a valid address is in the preferred state and can be used without any restrictions. When the preferred-lifetime expires, the address becomes deprecated. A deprecated address should not be used for new communications, but might continue to be used for existing communications in certain cases.
If the valid-lifetime is also configured, the preferred-lifetime must be less than the valid-lifetime. The preferred-lifetime and the maximum-lease-time are mutually exclusive and cannot both be configured.
valid-lifetime—Length of time that an address remains in the valid state, during which the address can be used for new or existing communications. When the valid-lifetime expires, the address becomes invalid, and can no longer be used.
If the preferred-lifetime is also configured, the valid-lifetime must be greater than the preferred-lifetime. The valid-lifetime and the maximum-lease-time are mutually exclusive and cannot both be configured.
t1 percentage—Percentage of the
preferred-lifetime
that the client waits before contacting the DHCP local server that originally granted the lease to request that the address lease be extended. T1 is also called the renewal time.t1-renewal-time—Time in seconds that the client waits before contacting the DHCP local server that originally granted the lease to request that the address lease be extended. T1 is also called the renewal time.
t2 percentage—Percentage of the
preferred-lifetime
that the client waits before sending a request to any available DHCP local server to extend the address lease. T2 is also called the rebind time.t2-rebinding-time—Time in seconds that the client waits before broadcasting a request to all available DHCP local servers to request that the address lease be extended. T2 is also called the rebind time.
Benefits of Configuring DHCP Timers in Address Pools
Using address pools to configure values for these timers gives you fine-grained control over which clients get specific values.
DHCP Lease-Time Validation Overview
In a subscriber access environment, a DHCP server obtains an address lease from either local configuration or from an external DHCP server, and assigns the lease to the DHCP client address.
Obtaining leases from external sources can present issues when the external source is owned or managed by a third party—the third party might configure the external source to provide address leases that are unsuitable for the subscriber access environment. For example, extremely short lease times can create unnecessary traffic that results in reduced performance in the network.
To avoid potential issues caused by short DHCP lease times, subscriber management provides a lease-time validation feature. Lease-time validation enables you to explicitly configure a threshold for the minimum lease time allowed in your subscriber access environment, and to specify a violation action (such as dropping the lease offer) the router takes when a short lease time is offered by a third party. You can specify the following violation actions:
drop
—(DHCPv4 and DHCPv6 relay agent) The third-party lease offer is dropped and the client binding fails.override-lease
—(DHCPv4 and DHCPv6 local server) The third-party lease time is overridden by the specified threshold value.strict
—(DHCPv4 and DHCPv6 local server) The third-party lease is ignored and the client binding fails.no action—If you do not specify a violation action, DHCP binds the client using the third-party lease but marks the binding as lease-time violating.
A lease-time violation can occur during the initial lease grant or during a rebinding or renewal operation. To reduce excessive and redundant log messages, the router consolidates lease-time violation reporting, as shown in Table 1.
Event |
syslog |
Extended DHCP Traceoptions |
---|---|---|
Initial lease-time violation for the specific DHCP server |
warning |
warning |
Number of lease-time violations return to zero for the specific DHCP server |
warning |
warning |
Status of lease-time violations caused by specific DHCP
server, reported in the interval configured in |
warning |
– |
Violation action of |
– |
warning |
Violation action of |
– |
warning |
Lease-time violation |
– |
warning |
Benefits of DHCP Lease Time Validation
Enables you to avoid unnecessary traffic that can reduce performance when third-party DHCP leases are too short by configuring a minimum allowed lease time and actions taken for invalid leases.
Configuring a DHCP Lease-Time Threshold
Starting in Junos OS Release 14.1, subscriber management provides a lease-time validation feature that enables you to specify the minimum DHCP lease time allowed in your subscriber access environment. When you configure lease-time validation, you specify the lease-time threshold and the action the router performs when an offered lease time is less than the threshold (such as dropping the lease).
Lease-time validation ensures that leases that are offered by third-party DHCP servers or address assignment pools always meet the requirements of your network. For example, you want short leases to be rejected because they can result in excessive renewal traffic that can impact network performance.
You can configure lease-time validation on DHCPv4 and DHCPv6 local servers, and DHCPv4 and DHCPv6 relay agents, and for individual interfaces or interface groups. DHCP relay proxy also supports lease-time validation.
The following procedure describes the steps you use to configure lease-time validation. This example describes a configuration for DHCP relay agent. You use similar steps at the appropriate hierarchy levels for DHCP local server, DHCPv6 local server, and DHCPv6 relay agent.
To configure lease time validation for DHCP relay agent:
DHCP Asymmetric Leasing Overview
Starting in Junos OS Release 17.1R1, asymmetric leasing provides a way to send a DHCP client a lease that is shorter than the actual lease granted by the DHCP local server. In some networks, you might need to change an existing DHCP address assignment before the granted lease time has expired, or learn as soon as possible that a client is no longer using an address. The shorter lease is called the asymmetric lease or the short lease. The originally granted lease is called the long lease or simply, the lease.
You can configure asymmetric leasing on either the DHCP relay agent or the DHCP local server. In a typical configuration, you configure it on the relay agent. When the DHCP local server receives a discover packet from a DHCP client, it returns an offer packet to the client. The client selects a local server and requests an address assignment. The DHCP local server sends an acknowledgment packet containing the address, lease duration and other information to the client. Rather than forwarding this packet, the relay agent saves the lease information and then generates a new acknowledgment packet with a short lease and forwards that to the client.
When the DHCP client makes a subsequent request for lease renewal, the relay agent does not pass the request to the local server. Instead, the relay agent recreates the short lease from the saved information and returns it to the client in an acknowledgment packet. The relay agent continues to renew the short leases for the client until the long lease renew time expires. By default, the long lease renew time is equal to one-half the duration of the long lease.
When the long lease renew time expires, the asymmetric lease is no longer valid. Subsequent renewal requests from the client are forwarded by the relay agent to the local server. If the local server acknowledges the request, it renews the long lease and the process begins again, with the relay agent generating a short lease for the client instead of sending the long lease. Otherwise, the lease is not renewed.
With asymmetric leasing, there is also a renew time for the short lease. The client sends renewal requests to the relay agent at intervals equal to the short lease renew time. By default, this period is equal to one-half the short lease duration. If the DHCP client does not request renewal of the lease before the short lease time expires, the relay agent notifies the local server that the lease is no longer in use and the address can be reassigned.
Benefits of Asymmetric DHCP Lease Timing
Allows the early renewal of DHCP client leases without requiring device support for a forced renewal. Because the lease can be administratively rescinded on the DHCP local server or DHCP relay agent, the next short-duration lease refresh cycle can trigger a full renegotiation of the client lease. This capability reduces the number of devices that must be managed to trigger a new address allocation cycle.
Enables early detection of inactive client leases. The asymmetric lease includes an upstream notification from the DHCP client back to the lease grantor, effectively providing a liveness detection that enables unused addresses to be reclaimed sooner. Because this mechanism is all within DHCP, the service provider does not have to rely on the set of devices involved in address allocation to be configured with other protocols that support some kind of liveness detection, such as bidirectional forwarding detection (BFD).
Configuring DHCP Asymmetric Leasing
You can configure asymmetric leasing to provide a DHCP or DHCPv6 client with a lease that is shorter than the lease granted by the DHCP local server. The shorter lease duration means that the client must renew the lease more frequently. When it does not renew the lease, the address is freed up sooner than when the client uses the original long lease. You configure asymmetric leasing by overriding the DHCP configuration at the global level, for a named group of interfaces, or for a specific interface within a named group.
For simplicity, the procedures in this topic show only the global-level configuration. For information about overriding the DHCP configuration at other levels, see Overriding the Default DHCP Relay Configuration Settings and Overriding the Default DHCP Local Server Configuration Settings.
You can configure asymmetric leasing on either the DHCP relay agent or the DHCP local server. For most networks, the relay agent configuration is more useful.
To configure asymmetric leasing for DHCP relay agent for DHCPv4:
To configure asymmetric leasing for DHCP relay agent for DHCPv6:
Specify that you want to configure override options.
[edit forwarding-options dhcp-relay dhcpv6] user@host# edit overrides
Configure the duration of the short (asymmetric) lease for DHCPv4 clients and separately for DHCPv6 clients.
[edit forwarding-options dhcp-relay dhcpv6 overrides] user@host# set asymmetric-lease-time seconds user@host# set asymmetric-prefix-lease-time seconds
To configure asymmetric leasing for DHCP local server for DHCPv4:
Specify that you want to configure override options.
[edit system services dhcp-local-server] user@host# edit overrides
Configure the duration of the short (asymmetric) lease.
[edit system services dhcp-local-server overrides] user@host# set asymmetric-lease-time seconds
To configure asymmetric leasing for DHCP local server for DHCPv6:
Specify that you want to configure override options.
[edit system services dhcp-local-server dhcpv6] user@host# edit overrides
Configure the duration of the short (asymmetric) lease for DHCPv4 clients and separately for DHCPv6 clients.
[edit system services dhcp-local-server dhcpv6 overrides] user@host# set asymmetric-lease-time seconds user@host# set asymmetric-prefix-lease-time seconds
Change History Table
Feature support is determined by the platform and release you are using. Use Feature Explorer to determine if a feature is supported on your platform.