SRX DHCP Configuration DHCP configuration is very straight forward in junos. However if you are like me, you can even forget that gateway address must be within the advertised pool. Here is a simple config 1 2 3 4 5 6 7 set system services dhcp default-lease-time infinite set system services dhcp domain-name rtoodtoo.net set system services dhcp name-server 8.8.8.8 set system services dhcp name-server 8.8.4.4 set system services dhcp router 192.168.100.1 set system services dhcp pool 192.168.100.0/24 address- range low 192.168.100.33 set system services dhcp pool 192.168.100.0/24 address- range high 192.168.100.62 Once this config is in place, make sure you allow DHCP service on gateway interface e.g 1 set security zones security-zone trust interfaces fe-0/0/0.0 host-inbound-traffic system-services dhcp Note that you are able to allow dhcp service specifically in an interface not in a zone. For example if you type “set security zones security-zone trust host-inbound-traffic system-services” you will see that there is no option for dhcp. After committing, you can see the bindings via; setsystem services dhcp defau setsystem services dhcp dom a setsystem services dhcp nam e setsystem services dhcp nam e setsecurity zones security-zon

SRX DHCP Configuration

Download DOCX Report

Upload
son-tran-hong-nam
View
223
Download
1

Embed Size (px)

DESCRIPTION

srx dhcp config

Citation preview

1234567

set system services dhcp default-lease-time infiniteset system services dhcp domain-name rtoodtoo.netset system services dhcp name-server 8.8.8.8set system services dhcp name-server 8.8.4.4set system services dhcp router 192.168.100.1set system services dhcp pool 192.168.100.0/24 address-range low 192.168.100.33set system services dhcp pool 192.168.100.0/24 address-range high 192.168.100.62

Once this config is in place, make sure you allow DHCP service on gateway interface e.g

1set security zones security-zone trust interfaces fe-0/0/0.0 host-inbound-traffic system-services dhcp

Note that you are able to allow dhcp service specifically in an interface not in a zone. For example if you type “set security zones security-zone trust host-inbound-traffic system-services” you will see that there is no option for dhcp.

After committing, you can see the bindings via;

123

root@srx100-1> show system services dhcp bindingIP address Hardware address Type Lease expires at192.168.100.33 00:16:e6:32:ab:bd dynamic 2012-10-10 00:28:43 CEST

set system services dhcp defauset system services dhcp domaset system services dhcp nameset system services dhcp name

set security zones security-zon

root@srx100-1> show system IP address Hardw are addre192.168.100.33 00:16:e6:32:ab

Other commands for troubleshooting;

123456789

root@srx100-1> show system services dhcp ?Possible completions: binding Show DHCP client binding information client Show DHCP client information conflict Show DHCP address conflict global Show DHCP global scope information pool Show DHCP address pool information relay-statistics Show DHCP relay statistics information statistics Show DHCP statistics

root@srx100-1> show system Possible completions: binding Show DHCP cl client Show DHCP clie