In the PROFILE DHCP_RA, you can configure the DHCP relay agent profile parameters. After configuration, the DHCP relay agent profile can be assigned to a specific PLC8 module with the slot <id> profile dhcp-ra command in the CONFIG command mode.
profile dhcp-ra
This command allows you to create a new DHCP relay agent profile and switch to its configuration mode.
The use of a negative form (no) of the command removes the profile.
Syntax
[no] profile dhcp-ra [<NAME>]
Parameters
<NAME> – profile name, case sensitive.
Command mode
CONFIG
Example
ma4000(config)# profile dhcp-ra test ma4000(config-dhcp-ra)("test")#
name
The command changes the name of the configured profile.
The use of a negative form (no) of the command removes a name.
Syntax
[no] name <STRING>
Parameters
<STRING> – profile name.
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("test")# name EL
description
The command allows you to add a description for the configured DHCP relay agent profile.
The use of a negative form (no) of the command removes description.
Syntax
[no] description <STRING>
Parameters
<STRING> – text description.
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("test")# description TEST
enable
This command enables DHCP relay (Option 82).
The use of a negative form (no) of the command disables this feature.
Syntax
[no] enable
Parameters
The command contains no arguments.
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("TEST")# enable
dos-block
This command enables DoS attack prevention.
The use of a negative form (no) of the command disables this feature.
Syntax
[no] set dos-block [packet-limit <LIMIT>|block-time <TIME>]
Parameters
packet-limit <LIMIT> – the command sets the DoS attack threshold (number of packets per second), where <LIMIT> – number of packets per second, my take values [10 .. 1000];
block-time <TIME> – the command sets the time to block the port when a DoS attack is detected, where <TIME> – blocking time, may take values [30 .. 3600] in seconds.
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("TEST")# dos-block packet-limit 13 block-time 222
overwrite-option82
This command sets the formats of CircuitID and RemouteID fields for Option82.
Circuit ID – contains information about the port from which the request came to the DHCP repeater;
Remote ID – identifier of the DHCP repeater itself.
The use of a negative form (no) of the command removes a specified value.
Syntax
[no] overwrite-option82 <FORMAT> <STRING> <TEXT FORMAT>
Parameters
<FORMAT> – configured field:
- circuit_id_format;
- remote_id_format
<STRING> – string up to 240 characters. Has the following form: PARAM_name1=PARAM_1... PARAM_name2=PARAM_2... PARAM_nameN= PARAM_N, where parameters (PARAM_1.. PARAM_N) are the following formats:
%HOSTNAME% – LTP device name;
%SLOTID% – MA4000 slot number;
%MNGIP% – management interface IP address;
%GPON-PORT% – optical channel identifier;
%ONTID% – ONT identifier, assigned by administrator;
%PONSERIAL% – ONT device serial number;
%GEMID% – GEM port identifier;
%VLAN0% – VLAN external identifier;
%VLAN1% – VLAN internal identifier;
%MAC% – subscriber device MAC address;
%OPT60% – string is extracted from DHCP option 60 of the incoming packet;
%OPT82_CID% – DHCP option82 Circuit ID string is extracted from the incoming packet;
%OPT82_RID% – DHCP option82 Remote ID string is extracted from the incoming packet;
%DESCR% – first 20 characters of ONT configuration description.
The separators between parameters may be any characters, but each parameter FORMAT must be enclosed in '%'.
<TEXT FORMAT> – option presentation type:
- binary – binary;
- text – text.
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("test")# circuit_id_format host=%HOSTNAME%,ont=%ONTID%, slot=%SLOTID%'
trusted [primary|secondary]
This command sets the IP addresses of the primary and secondary DHCP server.
The use of a negative form (no) of the command removes a specified value.
Syntax
[no] trusted primary <IP>
[no] trusted secondary <IP>
Parameters
trusted primary <IP> – the command sets primary DHCP server IP address;
trusted secondary <IP> – the command sets secondary DHCP server IP address;
<IP> – IP address, defined as AAA.BBB.CCC.DDD where each part takes values of [0..255].
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("test")# trusted primary 192.168.52.2
trusted timeout
This command sets the time of waiting for the response from the DHCP server.
The use of a negative form (no) of the command removes a specified value.
Syntax
[no] trusted timeout <VALUE>
Parameters
<VALUE> – time period in seconds [200..1500].
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("test")# trusted timeout 1000
trusted server
This command enables the use of trusted DHCP servers.
The use of a negative form (no) of the command disables this feature.
Syntax
[no] trusted server
Parameters
The command contains no arguments.
Command mode
PROFILE DHCP_RA
Example
ma4000(config-dhcp-ra)("TEST")# trusted server
show profile dhcp-ra
This command is used to view the created DHCPRA profiles.
When you specify a profile name, you will see the settings of the configured profile:
- Description – profile description;
- Relay agent – DHCP relay state (enabled/disabled);
- Circuit id format – Circuit id field mode for Option82 (text or binary);
- Remote id format – Remote id field mode for Option82 (text or binary);
- Overwrite client option82 – allow/deny the adding of information of Option 82, that was received from the client;
- Dos block enabled – DoS attack protection (enabled/disabled);
- Bc packet per second – number of packets per second, at which the system registers DoS attack;
- Port block time – port blocking time on detection of DOS attack, seconds;
- Trusted server enable – allow/deny the use of trusted DHCP servers;
- Trusted primary – primary DHCP server address;
- Trusted secondary – secondary DHCP server address;
- Trusted server timeout – response time from DHCP server, seconds.
Syntax
show profile dhcp-ra [<NAME>]
Parameters
<NAME> – profile name, optional parameter.
Command mode
ROOT
Example 1
ma4000# show profile dhcp-ra dhcp-ra-00 Description: 'OLT Profile DHCP Relay Agent 0' Relay agent: disabled Circuit id format: '' Remote id format: '' Overwrite client option82: false Dos block enabled: false Bc packet per second: 128 Port block time: 600 Trusted server: disabled Trusted primary: 0.0.0.0 Trusted secondary: 0.0.0.0 Trusted server timeout: 1000
Example 2
ma4000# show profile dhcp-ra ## Name Description 1 dhcp-ra-00 OLT Profile DHCP Relay Agent 0
show interface gpon-port <GPON-PORT> dhcp sessions
This command allows you to view currently active DHCP-sessions on PLC8 line cards.
DHCP Relay Agent should be enabled.
Syntax
show interface gpon-port <GPON-PORT> pppoe sessions
Parameters
<GPON-PORT> - gpon-port number in format of <SLOT>/<port>
<SLOT> – PLC8 module number, may take values (0..15). You may specify the list of numbers using comma ( , ) or specify the range using hyphen ( - );
<port> – GPON port number of PLC8 module.
Command mode
ROOT
Example
ma4000# show interface gpon-port 1/0 dhcp sessions No active DHCP sessions