NSX DHCP Profile DHCP Server Address

billdossett · ‎02-24-2021

I am curious about the NSX Profile DHCP Server IP address. I configured a DHCP server profile which I used on a segment and it works. But I am not sure what the DHCP Server IP Address in the profile is for... It can't be on a segment address as it overlaps... I just made up an address that is in the next /24 segment below the segments I am using, so it doesn't really exist anywhere. I wouldn't be able to connect to that address as it isn't connected to anything... it isn't on a segment and as far as I can tell all the config of options etc is done thru the dhcp config in the segment which makes sense. It isn't causing me a problem, just a loose end I don't understand right now.

Bill Dossett

p0wertje · ‎02-24-2021

Hi,

The dhcp-server address is used because the DHCP service is attached to the T1. It creates a network attached to the T1.
I created a dhcp-server on address 10.4.202.2/24
When i look at the T1 where i attached it to:

Interface : e870af12-cea7-4eed-81bb-627a38739e37
Ifuid : 469
Name : nxt-tier1-avi-vips-dhcp-dlrp
Fwd-mode : IPV4_ONLY
Mode : lif
Port-type : downlink
IP/Mask : 10.4.202.1/24

On the edge node:

get logical-router
Thu Feb 25 2021 UTC 07:23:56.148
Logical Router
UUID VRF LR-ID Name Type Ports Neighbors
d2b654aa-0a21-4a6a-905a-2f2fd74cdb0d 11 2049 SR-nxt-tier1-avi-vips SERVICE_ROUTER_TIER1 6 2/50000

And then

get logical-router d2b654aa-0a21-4a6a-905a-2f2fd74cdb0d interfaces

Then you will see the downlink with the network for the dhcp server.

On the edge node you can also see the dhcp server
get dhcp servers

Thu Feb 25 2021 UTC 07:28:53.316
EDGE_CLUSTER_ID: 3541bcbd-b777-433b-8227-b5170a691984
EDGE_NODE_ID:
7ac76bd2-d1a3-11ea-9dfd-3ca82a12bd24
288588ba-d255-11ea-86f0-3ca82a13b3f4
ID: 59458be0-abd8-4d60-bf13-de107ab6a657
IPV6_SERVER_PREFIX:

IPV6: fe80::50:56ff:fe98:7dd7
PREFIX_LENGTH: 128
MSG_TIMESTAMP: 2021-02-25 07:20:51.718000 (timestamp: 1614237651718)
OPTIONS:
GENERIC_OPTION:

CODE: 54 (Server identifier)
VALUE:
10.4.202.2

CODE: 3 (Router)
VALUE:
10.4.202.1

CODE: 1 (Subnet Mask)
VALUE:
255.255.255.0
POOL_MONITORING_ENABLED: False
SERVER_MAC:
MAC: 00:50:56:98:7d:d7
SERVER_PREFIX:
IPV4: 10.4.202.2
PREFIX_LENGTH: 24

Cheers,
p0wertje | VCIX6-NV | JNCIS-ENT | vExpert
Please kudo helpful posts and mark the thread as solved if solved

Sreec · ‎02-24-2021

There are three types of DHCP binding in NSX-T

1. Local DHCP - In this case, DHCP is local to a segment and it takes one IP from that pool.

2. DHCP Gateway: What you have configured is DHCP gateway, a service that is running on T1 gateway

3. DHCP Relay - Relay the DHCP request to external DHCP servers

Cheers,
Sree | VCIX-5X| VCAP-5X| VExpert 7x|Cisco Certified Specialist
Please KUDO helpful posts and mark the thread as solved if answered

shank89 · ‎02-25-2021

Both answers are correct, I had crafted a response for you but turns out I forgot to hit send.

I'll add though, the confusion you are likely seeing is that you are mapping a dhcp server profile on a segment that is also requesting a dhcp server IP. A packet capture will show you the broadcast and response coming locally from the segments gateway address. And the other method @p0wertje coming from the T1's port.

Keep in mind the effects of assigning DHCP server profiles from either method.. ie assigning it to the gateway means it can't be changed back. Where as on the segment you are able to chop and change this as required.

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

billdossett · ‎02-25-2021

As usual I seem to have conflated some things together...

Under my T1 gateway, I have not DHCP config

under DHCP, I have a profile and its of type DHCP Server and attached to my edge-cluster and it has an IP address not on any of my segments

On my segment I have a DHCP config of type local server (which means I then have to select a dhcp profile, which I did..._ and then I give it a range there... so it seems like if i want a dhcp server on each segment, I just do a gateway server? and not have a dhcp profile?

or else I have profile, set the config in the gateway and then use that in my segments as well... seems like there is some overlap there that I don't quite get.

Bill Dossett

billdossett · ‎02-25-2021

hmm, thats not right either. I have to have a DHCP profile no matter what. I can either attach it to the gateway or not in which case if not, I can attach it to my segment local dhcp server.

I read somewhere about not being able to change it once its in the gateway or something which is I think what you are saying Shank? But I have attached and detached the profile from the gateway and that seems to work so not sure what it is I can't change if I chose to go attach the profile to the gateway...

I'm not sure I need to be obsessing about this as in production I am sure we will be relaying as they will want to keep all the DHCP as a single point within Infoblox.

Bill Dossett

shank89 · ‎02-25-2021

Some example config.

DHCP Server:

Option 1 Gateway DHCP Server:

Notice if you remove it, the save button greys out

DHCP config for local DHCP server on segment

notice the dhcp server address is a required field.

Option 2 Gateway DHCP server

Hopefully the screenshots clears things up for you.

You are probably right in saying that relay will likely be used in production!

If you have your answer please mark the correct one (my response was only demonstrating what was already mentioned) and kudo helpful posts :).

Shashank Mohan

VCIX-NV 2022 | VCP-DCV2019 | CCNP Specialist

https://lab2prod.com.au
LinkedIn https://www.linkedin.com/in/shankmohan/
Twitter @ShankMohan
Author of NSX-T Logical Routing: https://link.springer.com/book/10.1007/978-1-4842-7458-3

All

NSX DHCP Profile DHCP Server Address