Chapter 22 Advanced DHCP Server Properties

Configuring Virtual Private Networks and Subnet Allocation

In the CLI—To import leases, use import leases filename. Each lease entry in the file can include the VPN at the end of the line. If it is missing, Network Registrar assigns the [none] VPN. (See also the “Importing and Exporting Lease Data” section on page 21-3.)

nrcmd> import leases leaseimport.txt

To export the address or lease data to include the VPN, use export addresses with the vpn attribute, or export leases with the –vpnoption. The VPN value can be the reserved word global or all:

Global—Any addresses outside the defined VPNs (the [none] VPN).

All—All VPNs, including the [none] VPN.

If you omit the VPN, the export uses the current VPN as set by session set current-vpn. If the current VPN is not set, the server uses the [none] VPN.

nrcmd> export addresses file=addrexport.txt vpn=red nrcmd> export leases -server -vpn red leaseexport.txt

Scopes—Scopes can include the VPN name or its ID, as described in the “Creating Virtual Private Networks” section on page 22-14.

In the local cluster Web UI—Click DHCP, then Scopes. Create or edit a scope and set the Miscellaneous attribute vpn-id.

In the regional cluster Web UI—Click DHCP Configuration, then Scope Templates. Create or pull, and then edit a scope template to set the Miscellaneous attribute vpn-id.

In the CLI—Use the scope creation and attribute setting commands. For example:

nrcmd> scope examplescope1 set vpn=blue

nrcmd> scope examplescope1 set vpn-id=99

Subnets—Listing subnets, showing a subnet, or getting the vpn or vpn-idattribute for a subnet shows the VPN. See the “Configuring DHCP Subnet Allocation” section on page 22-17.

DHCP server—If the vpn-communicationattribute is enabled (which it is by default), the DHCP server can communicate with DHCP clients that are on a different VPN from that of the DHCP server by using an enhanced DHCP relay agent capability. This capability is indicated by the server-id-overridesuboption in the relay agent information option (82).

Configuring DHCP Subnet Allocation

The following section provides an example of setting up subnet allocation using the DHCP server. Figure 18-5 on page 18-6shows a sample subnet allocation configuration with subnets assigned to provisioning devices, along with the conventional DHCP client/server configuration. The subnet allocation feature is available only in the CLI and not in the Web UI.

Before allocating subnets, the DHCP server first determines what VPN the client is on, in the following order:

1.The server looks for incoming VPN options and uses the value for the VPN.

2.If no VPN options are found, the server uses the relay agent suboption value, then combines the VPN with the subnet address to form the unique identifier.

3.If no relay agent suboption is found, the server looks for client-class information (selection tags).

 

 

Cisco CNS Network Registrar User’s Guide

 

 

 

 

 

 

OL-6240-02

 

 

22-17

 

 

 

 

 

Page 17
Image 17
Cisco Systems OL-6240-02 manual Configuring Dhcp Subnet Allocation, 22-17

OL-6240-02 specifications

Cisco Systems OL-6240-02 is a highly regarded certification exam that delves into the realm of enterprise networking, particularly focusing on the Cisco Certified Network Professional (CCNP) Routing and Switching track. This particular exam serves as a critical test for network professionals aiming to validate their skills and knowledge in advanced routing technologies and network design.

One of the main features of OL-6240-02 is its emphasis on in-depth understanding of IP routing principles. Candidates are expected to demonstrate proficiency in configuring, maintaining, and troubleshooting complex routing protocols like OSPF (Open Shortest Path First), EIGRP (Enhanced Interior Gateway Routing Protocol), and BGP (Border Gateway Protocol). This includes comprehending routing algorithms, path selection, and the implementation of route redistribution, which are essential for optimizing network performance.

The exam also covers the characteristics of network security and infrastructure, where candidates must exhibit knowledge of implementing security protocols and best practices to safeguard network communications. This includes configuring virtual private networks (VPNs), utilizing access control lists (ACLs), and applying encryption techniques to secure data in transit.

Another crucial technology tested in OL-6240-02 is Quality of Service (QoS). Professionals must be adept at configuring QoS mechanisms to prioritize traffic, ensuring that critical applications receive the necessary bandwidth and latency requirements. This is increasingly important as businesses rely on a multitude of applications that have varying performance needs.

Cisco's emphasis on network automation and programmability is also a focal point of this certification. Candidates are expected to be familiar with using Cisco's software-defined networking (SDN) solutions and automation tools, which are essential for modern network management. This involves understanding how to leverage APIs and modeling tools to streamline network operations and enhance efficiency.

To succeed in OL-6240-02, candidates should possess a solid foundation in network fundamentals and have hands-on experience with Cisco devices. The certification not only validates expertise but also prepares professionals for real-world challenges in designing, implementing, and troubleshooting enterprise networks. Overall, OL-6240-02 is a stepping stone for network professionals seeking higher-level certifications and career advancements in the ever-evolving field of networking.