DHCP Server

DHCP Relay

Note To use DHCP Relay, you must disable the DHCP Server. See “Disable the DHCP Server” on page 170 for more information.

DHCP Relay allows DHCP to operate between a DHCP client on one security zone and a DHCP server on another. To use DHCP relay, you configure the device to act as a DHCP relay agent. The device will relay DHCP packets to the destination DHCP server and back to the client across security zone boundaries. This enables DHCP clients on different networks to use the same DHCP server.

You can configure the device to act as a central or remote relay agent as illustrated in the following figure:

Figure 6–14: DHCP Relay: Device Configuration for Central and Remote Agent

A Central Relay agent is connected to the network that contains the DHCP server. It receives requests from a remote agent and forwards them to the DHCP server on its LAN. You can configure this option to work over VPN so that the device allows a DHCP server at one site to provide IP configuration to clients attached to a remote LAN. In this configuration, the device acts as a DHCP Relay agent and supports DHCP over VPN tunnels using IKE.

A Remote DHCP Relay Agent is connected to a client network that requests a DHCP lease. It listens for DHCP requests from its LAN. When a client request is received, the agent inserts the Interface IP of the requestor into the DHCP request before it is relayed to the central DHCP server. This address, which is not contained in a DHCP address range, determines the scope of addresses used by the central DHCP server to allocate the address to the remote client.

Note For more detailed information on how DHCP Relay works, see the

Concepts Guide.

X Family LSM User’s Guide V 2.5.1

171