...
It is possible to execute a script when a DHCP client obtains a new lease or loses an existing one. This is an example script that automatically adds a default route with routing-marktable=WAN1 and removes it when the lease expires or is removed.
| Code Block |
|---|
|
/ip dhcp-client
add add-default-route=no dhcp-options=hostname,clientid disabled=no interface=ether2 script="{\r\
\n :local rmark \"WAN1\"\r\
\n :local count [/ip route print count-only where comment=\"WAN1\"]\r\
\n :if (\$bound=1) do={\r\
\n :if (\$count = 0) do={\r\
\n /ip route add gateway=\$\"gateway-address\" comment=\"WAN1\" routing-marktable=\$rmark\r\
\n } else={\r\
\n :if (\$count = 1) do={\r\
\n :local test [/ip route find where comment=\"WAN1\"]\r\
\n :if ([/ip route get \$test gateway] != \$\"gateway-address\") do={\r\
\n /ip route set \$test gateway=\$\"gateway-address\"\r\
\n }\r\
\n } else={\r\
\n :error \"Multiple routes found\"\r\
\n }\r\
\n }\r\
\n } else={\r\
\n /ip route remove [find comment=\"WAN1\"]\r\
\n }\r\
\n}\r\
\n" |
...
| Property | Description |
|---|
| add-default-route (yes | no; Default: no) | Whether to add default IPv6 route after a client connects. |
| comment (string; Default: ) | Short description of the client |
| disabled (yes | no; Default: no) |
|
| interface (string; Default: ) | The interface on which the DHCPv6 client will be running. |
| pool-name (string; Default: ) | Name of the IPv6 pool in which received IPv6 prefix will be added |
| pool-prefix-length (string; Default: ) | Prefix length parameter that will be set for IPv6 pool in which received IPv6 prefix is added. Prefix length must be greater than or equal as the length of the received prefix, otherwise, prefix-length will be set to received prefix length + 8 bits. |
| prefix-hint (string; Default: ) | Include a preferred prefix length. |
| request (prefix, address; Default: ) | to choose if the DHCPv6 request will ask for the address or the IPv6 prefix, or both. |
| script (string; Default: ) | Run this script on the DHCP-client status change. Available variables:- pd-valid - if the prefix is acquired by the client;
- pd-prefix - the prefix acquired by the client if any;
- na-valid - if the address is acquired by the client;
- na-address - the address acquired by the client if any.
- options - array of received options (only ROSv7)
|
| use-peer-dns (yes | no; Default: yes) | Whether to accept the DNS settings advertised by the IPv6 DHCP Server. |
...
| Property | Description |
|---|
| address-pool (enum | static-only; Default: static-only) | IPv6 pool, from which to take IPv6 prefix for the clients. |
| allow-dual-stack-queue (yes | no; Default: yes) | Creates a single simple queue entry for both IPv4 and IPv6 addresses, and uses the MAC address and DUID for identification. Requires IPv6 DHCP Server to have this option enabled as well to work properly. |
| binding-script (string; Default: ) | A script that will be executed after binding is assigned or de-assigned. Internal "global" variables that can be used in the script:- bindingBound - set to "1" if bound, otherwise set to "0"
- bindingServerName - dhcp server name
- bindingDUID - DUID
- bindingAddress - active address
- bindingPrefix - active prefix
|
| dhcp-option (string; Default: none) | Add additional DHCP options from option list. |
| disabled (yes | no; Default: no) | Whether DHCP-PD server participates in the prefix assignment process. |
| interface (string; Default: ) | The interface on which server will be running. |
| lease-time (time; Default: 3d) | The time that a client may use the assigned address. The client will try to renew this address after half of this time and will request a new address after the time limit expires. |
| name (string; Default: ) | Reference name |
...
| Code Block |
|---|
|
/ip dhcp-relay add name=Local1-Relay interface=Local1 \
dhcp-server=192.168.0.1 local-address=192.168.1.1 disabled=no
/ip dhcp-relay add name=Local2-Relay interface=Local2 \
dhcp-server=192.168.0.1 local-address=192.168.2.1 disabled=no
[admin@DHCP-Relay] ip dhcp-relay> print
Flags: X - disabled, I - invalid
# NAME INTERFACE DHCP-SERVER LOCAL-ADDRESS
0 Local1-Relay Local1 192.168.0.1 192.168.1.1
1 Local2-Relay Local2 192.168.0.1 192.168.2.1
[admin@DHCP-Relay] ip dhcp-relay> |
DHCP Relay with VRF (introduced in 7.15)
Let's take the previous setup but we'll consider that the interface to the DHCP server and interfaces to DHCP clients are added in VRF:
| Code Block |
|---|
|
/ip vrf
add interfaces=To-DHCP-Server name=vrf_server
add interfaces=Local2 name=vrf2
add interfaces=Local1 name=vrf1 |
In the DHCP-relay configuration dhcp-server-vrf should be added:
| Code Block |
|---|
|
/ip dhcp-relay/set dhcp-server-vrf=vrf_server numbers=0,1 |
Due to VRF configuration there are several routing-tables - we should add additional routes:
| Code Block |
|---|
|
/ip route
add disabled=no distance=1 dst-address=192.168.0.0/24 gateway=To-DHCP-Server@vrf_server pref-src="" routing-table=vrf1 scope=10 suppress-hw-offload=no \
target-scope=10
add disabled=no distance=1 dst-address=192.168.0.0/24 gateway=To-DHCP-Server@vrf_server pref-src="" routing-table=vrf2 scope=10 suppress-hw-offload=no \
target-scope=10
add disabled=no dst-address=192.168.1.0/24 gateway=Local1@vrf1 routing-table=vrf_server suppress-hw-offload=no
add disabled=no distance=1 dst-address=192.168.2.0/24 gateway=Local2@vrf2 pref-src="" routing-table=vrf_server scope=30 suppress-hw-offload=no \
target-scope=10 |
To achieve successful DHCP-server - DHCP-relay communication we should add NAT rules:
| Code Block |
|---|
|
/ip firewall nat
add action=dst-nat chain=dstnat dst-address=192.168.2.1 dst-port=67 in-interface=To-DHCP-Server protocol=udp src-address=192.168.0.1 to-addresses=\
192.168.0.2
add action=dst-nat chain=dstnat dst-address=192.168.1.1 dst-port=67 in-interface=To-DHCP-Server protocol=udp src-address=192.168.0.1 to-addresses=\
192.168.0.2 |