DHCP & The Internet

Setting up DHCP is one of the “De-Facto” standards of networking. DHCP (Dynamic Host Configuration Protocol) is the basis upon which the large majority of your network connectivity comes from. Your Wireless router runs DHCP (As a server) your Internet modem, smart phones, laptops, gaming consoles, etc., run DCHP (As a client) and all other Internet connected devices support DHCP; it runs the Internet. DHCP’s objective is to automatically provision and assign an IP addresse to any device looking to connect.


Configuring The Juniper EX4600

In this post, I need to setup a DHCP Server (The one who will hand out IPs to those devices looking for connectivity) on a Juniper EX4600 switch. This DHCP server’s sole purpose is to provide “Guest” access to our wireless infrastructure. Anybody who connects to our “Guest” WiFi will automatically get assigned an IP address within our “Guest” VLAN, and be allowed access to the Internet.


Step One

First thing’s first — We need to configure the EX4600 with a “Guest” VLAN to keep its traffic isolated from all other traffic; this is how we keep our networks 100% secure. The VLAN number that we have selected is VLAN142 (This can be any number up to 4096, so we just pick a random one that isn’t being used).

!
set vlans vlan142 description "Guest Wireless"
set vlans vlan142 vlan-id 142
!

With these (2) lines of code, we’ve created VLAN142, and gave it a simple description of “Guest Wireless” so that anyone who logs into this device has a very clear understanding of what that VLAN’s purpose is.

Step Two

Now that our VLAN is created, we need to assign the VLAN a network subnet (We chose 192.168.142.0/24) and configure a SVI (Switched Virtual Interface) that provides our VLAN142 network with its Default Gateway. For this network, we have decided to use the IP of 192.168.142.1/24.

!
set interfaces irb unit 142 family inet address 192.168.142.1
!
The Default Gateway is the IP Address that allows our network to go OUTSIDE of its VLAN. Without a Default Gateway, our network cannot communicate with any other network. ALL networks have a Default Gateway.

After we have configured the SVI with an IP Address, we now need to tell the switch to use the new interface that we created as the SVI for VLAN142.

!
set vlans vlan142 l3-interface irb.142
!

At this point, we have:

  • Created VLAN142
  • Named VLAN142 as “Guest Wireless”
  • Created an SVI using subnet 192.168.142.0/24
  • Assigned the SVI with an IP address of 192.168.142.1/24
  • Assigned the SVI for use with VLAN142

Our changes should look like this:

!
set vlans vlan142 description "Guest Wireless"
set vlans vlan142 vlan-id 142
set interfaces irb unit 142 family inet address 192.168.142.1
set vlans vlan142 l3-interface irb.142
!

Step Three

Now it’s time to start configuring the DHCP Server on the switch itself. All we need to do now is run the following command to enable the DCHP Server (dhcp-server1) to run on the interface that we configured (irb.142).

!
set system services dhcp-local-server dhcp-server1 interface irb.142
!

Step Four

Now that the DHCP Server is configured to run on the interface for VLAN142, we need to create a “pool” of IPs that can be given to any/all devices that are requesting one. Since this entire subnet has been set aside for “Guest” access, we want the allow ALL IP addresses in the subnet to be usable.

!
set access address-assignment pool vlan142-dhcp-pool family inet network 192.168.142.0/24
!
Without this pool, the DHCP Server does not know which IPs in the subnet it’s allowed to provide to devices looking for dynamic access.

At this point, we have:

  • Assigned the DCHP Server to run on irb.142 (SVI for VLAN142)
  • Created the DCHP Pool of usable addresses for the DCHP Server to hand out

Our changes should look like this:

!
set system services dhcp-local-server dhcp-server1 interface irb.142
set access address-assignment pool vlan142-dhcp-pool family inet network 192.168.142.0/24
!

That’s it!

We’ve now configured our EX4600 to run a DCHP server on VLAN142 using the subnet of 192.168.142.0/24 and a Default Gateway of 192.168.142.1/24.

Now any device connecting to VLAN142 will automatically be assigned an IP address, configured to use the VLANs Default Gateway, and have access to the Internet! It’s Network Magic!

Conclusion

We have reviewed the basic concepts of what DHCP is and how it relates the global Internet architecture. We also provided the basic syntax necessary in order to provision a Juniper EX4600 to run a DHCP server for your network.

Below is the full JunOS syntax necessary to provision a basic DHCP server on the EX4600 chassis. All you have to do is copy/paste the syntax into a word editor of your choice, change the variable, and you’ll have you’re own DHCP running in no time!

!
set vlans [vlan-name] description "[vlan description]"
set vlans [vlan-name] vlan-id [vlan-number]
set interfaces irb unit [vlan-number] family inet address [gateway-address]
set vlans [vlan-name] l3-interface irb.[vlan-number]
set system services dhcp-local-server [dhcp-server-name] interface irb.[vlan-number]
set access address-assignment pool [dhcp-pool-name] family inet network [vlan-subnet]
!

If you have any questions, comments, or need assistance provisioning your own network, please let us know. We’d love to help!

Contact us at support@knockturnlabs.com or (816) 837-4659