NOTE:
Configuring a new grace period that is shorter than the address pool current
grace period immediately terminates any existing address leases that are in the grace
period state and that have already exceeded the length of the new grace period.
An address continues to be counted against the address pool resources while in a
grace period. For example, if the address pool is exhausted, a new address cannot
be assigned to other clients.
Client address leases enter the grace period in two ways—the lease might expire or
the address can be explicitly released by the client. In both cases the address remains
unavailable to other clients and can only be reapplied to the original client during
the grace period. The address is released back to the address pool if the grace period
expires before the address is reapplied to the original client.
When you configure a grace period, by default it is applied to address leases that
expire
, but not to addresses that are
released
by clients. However, you can optionally
apply the grace period to released addresses.
Configuring AAA Authentication for DHCP Local Server Standalone Mode
The DHCP local server enables you to optionally configure AAA-based authentication
of standalone mode DHCP clients. In addition to providing increased security, AAA
authentication also provides RADIUS-based input to IP address pool selection for
standalone mode clients. By default, clients are not authenticated in standalone
mode.
Typically, an incoming DHCP client does not provide a username—therefore, the
DHCP local server constructs a username based on the user’s attachment parameters
and optional DHCP parameters. AAA uses the constructed username to authenticate
the incoming client and create the AAA subscriber record for the client. The
information in the AAA subscriber record is then used to determine the IP address
pool from which to assign the address for the DHCP client. You can include the
following elements in the username:
DHCP Parameters
Attachment Parameters
circuit ID
domain
circuit type
user prefix
MAC address
–
option 82
–
virtual router name
–
Configuring AAA Authentication for DHCP Local Server Standalone Mode
■
481
Chapter 19: Configuring DHCP Local Server
Summary of Contents for JUNOSE 11.0.X MULTICAST ROUTING
Page 6: ...vi...
Page 28: ...xxviii Table of Contents JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 36: ...xxxvi List of Tables JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 42: ...2 Managing Remote Access JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 204: ...164 Managing RADIUS and TACACS JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 292: ...252 Monitoring RADIUS Relay Server JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 336: ...296 RADIUS Client Terminate Reasons JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 368: ...328 Managing L2TP JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 444: ...404 PPP Accounting Statistics JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 494: ...454 Managing DHCP JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 510: ...470 DHCP Local Server Configuration Tasks JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 556: ...516 Configuring DHCP Relay Proxy JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 616: ...576 Managing the Subscriber Environment JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 674: ...634 Managing Subscriber Services JUNOSe 11 0 x Broadband Access Configuration Guide...
Page 767: ...Part 7 Index Index on page 729 Index 727...
Page 768: ...728 Index JUNOSe 11 0 x Broadband Access Configuration Guide...