DHCP Server Configuration in NSX-T

Introduction:

The Dynamic Host Configuration Protocol (DHCP) allows clients to obtain their network configuration from a DHCP server automatically. In NSX-T, this means the allocation of IP address, subnet mask, and default gateway. This article is a brief guide to get you up and running with an NSX-T managed Local DHCP Server configuration.

NSX-T supports two DHCP implementations:

  • DHCP Server: The DHCP service and IP address pools are NSX-T managed.
  • DHCP Relay: DHCP services run on a virtualized guest or physical server. NSX-T relays DHCP requests to a DHCP Server.

DHCP configuration changes are performed from two main sections in the NSX-T User Interface:

  • Networking: Recommended configuration method for NSX-T 2.4 onwards, as supported by the Policy API.
  • Advanced Networking & Security: The configuration method for NSX-T 2.3 and older, as supported by the Management Plane API.

In this case, we will be reviewing configuration steps in an NSX-T 2.5 Lab, using the Networking section, to future proof the configuration for subsequent NSX-T releases. This will set us up for more powerful Policy API calls in future lab deployments.

Three-Step DHCP Server Configuration Summary:

Step 1: Create a DHCP Server

Step2: Assign the DHCP Local Server to one or more Gateways

Step3: Assign a DHCP Range to a Segment Subnet

Lab Topology:

The DHCP Server is a logical construct, is shown disconnected, and is not associated with a segment. 

Configuring a DHCP Server in NSX-T

Three-Step Configuration Details:

Step 1: Create a DHCP Server

Create a DHCP Server under the Networking section, not under Advanced Networking & Security, to future proof the setup.

Configuring a DHCP Server in NSX-T

Step 2: Assign the DHCP Local Server to one or more Gateways

Assign the DHCP Server under the Gateway’s IP Address Management.

Configuring a DHCP Server in NSX-T

The IP Adress Management Type is DHCP Local Server, with the created DHCP Server specified.

Step 3: Assign a DHCP Range to a Segment Subnet

The DHCP Range is defined where the Subnet IP address is assigned.

Configuring a DHCP Server in NSX-T

Configuration changes that are not Required:

  • IP Address Pool definition
  • IP Adress Block definition
  • DNS Service Configuration is optional
  • The Tier-1 Gateway does not need to be instantiated on an Edge Cluster
  • The Local DHCP Server IP does not need to belong to IP address space assigned to a Segment Subnet

Verifying the DHCP Server Configuration:

Verify that the DHCP Server subnet resides in the Tier-1 Gateway routing table:

nsxtedge01> get logical-router
 Logical Router
 UUID                                   VRF    LR-ID  Name                              Type                        Ports
 736a80e3-23f6-5a2d-81d6-bbefb2786666   0      0                                        TUNNEL                      3
 cbf4e534-3ad4-4cfb-83b2-79e03f7c80c0   16     12     DR-lab-tier-1                     DISTRIBUTED_ROUTER_TIER1    6
 019feeec-649c-449d-998f-01a2f5fed8c9   17     2054   SR-lab-tier-0                     SERVICE_ROUTER_TIER0        6
 e9322040-ebe6-426c-914a-72858fd86322   18     11     DR-lab-tier-0                     DISTRIBUTED_ROUTER_TIER0    4

nsxtedge01> vrf 16
 nsxtedge01(vrf)> get forwarding
 Logical Router
 UUID                                   VRF    LR-ID  Name                              Type
 cbf4e534-3ad4-4cfb-83b2-79e03f7c80c0   16     12     DR-lab-tier-1                     DISTRIBUTED_ROUTER_TIER1
 IPv4 Forwarding Table
 IP Prefix          Gateway IP      Type     UUID                                   Gateway MAC
 0.0.0.0/0          100.64.160.0    route    6889225f-2206-4337-88c6-58fc5adb78af
 100.64.160.0/31                    route    6889225f-2206-4337-88c6-58fc5adb78af
 100.64.160.1/32                    route    2e9fa185-6b0e-5632-b80d-a646e903bc37
 192.168.60.0/24                    route    0842709d-5019-48f3-bb1b-228fc45ed058          <--- DHCP Server subnet
 192.168.60.2/32                    route    2e9fa185-6b0e-5632-b80d-a646e903bc37
 192.168.70.0/24                    route    6988c30f-6e40-4195-9a0b-f1a967c71a04
 192.168.70.1/32                    route    2e9fa185-6b0e-5632-b80d-a646e903bc37
 IPv6 Forwarding Table
 IP Prefix                                     Gateway IP                                Type        UUID                                   Gateway MAC
 ::/0                                          fc7a:1e3f:83d2:6800::1                    route       6889225f-2206-4337-88c6-58fc5adb78af
 fc7a:1e3f:83d2:6800::/64                                                                route       6889225f-2206-4337-88c6-58fc5adb78af
 fc7a:1e3f:83d2:6800::2/128                                                              route       2e9fa185-6b0e-5632-b80d-a646e903bc37
 nsxtedge01(vrf)>

In Advanced Networking & Security verify that the Relay Service has been realized in the Tier-1 Gateway Logical Router Ports where DHCP Clients connect:

Verify that the Guest VM has been allocated an IP Address:

Great, our Photon Guest VM has been allocated the first IP address in the DHCP scope:

Configuring a DHCP Server in NSX-T

DHCP Troubleshooting:

This covers DHCP Server Configuration in NSX-T. This related article outlines a structured approach to NSX-T DHCP Troubleshooting.

Similar Posts

4 Comments

    1. Jani,

      Thanks for asking!

      In this case, NSX-T is performing DHCP Services. The DHCP scope isn’t defined with the DHCP service, as expected in a more traditional server-based system. Think of it more as a logical construct, where the DHCP pool is defined and associated with the segment on which DHCP Client workloads connect.

      Regards,
      Gary

Comments are closed.