dhcp coa-zero-lease dhcpv6-enhance layer2

Usage Scenario

A user needs to go offline and then go online again if authorization information, including IP address, VPN, domain, and QoS information, needs to be updated for the user. During the re-authentication process, the user can obtain new authorization information. If the dhcp coa-zero-lease dual-cut command is run, the device logs out a dual-stack user from both stacks upon receipt of a DHCPv4 Request message for lease renewal from the user. In this case, the IPv6 service of the user is interrupted. To resolve this problem, run the dhcp coa-zero-lease dhcpv6-enhance layer2 command to enable the device to log out a Layer 2 IPoE user from the IPv6 stack to trigger re-authentication upon receipt of a DHCPv6 Renew message after the RADIUS server delivers a zero lease for the IPv4 address of the user in a CoA message. When a dual-stack user is online, if the DHCPv4 user sends a Request message to trigger user logout, the device sends a DHCPv6 Reconfigure message to the client so that the client can immediately detect the user logout from the IPv6 stack and re-dial up for login. This greatly reduces the duration of IPv6 service interruption.

Prerequisites

A user has gone online from a device, and the access dhcpv6 reconfigure command has been run on the device. If the dhcp coa-zero-lease dhcpv6-enhance layer2 command has not been run, the device will not send Reconfigure messages to clients, and IPv6 services of users will be interrupted.

Configuration Impact

After the dhcp coa-zero-lease dhcpv6-enhance layer2 command is run, when the RADIUS server delivers a zero lease in a CoA message for the IPv4 address of a user:

• If a user is online from only the IPv4 stack, the device sends an NAK message to the client upon receipt of a Request message for lease renewal from the client and logs out the user. When the device waits for a request for re-login from the user, the user can go online from the IPv6 stack.
• If a user is online from only the IPv6 stack, the device sends a Reply message in which the value of the ValidLifetime field is 0 upon receipt of a Renew message from the client and logs out the user. When the device waits for a request for re-login from the user, the user can go online from the IPv4 stack.
• If a dual-stack user is online from both the IPv4 and IPv6 stacks, the user can be logged out from both stacks only when a DHCPv4 Request message for lease renewal is received from the user. If a device is enabled to send Reconfigure messages to clients, the device sends both NAK and Reconfigure messages to clients. If the device is disabled from sending Reconfigure messages to clients, the device sends only NAK messages to clients.

Precautions

This command does not support multiple VRs and takes effect only for online users.

After the dhcp coa-zero-lease dhcpv6-enhance layer2 command is run, if the RADIUS server delivers a zero lease in a CoA message to a dual-stack user who obtains an IPv6 address through DHCPv6 and an IPv6 prefix through ND, the device logs out the dual-stack user from both stacks upon receipt of a DHCPv4 Request message for lease renewal or logs out the dual-stack user from the IPv6 stack upon receipt of a DHCPv6 Renew message. In this case, the device also sends an RA message in which the value of the Preferred Lifetime field is 0 to the client, but the client may not perform re-dialup for login. As a result, ND services of the user may be interrupted.

In VS mode, this command is supported only by the admin VS.