dhcpv6 lease-proxy preferred-lifetime(BAS interface view)

Usage Scenario

If a DHCPv6 server has assigned a long lease time for a client, when the client becomes faulty or the link between the client and BRAS fails, the user goes offline. However, because the lease time does not elapse, the DHCPv6 server cannot get aware of user offline in time. As a result, the DHCPv6 server cannot release the IPv6 address assigned to the user in time, leading to an address waste. The lease proxy function can be enabled on the BRAS to prevent this problem. After that, the address lease can be changed to a smaller value when the BRAS that functions as the DHCPv6 relay agent sends Advertise and Reply packets to the client. In this manner, a user-side fault can trigger user offline and the IP address of the user can be released in time. After the user-side fault is rectified, the BRAS can reply with a NAK packet to trigger the client to initiate a user access request again to restore the service.

To enable the DHCPv6 lease proxy function, run the dhcpv6 lease-proxy command to set a shorter lease time so that client faults or link failures can be identified in time.

If the user-detect command is not run, the proactive ND detection for the DHCPv6 lease proxy users is disabled by default.Because the DHCPv6 lease proxy function can rapidly detect the user online status, you are not advised to enable proactive ND detection on DHCPv6 lease proxy users.

The preferred-lifetime and valid-lifetime of DHCPv6 lease proxy need to be configured based on the actual network conditions and the requirements on the time for identifying client or link faults. When network conditions are good, the recommended values of preferred-lifetime and valid-lifetime are 120s and 150s, respectively. When network conditions are poor, the recommended values of preferred-lifetime and valid-lifetime are greater than 300s. When the value of valid-lifetime is less than 300s for the configured lease proxy, to prevent the system from incorrectly determining user offline because the user leases recorded on the device before and after the lease is changed are different, change the value of valid-lifetime to 300s when lease proxy is configured on the non-main-processing board for trunk online users, slave device in dual-device hot backup scenarios, or slave interface board or DHCPv6 lease proxy is initially enabled and the release is not renewed.

Prerequisites

The access type has been set to common Layer 2 or Layer 3 access in the BAS view.

Configuration Impact

• If DHCPv6 lease proxy has been configured in both the BAS interface view and domain view, the configuration in the BAS interface view takes effect.

• After DHCPv6 lease proxy is configured, if the lease is short and the value of valid-lifetime is close to the value of preferred-lifetime, transmission of link packets may be delayed. As a result, there is a big difference between the time the BRAS receives renewal packets and the time the user sends renewal packets. Consequently, the device may incorrectly determine that the user lease is expired and then makes the user go offline. You are advised to set the value of valid-lifetime greater than the value of preferred-lifetime by 20 seconds.

• After DHCPv6 lease proxy is enabled, run the lock drain command to lock the address pool.This command takes effect only when the T1/T2 time of the original lease expires and the renew packet is sent to the remote or local server for processing.Users cannot go online during the lease proxy period. Instead, users can go online when the lease specified on the server is expired. With the lease proxy function, the device allows users to go online again after rapidly getting aware of the expiration of the proxy lease. During a device upgrade, this function can replace the lock drain command configuration.

• For DHCPv6 users who are triggered to go online upon receipt of IPv6 or ND packets after they abnormally go offline, the DHCPv6 lease proxy function does not take effect during the user online process. When user renewal packets are received and the lease renew succeeds, the device determines that conditions for DHCPv6 lease proxy are met, and then DHCPv6 lease proxy can take effect.

• By default, ND detection is not enabled for users enabled with DHCPv6 lease proxy. To enable ND protection, run the dhcpv6 lease-proxy preferred-lifetime command.

• For DHCPv6 lease proxy users who go online from a remote address pool, you do not need to run the remote-ip lease manage command in a prefix pool. The device can get aware of user offline when the lease is expired and not renewed and then sends a Release message to the DHCPv6 server.

• The global lease configured using the dhcpv6 upgrade command does not take effect for DHCPv6 lease proxy users. After lease proxy is enabled, you do not need to run the dhcpv6 upgrade command to make users offline during a device upgrade. Instead, the device rapidly detects that the proxy lease is expired, triggering users to go online again.

• After the clock datetime command is run to change the system time, if the current system time is earlier than the start time of the lease on the DHCPv6 server, the lease of the DHCPv6 proxy is not renewed. Instead, user packets are forwarded to the DHCPv6 server for processing and the start time of the lease for the DHCPv6 server is renewed.

  – If the value of preferred-lifetime of DHCPv6 lease proxy is less than 300s, the CPU usage may be high. During command execution, the following error message is displayed: Warning: Enable the user-detect or the prefer time is less than 300, may cause the board CPU usage high.

• If the value of preferred-lifetime or valid-lifetime of DHCPv6 lease proxy is less than 300s, when the device performs a reliability operation, such as the main control board or interface board master/slave switchover, users may go online after the lease is expiring because the renew and rebind request packets sent by the client fail to be processed.

Precautions

• If DHCPv6 lease proxy has been configured in both the BAS interface view and domain view, the configuration in the BAS interface view takes effect.

• After DHCPv6 lease proxy is configured, if the lease is short and the value of valid-lifetime is close to the value of preferred-lifetime, transmission of link packets may be delayed. As a result, there is a big difference between the time the BRAS receives renewal packets and the time the user sends renewal packets. Consequently, the device may incorrectly determine that the user lease is expired and then makes the user go offline. You are advised to set the value of valid-lifetime greater than the value of preferred-lifetime by 20 seconds.

• After DHCPv6 lease proxy is enabled, run the lock drain command to lock the address pool. This command takes effect only when the T1/T2 time of the original lease expires and the renew packet is sent to the remote or local server for processing. Users cannot go online during the lease proxy period. Instead, users can go online when the lease specified on the server is expired. With the lease proxy function, the device allows users to go online again after rapidly getting aware of the expiration of the proxy lease. During a device upgrade, this function can replace the lock drain command configuration.

• For DHCPv6 users who are triggered to go online upon receipt of IPv6 or ND packets after they abnormally go offline, the DHCPv6 lease proxy function does not take effect during the user online process. When user renewal packets are received and the lease renew succeeds, the device determines that conditions for DHCPv6 lease proxy are met, and then DHCPv6 lease proxy can take effect.

• By default, ND detection is not enabled for users enabled with DHCPv6 lease proxy. To enable ND protection, run the dhcpv6 lease-proxy preferred-lifetime command.

• For DHCPv6 lease proxy users who go online from a remote address pool, you do not need to run the remote-ip lease manage command in a prefix pool. The device can get aware of user offline when the lease is expired and not renewed and then sends a Release message to the DHCPv6 server.

• The global lease configured using the dhcpv6 upgrade command does not take effect for DHCPv6 lease proxy users. After lease proxy is enabled, you do not need to run the dhcpv6 upgrade command to make users offline during a device upgrade. Instead, the device rapidly detects that the proxy lease is expired, triggering users to go online again.

• After the clock datetime command is run to change the system time, if the current system time is earlier than the start time of the lease on the DHCPv6 server, the lease of the DHCPv6 proxy is not renewed. Instead, user packets are forwarded to the DHCPv6 server for processing and the start time of the lease for the DHCPv6 server is renewed.

• If the value of preferred-lifetime of DHCPv6 lease proxy is less than 300s, the CPU usage may be high. During command execution, the following error message is displayed: Warning: Enable the user-detect or the prefer time is less than 300, may cause the board CPU usage high.

• If the value of preferred-lifetime or valid-lifetime of DHCPv6 lease proxy is less than 300s, when the device performs a reliability operation, such as the main control board or interface board master/slave switchover, users may go online after the lease is expiring because the renew and rebind request packets sent by the client fail to be processed.

• When a large number of users exist, if the deletion of the lease proxy function takes effect immediately, user lease renewal will fail due to limit on packet sending (dhcpv6 lease-proxy rate-limit), or the main control board and DHCPv6 server will be attacked due to the sharp increase of renewal packets.