dhcpv6 lease-proxy preferred-lifetime(AAA domain view)

Function

The dhcpv6 lease-proxy preferred-lifetime command enables DHCPv6 lease proxy and configures a lease proxy duration.

The undo dhcpv6 lease-proxy preferred-lifetime command disables DHCPv6 lease proxy.

By default, the DHCPv6 lease proxy function is disabled in a domain.

This command is supported only on the NetEngine 8000 F1A.

Format

dhcpv6 lease-proxy preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime [ user-detect ]

undo dhcpv6 lease-proxy preferred-lifetime preferred-lifetime valid-lifetime valid-lifetime [ user-detect ]

Parameters

Parameter	Description	Value
preferred-lifetime preferred-lifetime	Specifies the preferred lifetime of DHCPv6 addresses. This parameter is used to calculate the renewal time and rebinding time of IPv6 addresses.	The value is an integer that ranges from 40 to 3600 in seconds.
valid-lifetime valid-lifetime	Specifies the valid lifetime of a DHCPv6 lease proxy user, indicating the expiration time of an IP address. After the time specified in this parameter elapses, the user goes offline. The value of this parameter must be greater than or equal to the value of preferred-lifetime.	The value is an integer that ranges from 60 to 3620 in seconds.
user-detect	Indicates the proactive ND detection for DHCPv6 lease proxy users.	-

Parameter

Description

Value

preferred-lifetime preferred-lifetime

Specifies the preferred lifetime of DHCPv6 addresses. This parameter is used to calculate the renewal time and rebinding time of IPv6 addresses.

The value is an integer that ranges from 40 to 3600 in seconds.

valid-lifetime valid-lifetime

Specifies the valid lifetime of a DHCPv6 lease proxy user, indicating the expiration time of an IP address. After the time specified in this parameter elapses, the user goes offline. The value of this parameter must be greater than or equal to the value of preferred-lifetime.

The value is an integer that ranges from 60 to 3620 in seconds.

user-detect

Indicates the proactive ND detection for DHCPv6 lease proxy users.

Views

AAA domain view

Default Level

3: Management level

Task Name and Operations

Task Name	Operations
bras-control	write

Usage Guidelines

Usage Scenario

If a DHCPv6 server has assigned a long lease time for a client, when the client becomes faulty or the link between the client and BRAS fails, the user goes offline. However, because the lease time does not elapse, the DHCPv6 server cannot get aware of user offline in time. As a result, the DHCPv6 server cannot release the IPv6 address assigned to the user in time, leading to an address waste. The lease proxy function can be enabled on the BRAS to prevent this problem. After that, the address lease can be changed to a smaller value when the BRAS that functions as the DHCPv6 relay agent sends Advertise and Reply packets to the client. In this manner, a user-side fault can trigger user offline and the IP address of the user can be released in time. After the user-side fault is rectified, the BRAS can reply with a NAK packet to trigger the client to initiate a user access request again to restore the service.

To enable the DHCPv6 lease proxy function, run the dhcpv6 lease-proxy command to set a shorter lease time so that client faults or link failures can be identified in time.

If the user-detect command is not run, the proactive ND detection for the DHCPv6 lease proxy users is disabled by default.Because the DHCPv6 lease proxy function can rapidly detect the user online status, you are not advised to enable proactive ND detection on DHCPv6 lease proxy users.

The preferred-lifetime and valid-lifetime of DHCPv6 lease proxy need to be configured based on the actual network conditions and the requirements on the time for identifying client or link faults. When network conditions are good, the recommended values of preferred-lifetime and valid-lifetime are 120s and 150s, respectively. When network conditions are poor, the recommended values of preferred-lifetime and valid-lifetime are greater than 300s. When the value of valid-lifetime is less than 300s for the configured lease proxy, to prevent the system from incorrectly determining user offline because the user leases recorded on the device before and after the lease is changed are different, change the value of valid-lifetime to 300s when lease proxy is configured on the non-main-processing board for trunk online users, slave device in dual-device hot backup scenarios, or slave interface board or DHCPv6 lease proxy is initially enabled and the release is not renewed.

Configuration Impact

After the dhcpv6 lease-proxy command is run to enable DHCPv6 lease proxy, the DHCPv6 lease proxy function can take effect for users who go online from the interface when the following conditions are met:

DHCPv6 lease proxy is enabled on the BAS interface or in the domain where the user resides.
The user is an IPoE access user.
The user is a Layer 2 or Layer 3 DHCPv6 IA_NA, IA_PD, or IA_NA+IA_PD user, and no ND stack exists.

The T1 obtained from the RADIUS server or DHCPv6 server for the user's IA_NA or IA_PD stack must be no less than 15 minutes and no less than the value of preferred-lifetime specified in the dhcpv6 lease-proxy command.

The Option length does not exceed 1500 in the reply packets sent by the DHCPv6 server to the user.
After the DHCPv6 lease proxy function takes effect for users, the client uses the preferred-lifetime and valid-lifetime parameters specified in the dhcpv6 lease-proxy command, and the DHCPv6 server uses the preferred-lifetime and valid-lifetime parameters allocated for user access. If the user has not renewed the lease within the valid-lifetime specified in the dhcpv6 lease-proxy command, the BRAS makes the user go offline and sends a Release packet to notify the DHCPv6 server of user offline.
After the DHCPv6 lease proxy function takes effect for users, the reply packets sent by the BRAS carries option information which is consistent with that carried in the reply packets sent by the DHCPv6 server to the client. During the period when the DHCPv6 proxy agent is sending a reply packet, the option information in the access request packet will not be re-parsed.
To prevent the problem that the DHCPv6 server fails to receive renewal packets from clients for a long time and therefore releases client IP addresses after the BRAS sends renewal packets, the BRAS processes user renewal packets in non-proxy mode when "the current system time - Start lease time of the DHCPv6 server + Half of the preferred-lifetime of the DHCPv6 proxy lease > T1" on the DHCPv6 server. Then, the BRAS forwards the renewal packets to the DHCPv6 server for processing to extend the lease time on the DHCPv6 server.
If the proactive ND detection function is not enabled for DHCPv6 lease proxy users, after the DHCPv6 lease proxy function takes effect, the BRAS will not proactively send NS detection packets to check whether the user is online.
If the DHCPv6 lease proxy configuration is changed during the online duration of the user, the changed configuration takes effect when the DHCPv6 server processes user renewal packets.
To prevent the device CPU usage from going high because clients frequently send renewal packets, the device processes only one renewal packet within 1s for the same DHCPv6 lease proxy user.
To prevent the device from frequently processing DHCPv6 lease proxy services and affecting other service functions, for users whose preferred-lifetime and valid-lifetime are set to a value less than 300s, when the device CPU usage is high, these parameters can be set to 120s and 300s, respectively, during lease renewal to reduce the pressure on the device CPU.

Precautions

If DHCPv6 lease proxy has been configured in both the BAS interface view and domain view, the configuration in the BAS interface view takes effect.
After DHCPv6 lease proxy is configured, if the lease is short and the value of valid-lifetime is close to the value of preferred-lifetime, transmission of link packets may be delayed. As a result, there is a big difference between the time the BRAS receives renewal packets and the time the user sends renewal packets. Consequently, the device may incorrectly determine that the user lease is expired and then makes the user go offline. You are advised to set the value of valid-lifetime greater than the value of preferred-lifetime by 20 seconds.
After DHCPv6 lease proxy is enabled, run the lock drain command to lock the address pool. This command takes effect only when the T1/T2 time of the original lease expires and the renew packet is sent to the remote or local server for processing. Users cannot go online during the lease proxy period. Instead, users can go online when the lease specified on the server is expired. With the lease proxy function, the device allows users to go online again after rapidly getting aware of the expiration of the proxy lease. During a device upgrade, this function can replace the lock drain command configuration.
For DHCPv6 users who are triggered to go online upon receipt of IPv6 or ND packets after they abnormally go offline, the DHCPv6 lease proxy function does not take effect during the user online process. When user renewal packets are received and the lease renew succeeds, the device determines that conditions for DHCPv6 lease proxy are met, and then DHCPv6 lease proxy can take effect.
By default, ND detection is not enabled for users enabled with DHCPv6 lease proxy. To enable ND protection, run the dhcpv6 lease-proxy preferred-lifetime <preferred-lifetime> valid-lifetime <valid-lifetime> user-detect.
For DHCPv6 lease proxy users who go online from a remote address pool, you do not need to run the remote-ip lease manage command in a prefix pool. The device can get aware of user offline when the lease is expired and not renewed and then sends a Release message to the DHCPv6 server.
The global lease configured using the dhcpv6 upgrade command does not take effect for DHCPv6 lease proxy users. After lease proxy is enabled, you do not need to run the dhcpv6 upgrade command to make users offline during a device upgrade. Instead, the device rapidly detects that the proxy lease is expired, triggering users to go online again.
After the clock datetime command is run to change the system time, if the current system time is earlier than the start time of the lease on the DHCPv6 server, the lease of the DHCPv6 proxy is not renewed. Instead, user packets are forwarded to the DHCPv6 server for processing and the start time of the lease for the DHCPv6 server is renewed.
If the value of preferred-lifetime of DHCPv6 lease proxy is less than 300s, the CPU usage may be high. During command execution, the following error message is displayed: Warning: Enable the user-detect or the prefer time is less than 300, may cause the board CPU usage high.
If the value of preferred-lifetime or valid-lifetime of DHCPv6 lease proxy is less than 300s, when the device performs a reliability operation, such as the main control board or interface board master/slave switchover, users may go online after the lease is expiring because the renew and rebind request packets sent by the client fail to be processed.

Example

# Enable the DHCPv6 lease proxy function on a domain and configure the lease time.

<HUAWEI> system-view
[~HUAWEI] aaa
[~HUAWEI-aaa] domain 123
[~HUAWEI-aaa-domain-123] dhcpv6 lease-proxy preferred-lifetime 900 valid-lifetime 920