Principles of the DHCP proxy feature

44

Only after the Dynamic Host Configuration Protocol (DHCP) Layer 3 relay function is enabled, an access device supports the DHCP proxy function and can use it on user ports and cascade ports.

Server ID proxy: Option 54 in DHCP packets is called server identifier (server ID), and its value is the IP address of the DHCP server. This field is used to identify the DHCP server. Server ID proxy is a function for modifying the option 54 field in a DHCP packet so that the IP address of the DHCP server is unavailable to the client. This prevents the attacks initiated by the DHCP client to the DHCP server.
Lease time proxy: The lease time of the IP address requested by the client is related to options 51, 58, and 59 in the DHCP packet. Lease time proxy is a function for modifying these options in a DHCP packet so that a lease time which is shorter than that directly allocated by the DHCP server is available to the client. This facilitates the lease time management.

For more information, visit Huawei technical support website.

Other related questions:
Transparent DNS proxy configuration on the USG6000
The principle for configuring the transparent DNS proxy on the USG6000 is as follows: By configuring the transparent DNS proxy on the NGFW, DNS request packets of intranet users are distributed to DNS servers of ISP1 and ISP2 based on a ratio of 2:1. In this way, network access traffic of the intranet users is also distributed to the DNS servers of ISP1 and ISP2 based on a ratio of 2:1. The smart routing function is required to select an outbound interface. In addition, the ISP address library routing function must be configured. The configuration procedure is as follows: 1. Configure the transparent DNS proxy function. Bind the DNS server address with the outbound interface. Specify the address of the DNS server serving as the transparent DNS proxy, and configure the domain names to be excluded. 2. Configure the ISP address library routing function. If the preset ISP address file is used, skip this step. If a new ISP address file is imported, configure the ISP name and specify the mapping between the ISP name and the ISP address file. 3. Configure the outbound interface. Configure the interface IP address, gateway, bandwidth, bandwidth overload protection threshold, and ISP name corresponding to the interface. 4. Configure the global routing policy. Set the smart routing mode to load balancing, and set outbound interfaces that are directly connected to the NGFW, ISP1 network, and ISP2 network as member interfaces of the smart routing function. For specific configurations, click Method Used to Configure Transparent DNS Proxy on the USG6000.

ARP proxy feature of the access network
When a PC sends an Address Resolution Protocol (ARP) request to another PC, the request is processed by the access device connected to the 2 PCs. This process is called ARP proxy. ARP proxy is often used for communication between the sub virtual local area networks (VLANs) in a super VLAN.

Principles of HSB
The AR supports the HSB function. HSB implementation involves data synchronization and traffic switching. Data synchronization is performed to ensure consistent information on the master and backup devices when the two devices are working normally. Traffic switching is performed to ensure non-stop service forwarding when the master device fails or recovers. The principle for data synchronization is to establish active and standby channels between devices that back up each other. Session entries of the master device can be synchronized to the backup device through the channel at one time, in real time, or periodically. The principle for traffic switching is based on negotiation between the master device and the backup device using VRRP. When the master device fails, a new master device is elected based on VRRP priorities and the traffic is switched to the master device. For details, see “HSB Configuration�?in AR100&AR120&AR150&AR160&AR200&AR1200&AR2200&AR3200&AR3600 V200R008 CLI-based Configuration Guide - Reliability.

Principle of BSSID generation
Centralized BSSID management allows an AC to automatically assign a unique BSSID to each VAP. You only need to configure a carrier ID and an AC ID for an AC. Then the AC automatically assigns a BSSID to each VAP. The BSSID allows you to rapidly locate a VAP on a network. A BSSID is generated based on the AC ID, carrier ID, and WLAN ID.

OTN principles
An OTN is a network consisting of optical NEs that are connected through optical fibers. It can transmit, multiplex, route, manage, monitor, and protect client signals on optical channels. A main feature of the OTN is client independence. That is, the transmission and configuration of any digital signals are irrelevant to the features of a client. OTN has the following advantages over traditional SDH: More powerful forward error correction, Tandem connection monitoring (TCM) at more levels, transparent transmission of client signals, and scalable switching capacity.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top