WAN link IP address learning through DHCP client 编辑

Citrix SD-WAN appliances support WAN Link IP address learning through DHCP Clients. This functionality reduces the amount of manual configuration required to deploy SD-WAN appliances and reduces ISP costs by eliminating the need to purchase static IP addresses. SD-WAN appliances can obtain dynamic IP addresses for WAN Links on untrusted interfaces. This eliminates the need for an intermediary WAN router to perform this function.

Note

• DHCP Client can only be configured for untrusted non-bridged interfaces configured as Client Nodes.
• DHCP Client for Data Port can be enabled only on non-MCN / non-RCN sites.
• One-Arm or Policy Based Routing (PBR) deployment is not supported on the site with DHCP Client configuration.
• DHCP events are logged from the client’s perspective only and no DHCP server logs are generated.

To configure DHCP for an untrusted virtual interface on fail-to-block mode:

1. In the Configuration Editor, go to Sites > [Site Name] > Interface Groups > Virtual Interfaces.

   Note

   The physical interface in the interface group must be a non-bridged pair on a single interface.

   

2. Select DHCP as the Client Mode.

3. Navigate to WAN Links > [WAN Link Name] > Settings > Basic Settings.

4. Click the Autodetect Public IP check box to enable the MCN to detect the Public IP Address used by the Client. This is required when DHCP Client mode is configured for the WAN Link.

   

DHCP support on Fail-to-Wire port

Earlier, the DHCP client was only supported on Fail-to-block port. With 11.2.0 release, the DHCP client capability is extended on fail-to-wire port for the branch site with serial High Availability (HA) deployments. This enhancement:

• Allows the DHCP client configuration on untrusted interface group that has fail-to-wire bridge pair and serial HA deployments.

• Allows DHCP interfaces to be selected as part of Private Intranet WAN links.

DHCP client is now supported on the private intranet link.

To configure DHCP for an untrusted virtual interface on fail-to-wire mode:

1. In the Configuration Editor, go to Sites > [Site Name] > Interface Groups > Virtual Interfaces.

   

2. Select DHCP as the Client Mode and add Bridge Pairs.

3. Go to WAN Links > click + > select WAN Link Name from the drop-down list > select Settings in the Section field > Basic Settings.

4. Click the Autodetect Public IP check box to enable the MCN to detect the Public IP Address used by the Client. This is required when DHCP Client mode is configured for the WAN Link.

   

Note

A LAN interface must not be connected into the fail-to-wire pair as packets might be bridged between the interfaces.

Monitoring DHCP client WAN links

The runtime Virtual IP address, Subnet Mask, and Gateway settings are logged and archived in a log file called SDWANVW_ip_learned.log. Events are generated when Dynamic Virtual IPs are learned, released, or expired, and when there is a communication issue with the learned Gateway or DHCP server. Or when duplicate IP addresses are detected in the archived log file. If duplicate IPs are detected at a site, Dynamic Virtual IP addresses are released and renewed until all Virtual Interfaces at the site obtain unique Virtual IP addresses.

To monitor DHCP client WAN links:

1. In the SD-WAN appliance, Enable/Disable/Purge Flows page, the DHCP Client WAN Links table provides the status of learned IPs.

2. You can request to renew the IP, which refreshes the lease time. You can also choose to Release Renew, which issues a new IP address with a new lease.