Product Documentation
Citrix SD-WAN
Current Release 11.5 limited availability 11.3 11.2 11.1 11.0 10.2
View PDF

WAN link IP address learning through DHCP client

February 28, 2022
Contributed by: 
H S

Citrix SD-WAN appliances support WAN Link IP address learning through DHCP Clients. This functionality reduces the amount of manual configuration required to deploy SD-WAN appliances and reduces ISP costs by eliminating the need to purchase static IP addresses. SD-WAN appliances can obtain dynamic IP addresses for WAN Links on untrusted interfaces. This eliminates the need for an intermediary WAN router to perform this function.

Note

  • DHCP Client can only be configured for untrusted non-bridged interfaces configured as Client Nodes.
  • DHCP client and data port can be enabled on MCN/RCN only if Public IP address is configured.
  • One-Arm or Policy Based Routing (PBR) deployment is not supported on the site with DHCP Client configuration.
  • DHCP events are logged from the client’s perspective only and no DHCP server logs are generated.

To configure DHCP for an untrusted virtual interface on fail-to-block mode:

  1. In the Configuration Editor, go to Sites > [Site Name] > Interface Groups > Virtual Interfaces.

    Note

    The physical interface in the interface group must be a non-bridged pair on a single interface.

    DHCP client mode

  2. Select one of the following options as the Client Mode:

    • DHCP IPv4 Only
    • DHCP IPv6 Only
    • DHCP IPv4 IPv6

If both SLAAC and either DHCP IPv6 or DHCP IPv4 IPv6 is enabled, then DHCPv6 functions in stateless mode.

  1. Navigate to WAN Links > [WAN Link Name] > Settings > Basic Settings.

  2. Click the Autodetect Public IP check box to enable the MCN to detect the Public IP Address used by the Client. This is required when DHCP Client mode is configured for the WAN Link.

    DHCP client WAN links

DHCP support on Fail-to-Wire port

Earlier, the DHCP client was only supported on Fail-to-block port. With 11.2.0 release, the DHCP client capability is extended on fail-to-wire port for the branch site with serial High Availability (HA) deployments. This enhancement:

  • Allows the DHCP client configuration on untrusted interface group that has fail-to-wire bridge pair and serial HA deployments.

  • Allows DHCP interfaces to be selected as part of Private Intranet WAN links.

DHCP client is now supported on the private intranet link.

DHCP support on fail to wire port

To configure DHCP for an untrusted virtual interface on fail-to-wire mode:

  1. In the Configuration Editor, go to Sites > [Site Name] > Interface Groups > Virtual Interfaces.

    Fail to wire config 1

  2. Select one of the following options as the Client Mode and then add Bridge Pairs:
    • DHCP IPv4 Only
    • DHCP IPv6 Only
    • DHCP IPv4 IPv6

  3. Go to WAN Links > click + > select WAN Link Name from the drop-down list > select Settings in the Section field > Basic Settings.

  4. Click the Autodetect Public IP check box to enable the MCN to detect the Public IP Address used by the Client. This is required when DHCP Client mode is configured for the WAN Link.

    Fail to wire config 2

Note

A LAN interface must not be connected into the fail-to-wire pair as packets might be bridged between the interfaces.

The runtime Virtual IP address, Subnet Mask, and Gateway settings are logged and archived in a log file called SDWANVW_ip_learned.log. Events are generated when Dynamic Virtual IPs are learned, released, or expired, and when there is a communication issue with the learned Gateway or DHCP server. Or when duplicate IP addresses are detected in the archived log file. If duplicate IPs are detected at a site, Dynamic Virtual IP addresses are released and renewed until all Virtual Interfaces at the site obtain unique Virtual IP addresses.

To monitor DHCP client WAN links:

  1. In the SD-WAN appliance, Enable/Disable/Purge Flows page, the DHCP Client WAN Links table provides the status of learned IPs.

  2. You can request to renew the IP, which refreshes the lease time. You can also choose to Release Renew, which issues a new IP address or the same IP address with a new lease.

    DHCP client WAN link monitoring

DHCP logs

Citrix SD-WAN enables you to generate DHCP server logs for IP addresses. Whenever IP addresses are allocated to endpoints, the logs are generated. The logs contain details such as the timestamp of the IP address allocation and lease duration, MAC address, the client ID and so on. The client ID none indicates that it is not present in the DHCP request.

To generate and view DHCP logs, navigate to Configuration > Logging/Monitoring. Select the SDWAN_dhcp.log option from the drop-down list and click View Log.

DHCP logs

Note

These logs are generated only when Citrix SD-WAN acts as a DHCP server.

WAN link IP address learning through DHCP client
February 28, 2022
Contributed by: 
H S
February 28, 2022
Contributed by: 
H S

In this article

Site feedback | Your privacy choices footer linkYour Privacy Choices | Privacy and legal terms | Cookie preferences | Consent settings | docs.cloud.com
© 1999- Cloud Software Group, Inc. All rights reserved.