目录
DHCP的使用背景
- 在企业网络中,大量的主机或设备需要获取IP地址等参数
- 如果采用手工配置,工作量大,容易出错且不好管理
- 如果用户擅自更改,还有可能会造成IP地址冲突等问题
- 使用动态主机配置协议DHCP,来分配IP地址等网络参数,可以减少管理员的工作量,避免出错
DHCP协议概述
动态主机配置协议(Dynamic Host Configuration Protocol)
作用
- 用于实现企业用户IP地址的动态分配合集中管理
- 避免繁琐的手工配置,快速适应网络的变
DHCP的角色分类
- DHCP客户端
- 通过DHCP洗衣请求获取IP地址等网络参数,例如PC、手机、IP电话等
- DHCP服务器
- 负责为DHCP客户端分配网络参数
- DHCP中继
- 负责转发DHCP服务器和DHCP客户端之间的报文,协助DHCP服务器向DHCP客户端动态分配网络参数的设备
- 当客户端与服务器不在一个网段时,才会用到DHCP中继设备
DHCP工作原理
- 发现阶段:客户端发送DHCP Discover报文
- 提供阶段:服务器回应DHCP Offer报文
- 选择阶段:客户端广播发送DHCP Request报文
- 确认阶段:服务器回应DHCP ACK报文
DHCP服务规划
- 服务器规划
- 合理规划VLAN,确保同一VLAN内仅有一台DHCP Server,能收到此VLAN内客户端的DHCP请求
- IP地址规划
- 可供被DHCP Server自动分配的IP地址范围
- 不能参与自动分配的IP地址,需要提前排除掉
创建基于全局的DHCP
配置思路:
开启设备DHCP功能,确保设备为DHCP服务器
@AR1
<Huawei>undo terminal monitor
<Huawei>system-view
[Huawei]sysname DHCP Server
[DHCP Server]dhcp enable ---启用DHCP服务
在路由器上创建地址池,配置网段、网关、DNS和租约等
[DHCP Server]ip pool AA //建立地址池
[DHCP Server-ip-pool-AA]network 192.168.10.0 mask 24
[DHCP Server-ip-pool-AA]gateway-list 192.168.10.254
[DHCP Server-ip-pool-AA]dns-list 8.8.8.8
[DHCP Server-ip-pool-AA]lease day 3 //租约
[DHCP Server-ip-pool-AA]excluded-ip-address 192.168.10.200 192.168.10.253 //设定需要排除的地址在路求器接口下配置地址,并在接口上启用DHCP
[DHCP Server]int g0/0/1
[DHCP Server-GigabitEthernet0/0/1]ip add 192.168.10.254 24
[DHCP Server-GigabitEthernet0/0/1]dhcp select global 在PC上使用DHCP服务获取地址
验证配置
可自行抓包查看DHCP报文的流程
DHCP中继代理
- 当DHCP服务器与DHCP客户端不在同一个网段时,就需要DHCP中继,
- DHCP中继负责为DHCP服务器和DHCP客户端转发DHCP报文
DHCP中继配置
- DHCP客户端的网关接口,才有资格成为DHCP中继
- 开启DHCP中继的DHCP功能
- 设置DHCp中继的接口模式为relay
- 指定DHCP中继接口的DHCP服务器地址
配置思路:
- 配置基本IP地址信息、规划网段
- 启用DHCP服务、配置地址池相关信息
- 配置设备之间的互联接口以及静态路由
[DHCP Server]ip pool AA //建立地址池
[DHCP Server-ip-pool-AA]network 192.168.1.0 mask 24
[DHCP Server-ip-pool-AA]gateway-list 192.168.1.254
[DHCP Server-ip-pool-AA]dns-list 8.8.8.8
[DHCP Server-ip-pool-AA]lease day 3 //租约
[DHCP Server-ip-pool-AA]excluded-ip-address 192.168.1.200 192.168.1.253 //设定需要排除的地址[DHCP Server]int g0/0/1
[DHCP Server-GigabitEthernet0/0/1]dhcp select global 在R2上配置DHCP中继
- 配置网关地址
- 在接口g0/0/0上应用DHCP中继功能
- 在接口上指向DHCP服务器的IP地址
[R2]dhcp enable
[R2]int g0/0/1
[R2-GigabitEthernet0/0/1]ip address 192.168.1.254 255.255.255.0
[R2-GigabitEthernet0/0/1]dhcp select relay //接口上启用DHCP中继功能
[R2-GigabitEthernet0/0/1]dhcp relay server-ip 10.10.10.1 //指向DHCP服务器的IP地址验证
三层交换配置DHCP服务器
需求:
- LSW1为vlan10、vlan20的网关
- vlan10网段为 192.168.1.0/24 网关 192.168.1.254/24
- vlan10网段为 192.168.2.0/24 网关 192.168.2.254/24
- 自动获取IP地址,确保全网互通
配置思路:
配置DHCP服务器
@SW1
<Huawei>u t m
[Huawei]sys
[Huawei]sysname DHCP Server
[DHCP Server]dhcp enable
[DHCP Server]ip pool pool1
[DHCP Server-ip-pool-pool1]gateway-list 192.168.1.254
[DHCP Server-ip-pool-pool1]network 192.168.1.0 mask 255.255.255.0
[DHCP Server-ip-pool-pool1]dns-list 8.8.8.8
[DHCP Server-ip-pool-pool1]excluded-ip-address 192.168.1.200 192.168.1.253
[DHCP Server-ip-pool-pool1]quit
[DHCP Server]ip pool pool2
[DHCP Server-ip-pool-pool2]gateway-list 192.168.2.254
[DHCP Server-ip-pool-pool2]network 192.168.2.0 mask 255.255.255.0
[DHCP Server-ip-pool-pool2]dns-list 8.8.8.8
[DHCP Server-ip-pool-pool2]excluded-ip-address 192.168.2.200 192.168.2.253创建VLAN,配置VLANIF的IP地址、配置交换机之间互联接口为TRUNK模式
[DHCP Server]vlan batch 10 20
[DHCP Server]interface Vlanif10
[DHCP Server-Vlanif10] ip address 192.168.1.254 255.255.255.0
[DHCP Server-Vlanif10] dhcp select global //启用DHCP全局模式
[DHCP Server-Vlanif10] Quit
[DHCP Server]interface Vlanif20
[DHCP Server-Vlanif20] ip address 192.168.2.254 255.255.255.0
[DHCP Server-Vlanif20] dhcp select global
[DHCP Server-Vlanif20] quit
[DHCP Server]interface GigabitEthernet0/0/1
[DHCP Server-GigabitEthernet0/0/1] port link-type trunk //此接口设置为trunk模式
[DHCP Server-GigabitEthernet0/0/1] port trunk allow-pass vlan all
[DHCP Server-GigabitEthernet0/0/1] quit
[DHCP Server]interface GigabitEthernet0/0/2
[DHCP Server-GigabitEthernet0/0/2] port link-type trunk //此接口设置为trunk模式
[DHCP Server-GigabitEthernet0/0/2] port trunk allow-pass vlan all
[DHCP Server-GigabitEthernet0/0/2] quit配置SW2和SW3
@sw2
[Huawei]vlan batch 10 20
[Huawei]interface G0/0/2
[Huawei-GigabitEthernet0/0/2] port link-type access
[Huawei-GigabitEthernet0/0/2] port default vlan 10
[Huawei-GigabitEthernet0/0/2] Quit
[Huawei]interface G0/0/3
[Huawei-GigabitEthernet0/0/3] port link-type access
[Huawei-GigabitEthernet0/0/3] port default vlan 10
[Huawei-GigabitEthernet0/0/3] Quit
[Huawei]interface G0/0/1
[Huawei-GigabitEthernet0/0/1] port link-type trunk
[Huawei-GigabitEthernet0/0/1] port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/1]
@sw3
[Huawei]vlan batch 10 20
[Huawei]interface G0/0/2
[Huawei-GigabitEthernet0/0/2] port link-type access
[Huawei-GigabitEthernet0/0/2] port default vlan 20
[Huawei-GigabitEthernet0/0/2] Quit
[Huawei]interface G0/0/3
[Huawei-GigabitEthernet0/0/3] port link-type access
[Huawei-GigabitEthernet0/0/3] port default vlan 20
[Huawei-GigabitEthernet0/0/3] Quit
[Huawei]interface G0/0/1
[Huawei-GigabitEthernet0/0/1] port link-type trunk
[Huawei-GigabitEthernet0/0/1] port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/1] Quit四台主机均可获得ip地址,并相互互通。
