DHCP
First, the interface configuration is based on the DHCP address pool
1.1 Principle
With the expansion of the case and the complexity of the network to improve network size, location of the computer (such as laptop computers and wireless networks) and the number of computers exceeds the assigned IP address will appear frequently. DHCP (Dynamic Host Configuration Protocol, Dynamic Host Configuration Protocol) is to meet these needs and developed. DHCP adopts a client / server (Client / Server) mode work, DHCP Client sends request messages to dynamically DHCP Server, DHCP Server returns the appropriate configuration information (e.g. IP address) according to the policy.
DHCP client accesses the network for the first time, primarily to establish contact with the DHCP server through four stages.
(1) discovery stage: The DHCP client locate a DHCP server. The client sends DHCP_ Discover packets in the broadcast mode, only the DHCP servers respond.
(2) provide the stage: The DHCP server offers an IP address. After the DHCP server receives a client's DHCP Discover packet pick from a pool of IP addresses has not been assigned an IP address assigned to the client, the client sends to the leased IP address and other settings DHCP_Offer messages.
(3) selection stage: The DHCP client selects an IP address phase. If you have more than one DHCP server to the client to DHCP_Offer message, the client accepts only DHCP_Offer packet received first, and then broadcasts a DHCP server to respond to each DHCP_Request packet.
(4) the validation phase: The DHCP server confirms the IP address phase. When the DHCP server receives the client to answer DHCP_Request message, they would contain it provides the client sends the IP address and other settings DHCP_ACK confirmation message.
1.2 Experimental content
This experiment will simulate the router R1 become the company's DHCP Server, the company's marketing department under the Ministry of Finance and the PC automatically configure the IP address by DHCP mode. Network administrators configure the client PC to obtain an IP address automatically via an interface address pool mode.
1.3 Experimental topology
1.4 Experimental Procedure
1.4.1 Basic Configuration
Substantially corresponding IP address configuration according to the experimental addressing table.
[R1-GigabitEthernet0/0/0]ip add 192.168.1.254 24
[R1-GigabitEthernet0/0/1]ip add 192.168.2.254 24
1.4.2 DHCP Server-based configuration function interface
(1) turn on the DHCP function R1
[R1]dhcp enable
(2) R1 is on GE0 / 0/0 0/0/1 and GE configuration dhcp select interface command, DHCP function will interface specifies the interface address pool allocated address.
[R1-GigabitEthernet0/0/0]dhcp select interface
[R1-GigabitEthernet0/0/1]dhcp select interface
Interface address pool dynamically assigned IP address, the IP address of the network where the interface is the IP address range is located, and on this interface is only valid. When the DHCP server receives the DHCP client request packet Currently, DHCP server will use the address of the interface network address assigned to the client.
1.4.3 Configuring DHCP Server-based interface of the lease / DNS server address
(1) using dhcp server lease R1 command on the interfaces GE 0/0/0 DHCP interface address pool server IP address lease time is 2 days, GE 0/0/1 interface does not modify default value of 1 days, the address will be reassigned after the expired.
[R1-GigabitEthernet0/0/0]dhcp server lease day 2
(2) using dhcp server exclude-ip-address command on GE0 / 0/0 interface configuration interface address pools that are not automatically assigned IP address range 192.168.1.1 to 192.168.1.10.
[R1-GigabitEthernet0/0/0]dhcp server excluded-ip-address 192.168.1.1 192.168.1.1.0
Some address needs to be assigned to other services, such as DNS servers or HTTP servers need to manually configure a static IP address, you can not use dynamically assigned to the client, you can execute the command to configure address pool is automatically assigned an IP address (the default the address pool all addresses to be automatically assigned, this command as an optional command).
When the DHCP server receives a DHCP client requests, DPCP server will select free address pool IP address assigned to the client. GE 0/0/0 interface address pool assignment 192.168.1.1 ~ 192.168.1.10 not involved, and GE 0/0/1 interface is not the command, it is possible to assign a range of IP addresses 192.168.2.1 ~ 192.168.2.253 ( this port address is not included).
(3) specify the DNS server on the interface address pool dhcp server dns-list command on GE0 / 0/1 interfaces, assign addresses to the DNS server is automatically PC-2 8.8.8.8.
[R1-GigabitEthernet0/0/1]dhcp server dns-list 8.8.8.8
Configuring DHCP Client
(1) Open the PC-1 "Basic Configuration" tab in the "IPv4 Configuration" column select "DHCP", and then click the dialog box "Apply" button in the bottom right corner.
(2) Click on the PC-1 "command line" tab, where you can enter "ipconfig" command to view the IP address of the interface.
It can be found by looking at PC-1 has been to get an IPv4 address 192.168.1.253, the gateway address for the router interface address of 192.168.1.254 by DHCP Server.
(3) the display ip pool command on R1 View DHCP address pool address assignments.
The above information shows the current interface-based address pool, as there are two interfaces to enable the DHCP function, the address also has two pools, Pool-name were GE 0/0/0, GE 0/0/1 address pool in the DHCP Server , the gateway is 192.168.1.254, mask of 255.255.255.0, IP address pool can be assigned a total of 506 addresses (in addition to the interface address of the router), have used an idle address 495, the address of which has 10 address pool It is not involved in distribution.
(4)同样的方法为PC-2分配IP地址。
通过观察发现PC-2已通过DHCP Server获取到一个IPv4地址192.168.2.253,网关地址为路由器的接口地址192.168.2.254,DNS服务器地址为8.8.8.8。
二、 配置基于全局地址池的DHCP
2.1实验原理
基于接口地址池的DHCP服务器,连接这个接口网段的用户都从该接口地址池中获取IP地址等配置信息,由于地址池绑定在特定的接口上,可以限制用户的使用条件,因此在保障了安全性的同时也存在一定局限性。当用户从不同接口接入DHCP服务器且需要从同一个地址池里获取IP地址时,就需要配置基于全局地址池的DHCP。
配置基于全局地址池的DHCP服务器,从所有接口上连接的用户都可以选择该地址池中的地址,也就是说全局地址池是一个公共地址池。在DHCP服务器上创建地址池并配置相关属性(包括地址范围、地址租期、不参与自动分配的IP地址等),再配置接口工作在全局地址池模式。路由器支持工作在全局地址池模式的接口有三层接口及其子接口、三层Ethernet接口及其子接口、三层Eth-Trunk接口及其子接口和VLANIF接口。
2.2实验内容
本实验将路由器R1模拟成公司DHCP Server,配置全局地址池,该公司市场部和财务部下的PC通过DHCP的方式自动配置IP地址。
2.3实验拓扑图
本实验拓扑图见1.3。
2.4实验步骤
2.4.1基本配置
根据实验编址表进行相应的IP地址。
[R1-GigabitEthernet0/0/0]ip add 192.168.1.254 24
[R1-GigabitEthernet0/0/1]ip add 192.168.2.254 24
2.4.2配置基于全局地址池的DHCP Server
(1)在R1上开启DHCP功能。
[R1]dhcp enable
(2)使用ip pool 命令创建一个全局地址池,地址池名称为huawei。默认情况下,设备上没有创建任何全局地址池。
[R1]ip pool huawei
(3)使用network命令配置全局地址池为huawei可动态分配的网段范围为192.168.1.0,如果不指定掩码,则默认使用自然掩码,即24位掩码。该网段必须与路由器接口GE 0/0/0的IP地址为同一网段。
[R1-ip-pool-huawei]network 192.168.1.0
(4)使用lease day 命令配置DHCP全局地址池下的地址租期。默认情况下,IP地址租期为1天,对于不同的地址池,DHCP服务器可以指定不同的地址租用期限,但是同一地址池中的地址具有相同的租期。
[R1-ip-pool-huawei]lease day 2
(5)配置DHCP客户端的出口网关地址。
[R1-ip-pool-huawei]gateway-list 192.168.1.254
(6)配置地址池中192.168.1.250到192.168.1.253这些地址不参与自动分配。
[R1-ip-pool-huawei]excluded-ip-address 192.168.1.250 192.168.1.253
(7)配置DNS服务器地址。
[R1-ip-pool-huawei]dns-list 8.8.8.8
(8)开启接口的DHCP功能。使用该命令配置设备指定接口采用全局地址池为客户端分配IP地址。
[R1-GigabitEthernet0/0/0]dhcp select global
(9)路由器需要为两个不同的部门分配IP地址,即需要两个全局地址池。为财务部配置的全局地址池名称为huawei2,IP网段为192.168.2.0,网关地址为192.168.2.254,DNS服务器地址为8.8.8.8。配置完成后再GE 0/0/1 接口下启用全局地址池的DHCP服务器模式。
[R1]ip pool huawei2
[R1-ip-pool-huawei2]network 192.168.2.0
[R1-ip-pool-huawei2]lease day 2
[R1-ip-pool-huawei2]gateway-list 192.168.2.254
[R1-ip-pool-huawei2]dns-list 8.8.8.8
[R1-GigabitEthernet0/0/1]dhcp select global
(10)配置完成后,查看IP地址池信息。
显示出有两个地址池,一个huawei,一个huawei1,地址池的总数为506个,使用了0个,空闲502个,有4个地址不参与分配。
2.4.3配置DHCP Client
(1)打开PC-1的“基础配置”选项卡,在“IPv4配置”栏中选择“DHCP”,然后单击对话框右下角的“应用”按钮。
(2)在命令行下用“ipconfig”查看PC-1当前的IP地址。
(3)测试路由器R1与PC-1之间的连通性。
连通正常。
(4)同理对PC-2进行操作。
三、配置DHCP中继
3.1实验原理
由于在IP地址动态获取的过程中,客户端采用广播方式发送请求报文,而广播报文不能跨网段传送,因此DHCP只适用于DHCP客户端和服务器处于同一个网段内的情况。当多个网段都需要进行动态IP地址分配时,就需要在所有网段上都设置一个DHCP服务器,这显然是不易管理和维护的。
DHCP中继可以使客户端通过它与其他网段的DHCP服务器通信,最终获取IP地址,解决了DHCP客户端不能跨网段向服务器动态获取IP地址的问题。这样,在多个不同网络上的DHCP客户端可以使用同一个DHCP服务器,既节省了成本,又便于进行集中管理和维护。路由器或三层交换机都可以充当DHCP中继设备。
3.2实验内容
本实验模拟企业网络场景。某公司分部的网络由交换机S1和网关路由器R1组成,员工终端PC-1和PC-2都连接在S1上。公司要求分部内所有员工主机的IP地址都通过总部的DHCP服务器自动获取。分部网关路由器R1通过公网路由器R2访问公司总部的DHCP服务器R3。由于公司分部与总部不在同一个子网,需要在R1上配置DHCP中继,使分部内主机能跨网段从总部的DHCP服务器自动获取IP地址。
3.3实验拓扑图
3.4实验步骤
3.4.1基本配置
(1)根据实验编址表进行相应的基本IP地址配置。
[R1-Ethernet2/0/0]ip address 10.1.1.254 24
[R1-GigabitEthernet0/0/0]ip add 200.1.1.1 24
[R2-GigabitEthernet0/0/0]ip add 200.1.1.2
[R2-GigabitEthernet0/0/1]ip add 100.1.1.2 24
[R3-GigabitEthernet0/0/1]ip address 100.1.1.1 24
(2)使用ping命令检测各直连链路的连通性。
3.4.2搭建OSPF网络
(1)在公司路由器R1、R2、R3上都配置运行OSPF协议,所有的网段都发布到区域0中。
[R1]ospf 1
[R1-ospf-1]area 0
[R1-ospf-1-area-0.0.0.0]network 200.1.1.0 0.0.0.255
[R1-ospf-1-area-0.0.0.0]network 10.1.1.0 0.0.0.255
[R2]ospf 1
[R2-ospf-1]area 0
[R2-ospf-1-area-0.0.0.0]network 200.1.1.0 0.0.0.255
[R2-ospf-1-area-0.0.0.0]network 100.1.1.0 0.0.0.255
[R3]ospf 1
[R3-ospf-1]area 0
[R3-ospf-1-area-0.0.0.0]network 100.1.1.0 0.0.0.255
(2)配置完成后,查看路由表的信息。
(3)测试连通性。R1 ping R3
3.4.3配置DHCP服务器
总部路由器R3配置为DHCP服务器,负责为分部的网络分配IP地址。
(1)在R3上使用dhcp enable 命令开启DHCP功能,创建全局地址池dhcp-pool,可分配IP地址范围为10.1.1.0/24,出口网关地址为10.1.1.254。并在面向DHCP中继设备的接口上开启DHCP服务功能,指定从全局地址池分配地址。
[R3]dhcp enable
[R3]ip pool dhcp-pool
[R3-ip-pool-dhcp-pool]network 10.1.1.0 mask 24
[R3-ip-pool-dhcp-pool]gateway-list 10.1.1.254
[R3-GigabitEthernet0/0/1]dhcp select global
(2)使用display ip pool命令查看IP地址池的配置情况。
可以观察到,当前可用的地址除去网关IP以外还剩下253个可用,目前没有PC动态申请IP地址。
3.4.4配置DHCP中继
下面配置R1为DHCP中继设备,指定DHCP服务器为R3。这时如果R1从E 2/0/0接口收到PC的DHCP广播请求包,R1作为DHCP中继设备会以单播形式转发请求包到中继所指明的DHCP服务器R3;R3收到DHCP请求包后,会把分配的IP地址通过单播包返回给R1;R1再把地址信息发送给PC。
配置指定DHCP服务器有两种方式,一种方式是在面向PC的接口下直接配置DHCP服务器IP地址;另一种方式是在面向PC的接口下调用全局定义的DHCP服务器组。
(1)第一种配置方法:直接在R1的E 2/0/0 接口下开启DHCP中继功能,并直接指定DHCP服务器IP地址为100.1.1.1。
[R1]dhcp enable
[R1-Ethernet2/0/0]dhcp select relay
[R1-Ethernet2/0/0]dhcp relay server-ip 100.1.1.1
(2)第二种配置方法:在R1上创建DHCP服务组,指定组名为dhcp-group,并使用dhcp-server命令添加远端的DHCP服务器地址。接着在E2/0/0接口下开启DHCP中继功能并配置所对应的DHCP服务器组。
[R1]dhcp server group dhcp-group
[R1-dhcp-server-group-dhcp-group]dhcp-server 100.1.1.1
[R1-Ethernet2/0/0]dhcp select relay
[R1-Ethernet2/0/0]dhcp relay server-select dhcp-group
3.4.5配置PC获取地址方式为DHCP
(1)打开PC-1的“基础配置”选项卡,在“IPv4配置”栏中选择“DHCP”,然后单击对话框右下角的“应用”按钮。
(2)在命令行下用“ipconfig”查看PC-1当前的IP地址。
(3)同理对PC-2进行操作。
(4)测试两台PC的连通性。
