DHCP
DHCP交互的原理
同广播域DHCP参与角色
- PC机
- 如果PC机发现自己的租期过去了50%,会发送续租
- 如果50%的时候没有收到服务器回复,等到租期过去75%的时候再次向服务器发送续租请求
- 如果前面两次续租都无法获得服务器的同意,无法继续使用地址
- 中继角色
- 比如SW1与PC连接的SVI接口
- 做用,将从PC收到的二层DHCP报文,转换为3层报文
- DHCP服务器
- 地址池
- 默认1天租期
不同广播域DHCP参与角色
- PC机
- 如果PC机发现自己的租期过去了50%,会发送续租
- 如果50%的时候没有收到服务器回复,等到租期过去75%的时候再次向服务器发送续租请求
- 如果前面两次续租都无法获得服务器的同意,无法继续使用地址
- 与DHCP相连的接口,作为中继角色
- DHCP服务器
DHCP参与报文
- DHCP discovery 发现,广播报文
- 二层广播报文
- 目的MAC全F,源MAC自己
- DHCP Offer 单播报文
- 为请求的设备分配一个空闲地址
- 下发网关
- 下发DNS
- 下发地址,掩码
- DHCP Request 广播报文
- 免费Arp,Arp广播请求去检测自己的地址,来判断自己的地址是否有重复
- DHCP Ack
- DHCP服务器进行确认
DHCP需要手动排除一些地址,虽然有DHCP Request报文
- 已经在使用的而不再DHCP上的地址
- 通常排除所有静态IP
[SW1]int vlan 10 [SW1-Vlanif10]ip pool vlan10 [SW1-ip-pool-vlan10]dis this # ip pool vlan10 gateway-list 192.168.10.254 network 192.168.10.0 mask 255.255.255.0 dns-list 114.114.114.114 # return //需要排除的IP地址 [SW1-ip-pool-vlan10]excluded-ip-address 192.168.10.250
配置DHCP的设备可以是一个路由器也可以是一个三层交换机
DHCP的设备必须和PC机是同网段的
同网段【交换机】DHCP练习
//开启dhcp服务 [SW1]dhcp enable Info: The operation may take a few seconds. Please wait for a moment.done. -------------------------------------------------------- //DHCP服务器地址池的名称 [SW1]ip pool vlan10 Info:It's successful to create an IP address pool. //宣告自己地址池的空间 [SW1-ip-pool-vlan10]network 192.168.10.0 mask 24 //设置网关 [SW1-ip-pool-vlan10]gateway-list 192.168.10.254 //设置dns [SW1-ip-pool-vlan10]dns-list 114.114.114.114 -------------------------------------------------------- //接口同网段开启dhcp服务 [SW1]int vlan 10 [SW1-Vlanif10]dhcp select global
pc1上进行查看IP地址
PC>ipconfig Link local IPv6 address...........: fe80::5689:98ff:fe86:35e7 IPv6 address......................: :: / 128 IPv6 gateway......................: :: IPv4 address......................: 192.168.10.251 Subnet mask.......................: 255.255.255.0 Gateway...........................: 192.168.10.254 Physical address..................: 54-89-98-86-35-E7 DNS server........................: 114.114.114.114
不同网段【路由器】DHCP配置练习
这个路由器可以是外挂的一个,单独的路由器,偷懒了我就拿这个图好了(我还是添加一个吧)
R3
开启dhcp
[R3]dhcp enable
Info: The operation may take a few seconds. Please wait for a moment.done.配置地址池vlan 10网段的地址池
[R3]ip pool vlan30 [R3-ip-pool-vlan30]network 192.168.10.0 mask 24 [R3-ip-pool-vlan10]gateway-list 192.168.10.254 [R3-ip-pool-vlan30]dns-list 114.114.114.114 //排除地址 [R3-ip-pool-vlan30]excluded-ip-address 192.168.10.252 192.168.10.253
接口同网段开启DHCP服务
[R3-GigabitEthernet0/0/0]dhcp select global 中继器也要开启DHCP,VRRP的主备设备都要配置,一般来说DHCP服务器放到VRRP的备用设备会没有效果
开启中继器注意点
- 最后一个SW开启中继器
- 这个是实验是因为,DHCP的中继器是与PC机的交换机直连的,只有一个中继器,所以就开了一个
- 请看下图的举例
//只需SW2中继器的VLAN 是与SW3所在的VLAN
[sw2-Vlanif30]dis this
#
interface Vlanif30
ip address 10.2.30.254 255.255.255.0
dhcp select relay
dhcp relay server-ip 10.4.1.1
[sw2-Vlanif40]dis this
#
interface Vlanif40
ip address 10.2.40.254 255.255.255.0
dhcp select relay
dhcp relay server-ip 10.4.1.1
接着上面的题,和上图没有关系
VRRP备设备
//开启中继信任
[sw1]dhcp enable
[SW1]int vlan 10
[SW1-Vlanif10]dhcp select relay
//开启中继,这个IP地址就是与DHCP服务器连接的接口的IP
[SW1-Vlanif10]dhcp relay server-ip 32.1.1.2
VRRP主设备
[sw2]dhcp enable [SW2]int vlan 10 [SW2-Vlanif10]dhcp select relay //开启中继,这个IP地址就是与DHCP服务器连接的接口的IP [SW1-Vlanif10]dhcp relay server-ip 32.1.1.2
PC1
PC>ipconfig Link local IPv6 address...........: fe80::5689:98ff:fe75:4221 IPv6 address......................: :: / 128 IPv6 gateway......................: :: IPv4 address......................: 192.168.10.251 Subnet mask.......................: 255.255.255.0 Gateway...........................: 192.168.10.254 Physical address..................: 54-89-98-75-42-21 DNS server........................: 114.114.114.114
配置地址池vlan 20网段的地址池
[DHCP]ip pool vlan20
[DHCP-ip-pool-vlan20]dis this
[V200R003C00]
#
ip pool vlan20
gateway-list 192.168.20.254
network 192.168.20.0 mask 255.255.255.0
excluded-ip-address 192.168.20.252 192.168.20.253
dns-list 114.114.114.114
#
returnVRRP主备设备都开启DHCP中继功能
[sw2-Vlanif20]dis this
#
interface Vlanif20
ip address 192.168.20.252 255.255.255.0
vrrp vrid 20 virtual-ip 192.168.20.254
dhcp select relay
dhcp relay server-ip 33.1.1.2
#
return
[sw2-Vlanif20][sw3-Vlanif20]dis this
#
interface Vlanif20
ip address 192.168.20.253 255.255.255.0
vrrp vrid 20 virtual-ip 192.168.20.254
vrrp vrid 20 priority 110
vrrp vrid 20 track interface Ethernet0/0/3 reduced 20
dhcp select relay
dhcp relay server-ip 33.1.1.2
#
return查看PC2,VLAN 20网段是否分配IP等信息
PC>ipconfig Link local IPv6 address...........: fe80::5689:98ff:fe33:30c5 IPv6 address......................: :: / 128 IPv6 gateway......................: :: IPv4 address......................: 192.168.20.251 Subnet mask.......................: 255.255.255.0 Gateway...........................: 192.168.20.254 Physical address..................: 54-89-98-33-30-C5 DNS server........................: 114.114.114.114
清除地址池
<R1>reset ip pool name vlan10 used
[R1]undo ip pool vlan10
[R1-GigabitEthernet0/0/0] undo dhcp select global
先清除后删除
[DHCP]undo ip pool vlan10
[DHCP]dis ip pool
IP address Statistic
Total :0
Used :0 Idle :0
Expired :0 Conflict :0 Disable :0
查看DHCP地址池
[DHCP]dis ip pool
-----------------------------------------------------------------------
Pool-name : vlan10
Pool-No : 0
Position : Local Status : Unlocked
Gateway-0 : 192.168.10.254
Mask : 255.255.255.0
VPN instance : --
IP address Statistic
Total :253
Used :0 Idle :251
Expired :0 Conflict :0 Disable :2
mac地址绑定指定IP地址
//清除已经分配的IP地址
//配置mac地址绑定
int pool vlan10
static-bind ip-add 10.1.1.1 mac-add (输入mac地址)
继续阅读
我的微信
这是我的微信扫一扫
评论