DHCP常用配置知识总结

DHCP常用配置知识总结

DHCP是很常用的一个功能,无论是家用还是企业用。但是需要提醒的是,在一网段中只能有一个DHCP服务器,不能多。换言之,只要在本网段中存在DHCP服务器,就能发挥动态分配IP地址的功能。

家用一般采用无线路由器做DHCP服务器,根据导航自动即可设置成功,有些默认模式已设置好,通电即可使用。

但在企业里,因存在内网和访客网,办公网和生产网等,有固定IP地址和动态IP地址之分。要根据实际情况进行DHCP服务的部署。

 

DHCP协议理论应答模型

 

Discover 谁有?客户端发出信号,

Offer  我有!在网络中,主动报告,

Request  客户端发出请求!给我一个

Ack 确认,好的!服务器确认并分配

 

构建eNSP模型,实际抓包数据

 

 

企业里比较常用的方法有:用服务器做DHCP服务器,或者通过防火墙或路由器的端口,开通本网段所在的DHCP服务。相关如下:

1.DHCP的全局模式配置

2.DHCP的接口模式配置

3.DHCP的中继代理

4.DHCP的三层交换

 

1.DHCP的全局模式配置(子接口的DHCP配置方式类似)

 

[Router] dhcp enable   //启用DHCP

         //针对网段192.168.10.0进行配置

[Router] ip pool test   //建立DHCP地址池及租约
[Router-ip-pool-test] network 192.168.10.0 mask 24  //对应的网段

[Router-ip-pool-test] gateway-list 192.168.10.1  //对应的网关
[Router-ip-pool-test] dns-list  8.8.8.8   //对应的DNS,根据实际情况

[Router-ip-pool-test] lease day 1 hour 0 minut 0  //租约时长
[Router-ip-pool-test] excluded-ip-address 192.168.10.250 192.168.10.254   //不参与分配的地址

[Router] interface GigabitEthernet 0/0/0  //进入对应的接口
[Router-GigabitEthernet0/0/0] ip address 192.168.10.1 24  //所配的IP地址与地址池的网关相一致,就能自动匹配,这点不要搞糊了
[Router-GigabitEthernet0/0/0] dhcp select global    //把本接口的DHCP配置成全局模式

 

//针对网段192.168.20.0进行配置

[Router] ip pool test2   //建立针对192.168.20.0网段的租约
[Router-ip-pool-test2] network 192.168.20.0 mask 24  //地址池对应的网段
[Router-ip-pool-test2] gateway-list 192.168.20.1  //对应的网关

[Router-ip-pool-test2] dns-list 8.8.8.8  .//.对应的DNS
[Router-ip-pool-test2] lease day 1 hour 0 minute 0   //租约的时长
[Router-ip-pool-test2] excluded-ip-address 192.168.20.210 192.168.20.254   //不参与分配的地址

[Router] interface GigabitEthernet0/0/1    //路由器对应的接口
[Router-GigabitEthernet0/0/1] ip address 192.168.20.1 24    //所配的IP地址与地址池的网关相一致,就能自动匹配,这点不要搞糊了
[Router-GigabitEthernet0/0/1] dhcp select global   //把本接口的DHCP配置成全局模式

 

//两个网段获取IP地址信息,分别位于两网段获取的IP地址

 

PC4>ipconfig

Link local IPv6 address...........: fe80::5689:98ff:fe4f:2ce0
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.10.248
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.10.1
Physical address..................: 54-89-98-4F-2C-E0
DNS server........................: 8.8.8.8

PC8>ipconfig

Link local IPv6 address...........: fe80::5689:98ff:fe9f:27c6
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.20.209
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.20.1
Physical address..................: 54-89-98-9F-27-C6
DNS server........................: 8.8.8.8 

 

2、DHCP接口模式配置命令(在防火墙或路由器的端口上配置DHCP,可以用一台防火墙或路由器设置多个网段的DHCP)

[Router]dhcp enable

[Router] interface GigabitEthernet 0/0/0
[Router-GigabitEthernet0/0/0] ip address 192.168.100.1  24

[Router] interface GigabitEthernet 0/0/0
[Router-GigabitEthernet0/0/0] dhcp select interface   //dhcp

 [Router-GigabitEthernet0/0/0] dhcp server dns-list 8.8.8.8

[Router-GigabitEthernet0/0/0] dhcp server lease day 1 hour 0 minute 0

[Router-GigabitEthernet0/0/0] dhcp server exclude-ip-address 192.168.100.100 192.168.100.200  //不参与分配的ip地址

 

//针对端口启动DHCP,并以本端口的IP地址为网关;以下为PC机查询结果

PC>ipconfig

Link local IPv6 address...........: fe80::5689:98ff:feeb:35c8

IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.100.253
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.100.1
Physical address..................: 54-89-98-EB-35-C8
DNS server........................: 8.8.8.8

 

3.HDCP中继代理模式配置 (有时候,DHCP server不在本地,DHCP相关控制机制在远处某台路由器或防火墙上,可采用这种方式)

 

     //DHCP Server配置

[DhcpServer] interface GigabitEthernet 0/0/0

[DhcpServer-GigabitEthernet0/0/0] ip address 192.168.12.1 24  //配置路由器接口IP地址

[DhcpServer] dhcp enable  //启用DHCP服务

[DhcpServer] ip pool agentTest  //建立DHCP地址池及租约

[DhcpServer-ip-pool-agentTest] network 192.168.1.0 mask 24  //dhcp 所涉及网段
[DhcpServer-ip-pool-agentTest] gateway-list 192.168.1.1  //dhcp关联网关
[DhcpServer-ip-pool-agentTest] dns-list 8.8.8.8   //dhcp对应的DNS
[DhcpServer-ip-pool-agentTest] lease day 1 hour 0 minute 0   //dhcp租约时长
[DhcpServer-ip-pool-agentTest] excluded-ip-address 192.168.1.1 192.168.1.10   //不参与分配的IP地址

[DhcpServer] interface GigabitEthernet 0/0/0
[DhcpServer-GigabitEthernet0/0/0] dhcp select global  //指定dhcp为全局模式

 

[DhcpServer] ip route-static 192.168.1.0 24 192.168.12.2   //配置相关路由

 

//配置DHCP代理

[DhcpAgent] dhcp enable  //在DHCP代理路由器上,启用dhcp。本质上是DHCP服务之间在进行沟通并得出相应的结果。只是各设备扮演不同的角色。

[DhcpAgent] interface g0/0/0
[DhcpAgent-GigabitEthernet0/0/0] ip address 192.168.12.2 24


[DhcpAgent] interface g0/0/1
[DhcpAgent-GigabitEthernet0/0/1] ip address 192.168.1.1 24


[DhcpAgent-GigabitEthernet0/0/1] dhcp select relay  //对应交换的接口,dhcp模式设为relay中继模式,这是关键步骤
[DhcpAgent-GigabitEthernet0/0/1] dhcp relay server-ip 192.168.12.1    //dhcp模式中继时,去寻找192.168.12.1,这是关键步骤,为中继指定映射点。中间可能隔了多个路由器,这和dhcp配置无关,只要路由能到。

 

PC>ipconfig /renew

IP Configuration

Link local IPv6 address...........: fe80::5689:98ff:fec8:2bc3
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.1.254   //这个地址是接口192.168.12.1所在的dhcp服务器分配的
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.1.1
Physical address..................: 54-89-98-C8-2B-C3
DNS server........................: 8.8.8.8

 

 

4.DHCP三层交换上的配置

 

//L3SW配置  ,其主要配置是针对vlan的虚接口进行配置的,其配置与路由器上的配置类似。

[L3SW]dhcp enable

[L3SW]ip pool p5
[L3SW-ip-pool-p5]network 192.168.5.0 mask 24
[L3SW-ip-pool-p5]gateway-list 192.168.5.1
[L3SW-ip-pool-p5]dns-list 8.8.8.8
[L3SW-ip-pool-p5]lease day 1 hour 0 minute 0

[L3SW]ip pool p10
[L3SW-ip-pool-p10]network 192.168.10.0 mask 24
[L3SW-ip-pool-p10]gateway-list 192.168.10.1
[L3SW-ip-pool-p10]dns-list 8.8.8.8
[L3SW-ip-pool-p10]lease day 1 hour 0 minute 0

[L3SW]vlan batch 5 10

[L3SW]interface Vlanif 5
[L3SW-Vlanif5]ip address 192.168.5.1 24
[L3SW-Vlanif5]dhcp select global

 

[L3SW]interface Vlanif 10

[L3SW-Vlanif10]ip address 192.168.10.1 24
[L3SW-Vlanif10]dhcp select global

 

[L3SW]interface GigabitEthernet0/0/1
[L3SW-GigabitEthernet0/0/1]port link-type trunk
[L3SW-GigabitEthernet0/0/1]port trunk allow-pass vlan 5 10

 

//二层交换机配置  主要是配置相关的连接类型,所属vlan

[SW]vlan batch 5 10


[SW]interface Ethernet0/0/1
[SW-Ethernet0/0/1]port link-type access
[SW-Ethernet0/0/1]port default vlan 5


[SW]interface Ethernet0/0/2
[SW-Ethernet0/0/2]port link-type access
[SW-Ethernet0/0/2]port default vlan 10

 

[SW]interface  GigabitEthernet 0/0/1

[SW-GigabitEthernet0/0/1]port link-type trunk 

[SW-GigabitEthernet0/0/1]port trunk  allow-pass vlan 5 10

 

//PC机上获取的相关IP信息

PC>ipconfig /renew

IP Configuration


Link local IPv6 address...........: fe80::5689:98ff:feee:1533
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.5.253  //vlan5相关的IP地址信息
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.5.1
Physical address..................: 54-89-98-EE-15-33
DNS server........................: 8.8.8.8

 

PC>ipconfig /renew

IP Configuration

Can't get IP!

Link local IPv6 address...........: fe80::5689:98ff:fe4d:6ce6
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.10.254  //vlan10相关的IP地址信息
Subnet mask.......................: 255.255.255.0
Gateway...........................: 192.168.10.1
Physical address..................: 54-89-98-4D-6C-E6
DNS server........................: 8.8.8.8

 

posted on 2022-07-08 00:44  人生不开窍  阅读(913)  评论(0编辑  收藏  举报

导航