DHCP Relay中继
DHCP分配地址的另一种方式:dhcp select interface
<Huawei>system-view #进入系统视图 [Huawei]sysname DHCP-Server #命名为DHCP-Server [DHCP-Server]dhcp enable #开启DHCP [DHCP-Server]interface GigabitEthernet 0/0/0 #进入接口 [DHCP-Server-GigabitEthernet0/0/0]ip address 10.10.10.1 24 #接口配置IP [DHCP-Server-GigabitEthernet0/0/0]dhcp select interface #设置DHCP为接口模式 [DHCP-Server-GigabitEthernet0/0/0]dhcp server dns-list 8.8.8.8 114.114.114.114 #设置DNS [DHCP-Server-GigabitEthernet0/0/0]dhcp server excluded-ip-address 10.10.10.220 1 0.10.10.230 #排除不分配的IP地址 [DHCP-Server-GigabitEthernet0/0/0]dhcp server static-bind ip-address 10.10.10.10 mac-address 1234-5678-abcd #IP与mac静态绑定
DHCP Relay中继方式配置方法:
SW1配置命令:
<Huawei>system-view #进入系统视图 [Huawei]sysname sw1 #命名为sw1 [sw1]undo info-center enable #关闭信息中心 [sw1]vlan 10 #创建vlan 10 [sw1]port-group group-member Ethernet 0/0/2 to Ethernet 0/0/4 #加入端口组 [sw1-port-group]port link-type access #将端口类型设为access [sw1-port-group]port default vlan 10 #端口全部加入vlan 10 [sw1-port-group]quit #退出端口组 [sw1]interface Ethernet0/0/1 #进入Ethernet0/0/1口 [sw1-Ethernet0/0/1]port link-type trunk #端口类型设为trunk [sw1-Ethernet0/0/1]port trunk allow-pass vlan 10 #运行vlan 10数据通过
SW2配置:
<Huawei>system-view #进入系统视图 [Huawei]sysname sw2 [sw2]undo info-center enable [sw2]vlan 20 [sw2-vlan20]quit [sw2]port-group group-member Ethernet 0/0/2 to Ethernet 0/0/3 [sw2-port-group]port link-type access [sw2-port-group]port default vlan 20 [sw2-port-group]quit [sw2]interface Ethernet0/0/1 [sw2-Ethernet0/0/1]port link-type trunk [sw2-Ethernet0/0/1]port trunk allow-pass vlan 20
HeXin-Switch命令配置:
<Huawei>system-view #进入系统视图 [HeXin-Switch]undo info-center enable #关闭信息中心 [Huawei]sysname HeXin-Switch #重命名为HeXin-Switch [HeXin-Switch]vlan batch 10 20 80 #创建3个vlan [HeXin-Switch]dhcp enable #开启dhcp功能 [HeXin-Switch]interface GigabitEthernet 0/0/1 #进入g0/0/1 [HeXin-Switch-GigabitEthernet0/0/1]port link-type trunk #端口类型为trunk [HeXin-Switch-GigabitEthernet0/0/1]port trunk allow-pass vlan 10 #允许vlan 10数据通过 [HeXin-Switch-GigabitEthernet0/0/1]inter gig0/0/2 #进入g0/0/2 [HeXin-Switch-GigabitEthernet0/0/2]port link-type trunk #端口类型为trunk [HeXin-Switch-GigabitEthernet0/0/2]port trunk allow-pass vlan 20 #允许vlan 20数据通过 [HeXin-Switch-GigabitEthernet0/0/2]inter gig0/0/3 #进入g0/0/3 [HeXin-Switch-GigabitEthernet0/0/3]port link-type access #端口类型为access [HeXin-Switch-GigabitEthernet0/0/3]port default vlan 80 #端口划分至vlan 80 [HeXin-Switch-GigabitEthernet0/0/3]quit #退出 [HeXin-Switch]interface Vlanif 10 #进入vlan 10 [HeXin-Switch-Vlanif10]ip address 10.10.10.1 24 #vlan 10配置IP地址 [HeXin-Switch-Vlanif10]dhcp select relay #设置为中继模式 [HeXin-Switch-Vlanif10]dhcp relay server-ip 80.80.80.1 #中继的服务器IP为80.80.80.1 [HeXin-Switch-Vlanif10]quit #退出 [HeXin-Switch]interface Vlanif 20 #进入vlan 20 [HeXin-Switch-Vlanif20]ip address 20.20.20.1 24 #vlan 20配置IP地址 [HeXin-Switch-Vlanif20]dhcp select relay #设为中继模式 [HeXin-Switch-Vlanif20]dhcp relay server-ip 80.80.80.1 #中继的服务器IP为80.80.80.1 [HeXin-Switch-Vlanif20]quit #退出 [HeXin-Switch]interface Vlanif 80 #进入vlan 80 [HeXin-Switch-Vlanif80]ip address 80.80.80.2 24 #vlan 80配置IP [HeXin-Switch-Vlanif80]quit #退出
DHCP-Server配置:
<Huawei>system-view #进入系统视图 [DHCP-Server]undo info-center enable #关闭信息中心 [Huawei]sysname DHCP-Server #重命名为DHCP-Server [DHCP-Server]interface GigabitEthernet 0/0/0 #进入g0/0/0口 [DHCP-Server-GigabitEthernet0/0/0]ip address 80.80.80.1 24 #设置IP地址 [DHCP-Server-GigabitEthernet0/0/0]dhcp select global #接口下设置全局模式 [DHCP-Server-GigabitEthernet0/0/0]quit #退出 [DHCP-Server]ip route-static 0.0.0.0 0 80.80.80.2 #静态路由 [DHCP-Server]dhcp enable #开启DHCP [DHCP-Server]ip pool vlan10 #创建地址池vlan10 [DHCP-Server-ip-pool-vlan10]network 10.10.10.0 mask 24 #配置网段 [DHCP-Server-ip-pool-vlan10]gateway-list 10.10.10.1 #设定网关地址 [DHCP-Server-ip-pool-vlan10]dns-list 10.10.10.1 10.10.10.2 #设定dns地址 [DHCP-Server-ip-pool-vlan10]quit #退出 [DHCP-Server]ip pool vlan20 #创建地址池vlan20 [DHCP-Server-ip-pool-vlan20]network 20.20.20.0 mask 24 #配置网段 [DHCP-Server-ip-pool-vlan20]gateway-list 20.20.20.1 #设定网关地址 [DHCP-Server-ip-pool-vlan20]dns-list 20.20.20.1 20.20.20.2 #设定dns地址
DHCP Relay工作原理:
当PC2发送DHCP Discover广播报文时,到达HeXin-Switch交换机时,由于交换机知道是从vlan 10发送过来的【turnk口有tiger vlan标记】,通过查询vlanif 10下的配置为DHCP中继模式,于是将源地址替换为vlan 10的网关地址10.10.10.1,目标地址替换为80.80.80.1,这样就将广播包变成单播报文了,查询路由表后发现通往80.80.80.1需从vlanif80口出去,当DHCP-Server收到DHCP Discover报文后,需要给客户端发送DHCP Offer报文,这时源地址为80.80.80.1,目标地址为10.10.10.1发送报文,HeXin-Switch收到报文后又将单播报文转换为广播包下发到vlan 10中,当vlan 10中的计算机收到DHCP Offer报文,查看包中的mac地址是否为自己,是的话再发送DHCP Rquest报文进行地址租用,当DHCP Request广播报文到达HeXin-Switch时,将包中的源地址和目标地址进行替换,使广播报文变成单播报文进行转发到DHCP-Server,DHCP-Server收到DHCP Request报文后,再发送DHCP Ack确认报文给客户端,客户端收到DHCP Ack报文后进行地址租用,这样就完成DHCP Relay的中继过程,以下为抓取的DHCP请求报文的四个过程
DHCP Discover报文:源地址、源mac和目标地址、目标mac都已替换
DHCP Offer报文:
DHCP Request报文:
DHCP Ack报文: