通過本實驗掌握,如何在Cisco Catalyst 3550交換機來配置DHCP服務,實現對內網主機分配IP地址,網關,DNS,WINS,租期,域名等。可能你之前是在windows Server服務器或者Cisco Router 部署過DHCP,但在工程項目中,根據需求,大多是在接入層或者匯聚層多層交換機來配置的,可以同時實現DHCP Snooping等技術。
實驗拓撲:
實驗過程:
第一步:Catalyst 3550底層配置
| Switch(config)#no ip do lo Switch(config)#line con 0 Switch(config-line)#no exec-t Switch(config-line)#logg syn Switch(config-line)#host Switch_Dhcp Switch_Dhcp(config)#int f0/1 Switch_Dhcp(config-if)#no sh Switch_Dhcp(config-if)#spanning-tree portfast //連接終端的接口下,開啓portfast特性,跳過生成樹的選舉,接口立即進入轉發狀態 %Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc... to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION %Portfast has been configured on FastEthernet0/1 but will only have effect when the interface is in a non-trunking mode. Switch_Dhcp(config-if)#end |
第二步: 開啓DHCP服務,定義分配地址池範圍及掩碼,網關,DNS,域名,租期等
| //全局下開啓DHCP服務,該服務默認是關閉的 Switch_Dhcp(config)#service dhcp //關閉DHCP分配衝突,日誌記錄消息 Switch_Dhcp(config)#no ip dhcp conflict logging //創建DHCP地址池,名稱爲可以是任意字符 Switch_Dhcp(config)#ip dhcp pool cisco //指定要通過DHCP分配的網段和掩碼,還有另外一種寫法(192.168.0.0 255.255.255.0) Switch_Dhcp(dhcp-config)#network 192.168.0.0 /24 //指定分配的網關地址 Switch_Dhcp(dhcp-config)#default-router 192.168.0.1 //指定DHCP域名,域名可以爲任意字符 Switch_Dhcp(dhcp-config)#domain-name www.cisco.com.cn //指定PC通過DHCP分配到DNS地址,(這裏指定的是當地電信部門的真實地址,全國各地市不一樣的) Switch_Dhcp(dhcp-config)#dns 218.30.19.40 61.134.1.4 //netbios服務器地址,可選的配置 Switch_Dhcp(dhcp-config)#netbios-name-server 192.168.0.10 //指定通過DHCP分配到地址,租期爲永久 Switch_Dhcp(dhcp-config)#lease infinite Switch_Dhcp(dhcp-config)#end //指定不通過DHCP 地址池中分配的地址,也就是排除的地址。如果這些地址被分配給PC使用,就有可能造成網絡中IP地址衝突。如:192.168.0.1 是網關地址,該地址只能是分配所有PC做網關地址,不能做IP地址使用。所以要排除。 Switch_Dhcp(config)#ip dhcp excluded-address 192.168.0.1 Switch_Dhcp(config)# ip dhcp excluded-address 192.168.0.10 |
第三步:查看VLAN信息,並啓用SVI接口
| Switch_Dhcp#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gi0/1 Gi0/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup Switch_Dhcp#conf t Enter configuration commands, one per line. End with CNTL/Z. //進入管理VLAN1 下,啓用SVI功能 Switch_Dhcp(config)#int vlan 1 //配置VLAN的地址爲192.168.0.1 掩碼爲24位,默認情況下Cisco Catalyst交換機所有的物理接口都屬於VLAN1,此地址也就是PC網關地址。 Switch_Dhcp(config-if)#ip add 192.168.0.1 255.255.255.0 Switch_Dhcp(config-if)#no sh Switch_Dhcp(config-if)#end Switch_Dhcp# 00:09:07: %SYS-5-CONFIG_I: Configured from console by console Switch_Dhcp# 00:09:08: %LINK-3-UPDOWN: Interface Vlan1, changed state to up 00:09:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to |
第四步:查看當前交換機配置文件
| //驗證DHCP的配置信息 Switch_Dhcp#sh run | begin ip dhcp no ip dhcp conflict logging ip dhcp excluded-address 192.168.0.1 ip dhcp excluded-address 192.168.0.10 ! ip dhcp pool cisco network 192.168.0.0 255.255.255.0 default-router 192.168.0.1 domain-name www.cisco.com.cn dns-server 218.30.19.40 61.134.1.4 netbios-name-server 192.168.0.10 lease infinite interface Vlan1 ip address 192.168.0.1 255.255.255.0 |
第五步:此時將PC1的網線插入Catalyst 3550 的F0/1接口,並在PC上查看IP地址獲得信息。PC上的本地連接,TCP/IP 設置爲自動獲得IP地址形式。
PC上查看方法:開始-運行-cmd-ipconfig/all
從以上信息可以得出,PC已經能從DHCP服務器獲得IP地址等信息,實驗現象成功。
第六步:查看交換機DHCP 動態綁定,以及交換機DHCP Server狀態信息
| //查看DHCP動態綁定信息,從這裏可以看到PC,從DHCP地址池中的得到IP地址,以及PC的MAC地址等 Switch_Dhcp#show ip dhcp binding IP address Client-ID/ Lease expiration Type Hardware address 192.168.0.2 0100.16d3.249f.fd Infinite Automatic //查看DHCP服務器工作狀態 Switch_Dhcp#show ip dhcp server statistics Memory usage 5661 Address pools 1 Database agents 0 Automatic bindings 1 Manual bindings 0 Expired bindings 0 Malformed messages 0 Message Received BOOTREQUEST 0 DHCPDISCOVER 2 DHCPREQUEST 3 DHCPDECLINE 0 DHCPRELEASE 0 DHCPINFORM 3 Message Sent BOOTREPLY 0 DHCPOFFER 2 DHCPACK 6 DHCPNAK 0 Switch_Dhcp# Switch_Dhcp#clear ip dhcp binding * |
第七步:使用debug 調試命令查看PC申請IP地址過程(DHCP工作過程)
在PC上:開始-運行-cmd-ipconfig /release (釋放獲得IP地址)
重新申請IP地址ipconfig /renew
此時查看交換機日誌信息
| Switch_Dhcp#debug ip dhcp server events 01:13:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up Switch_Dhcp# 01:13:13: DHCPD: DHCPDISCOVER received from client 0100.16d3.249f.fd on interface Vlan1. Switch_Dhcp# 01:13:20: DHCPD: assigned IP address 192.168.0.3 to client 0100.16d3.249f.fd. 01:13:20: DHCPD: Sending DHCPOFFER to client 0100.16d3.249f.fd (192.168.0.3). 01:13:20: DHCPD: broadcasting BOOTREPLY to client 0016.d324.9ffd. 01:13:20: DHCPD: DHCPREQUEST received from client 0100.16d3.249f.fd. 01:13:20: DHCPD: Sending DHCPACK to client 0100.16d3.249f.fd (192.168.0.3). 01:13:20: DHCPD: broadcasting BOOTREPLY to client 0016.d324.9ffd. Switch_Dhcp# 01:13:23: DHCPD: DHCPINFORM received from client 0100.16d3.249f.fd (192.168.0.3). 01:13:23: DHCPD: Sending DHCPACK to client 0100.16d3.249f.fd (192.168.0.3). 01:13:23: DHCPD: unicasting BOOTREPLY to client 0016.d324.9ffd (192.168.0.3). |