最新消息:阿啰哈,本人90后,目前单身,欢迎妹子们来撩!.(。→‿←。) 微信:frank01991

DHCP中继代理实验

Cisco 林志斌 1015浏览

默认情况下,因为第3层设备不会传递广播流量,所以每个子网就要求使用一台DHCP服务器,除非使用DHCP中继代理(DHCP relay agent)特性将路由器配置为能够转发DHCP广播。
ip helper-address的目标地址可以是单播(如果有多个DHCP服务器,就重复使用该命令)、多播或广播地址。
默认,如果使用ip helper-address命令,不仅能够转发DHCP的UDP数据包(67、68),而且还能够转发TFTP(69)、DNS(53)、time(37)、nameserver(42)、NetBIOS(137、138)等数据包。

自从Cisco IOS版本12.0发布以来,禁用定向广播是一种默认启用的安全措施。

 先预览下面两截图是实验结果:

 

 

DHCP_Ser#sh run
[outcput]
!
no ip dhcp use vrf connected
no ip dhcp conflict logging
ip dhcp excluded-address 192.168.1.1
ip dhcp excluded-address 192.168.1.254
ip dhcp excluded-address 192.168.2.1
ip dhcp excluded-address 192.168.3.1

!
ip dhcp pool vlan1
   network 192.168.1.0 255.255.255.0
   default-router 192.168.1.1 
   dns-server 220.248.192.12 220.248.192.13 
   lease 0 8
!
ip dhcp pool vlan2
   network 192.168.2.0 255.255.255.0
   default-router 192.168.2.1 
   dns-server 220.248.192.12 220.248.192.13 
   lease 0 8
!
ip dhcp pool vlan3
   network 192.168.3.0 255.255.255.0
   default-router 192.168.3.1 
   dns-server 220.248.192.12 220.248.192.13 
   lease 0 8
!
[output cut]
!
interface FastEthernet0/0
 ip address 192.168.4.1 255.255.255.0
 duplex auto
 speed auto
!
[output cut]
!
router rip
 version 2
 network 192.168.4.0
 no auto-summary
!
[output cut]

 

 

 

Router#sh run
[output cut]
!
interface FastEthernet0/0
 ip address 192.168.4.2 255.255.255.0
 duplex auto
 speed auto
!
[output cut]
!
interface FastEthernet1/0.1
 encapsulation dot1Q 1 native
 ip address 192.168.1.1 255.255.255.0
 ip helper-address 192.168.4.1
!
interface FastEthernet1/0.2
 encapsulation dot1Q 2
 ip address 192.168.2.1 255.255.255.0
 ip helper-address 192.168.4.1
!
interface FastEthernet1/0.3
 encapsulation dot1Q 3
 ip address 192.168.3.1 255.255.255.0
 ip helper-address 192.168.4.1
!
router rip
 version 2
 network 192.168.1.0
 network 192.168.2.0
 network 192.168.3.0
 network 192.168.4.0
 no auto-summary
!
no ip forward-protocol udp domain
no ip forward-protocol udp netbios-ns
ip forward-protocol udp mobile-ip
!
[output cut]

 

 


Switch#sh run
[output cut]
!
interface FastEthernet0/0
 no ip address
 no ip route-cache
 shutdown
 duplex auto
 speed auto
!
interface FastEthernet0/1
 no ip address
 no ip route-cache
 shutdown 
 duplex auto
 speed auto
!
interface FastEthernet1/0
 switchport mode trunk
!
interface FastEthernet1/1
!
interface FastEthernet1/2
 switchport access vlan 2
 spanning-tree portfast
!
interface FastEthernet1/3
 switchport access vlan 3
 spanning-tree portfast
!
[output cut]
!
interface Vlan1
 ip address 192.168.1.254 255.255.255.0
 no ip route-cache
!
ip default-gateway 192.168.1.1
!

测试结果:

 

最后,请仔细分析DHCP数据包在整个过程中如何传输的?(Important!)

转载请注明:林志斌 » DHCP中继代理实验

发表评论
取消评论
表情

Hi,您需要填写昵称和邮箱!

  • 昵称 (必填)
  • 邮箱 (必填)
  • 网址