Cisco DHCP

發佈日期: 作者:

啟動dhcp功能
(config)#[no] server dhcp
預設是啟動,可在前加no來關閉
ps:Cisco IOS中的Easy IP提供一個可選擇且全功能的DHCP伺服器

新增dhcp服務名稱
(config)#ip dhcp pool < pooname>
在分配ip給client前,會先送ICMP或ping判斷該地址是否被用,預設ping次數是兩次

設定dhcp分配的組態
(config-dhcp)#[option]
option說明如下
network < ip> < mask> 定義可以分配給的ip範圍
dns-server < ip> 設定dns
default-router < ip> 設定default-gateway
domain-name < domain name>
netbios-name-server < ip> 設定wins

ex:
(config)#ip dhcp pool dhcpzone
(config-dhcp)# network 10.1.20.0 255.255.255.0
(config-dhcp)# default-router 10.1.20.254
(config-dhcp)# dns-server 10.1.1.1 

設定dhcp租期
(config-dhcp)#lease < infinite | < days [hours [minutes]] >>
分配的ip預設24小時就會被取回  

設定dhcp不要分配ip的範圍
(config)#ip dhcp excluded-address < ip range>
ex:192.168.1.10-192.168.1.20範圍的ip不發
(config)#ip dhcp excluded-address 192.168.1.10 192.168.1.20

設定dhcp資料庫
(config)#ip dhcp database < name>

ps:
(config)#ip dhcp ?
pool  Configure DHCP address pools
excluded-address  Prevent DHCP from assigning certain addresses
relay  DHCP relay agent parameters

……………………………

針對DHCP的動作進行錯誤排除

#debug ip dhcp server events
會顯示伺服週期性地檢視是否租約到期的一些訊息,同時也會顯示地址的歸還和地址的分配程序
畫面大致如下
*Mar 2 00:16:37.427: DHCPD: Seeing if there is an internally specified pool class:
*Mar 2 00:16:37.431: DHCPD: htype 1 chaddr c001.0f1c.0000
*Mar 2 00:16:37.431: DHCPD: remote id 020a00000a01010101000000
*Mar 2 00:16:37.435: DHCPD: circuit id 00000000
*Mar 2 00:16:39.415: DHCPD: Seeing if there is an internally specified pool class:
*Mar 2 00:16:39.419: DHCPD: htype 1 chaddr c001.0f1c.0000
*Mar 2 00:16:39.419: DHCPD: remote id 020a00000a01010101000000
*Mar 2 00:16:39.423: DHCPD: circuit id 00000000
*Mar 2 00:16:42.603: DHCPD: no subnet configured for 192.168.1.2.

#debug ip dhcp server packet
顯示dhcp packet的解碼 
畫面大致如下
*Mar 2 00:17:39.867: DHCPD: DHCPRELEASE message received from client
0063.6973.636f.2d63.3030.312e.3066.3163.2e30.3030.302d.4661.302f.30 (10.1.1.2).
*Mar 2 00:17:41.855: DHCPD: DHCPRELEASE message received from client
0063.6973.636f.2d63.3030.312e.3066.3163.2e30.3030.302d.4661.302f.30 (10.1.1.2).
*Mar 2 00:17:41.859: DHCPD: Finding a relay for client
0063.6973.636f.2d63.3030.312e.3066.3163.2e30.3030.302d.4661.302f.30 on interface
FastEthernet0/1.
*Mar 2 00:17:54.775: DHCPD: DHCPDISCOVER received from client
0063.6973.636f.2d63.3030.312e.3066.3163.2e30.3030.302d.4661.302f.30 on interface
FastEthernet0/1.
*Mar 2 00:17:54.779: DHCPD: Allocate an address without class information
(10.1.1.0)
*Mar 2 00:17:56.783: DHCPD: Sending DHCPOFFER to client
0063.6973.636f.2d63.3030.312e.3066.3163.2e30.3030.302d.4661.302f.30 (10.1.1.1).
*Mar 2 00:17:56.787: DHCPD: broadcasting BOOTREPLY to client c001.0f1c.0000.
*Mar 2 00:17:56.879: DHCPD: DHCPREQUEST received from client
0063.6973.636f.2d63.3030.312e.3066.3163.2e30.3030.302d.4661.302f.30.
*Mar 2 00:17:56.887: DHCPD: No default domain to append – abort update
*Mar 2 00:17:56.887: DHCPD: Sending DHCPACK to client
0063.6973.636f.2d63.3030.312e.3066.3163.2e30.3030.302d.4661.302f.30 (10.1.1.1).
*Mar 2 00:17:56.891: DHCPD: broadcasting BOOTREPLY to client c001.0f1c.0000.

… 

#show ip dhcp binding
驗證DHCP的運作,會顯示DHCP服務的一系列組態設定
畫面大致如下
IP address Hardware address Lease expiration Type
192.168.1.10 0100.16d3.234d.10 Mar 02 2008 01:15 AM Automatic
ps:
若要釋放所有dhcp lease,可使用clear ip dhcp binding * 

#show ip dhcp conflict
用來試別是否有ip衝突
畫面大致如下
IP address Detection method Detection time
172.16.1.5 Ping Aug 10 2013 8:56 PM
ps:
若要清除所有找到的ip衝突,可使用clear ip dhcp conflict *

#show ip dhcp server statistics
驗證路由器所接收和送出的一些訊息概況,會顯示送出和接收之DHCP訊息數目的一些資訊

ps:
#show ip dhcp ?
database DHCP database agents
server Miscellaneous DHCP server information
conflict DHCP address conflicts
binding DHCP address bindings

dhcp relay的功能
ip helper-address
可將重要的UTP服務的廣播要求從路由器轉送出去
內定上ip helper-address命令可以轉傳下列八種UTP服務:
Time
TACACS
DNS
BOOTP/DHCP Server
BOOTP/DHCP Client
TFTP
NetBIOS Name Service
NetBIOS datagram Service

設定dhcp relay以使用外部dhcp server 
(config-if)# ip helper-address < external dhcp ip>
該介面須要有設定ip,用來接收外部dhcp的訊息
ip helper-address可以設定多組
ex:
在vlan5使用192.168.199.4的外部dhcp配ip 
(config)# interface vlan5
(config-if)# ip address 192.168.1.1 255.255.255.0
(config-if)# ip helper-address 192.168.199.4