通过本实验掌握,如何在Cisco Catalyst 3550交换机来配置DHCP服务,实现对内网主机分配IP地址,网关,DNS,WINS,租期,域名等。可能你之前是在windows Server服务器或者Cisco Router 部署过DHCP,但在工程项目中,根据需求,大多是在接入层或者汇聚层多层交换机来配置的,可以同时实现DHCP Snooping等技术。
实验过程:第一步:Catalyst 3550底层配置 Switch(config)#no ip do lo Switch(config)#line con 0 Switch(config-line)#no exec-t Switch(config-line)#logg syn Switch(config-line)#host Switch_Dhcp Switch_Dhcp(config)#int f0/1 Switch_Dhcp(config-if)#no sh Switch_Dhcp(config-if)#spanning-tree portfast //连接终端的接口下,开启portfast特性,跳过生成树的选举,接口立即进入转发状态 %Warning: portfast should only be enabled on ports connected to a single host. Connecting hubs, concentrators, switches, bridges, etc... to this interface when portfast is enabled, can cause temporary bridging loops. Use with CAUTION %Portfast has been configured on FastEthernet0/1 but will only have effect when the interface is in a non-trunking mode. Switch_Dhcp(config-if)#end 第二步: 开启DHCP服务,定义分配地址池范围及掩码,网关,DNS,域名,租期等 //全局下开启DHCP服务,该服务默认是关闭的 Switch_Dhcp(config)#service dhcp //关闭DHCP分配冲突,日志记录消息 Switch_Dhcp(config)#no ip dhcp conflict logging //创建DHCP地址池,名称为可以是任意字符 Switch_Dhcp(config)#ip dhcp pool cisco //指定要通过DHCP分配的网段和掩码,还有另外一种写法(192.168.0.0 255.255.255.0) Switch_Dhcp(dhcp-config)#network 192.168.0.0 /24 //指定分配的网关地址 Switch_Dhcp(dhcp-config)#default-router 192.168.0.1 //指定DHCP域名,域名可以为任意字符 Switch_Dhcp(dhcp-config)#domain-name www.cisco.com.cn //指定PC通过DHCP分配到DNS地址,(这里指定的是当地电信部门的真实地址,全国各地市不一样的) Switch_Dhcp(dhcp-config)#dns 218.30.19.40 61.134.1.4 //netbios服务器地址,可选的配置 Switch_Dhcp(dhcp-config)#netbios-name-server 192.168.0.10 //指定通过DHCP分配到地址,租期为永久 Switch_Dhcp(dhcp-config)#lease infinite Switch_Dhcp(dhcp-config)#end //指定不通过DHCP 地址池中分配的地址,也就是排除的地址。如果这些地址被分配给PC使用,就有可能造成网络中IP地址冲突。如:192.168.0.1 是网关地址,该地址只能是分配所有PC做网关地址,不能做IP地址使用。所以要排除。 Switch_Dhcp(config)#ip dhcp excluded-address 192.168.0.1 Switch_Dhcp(config)# ip dhcp excluded-address 192.168.0.10 第三步:查看VLAN信息,并启用SVI接口
从以上信息可以得出,PC已经能从DHCP服务器获得IP地址等信息,实验现象成功。 第六步:查看交换机DHCP 动态绑定,以及交换机DHCP Server状态信息 复制代码
代码如下: Switch_Dhcp#show vlan brief VLAN Name Status Ports ---- -------------------------------- --------- ------------------------------- 1 default active Fa0/1, Fa0/2, Fa0/3, Fa0/4 Fa0/5, Fa0/6, Fa0/7, Fa0/8 Fa0/9, Fa0/10, Fa0/11, Fa0/12 Fa0/13, Fa0/15, Fa0/16, Fa0/17 Fa0/18, Fa0/19, Fa0/20, Fa0/21 Fa0/22, Fa0/23, Fa0/24, Gi0/1 Gi0/2 1002 fddi-default act/unsup 1003 token-ring-default act/unsup 1004 fddinet-default act/unsup 1005 trnet-default act/unsup Switch_Dhcp#conf t Enter configuration commands, one per line. End with CNTL/Z. //进入管理VLAN1 下,启用SVI功能 Switch_Dhcp(config)#int vlan 1 //配置VLAN的地址为192.168.0.1 掩码为24位,默认情况下Cisco Catalyst交换机所有的物理接口都属于VLAN1,此地址也就是PC网关地址。 Switch_Dhcp(config-if)#ip add 192.168.0.1 255.255.255.0 Switch_Dhcp(config-if)#no sh Switch_Dhcp(config-if)#end Switch_Dhcp# 00:09:07: %SYS-5-CONFIG_I: Configured from console by console Switch_Dhcp# 00:09:08: %LINK-3-UPDOWN: Interface Vlan1, changed state to up 00:09:09: %LINEPROTO-5-UPDOWN: Line protocol on Interface Vlan1, changed state to
第四步:查看当前交换机配置文件 复制代码
代码如下: //验证DHCP的配置信息 Switch_Dhcp#sh run | begin ip dhcp no ip dhcp conflict logging ip dhcp excluded-address 192.168.0.1 ip dhcp excluded-address 192.168.0.10 ! ip dhcp pool cisco network 192.168.0.0 255.255.255.0 default-router 192.168.0.1 domain-name www.cisco.com.cn dns-server 218.30.19.40 61.134.1.4 netbios-name-server 192.168.0.10 lease infinite interface Vlan1 ip address 192.168.0.1 255.255.255.0
第五步:此时将PC1的网线插入Catalyst 3550 的F0/1接口,并在PC上查看IP地址获得信息。PC上的本地连接,TCP/IP 设置为自动获得IP地址形式。 PC上查看方法:开始-运行-cmd-ipconfig/all 复制代码
代码如下: //查看DHCP动态绑定信息,从这里可以看到PC,从DHCP地址池中的得到IP地址,以及PC的MAC地址等 Switch_Dhcp#show ip dhcp binding IP address Client-ID/ Lease expiration Type Hardware address 192.168.0.2 0100.16d3.249f.fd Infinite Automatic //查看DHCP服务器工作状态 Switch_Dhcp#show ip dhcp server statistics Memory usage 5661 Address pools 1 Database agents 0 Automatic bindings 1 Manual bindings 0 Expired bindings 0 Malformed messages 0 Message Received BOOTREQUEST 0 DHCPDISCOVER 2 DHCPREQUEST 3 DHCPDECLINE 0 DHCPRELEASE 0 DHCPINFORM 3 Message Sent BOOTREPLY 0 DHCPOFFER 2 DHCPACK 6 DHCPNAK 0 Switch_Dhcp# Switch_Dhcp#clear ip dhcp binding *
第七步:使用debug 调试命令查看PC申请IP地址过程(DHCP工作过程) 在PC上:开始-运行-cmd-ipconfig /release (释放获得IP地址) 重新申请IP地址ipconfig /renew 此时查看交换机日志信息 复制代码
代码如下: Switch_Dhcp#debug ip dhcp server events 01:13:12: %LINEPROTO-5-UPDOWN: Line protocol on Interface FastEthernet0/1, changed state to up Switch_Dhcp# 01:13:13: DHCPD: DHCPDISCOVER received from client 0100.16d3.249f.fd on interface Vlan1. Switch_Dhcp# 01:13:20: DHCPD: assigned IP address 192.168.0.3 to client 0100.16d3.249f.fd. 01:13:20: DHCPD: Sending DHCPOFFER to client 0100.16d3.249f.fd (192.168.0.3). 01:13:20: DHCPD: broadcasting BOOTREPLY to client 0016.d324.9ffd. 01:13:20: DHCPD: DHCPREQUEST received from client 0100.16d3.249f.fd. 01:13:20: DHCPD: Sending DHCPACK to client 0100.16d3.249f.fd (192.168.0.3). 01:13:20: DHCPD: broadcasting BOOTREPLY to client 0016.d324.9ffd. Switch_Dhcp# 01:13:23: DHCPD: DHCPINFORM received from client 0100.16d3.249f.fd (192.168.0.3). 01:13:23: DHCPD: Sending DHCPACK to client 0100.16d3.249f.fd (192.168.0.3). 01:13:23: DHCPD: unicasting BOOTREPLY to client 0016.d324.9ffd (192.168.0.3).