526互联

25-1 DHCP配置

发布时间 2023-12-06 00:05:13作者: 搞笑一下

基于接口配置DHCP

拓扑

image

配置

AR1

[AR1]dhcp enable 
[AR1]inte gi 0/0/0
[AR1-GigabitEthernet0/0/0]ip addr 192.168.1.1 255.255.255.0
[AR1-GigabitEthernet0/0/0]dhcp select interface
[AR1-GigabitEthernet0/0/0]dhcp server dns-list 192.168.1.1
[AR1-GigabitEthernet0/0/0]dhcp server lease day 0 hour 0 minute 1

抓包理解DHCP首次接入网络流程

设置PC1的自动获取地址
image
在AR1 GE0/0/0接口抓包
image
PC1获取的网络参数
image

配置全局地址池

拓扑

image

配置

AR2

[AR2]dhcp enable
[AR2]inte gi 0/0/0
[AR2-GigabitEthernet0/0/0]ip addr 192.168.1.1 255.255.255.0
[AR2-GigabitEthernet0/0/0]dhcp select global 
[AR2-GigabitEthernet0/0/0]inte gi 0/0/1
[AR2-GigabitEthernet0/0/1]ip addr 192.168.2.1 255.255.255.0
[AR2-GigabitEthernet0/0/1]dhcp select global 
#
ip pool 1
 network 192.168.1.0 mask 255.255.255.0 
 static-bind ip-address 192.168.1.250 mac-address 5489-98dc-773c 
 lease day 0 hour 1 minute 1 
#
ip pool 2
 network 192.168.2.0 mask 255.255.255.0 
 lease day 0 hour 0 minute 1 
#

全局配置地址池获取地址抓包

DHCP地址池根据收到的Dicovery报文来源接口的地址进行分配,通过192.168.2.1接口收到的Discovery报文,就会分配地址池2的地址给客户端

AR2的GE0/0/0抓包,GE0/0/1抓包
PC4获取到静态绑定的地址
image

image

地址释放

设置PC4为静态模式,PC4将发送DHCP Release报文,AR2的GE0/0/0接口抓包
image

客户端申请上一次使用的IP地址抓包

删除AR2上192.168.1.250和PC4的静态绑定关系

[AR2-ip-pool-1]undo static-bind ip-address 192.168.1.250

PC4重新设置为动态获取地址,PC4依然获取到192.168.1.250地址,PC4会直接发送Request申请使用192.168.1.250地址,AR2经过租用列表确认PC4曾使用过192.168.1.250地址就会发ACK给PC4

PC>ipconfig

Link local IPv6 address...........: fe80::5689:98ff:fedc:773c
IPv6 address......................: :: / 128
IPv6 gateway......................: ::
IPv4 address......................: 192.168.1.250
Subnet mask.......................: 255.255.255.0
Gateway...........................: 0.0.0.0
Physical address..................: 54-89-98-DC-77-3C
DNS server........................:

地址续租抓包

ensp的PC无法发出续租报文,使用路由器模拟终端设备可以抓包到续租报文
拓扑如下
image

LSW5配置如下

#
interface Vlanif10
 ip address 192.168.3.1 255.255.255.0
 dhcp select interface
 dhcp server lease day 0 hour 0 minute 1
#
interface GigabitEthernet0/0/1
 port link-type access
 port default vlan 10
#

AR3

[AR3]dhcp enable 
[AR3]inte gi 0/0/0
[AR3-GigabitEthernet0/0/0]ip address dhcp-alloc

成功获取地址后在T1时间(到达租期的50%)发送单播续租报文,在LSW5的GE0/0/1接口抓到续租包
image

关闭AR3的GE0/0/1接口,客户端在30秒发送续租报文后如果没有收到ACK报文,会在T2(到达租期的87.5%)再此发送一次广播的续租报文,在HUB的Ether0/0/1接口抓包
image