Accessing the WAN – Chapter 7 pot

Cisco Public Introducing DHCP Every device that connects to a network needs an IP address.. Cisco Public Introducing DHCP Administrators typically prefer a network server to offer DH

Trang 1

Accessing the WAN – Chapter 7

Trang 2

Objectives

Trang 3

Introducing DHCP

Every device that connects to a network needs an IP address Network

administrators assign static IP addresses to routers, servers, and other network devices whose locations (physical and logical) are not likely to change

Administrators enter static IP addresses manually when they configure devices to join the network Static addresses also enable administrators to manage those devices remotely

However, computers in an organization often change locations, physically and

logically Administrators are unable to keep up with having to assign new IP addresses every time an employee moves to a different office or cubicle Desktop clients do not require a static address Instead, a workstation can use any address within a range of addresses This range is typically within an IP subnet

DHCP assigns IP addresses and other important network configuration information dynamically Because desktop clients typically make up the bulk of network nodes, DHCP is an extremely useful and timesaving tool for network administrators RFC

2131 describes DHCP

Trang 4

Introducing DHCP

Administrators typically prefer a network server to offer DHCP services, because

these solutions are scalable and relatively easy to manage However, in a small branch or SOHO location, a Cisco router can be configured to provide DHCP services without the need for an expensive dedicated server A Cisco IOS feature set called Easy IP offers an optional, full-featured DHCP server

Trang 5

DHCP Operation

Providing IP addresses to clients is the most fundamental task performed by a

DHCP server DHCP includes three different address allocation mechanisms to

provide flexibility when assigning IP addresses:

Manual Allocation: The administrator assigns a pre-allocated IP address to the client and

DHCP only communicates the IP address to the device

Automatic Allocation: DHCP automatically assigns a static IP address permanently to

a device, selecting it from a pool of available addresses There is no lease and the address is permanently assigned to a device

Dynamic Allocation: DHCP automatically dynamically assigns, or leases, an IP

address from a pool of addresses for a limited period of time chosen by the server, or until the client tells the DHCP server that it no longer needs the address

Trang 6

BOOTP vs DHCP

The Bootstrap Protocol (BOOTP), defined in RFC 951, is the

predecessor of DHCP and shares some operational characteristics BOOTP is a way to download address and boot configurations for diskless workstations A diskless workstation does not have a hard drive or an operating system

For example, many automated cash register systems at your local supermarket are examples of diskless workstations

Both DHCP and BOOTP are client/server based and use UDP

ports 67 and 68 Those ports are still known as BOOTP ports

Trang 7

BOOTP vs DHCP

There are three primary differences between DHCP

and BOOTP:

The main difference is that BOOTP was designed for manual pre-configuration of

the host information in a server database, while DHCP allows for dynamic allocation

of network addresses and configurations to newly attached hosts DHCP allows for recovery and reallocation of network addresses through a leasing mechanism Specifically, DHCP defines mechanisms through which clients can be assigned an IP address for a finite lease period This lease period allows for

reassignment of the IP address to another client later, or for the client to get another assignment if the client moves to another subnet Clients may also renew leases and keep the same IP address BOOTP does not use leases

BOOTP provides a limited amount of information to a host DHCP provides additional IP configuration parameters, such as WINS and domain name

Trang 8

DHCP Server Configuration

Cisco routers running Cisco IOS software provide full support for a router

to act as a DHCP server The Cisco IOS DHCP server assigns and manages IP addresses from specified address pools within the router to DHCP clients

Trang 9

Trang 10

Trang 11

Trang 12

Verify DHCP Server Configuration

To verify the operation of DHCP, use the show ip dhcp binding command

This command displays a list of all IP address to MAC address bindings that have been provided by the DHCP service

To verify that messages are being received or sent by the router, use the

show ip dhcp server statistics command This command displays count information regarding the number of DHCP messages that have been sent and received

Trang 13

DHCP Client Configuration

Typically, small broadband routers for home use, such as Linksys routers, can be

configured to connect to an ISP using a DSL or cable modem In most cases, small home routers are set to acquire an IP address automatically from their ISPs For

example, the figure shows the default WAN setup page for a Linksys WRVS4400N

router Notice that the Internet connection type is set to Automatic Configuration -

DHCP This means that when the router is connected to a cable modem, for

example, it is a DHCP client and requests an IP address from the ISP

Trang 14

DHCP Client Configuration

Cisco routers in SOHO and branch sites have to be configured in a similar manner The method used depends on the ISP However, in its simplest configuration, the Ethernet interface is used to connect to a cable modem To configure an Ethernet interface as a DHCP client, the ip address dhcp command must be configured

In the figure, assume that an ISP has been configured to provide select customers with IP addresses from the 209.165.201.0 / 27 range The ouput confirms the assigned address

Trang 15

DHCP Relay

In a complex hierarchical network, enterprise servers are usually contained in

a server farm These servers may provide DHCP, DNS, TFTP, and FTP

services for the clients The problem is that the network clients typically are

not on the same subnet as those servers Therefore, the clients must locate

the servers to receive services and often these services are located using

broadcast messages

In the figure, PC1 is attempting to acquire an IP address from the DHCP

server located at 192.168.11.5 In this scenario router R1 is not configured as a DHCP server

Trang 16

DHCP Relay

A simpler solution is to configure the Cisco IOS helper address feature on

intervening routers and switches This solution enables routers to forward DHCP

broadcasts to the DHCP servers When a router forwards address

assignment/parameter requests, it is acting as a DHCP relay agent

For example, PC1 would broadcast a request to locate a DHCP server If router R1

were configured as a DHCP relay agent, it would intercept this request and forward

it to the DHCP server located on subnet 192.168.11.0

To configure router R1 as a DHCP relay agent, you need to configure the nearest

interface to the client with the ip helper-address interface configuration command

This command relays broadcast requests for key services to a configured address

Configure the IP helper address on the interface receiving the broadcast

Router R1 is now configured as a DHCP relay agent It accepts broadcast requests

for the DHCP service and then forwards them as a unicast to the IP address

192.168.11.5

Trang 17

DHCP Configuration with SDM Cisco routers can also be configured as a DHCP server using SDM

In this example, router R1 will be configured as the DHCP server on

the Fa0/0 and Fa0/1interfaces

The DHCP server function is enabled under Additional Tasks in the

Configure tab From the list of tasks, click on the DHCP folder and then select DHCP Pools to add a new pool Click Add to create the new DHCP pool

Trang 18

DHCP Configuration with SDM

The Add DHCP Pool window contains the options you need to configure

the DHCP IP address pool The IP addresses that the DHCP server assigns are drawn from a common pool To configure the pool, specify the starting and ending IP addresses of the range

Trang 19

DHCP Configuration with SDM

This screen provides you

with a summary of the pools configured on your router In this example, there have

been two pools configured, one for each of the Fast

Ethernet interfaces on the R1 router

Trang 20

Troubleshooting DHCP

DHCP problems can arise for a multitude of reasons, such as software

defects in operating systems, NIC drivers, or DHCP/BOOTP relay agents,

but the most common are configuration issues Because of the number of

potentially problematic areas, a systematic approach to troubleshooting is

required

show ip dhcp conflict

Trang 21

Verify DHCP Relay Follow these steps to verify the router configuration:

Step 1 Verify that the ip helper-address command is configured on the correct interface It must be present on the inbound interface of the LAN containing the DHCP client workstations and must be directed to the correct DHCP server In the figure, the output of the show running-config command verifies that the DHCP relay

IP address is referencing the DHCP server address at 192.168.11.5

Step 2 Verify that the global configuration command no service dhcp has not been configured This command disables all DHCP server and relay functionality on the router The command service dhcp does not appear in the configuration, because it

is the default configuration

Trang 22

Private and Public Addressing

All public Internet addresses must be registered with a Regional Internet Regiestry (RIR) Organizations can lease public addresses from an ISP Only the registered holder of a

public Internet address can assign that address to a network device

You may have noticed that all the examples in this course use a somewhat restricted

number of IP addresses You may also have noticed the similarity between these numbers and numbers you have used in a small network to view the setup web pages of many

brands of printers, DSL and cable routers, and other peripherals These are reserved

private Internet addresses drawn from the three blocks shown in the figure These

addresses are for private, internal network use only Packets containing these addresses are not routed over the Internet, and are referred to as non-routable addresses RFC 1918 provides details

Unlike public IP addresses, private IP addresses are a reserved block of numbers that can

be used by anyone That means two networks, or two million networks, can each use the same private addresses To prevent addressing conflicts, routers must never route private

IP addresses To protect the public Internet address structure, ISPs typically configure the border routers to prevent privately addressed traffic from being forwarded over the Internet

Trang 23

NAT has many uses, but its key use is to save IP addresses by

allowing networks to use private IP addresses NAT translates

non-routable, private, internal addresses into non-routable, public addresses

NAT has an added benefit of adding a degree of privacy and security

to a network because it hides internal IP addresses from outside

networks

A NAT-enabled device typically operates at the border of a stub

network In our example, R2 is the border router A stub network is a

network that has a single connection to its neighbor network As

seen from the ISP, R2 forms a stub network

Trang 24

What is NAT?

Inside local address - Usually not an IP address assigned by a RIR or service

provider and is most likely an RFC 1918 private address In the figure, the IP

address 192.168.10.10 is assigned to the host PC1 on the inside network

Inside global address - Valid public address that the inside host is given when it

exits the NAT router When traffic from PC1 is destined for the web server at

209.165.201.1, router R2 must translate the address In this case, IP address

209.165.200.226 is used as the inside global address for PC1

Outside global address - Valid public IP address assigned to a host on the

Internet For example, the web server is reachable at IP address 209.165.201.1

Outside local address - The local IP address assigned to a host on the outside

network In most situations, this address will be identical to the outside global

address of that outside device

Trang 25

What is NAT?

Dynamic Mapping and Static Mapping

There are two types of NAT translation: dynamic and

static

them on a first-come, first-served basis When a host with a private IP address requests access to the Internet, dynamic NAT chooses an IP address from the pool that is not already

in use by another host This is the mapping described so far

Static NAT uses a one-to-one mapping of local and global

addresses, and these mappings remain constant Static NAT is particularly useful for web servers or hosts that must have a consistent address that is accessible from the Internet

These internal hosts may be enterprise servers or networking devices

addresses are available to satisfy the total number of

Trang 26

What is NAT?

NAT Overload

NAT overloading (sometimes called Port Address Translation or PAT)

maps multiple private IP addresses to a single public IP address or a few

With NAT overloading, multiple addresses can be mapped to one or

to a few addresses because each private address is also tracked by a port number When a client opens a TCP/IP session, the NAT router

assigns a port number to its source address NAT overload ensures

that clients use a different TCP port number for each client session

with a server on the Internet

Trang 27

NAT advantages and disadvantages

NAT provides many benefits and advantages However, there are some drawbacks to using NAT, including the lack of support for some types of traffic

Định dạng
Số trang	55
Dung lượng	5,65 MB