Saturday, February 25, 2012

DHCP and DNS

DHCP

  • Extension to BOOTP for automatic host configuration
  • Provide ip addressing netmask and default gw bootfile etc to end hosts
  • Broadcast UDP packets source port BOOTP 68 destination port BOOTPS 67
  • Host sends DHCP Discover (broadcast) server sends DHCP offer (unicast) host sends dhcp request (broadcast) server sends dhcpack (unicast)
  • Server should be in the same broadcast domain if not dhcp relay must be used
  • IOS SUPPORTS the following DHCP Server, DHCP client,DHCP Proxye.g translate IPCP request into DHCP used for PPP links,DHCP relaying
  • DHCP can supports option82 which a option added by the relay to be more specfic on the port the end host is connected to
  • Some end host vendors use there own specfic options to this
  • option 82 is automatically enabled when you configure dhcp snooping
  • DHCP Server is configured with DHCP Pools each pool has an ip subnet for allocation
  • host pools are supported

DHCP POOL SELECTION

Server may have multiple address pool
Pool is selected based on
-DHCP Client id (could be any string)
  - supplied by windows client but not linux
  -DHCP Hardware address if ID is missing
  -relaying gateway ip address
  - recieving interface ip subnet if no matching pool found and no relay ip address present

DHCP Relaying

Broadcast can be relayed to unicast destination
ip helper-address "ip" interface command

In case of DHCP relaying router inserts interface IP address
- known as "giaddres" of gateway address
- other options could be inserted e.g the information option 82

Commands

Server

service dhcp - enables dhcp ios
ip dhcp pool vlan 58
network 155.0.58.0/24
default-router 155.0.58.1
dns-server 1.1.1.1
lease 0 1 58

Client

int fa0/0
ip address dhcp





LAB
----
Ok so s2 is the dhcp client
r5 will be dhcp relay
r6 will be the dhcp server

r6
---

r6(config)#service dhcp - enable dhcp server

r6(config)#ip dhcp pool VLAN58     - create a pool and options
r6(dhcp-config)#network 155.0.58.0 /24
r6(dhcp-config)#default-router 155.0.58.5
r6(dhcp-config)#dns-server 1.1.1.1
r6(dhcp-config)#lease?
lease
r6(dhcp-config)#lease ?
  <0-365>   Days
  infinite  Infinite lease
r6(dhcp-config)#lease 0 ?
  <0-23>  Hours
  <cr>
r6(dhcp-config)#lease 0 1 ?
  <0-59>  Minutes
  <cr>

r6#debug ip dhcp server events

r5
---
r5(config)#int fa0/0
r5(config-if)#ip helper-address 6.6.6.6   this will forward broadcast on the fa0/0 segement
to the dhcp server 6.6.6.6


s2
---
s2(config-if)#int vlan 58
s2(config-if)#ip address dhcp

s2(config)#int vlan 58
s2(config-if)#ip dhcp ?
  client  DHCP client configuration
  relay   DHCP relay configuration parameters
s2(config-if)#ip dhcp client ?
  class-id   Specify Class-ID to use
  client-id  Specify Client-ID to use
  hostname   Specify hostname to use
  lease      Requested address lease time
  request    Specify options (not) to request
  route      Options for routes installed by dhcp
s2(config-if)#ip dhcp client

we have a few options to specify class id etc if we wanted

we can see we have learnt the address via dhcp
155.0.58.1

s2#sh ip int brief
Interface              IP-Address      OK? Method Status                Protocol
Vlan1                  unassigned      YES NVRAM  administratively down down
Vlan58                 155.0.58.1      YES DHCP   up                    up

r6
---
r6#sh log
Syslog logging: enabled (1 messages dropped, 1 messages rate-limited,
                0 flushes, 0 overruns, xml disabled, filtering disabled)
    Console logging: level debugging, 44 messages logged, xml disabled,
                     filtering disabled
    Monitor logging: level debugging, 0 messages logged, xml disabled,
                     filtering disabled
    Buffer logging: level debugging, 17 messages logged, xml disabled,
                    filtering disabled
    Logging Exception size (4096 bytes)
    Count and timestamp logging messages: disabled
No active filter modules.
    Trap logging: level informational, 32 message lines logged
Log Buffer (99999 bytes):
*Feb 25 18:02:18.275: DHCPD: checking for expired leases.
*Feb 25 18:02:42.663: DHCPD: Sending notification of DISCOVER:
*Feb 25 18:02:42.663:   DHCPD: htype 1 chaddr 001b.2bec.83c4
*Feb 25 18:02:42.663:   DHCPD: remote id 020a00009b00920600000092
*Feb 25 18:02:42.663:   DHCPD: circuit id 00000000
*Feb 25 18:02:42.663: DHCPD: Seeing if there is an internally specified pool class:
*Feb 25 18:02:42.663:   DHCPD: htype 1 chaddr 001b.2bec.83c4
*Feb 25 18:02:42.663:   DHCPD: remote id 020a00009b00920600000092
*Feb 25 18:02:42.663:   DHCPD: circuit id 00000000
*Feb 25 18:02:44.663: DHCPD: Adding binding to radix tree (155.0.58.1)
*Feb 25 18:02:44.663: DHCPD: Adding binding to hash tree
*Feb 25 18:02:44.663: DHCPD: assigned IP address 155.0.58.1 to client
0063.6973.636f.2d30.3031.622e.3262.6563.2e38.3363.342d.566c.3538.
*Feb 25 18:02:44.939: DHCPD: Sending notification of ASSIGNMENT:
*Feb 25 18:02:44.943:  DHCPD: address 155.0.58.1 mask 255.255.255.0
*Feb 25 18:02:44.943:   DHCPD: htype 1 chaddr 001b.2bec.83c4
*Feb 25 18:02:44.943:   DHCPD: lease time remaining (secs) = 3600

we can see the request and assignment

r6#sh ip dhcp binding
Bindings from all pools not associated with VRF:
IP address          Client-ID/              Lease expiration        Type
                    Hardware address/
                    User name
155.0.58.1          0063.6973.636f.2d30.    Feb 25 2012 07:02 PM    Automatic
                    3031.622e.3262.6563.
                    2e38.3363.342d.566c.
                    3538

say if wanted r6 to give s2 an ip by dhcp but it to be reserved than no one else could have
this ip we could create a specfic poool based on s2 client id

r6
---
r6(config)#ip dhcp pool SW2-CLIENT-POOL
r6(dhcp-config)#host 155.28.58.100
r6(dhcp-config)#client-id 0063.6973.636f.2d30.3031.622e.3262.6563.2e38.3363.34

in order to do this we need to know the client id windows give certain ones linux gives other
so vendor specfic
??? not working need to complete

DNS

  • IOS has DNS client enable by default  that is why if we miss enter a command it can take a few minutes for it throw up an error
  • we can disable this behaviour we no ip domain-lookup
  • We could specify a dns server with ip name-server "ip" on the client and leave on ip domain-lookup
  • For configuring IOS as a server we do no ip domain-lookup  and specify ourselve as the name server ip name-server "my ip"
  • To create host records  ip host "hostname" "host ip"
  • We can configure dns server ip in cisco ios dhcp as above



LAB
r1
---
ok we will configure r1 as dns server

r1(config)#ip dns server
r1(config)#ip host R3 3.3.3.3
r1(config)#

WE have added a record for 3.3.3.3 for r3
s2
---
s2(config)#ip domain lookup
s2(config)#ip name-server 1.1.1.1
s2(config)#

s2#ping R3
Translating "R3"...domain server (1.1.1.1) [OK]
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 3.3.3.3, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 59/65/67 ms
s2#


Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)