1 配置DHCP服务器动态分配IPv4地址
1.1 简介
本案例介绍配置接口工作在DHCP服务器模式,实现动态分配IPv4地址的方法。
1.2 组网需求
如1.2 图1所示,公司将交换机做为核心交换机,现在需要在核心交换机上划分3个VLAN网段,HostA、Host B和Host C分别属于VLAN 5、VLAN 6和VLAN 7,要求在交换机上配置DHCP服务器功能,分别给主机分配不同网段的IP地址。
· 作为DHCP服务器的Switch为网段192.168.5.0/24、192.168.6.0/24和192.168.7.0/24中的客户端动态分配IP地址;
· Switch的三个VLAN接口,VLAN接口5、VLAN接口6和VLAN接口7的地址分别为192.168.5.254/24、192.168.6.254/24和192.168.7.254/24;
· 192.168.5.0/24网段内的DNS服务器地址为192.168.5.100/24,网关的地址为192.168.5.254/24;
· 192.168.6.0/24网段内的DNS服务器地址为192.168.6.100/24,网关的地址为192.168.6.254/24;
· 192.168.7.0/24网段内的DNS服务器地址为192.168.7.100/24,网关的地址为192.168.7.254/24。
图1 DHCP服务器配置组网图
1.3 配置步骤
# 配置端口所属VLAN和对应VLAN接口的IP地址,IP地址即是对应VLAN的网关地址。
<Switch> system-view
[Switch] vlan 5
[Switch-vlan5] port gigabitEthernet 1/0/5
[Switch-vlan5] quit
[Switch]vlan 6
[Switch-vlan6] port gigabitEthernet 1/0/6
[Switch-vlan6] quit
[Switch]vlan 7
[Switch-vlan7] port gigabitEthernet 1/0/7
[Switch-vlan7] quit
[Switch] interface vlan-interface 5
[Switch-Vlan-interface5] ip address 192.168.5.254 255.255.255.0
[Switch-Vlan-interface5] quit
[Switch]interface vlan-interface 6
[Switch-Vlan-interface6] ip address 192.168.6.254 255.255.255.0
[Switch-Vlan-interface6] quit
[Switch]interface vlan-interface 7
[Switch-Vlan-interface7] ip address 192.168.7.254 255.255.255.0
[Switch-Vlan-interface7] quit
# 配置不参与自动分配的IP地址(DNS服务器等,此步为选配)
[Switch] dhcp server forbidden-ip 192.168.5.100
[Switch] dhcp server forbidden-ip 192.168.6.100
[Switch] dhcp server forbidden-ip 192.168.7.100
# 配置DHCP地址池5,用来为192.168.5.0/24网段内的客户端分配IP地址。
[Switch] dhcp server ip-pool 5
[Switch-dhcp-pool-5] network 192.168.5.0 mask 255.255.255.0
[Switch-dhcp-pool-5] dns-list 192.168.5.100
[Switch-dhcp-pool-5] gateway-list 192.168.5.254
[Switch-dhcp-pool-5] quit
# 配置DHCP地址池6,用来为192.168.6.0/24网段内的客户端分配IP地址。
[Switch] dhcp server ip-pool 6
[Switch-dhcp-pool-6] network 192.168.6.0 mask 255.255.255.0
[Switch-dhcp-pool-6] dns-list 192.168.6.100
[Switch-dhcp-pool-6] gateway-list 192.168.6.254
[Switch-dhcp-pool-6] quit
# 配置DHCP地址池7,用来为192.168.7.0/24网段内的客户端分配IP地址。
[Switch] dhcp server ip-pool 7
[Switch-dhcp-pool-7] network 192.168.7.0 mask 255.255.255.0
[Switch-dhcp-pool-7] dns-list 192.168.7.100
[Switch-dhcp-pool-7] gateway-list 192.168.7.254
[Switch-dhcp-pool-7] quit
# 开启DHCP服务
[Switch] dhcp enable
# 配置VLAN接口5、6和7工作在DHCP服务器模式。
[Switch] interface vlan-interface 5
[Switch-Vlan-interface5] dhcp select server
[Switch-Vlan-interface5] quit
[Switch] interface vlan-interface 6
[Switch-Vlan-interface6] dhcp select server
[Switch-Vlan-interface6] quit
[Switch] interface vlan-interface 7
[Switch-Vlan-interface7] dhcp select server
[Switch-Vlan-interface7] quit
1.4 验证配置
配置完成后,5、6、7三个网段客户端可以从DHCP服务器申请到相应网段的IP地址和网络配置参数。
1. 显示DHCP服务器的配置
# 显示DHCP地址池的信息。
[Switch] display dhcp server pool
Pool name: 5
Network: 192.168.5.0 mask 255.255.255.0
dns-list 192.168.5.100
expired day 1 hour 0 minute 0 second 0
gateway-list 192.168.5.254
IP-in-use threshold 100
Pool name: 6
Network: 192.168.6.0 mask 255.255.255.0
dns-list 192.168.6.100
expired day 1 hour 0 minute 0 second 0
gateway-list 192.168.6.254
IP-in-use threshold 100
Pool name: 7
Network: 192.168.7.0 mask 255.255.255.0
dns-list 192.168.7.100
expired day 1 hour 0 minute 0 second 0
gateway-list 192.168.7.254
IP-in-use threshold 100
2. 显示DHCP服务器的IP地址分配信息
# 显示DHCP地址绑定信息。在显示信息里可以查看DHCP服务器为客户端分配的IP地址。
[Switch] display dhcp server ip-in-use
IP address Client-identifier/ Lease expiration Type
Hardware address
192.168.5.1 0262-1d36-1802-00 Feb 18 10:41:21 2023 Auto(C)
3264-2e30-3130-322d-
566c-616e-3130
192.168.6.1 0262-1d3b-7403-00 Feb 18 10:41:17 2023 Auto(C)
192.168.7.2 0262-1d41-8304-00 Feb 18 10:41:41 2023 Auto(C)
# 显示DHCP地址池的空闲地址信息。
[Switch] display dhcp server free-ip
Pool name: 5
Network: 192.168.5.0 mask 255.255.255.0
IP ranges from 192.168.5.2 to 192.168.5.99
IP ranges from 192.168.5.101 to 192.168.5.254
Pool name: 6
Network: 192.168.6.0 mask 255.255.255.0
IP ranges from 192.168.6.2 to 192.168.6.99
IP ranges from 192.168.6.101 to 192.168.6.254
Pool name: 7
Network: 192.168.7.0 mask 255.255.255.0
IP ranges from 192.168.7.2 to 192.168.7.99
IP ranges from 192.168.7.101 to 192.168.7.254
# 显示租约过期的地址绑定信息。当分配的IP地址的租约超过有效期限后,执行本命令可以查看到租约过期的地址绑定信息(通过expired命令可以配置租约有效期,缺省有效期限为1天)。
[Switch] display dhcp server expired
IP address Client-identifier/Hardware address Lease expiration
192.168.7.1 0262-1d36-2703-00 Feb 17 10:53:52 2023
3. 清除DHCP服务器的IP地址分配信息
# 清除DHCP的正式绑定和临时绑定信息。请在用户视图下执行本命令。
[Switch] quit
<Switch> reset dhcp server ip-in-use
# 显示DHCP地址绑定信息。此时设备上不存在相关信息。
<Switch> display dhcp server ip-in-use
IP address Client-identifier/ Lease expiration Type
Hardware address
# 清除租约过期的地址绑定信息。请在用户视图下执行本命令。
<Switch> reset dhcp server expired
# 显示租约过期的地址绑定信息。此时设备上不存在相关信息。
<Switch> display dhcp server ip-in-use
IP address Client-identifier/ Lease expiration Type
Hardware address
4. 显示和清除DHCP服务器的统计信息
# 显示DHCP服务器的统计信息。
<Switch> dis dhcp server statistics
Pool number: 3
Pool utilization: 0.00%
Bindings:
Automatic: 0
Manual: 0
Expired: 3
Conflict: 0
Messages received: 170
DHCPDISCOVER: 57
DHCPREQUEST: 57
DHCPDECLINE: 0
DHCPRELEASE: 56
DHCPINFORM: 0
BOOTPREQUEST: 0
Messages sent: 114
DHCPOFFER: 57
DHCPACK: 57
DHCPNAK: 0
BOOTPREPLY: 0
Bad Messages: 0
# 清除DHCP服务器的统计信息。请在用户视图下执行本命令。
<Switch> reset dhcp server statistics
# 清除DHCP服务器的统计信息后,设备上不存在相关统计信息。
<Switch> dis dhcp server statistics
Pool number: 3
Pool utilization: 0.39%
Bindings:
Automatic: 3
Manual: 0
Expired: 0
Conflict: 0
Messages received: 0
DHCPDISCOVER: 0
DHCPREQUEST: 0
DHCPDECLINE: 0
DHCPRELEASE: 0
DHCPINFORM: 0
BOOTPREQUEST: 0
Messages sent: 0
DHCPOFFER: 0
DHCPACK: 0
DHCPNAK: 0
BOOTPREPLY: 0
Bad Messages: 0
1.5 配置文件
· Switch:
#
dhcp enable
dhcp server forbidden-ip 192.168.5.100
dhcp server forbidden-ip 192.168.6.100
dhcp server forbidden-ip 192.168.7.100
#
vlan 5 to 7
#
dhcp server ip-pool 5
gateway-list 192.168.5.254
network 192.168.5.0 mask 255.255.255.0
dns-list 192.168.5.100
#
dhcp server ip-pool 6
gateway-list 192.168.6.254
network 192.168.6.0 mask 255.255.255.0
dns-list 192.168.6.100
#
dhcp server ip-pool 7
gateway-list 192.168.7.254
network 192.168.7.0 mask 255.255.255.0
dns-list 192.168.7.100
#
interface Vlan-interface5
ip address 192.168.5.254 255.255.255.0
dhcp select server
#
interface Vlan-interface6
ip address 192.168.6.254 255.255.255.0
dhcp select server
#
interface Vlan-interface7
ip address 192.168.7.254 255.255.255.0
dhcp select server
#
interface GigabitEthernet1/0/5
port link-mode bridge
port access vlan 5
#
interface GigabitEthernet1/0/6
port link-mode bridge
port access vlan 6
#
interface GigabitEthernet1/0/7
port link-mode bridge
port access vlan 7
#
1.6 相关资料
· 产品配套“三层技术-IP业务配置指导”中的“DHCP”。
· 产品配套“三层技术-IP业务命令参考”中的“DHCP”。
2 配置DHCP中继
2.1 简介
本案例介绍配置接口工作在DHCP中继模式,当DHCP客户端和DHCP服务器处于不同物理网段时,用于实现客户端可以通过DHCP中继与DHCP服务器通信,获取IP地址及其他配置信息。
2.2 组网需求
· DHCP客户端所在网段为10.10.1.0/24,DHCP服务器的IP地址为10.1.1.1/24;
· 由于DHCP客户端和DHCP服务器不在同一网段,因此,需要在客户端所在网段设置DHCP中继设备,以便客户端可以从DHCP服务器申请到10.10.1.0/24网段的IP地址及相关配置信息;
· Switch A作为DHCP中继通过端口(属于VLAN10)连接到DHCP客户端所在的网络,交换机VLAN接口10的IP地址为10.10.1.1/24,VLAN接口20的IP地址为10.1.1.2/24。
图2 DHCP中继配置组网图
2.3 配置步骤
· 配置DHCP服务器Switch B
# 创建VLAN接口和IP地址。
<SwitchB> system-view
[SwitchB] vlan 20
[SwitchB-vlan20] port gigabitEthernet 1/0/1
[SwitchB-vlan20] quit
[SwitchB] interface vlan-interface 20
[SwitchB-Vlan-interface20] ip address 10.1.1.1 255.255.255.0
[SwitchB-Vlan-interface20] quit
# 配置DHCP地址池5,用来为10.10.1.0/24网段内的客户端分配IP地址。
[SwitchB] dhcp server ip-pool 5
[SwitchB-dhcp-pool-5] network 10.10.1.0 mask 255.255.255.0
[SwitchB-dhcp-pool-5] dns-list 10.10.1.100
[SwitchB-dhcp-pool-5] gateway-list 10.10.1.1
[SwitchB-dhcp-pool-5] quit
# 配置和DHCP客户端互通的静态路由。
[SwitchB] ip route-static 10.10.1.0 24 10.1.1.2
# 开启DHCP服务
[SwitchB] dhcp enable
# 配置VLAN接口20工作在DHCP服务器模式。
[SwitchB] interface vlan-interface 20
[SwitchB-Vlan-interface20] dhcp select server
[SwitchB-Vlan-interface20] quit
· 配置DHCP中继设备Switch A
# 创建VLAN接口和IP地址。
<SwitchA> system-view
[SwitchA] vlan 10
[SwitchA-vlan10] port gigabitEthernet 1/0/1
[SwitchA-vlan10] quit
[SwitchA] vlan 20
[SwitchA-vlan20] port gigabitEthernet 1/0/2
[SwitchA-vlan20] quit
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] ip address 10.10.1.1 255.255.255.0
[SwitchA-Vlan-interface10] quit
[SwitchA] interface vlan-interface 20
[SwitchA-Vlan-interface20] ip address 10.1.1.2 255.255.255.0
[SwitchA-Vlan-interface20] quit
# 开启DHCP服务。
[SwitchA] dhcp enable
[SwitchA] interface vlan-interface 10
[SwitchA-Vlan-interface10] dhcp select relay
# 配置DHCP服务器的地址。
[SwitchA-Vlan-interface10] dhcp relay server-address 10.1.1.1
2.4 验证配置
配置完成后,DHCP客户端可以通过DHCP中继从DHCP服务器获取IP地址及相关配置信息。
# 显示接口上指定的DHCP服务器地址信息。
[SwitchA] displsy dhcp relay server-address
Interface name Server IP address Public/VRF name Class name
Vlan10 10.1.1.1 Y/-- --
# 显示DHCP地址绑定信息。在显示信息里可以查看DHCP服务器为客户端分配的IP地址。
[SwitchB] display dhcp server ip-in-use
IP address Client-identifier/ Lease expiration Type
Hardware address
10.10.1.2 0036-3232-352e-3261- Feb 18 16:14:25 2023 Auto(C)
3264-2e30-3130-322d-
566c-616e-3130
# 显示DHCP中继的相关报文统计信息。
[SwitchB] display dhcp relay statistics
DHCP packets dropped: 0
Incorrect Message type: 0
Option Parsing failed: 0
Mac-check failed: 0
Other count: 0
DHCP packets received from clients: 2
DHCPDISCOVER: 1
DHCPREQUEST: 1
DHCPINFORM: 0
DHCPRELEASE: 0
DHCPDECLINE: 0
BOOTPREQUEST: 0
DHCP packets received from servers: 2
DHCPOFFER: 1
DHCPACK: 1
DHCPNAK: 0
BOOTPREPLY: 0
DHCP packets relayed to servers: 2
DHCPDISCOVER: 1
DHCPREQUEST: 1
DHCPINFORM: 0
DHCPRELEASE: 0
DHCPDECLINE: 0
BOOTPREQUEST: 0
DHCP packets relayed to clients: 2
DHCPOFFER: 1
DHCPACK: 1
DHCPNAK: 0
BOOTPREPLY: 0
DHCP packets sent to servers: 0
DHCPDISCOVER: 0
DHCPREQUEST: 0
DHCPINFORM: 0
DHCPRELEASE: 0
DHCPDECLINE: 0
BOOTPREQUEST: 0
DHCP packets sent to clients: 0
DHCPOFFER: 0
DHCPACK: 0
DHCPNAK: 0
BOOTPREPLY: 0
# 在用户视图下执行reset dhcp relay statistics命令,可以清除该统计信息。
[SwitchB] quit
<SwitchB> reset dhcp relay statistics
# 再次查看显示DHCP中继的相关报文统计信息。
[SwitchB] display dhcp relay statistics
DHCP packets dropped: 0
Incorrect Message type: 0
Option Parsing failed: 0
Mac-check failed: 0
Other count: 0
DHCP packets received from clients: 0
DHCPDISCOVER: 0
DHCPREQUEST: 0
DHCPINFORM: 0
DHCPRELEASE: 0
DHCPDECLINE: 0
BOOTPREQUEST: 0
DHCP packets received from servers: 0
DHCPOFFER: 0
DHCPACK: 0
DHCPNAK: 0
BOOTPREPLY: 0
DHCP packets relayed to servers: 0
DHCPDISCOVER: 0
DHCPREQUEST: 0
DHCPINFORM: 0
DHCPRELEASE: 0
DHCPDECLINE: 0
BOOTPREQUEST: 0
DHCP packets relayed to clients: 0
DHCPOFFER: 0
DHCPACK: 0
DHCPNAK: 0
BOOTPREPLY: 0
DHCP packets sent to servers: 0
DHCPDISCOVER: 0
DHCPREQUEST: 0
DHCPINFORM: 0
DHCPRELEASE: 0
DHCPDECLINE: 0
BOOTPREQUEST: 0
DHCP packets sent to clients: 0
DHCPOFFER: 0
DHCPACK: 0
DHCPNAK: 0
BOOTPREPLY: 0
2.5 配置文件
· 配置Switch B
#
dhcp enable
#
vlan 20
#
dhcp server ip-pool 5
gateway-list 10.10.1.1
network 10.10.1.0 mask 255.255.255.0
dns-list 10.10.1.100
#
interface Vlan-interface20
ip address 10.1.1.1 255.255.255.0
dhcp select server
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 20
#
ip route-static 10.10.1.0 24 10.1.1.2
#
· 配置Switch A
#
dhcp enable
#
vlan 10
#
vlan 20
#
interface Vlan-interface10
ip address 10.10.1.1 255.255.255.0
dhcp select relay
dhcp relay server-address 10.1.1.1
#
interface Vlan-interface20
ip address 10.1.1.2 255.255.255.0
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 10
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 20
#
2.6 相关资料
· 产品配套“三层技术-IP业务配置指导”中的“DHCP”。
· 产品配套“三层技术-IP业务命令参考”中的“DHCP”。
3 配置DHCP Snooping
3.1 简介
本案例介绍配置DHCP Snooping功能的配置方法。
3.2 组网需求
如3.2 图3所示,Switch通过以太网端口GigabitEthernet1/0/1连接到合法DHCP服务器,通过以太网端口GigabitEthernet1/0/3连接到非法DHCP服务器,通过GigabitEthernet1/0/2连接到DHCP客户端。要求:
· 与合法DHCP服务器相连的端口可以转发DHCP服务器的响应报文,而其他端口不转发DHCP服务器的响应报文。
· 记录DHCP-REQUEST报文和信任端口收到的DHCP-ACK报文中DHCP客户端IP地址及MAC地址的绑定信息。
图3 DHCP Snooping配置组网图
3.3 配置步骤
# 全局开启DHCP Snooping功能。
<Switch> system-view
[Switch] dhcp snooping enable
# 设置GigabitEthernet1/0/1端口为信任端口。
[Switch] interface gigabitethernet 1/0/1
[Switch-GigabitEthernet1/0/1] dhcp snooping trust
[Switch-GigabitEthernet1/0/1] quit
# 在GigabitEthernet1/0/2上开启DHCP Snooping表项功能。
[Switch] interface gigabitethernet 1/0/2
[Switch-GigabitEthernet1/0/2] dhcp snooping binding record
[Switch-GigabitEthernet1/0/2] quit
3.4 验证配置
配置完成后,DHCP客户端只能从合法DHCP服务器获取IP地址和其它配置信息,非法DHCP服务器无法为DHCP客户端分配IP地址和其他配置信息。且使用display dhcp snooping binding可查询到获取到的DHCP Snooping表项。在用户视图下执行reset dhcp snooping binding命令,可以清除DHCP Snooping表项。
3.5 配置文件
#
dhcp snooping enable
#
interface GigabitEthernet1/0/1
port link-mode bridge
dhcp snooping trust
#
interface GigabitEthernet1/0/2
port link-mode bridge
dhcp snooping binding record
#
3.6 相关资料
· 产品配套“三层技术-IP业务配置指导”中的“DHCP”。
· 产品配套“三层技术-IP业务命令参考”中的“DHCP”。
4 配置DHCPv6服务器动态分配IPv6地址
4.1 简介
本案例介绍配置接口工作在DHCPv6服务器模式,实现动态分配IPv6地址的方法。
4.2 组网需求
如图4所示,交换机作为企业网络内部的网关设备。配置交换机接口工作在DHCPv6服务器模式,并配置地址/前缀分配方式,从而为主机Host A和Host B自动分配IPv6地址。不同网段的主机通过IPv6静态路由互相访问。
· Host A、Host B、Switch A和Switch B之间通过以太网端口相连,将以太网端口分别加入相应的VLAN里,在VLAN接口上配置IPv6地址,验证它们之间的互通性。
· 配置VLAN接口工作在DHCPv6服务器模式,并引用地址池,从而为主机自动分配IPv6地址。
· 在Switch A和Switch B上配置IPv6静态路由,实现各网段的互通。
图4 动态分配IPv6地址组网图
4.3 配置步骤
1. 配置Switch A
# 创建VLAN,在VLAN中加入对应的端口。
<SwitchA> system-view
[SwitchA] vlan 3
[SwitchA-vlan3] port gigabitethernet 1/0/2
[SwitchA-vlan3] quit
[SwitchA] vlan 2
[SwitchA-vlan2] port gigabitethernet 1/0/1
[SwitchA-vlan2] quit
# 手工指定VLAN接口2的全球单播地址。
[SwitchA] interface vlan-interface 2
[SwitchA-Vlan-interface2] ipv6 address 3001::1/64
[SwitchA-Vlan-interface2] quit
# 手工指定VLAN接口3的全球单播地址,并允许其发布RA消息。
[SwitchA] interface vlan-interface 3
[SwitchA-Vlan-interface3] ipv6 address 2001::1/64
[SwitchA-Vlan-interface3] undo ipv6 nd ra halt
# 配置VLAN接口3引用DHCP地址池。
[SwitchA-Vlan-interface3] ipv6 dhcp server apply pool 1 allow-hint rapid-commit
# 配置被管理地址的配置标志位为1,即主机通过DHCPv6服务器获取IPv6地址。配置其他信息配置标志位为1,即主机通过DHCPv6服务器获取除IPv6地址以外的其他信息。
[SwitchA-Vlan-interface3] ipv6 nd autoconfig managed-address-flag
[SwitchA-Vlan-interface3] ipv6 nd autoconfig other-flag
# 配置接口VLAN接口3工作在DHCPv6服务器模式。
[SwitchA-Vlan-interface3] ipv6 dhcp select server
[SwitchA-Vlan-interface3] quit
# 配置DHCPv6地址池1。
[SwitchA] ipv6 dhcp pool 1
[SwitchA-dhcp6-pool-1] network 2001::/64
[SwitchA-dhcp6-pool-1] dns-server 1::1
[SwitchA-dhcp6-pool-1] quit
# 配置IPv6静态路由,该路由的目的地址为4001::/64,下一跳地址为3001::2。
[SwitchA] ipv6 route-static 4001:: 64 3001::2
# 保存配置。
[SwitchA] save force
2. 配置Switch B
# 创建VLAN,在VLAN中加入对应的端口。
<SwitchB> system-view
[SwitchB] vlan 2
[SwitchB-vlan2] port gigabitethernet 1/0/1
[SwitchB-vlan2] quit
[SwitchB] vlan 3
[SwitchB-vlan3] port gigabitethernet 1/0/2
[SwitchB-vlan3] quit
# 手工指定VLAN接口2的全球单播地址。
[SwitchB] interface vlan-interface 2
[SwitchB-Vlan-interface2] ipv6 address 3001::2/64
[SwitchB-Vlan-interface2] quit
# 手工指定VLAN接口3的全球单播地址,并允许其发布RA消息。
[SwitchB] interface vlan-interface 3
[SwitchB-Vlan-interface3] ipv6 address 4001::1/64
[SwitchB-Vlan-interface3] undo ipv6 nd ra halt
# 配置VLAN接口3引用DHCP地址池。
[SwitchB-Vlan-interface3] ipv6 dhcp server apply pool 1 allow-hint rapid-commit
# 配置被管理地址的配置标志位为1,即主机通过DHCPv6服务器获取IPv6地址。配置其他信息配置标志位为1,即主机通过DHCPv6服务器获取除IPv6地址以外的其他信息。
[SwitchB-Vlan-interface3] ipv6 nd autoconfig managed-address-flag
[SwitchB-Vlan-interface3] ipv6 nd autoconfig other-flag
# 配置接口VLAN接口3工作在DHCPv6服务器模式。
[SwitchB-Vlan-interface3] ipv6 dhcp select server
[SwitchB-Vlan-interface3] quit
# 配置DHCPv6地址池1。
[SwitchB] ipv6 dhcp pool 1
[SwitchB-dhcp6-pool-1] network 4001::/64
[SwitchB-dhcp6-pool-1] dns-server 1::1
[SwitchB-dhcp6-pool-1] quit
# 配置IPv6静态路由,该路由的目的地址为2001::/64,下一跳地址为3001::1。
[SwitchB] ipv6 route-static 2001:: 64 3001::1
# 保存配置。
[SwitchB] save force
3. 配置Host A
在Host A上安装IPv6,并配置自动获取IPv6地址。
4. 配置Host B
在Host B上安装IPv6,并配置自动获取IPv6地址。
4.4 验证配置
1. 显示DHCPv6服务器的配置
# 显示DHCPv6地址池的信息。
[SwitchA] display ipv6 dhcp server ip-in-use
DHCPv6 pool: 1
Network: 2001::/64
Preferred lifetime 604800 seconds, valid lifetime 2592000 seconds
DNS server addresses:
1::1
IP-in-use threshold: 100
PD-in-use threshold: 100
# 显示接口上的DHCPv6服务器信息。
[SwitchA] displsy ipv6 dhcp server
Interface Pool
Vlan-interface1 1
2. 显示和清除DHCPv6服务器的地址绑定信息
# 在Switch A上查看DHCPv6服务器为客户端分配的IPv6地址。
[SwitchA] display ipv6 dhcp server ip-in-use
Pool: 1
IPv6 address Type Lease expiration
2001::2 Auto(C) Sep 30 11:45:07 2021
# 从Switch A上查看端口GigabitEthernet1/0/2的邻居信息。
[SwitchA] display ipv6 neighbors interface gigabitethernet 1/0/2
Type: S-Static D-Dynamic O-Openflow R-Rule IS-Invalid static
IPv6 address MAC address VLAN/VSI Interface State T Aging
2001::2 b025-0b54-0106 -- GE1/0/2 REACH D 29
FE80::B225:BFF:FE54:106 b025-0b54-0106 -- GE1/0/2 REACH D 18
通过上面的信息可以知道Host A上获得的IPv6全球单播地址为2001::2。
# 显示租约过期的DHCPv6地址绑定信息。
[SwitchA] display ipv6 dhcp server expired
IPv6 address DUID Lease expiration
2001::3 0262-9ead-ab03-00 Feb 17 17:09:02 2023
# 清除DHCPv6的正式地址绑定和临时地址绑定信息。并再次查看DHCPv6服务器为客户端分配的IPv6地址
[SwitchA] quit
<SwitchA> reset ipv6 dhcp server ip-in-use
<SwitchA> display ipv6 dhcp server ip-in-use
# 清除DHCPv6的正式地址绑定和临时地址绑定信息。并再次查看租约过期的DHCPv6地址绑定信息
<SwitchA> reset ipv6 dhcp server expired
<SwitchA> IPv6 address DUID Lease expiration
3. 显示和清除DHCPv6服务器的报文统计信息
# 显示DHCPv6服务器的报文统计信息。
<SwitchA> displsy ipv6 dhcp server statistics
Bindings:
Ip-in-use : 0
Pd-in-use : 0
Expired : 1
Conflict : 1
Packets received : 24
Solicit : 8
Request : 8
Confirm : 0
Renew : 0
Rebind : 0
Release : 8
Decline : 0
Information-request : 0
Relay-forward : 0
Packets dropped : 0
Packets sent : 24
Advertise : 8
Reconfigure : 0
Reply : 16
Relay-reply : 0
# 在用户视图下执行reset ipv6 dhcp server statistics命令,可以清除该统计信息。
<SwitchA> reset ipv6 dhcp server statistics
<SwitchA> display ipv6 dhcp server statistics
Bindings:
Ip-in-use : 0
Pd-in-use : 0
Expired : 1
Conflict : 1
Packets received : 0
Solicit : 0
Request : 0
Confirm : 0
Renew : 0
Rebind : 0
Release : 0
Decline : 0
Information-request : 0
Relay-forward : 0
Packets dropped : 0
Packets sent : 0
Advertise : 0
Reconfigure : 0
Reply : 0
Relay-reply : 0
# 在Switch B上查看DHCPv6服务器为客户端分配的IPv6地址
[SwitchB] display ipv6 dhcp server ip-in-use
Pool: 1
IPv6 address Type Lease expiration
4001::2 Auto(C) Sep 30 14:05:49 2021
# 从Switch B上查看端口GigabitEthernet1/0/2的邻居信息。
[SwitchB] display ipv6 neighbors interface gigabitethernet 1/0/2
Type: S-Static D-Dynamic O-Openflow R-Rule IS-Invalid static
IPv6 address MAC address VLAN/VSI Interface State T Aging
4001::2 b043-5415-0406 -- GE1/0/2 REACH D 3
FE80::B243:54FF:FE15:406 b043-5415-0406 -- GE1/0/2 REACH D 44
通过上面的信息可以知道Host B上获得的IPv6全球单播地址为4001::2。
从Host A上也可以ping通Host B,证明它们是互通的。
4.5 配置文件
· Switch A:
#
vlan 2 to 3
#
ipv6 dhcp pool 1
network 2001::/64
dns-server 1::1
#
interface Vlan-interface3
ipv6 dhcp select server
ipv6 dhcp server apply pool 1 allow-hint rapid-commit
ipv6 address 2001::1/64
ipv6 nd autoconfig managed-address-flag
ipv6 nd autoconfig other-flag
undo ipv6 nd ra halt
#
interface Vlan-interface2
ipv6 address 3001::1/64
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 2
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 3
#
ipv6 route-static 4001:: 64 3001::2
#
· Switch B :
#
vlan 2 to 3
#
ipv6 dhcp pool 1
network 4001::/64
dns-server 1::1
#
interface Vlan-interface2
ipv6 address 3001::2/64
#
interface Vlan-interface3
ipv6 dhcp select server
ipv6 dhcp server apply pool 1 allow-hint rapid-commit
ipv6 address 4001::1/64
ipv6 nd autoconfig managed-address-flag
ipv6 nd autoconfig other-flag
undo ipv6 nd ra halt
#
interface GigabitEthernet1/0/1
port link-mode bridge
port access vlan 2
#
interface GigabitEthernet1/0/2
port link-mode bridge
port access vlan 3
#
ipv6 route-static 2001:: 64 3001::1
#
4.6 相关资料
· 产品配套“三层技术-IP业务配置指导”中的“DHCPv6”。
· 产品配套“三层技术-IP业务命令参考”中的“DHCPv6”
