Showing posts with label DHCP. Show all posts
Showing posts with label DHCP. Show all posts

Sunday, 20 October 2019

DHCPv6 Troubleshooting Commands Cisco

DHCPv6 Troubleshooting Commands Cisco


This section explores the methods of DHCPv6 Troubleshooting with Cisco Commands. The problem solving process of DHCPv6 is similar to the resolution of DHCPv4 . Also, due to the number of potentially problematic areas, a systematic approach to problem solving is required, as shown in the following table:
Task No.
Description
Task 1 of troubleshooting:
Resolve address conflicts.
Task 2 of troubleshooting:
Verify physical connectivity.
Task 3 of troubleshooting:
Test with a static IPv6 address.
Task 4 of troubleshooting:
Verify switch port configuration.
Task 5 of troubleshooting:
Test from the same subnet or VLAN.
DHCPv6 Troubleshooting Table.

 Troubleshooting tasks (DHCPv6)

Here are some task and method for DHCPv6  troubleshooting. If you want to learn about DHCPv4 troubleshooting and how to configure DHCPv6 on Cisco, you can following these links:

  • Task 1: resolve conflicts

Similar to what happens with IPv4 addresses, leasing an IPv6 address may expire on a client that still needs to connect to the network. The show ipv6 dhcp conflict command   shows all address conflicts that the DHCPv6 server registers with status. If an IPv6 address conflict is detected, the client usually removes the address and generates a new one through SLAAC or with DHCPv6 with status.

  • TASK 2: VERIFY THE ALLOCATION METHOD

The  show ipv6 interface interface  command  can be used to verify the address assignment method that appears in the RA message, as indicated by the configuration of the M and O indicators. This information is shown in the last lines of the result. If a client does not receive the IPv6 address information from a DHCPv6 server with status, this could be due to incorrect M and O indicators in the RA message.

  • TASK 3: TEST WITH A STATIC IPV6 ADDRESS

By resolving any DHCP problem, whether DHCPv4 or DHCPv6, network connectivity can be verified by configuring a static IP address on a client workstation. In the case of IPv6, if the workstation cannot reach network resources with a statically configured IPv6 address, the root cause of the problem is not SLAAC or DHCPv6. At this point, it is necessary to solve network connectivity problems.

  • TASK 4: VERIFY SWITCH PORT CONFIGURATION

If the DHCPv6 client cannot obtain information from a DHCPv6 server, verify that the switch port is enabled and functioning correctly.

  • TASK 5: TEST THE OPERATION OF DHCPV6 ON THE SAME SUBNET OR VLAN

If the DHCPv6 server with status or without status is functioning correctly but is located on a VLAN or IPv6 network other than that of the client, it is possible that the problem is the DHCPv6 relay agent. The client that interacts with the interface on the router must be configured with the ipv6 dhcp relay destination command  .

Verification of the router's DHCPv6 configuration

Router configurations for DHCPv6 state and stateless services have many similarities, but also include significant differences. The following are the configuration commands for the two types of DHCPv6 services.

USING DHCPV6 WITH STATUS

Routers configured for DHCPv6 services with status have the address prefix command   to provide addressing information.
R1 (config) # ipv6 unicast-routing
R1 (config) # ipv6 dhcp pool IPV6-STATEFUL
R1 (config-dhcpv6) # address prefix 2001: DB8: CAFE: 1 :: / 64 lifetime 
infinite
R1 (config-dhcpv6) # dns-server 2001: db8: cafe: aaaa :: 5
R1 (config-dhcpv6) # domain-name example.com
R1 (config-dhcpv6) # exit
R1 (config) # interface g0 / 1
R1 (config-if) # ipv6 address 2001: db8: cafe: 1 :: 1/64
R1 (config-if) # ipv6 dhcp server IPV6-STATEFUL
R1 (config-if) # ipv6 nd managed-config-flag
For DHCPv6 services with status, the ipv6 nd managed-config-flag interface configuration mode command is used  . In this case, the client omits the routing information in the RA message and communicates with a DHCPv6 server to obtain addressing information and other information.

USING DHCPV6 WITHOUT STATUS

For stateless DHCPv6 services, the ipv6 nd other-config-flag interface configuration mode command is used  . This informs the device to use SLAAC for addressing information and a stateless DHCPv6 server for other configuration parameters.
R1 (config) # ipv6 unicast-routing
R1 (config) # ipv6 dhcp pool IPV6-STATELESS
R1 (config-dhcpv6) # dns-server 2001: db8: cafe: aaaa :: 5
R1 (config-dhcpv6) # domain-name example.com
R1 (config-dhcpv6) # exit
R1 (config) # interface g0 / 1
R1 (config-if) # ipv6 address 2001: db8: cafe: 1 :: 1/64
R1 (config-if) # ipv6 dhcp server IPV6-STATELESS
R1 (config-if) # ipv6 nd other-config-flag
The show ipv6 interface command   can be used to view the current configuration to determine the allocation method. As shown in the following scheme, the last line of the result indicates the way in which customers obtain addresses and other parameters.
SLAAC
R1 # show ipv6 interface g0 / 1
 GigabitEthernet0 / 1 is up, line protocol is up
 IPv6 is enabled, link-local address is
 FE80 :: D68C: B5FF: DATE: A0C1
DHCP without status

R1 # show ipv6 interface g0 / 1
 GigabitEthernet0 / 1 is up, line protocol is up
 IPv6 is enabled, link-local address is
 FE80 :: D68C: B5FF: DATE: A0C1
DHCP with status

R1 # show ipv6 interface g0 / 1
GigabitEthernet0 / 1 is up, line protocol is up
 IPv6 is enabled, link-local address is 
 FE80 :: D68C: B5FF: DATE: A0C1

Debugging DHCPv6

When the router is configured as a DHCPv6 server with status or without status, the debug ipv6 dhcp detail command is useful for verifying the reception and transmission of DHCPV6 messages. As shown in the illustration, a DHCPv6 router with status received a REQUEST message from a client. The router uses the addressing information in its IPV6-STATEFUL pool for allocation information.
R1 # debug ipv6 dhcp detail
 IPv6 DHCP debugging is on (detailed)
R1 # 
* Feb 3 21: 27: 41.123: IPv6 DHCP: Received SOLICIT from 
FE80 :: 32F7: DFF: FE25: 2DE1 on GigabitEthernet0 / 1
* Feb 3 21: 27: 41.123: IPv6 DHCP: detailed packet contents
* Feb 3 21: 27: 41.123: src FE80 :: 32F7: DFF: FE25: 2DE1
(GigabitEthernet0 / 1)
* Feb 3 21: 27: 41.127: dst FF02 :: 1: 2
* Feb 3 21: 27: 41.127: type SOLICIT (1), xid 13190645
* Feb 3 21: 27: 41.127: option ELAPSED-TIME (8), len 2
* Feb 3 21: 27: 41.127: elapsed-time 0
* Feb 3 21: 27: 41.127: option CLIENTID (1), len 10
* Feb 3 21: 27: 41,127: 000
* Feb 3 21: 27: 41.127: IPv6 DHCP: Using interface pool IPV6- 
STATEFUL 
* Feb 3 21: 27: 41.127: IPv6 DHCP: Creating binding for 
FE80 :: 32F7: DFF: FE25: 2DE1 in pool IPV6-STATEFUL 
<Se skipped the result>
on No comments:
Labels: , ,

DHCPv6 Configuration On Cisco Router

DHCPv6 Configuration On Cisco Router

In this post you will learn DHCPv6 Configuration On Cisco Router. We will share command and topology example for better understanding. If you want to learn about what is DHCPv4 and how to configure DHCPv4 on Cisco, You can visit here. This post is purely related to DHCPv6 Configuration On Cisco Router.

Configure a router as a stateless DHCPv6 server

As will be shown below, there are four steps to configure a router as a DHCPv6 server:

  • Step 1: Enable IPv6 routing

The use of the ipv6 unicast-routing command is required to enable IPv6 routing. This command is not necessary for the router to be a stateless DHCPv6 server, but it is required for the router to originate the ICMPv6 RA messages.
Router (config) # ipv6 unicast-routing

  • Step 2: Configure a DHCPv6 pool

The ipv6 dhcp pool set-name creates a set and the router enters the DHCPv6 configuration command, which is identified by the Router line (config-dhcpv6) #.
Router (config) # ipv6 dhcp pool  pool-name 
Router (config-dhcpv6) #

  • Step 3: Configure the pool parameters

During the SLAAC process, the client received the information he needed to create a global unicast IPv6 address. The client also received the default gateway information through the source IPv6 address of the RA message, which is the router's link-local address. However, the stateless DHCPv6 server can be configured to provide other information that may not have been included in the RA message, such as the DNS server address and domain name.
Router (config-dhcpv6) # dns-server  dns-server-address 
Router (config-dhcpv6) # domain-name  domain-name

  • Step 4: Configure the DHCPv6 interface

The ipv6 dhcp server interface-configuration mode set-name links the DHCPv6 set with the interface. The router responds to DHCPv6 requests without status on this interface with the information included in the pool. The O indicator must be changed from 0 to 1 using the ipv6 nd other-config-flag interface command . RA messages sent on this interface indicate that additional information is available from a stateless DHCPv6 server.

Router (config) # interface type number
Router (config-if) # ipv6 dhcp server pool-name
Router (config-if) # ipv6 nd other-config-flag

SAMPLE DHCPV6 SERVER WITHOUT STATUS

In Image 1 together with the commands, an example configuration is shown for a router to be configured as a stateless DHCPv6 server. Note that router R3 is shown as a DHCPv6 client. R3 is configured as a client to help verify stateless DHCPv6 operations.

R1 (config) # ipv6 unicast-routing
R1 (config) # ipv6 dhcp pool IPV6-STATELESS
R1 (config-dhcpv6) # dns-server 2001: db8: cafe: aaaa :: 5
R1 (config-dhcpv6) # domain-name example.com
R1 (config-dhcpv6) # exit
R1 (config) # interface g0 / 1
R1 (config-if) # ipv6 address 2001: db8: cafe: 1 :: 1/64
R1 (config-if) # ipv6 dhcp server IPV6-STATELESS
R1 (config-if) # ipv6 nd other-config-flag

 Configure a router as a stateless DHCPv6 client

Following the example in Image 1, a Cisco router is used as the stateless DHCPv6 client. This is not a typical situation and is used only for demonstration purposes. Generally, a stateless DHCPv6 client is a device, such as a computer, a tablet PC, a mobile device or a webcam.
The client router needs a link-local IPv6 address on the interface to send and receive IPv6 messages, such as RS messages and DHCPv6 messages. The link-local address of a router is created automatically when IPv6 is enabled on the interface. This can happen when a global unicast address is configured on the interface or when the ipv6 enable command is used  . After the router receives a local link address, it can participate in the detection of IPv6 neighbors.
In this example, the ipv6 enable command is used  , because the router does not yet have a global unicast address.
R3 (config) # interface g0 / 1
R3 (config-if) # ipv6 enable
R3 (config-if) # ipv6 address autoconfig
R3 (config-if) #
The ipv6 address autoconfig command   enables automatic configuration of IPv6 addressing using SLAAC. It is assumed that the server router is configured for stateless DHCPv6, so it sends an RA message to inform the client router that it uses stateless DHCPv6 to obtain DNS information.

Verification of DHCPv6 without status

Continuing with the example in Image 1, the show ipv6 dhcp pool  command  verifies the name of the DHCPv6 pool and its parameters. The number of active clients is 0, because the server does not maintain any status.
R1 # show ipv6 dhcp pool
DHCPv6 pool: IPV6-STATELESS
 DNS server: 2001: DB8: CAFE: AAAA :: 5
 Domain name: example.com
 Active clients: 0
R1 #
The show running-config command   can also be used to verify all the commands that were previously configured.

DHCPV6 CLIENT VERIFICATION WITHOUT STATUS

In this example, a router is used as a stateless DHCPv6 client. The result of the show ipv6 interface  command  shows that the router has “Stateless address autoconfig enabled” and an IPv6 global unicast address. The IPv6 global unicast address was created using SLAAC, which includes the prefix contained in the RA message. The IID was generated through EUI-64. DHCPv6 was not used to assign the IPv6 address.
R3 # show ipv6 interface g0 / 1
GigabitEthernet0 / 1 is up, line protocol is up
 IPv6 is enabled, link-local address is
FE80 :: 32F7: DFF: FE25: 2DE1 
 No Virtual link-local address (s):
 Stateless address autoconfig enabled 
Global unicast address (s): 
2001: DB8: CAFE: 1: 32F7: DFF: FE25: 2DE1, subnet is
2001: DB8: COFFEE: 1 :: / 64 [EUI / CAL / PRE]
 valid lifetime 2591935 preferred lifetime 604735
 Joined group address (es):
 FF02 :: 1
 FF02 :: 1: FF25: 2DE1
 MTU is 1500 bytes
 ICMP error messages limited to one every 100 milliseconds
 ICMP redirects are enabled
 ICMP unreachables are sent
 ND DAD is enabled, number of DAD attempts: 1
 ND reachable time is 30000 milliseconds (using 30000)
 ND NS retransmit interval is 1000 milliseconds
 Default router is FE80 :: D68C: B5FF: FECE: A0C1 on 
GigabitEthernet0 / 1 
R3 #
The default router information also comes from the RA message. This was the source IPv6 address of the packet containing the RA message and the router's link-local address.

In the result of the debug ipv6 dhcp detail command   in Image 2, the DHCPv6 messages exchanged between the client and the server are displayed. In this example, the command was entered on the client. The INFORMATION-REQUEST message is displayed, because it is sent from a DHCPv6 client without status. Note that the client, router R3, sends DHCPv6 messages from its link-local address to the address of all DHCPv6 relay agents and servers, FF02 :: 1: 2.

The debug result shows all DHCPv6 messages sent between the client and the server, including the DNS server and domain name options that were configured on the server.



on No comments:
Labels: , ,

Slaac vs DHCPv6

Slaac vs DHCPv6

In this section, the functionality of SLAAC VS DHCPv6 is explored . Also the options of obtaining an IPv6 address automatically.Similar to what happens with IPv4, global unicast IPv6 addresses can be configured manually or dynamically. However, there are two methods in which IPv6 global unicast addresses can be dynamically assigned:

  • Automatic stateless address configuration (SLAAC)
  • Dynamic host configuration protocol for IPv6 (DHCPv6 with status)

What is SLAAC ipv6

SLAAC (Automatic state independent address configuration) is a method in which a device can obtain a global unicast IPv6 address without the services of a DHCPv6 server. ICMPv6 is located in the center of SLAAC. ICMPv6 is similar to ICMPv4, but includes additional functionality and is a much stronger protocol. SLAAC uses ICMPv6 router request and announcement messages to provide addressing and other configuration information that would normally be provided by a DHCP server:
  1. Router request message (RS): When a client is configured to obtain the routing information automatically via SLAAC, the client sends an RS message to the router. The RS message is sent to the IPv6 multicast address of all routers, FF02 :: 2.
  2. Router Announcement (RA) Message:  Routers send RA messages to provide routing information to clients configured to obtain their IPv6 addresses automatically. The RA message includes the prefix and prefix length of the local segment. A client uses this information to create its own global unicast IPv6 address. Routers send RA messages periodically or in response to an RS message. By default, Cisco routers send RA messages every 200 seconds. RA messages are always sent to the IPv6 multicast address of all nodes, FF02 :: 1.
As the name implies, SLAAC means "stateless." A stateless service means that there is no server that maintains the network address information. Unlike DHCP, there is no SLAAC server that has information about which IPv6 addresses are in use and which ones are available.

Operation of SLAAC

A router must have IPv6 routing enabled before it can send RA messages:
Router (config) # ipv6 unicast-routing

SLAAC VS DHCPV6

The decision of whether a client is configured to obtain its IPv6 address information automatically via SLAAC, by DHCPv6 or by a combination of both depends on the configuration within the RA message.
The two indicators are the managed address configuration indicator (M indicator) and the other configuration indicator (O indicator).
Using different combinations of the M and O indicators, RA messages have one of three addressing options for the IPv6 device, as shown in the illustration:

  • SLAAC (router ad only)
  • Stateless DHCPv6 (router and DHCPv6 announcement)
  • DHCPv6 with status (DHCPv6 only)
Regardless of the option used, in RFC 4861 it is recommended that all IPv6 devices perform duplicate address detection (DAD) at any unicast address, including addresses configured using SLAAC or DHCPv6. DAD is implemented by ICMPv6, specified by RFC 4443.



on No comments:
Labels: ,

DHCP Troubleshooting Cisco Commands

DHCP Troubleshooting Cisco Commands

It explains DHCP Troubleshooting, how to adopt a systematic approach to problem solving, due to the number of potentially problematic areas. Also how to verify possible DHCP configuration errors using Cisco Commands.
DHCP problems may arise due to various reasons, such as software defects in operating systems, NIC drivers or DHCP relay agents. However, the most frequent cause is configuration problems. Due to the number of potentially problematic areas, a systematic approach to problem solving is required, as shown in the following table:
Task No.
Description
Task 1 of troubleshooting:
Resolve address conflicts.
Task 2 of troubleshooting:
Verify physical connectivity.
Task 3 of troubleshooting:
Test with a static IPv4 address.
Task 4 of troubleshooting:
Verify switch port configuration.
Task 5 of troubleshooting:
Test from the same subnet or VLAN.
DHCP Troubleshooting Table.


DHCP Troubleshooting tasks

  • TASK 1: RESOLVE IPV4 ADDRESS CONFLICTS

Leasing an IPv4 address may expire on a client that is still connected to a network. If the client does not renew the lease, the DHCP server can reassign that IPv4 address to another client. When the client restarts, it requests an IPv4 address. If the DHCP server does not respond quickly, the client uses the last IPv4 address. The problem arises when two clients use the same IPv4 address, which creates a conflict.
The show ip dhcp conflict command   shows all address conflicts that register the DHCP server, as shown in the following result. The server uses the ping command   to detect clients. The client uses the address resolution protocol (ARP) to detect conflicts. If an address conflict is detected, the latter is removed from the pool and is not assigned until an administrator resolves the conflict.
R1 # show ip dhcp conflict
IP address Detection Method Detection time
192.168.10.32 Ping Feb 16 2013 12:28 PM
192.168.10.64 Gratuitous ARP Feb 23 2013 08:12 AM
This result shows the IP addresses that have conflicts with the DHCP server. Shows the detection method and detection time for conflicting IP addresses offered by the DHCP server.

  • TASK 2: VERIFY PHYSICAL CONNECTIVITY

First, use the  show interfaces interface  command  to confirm that the router interface that functions as the default gateway for the client is operational. If the interface has another state that is not activated, the port does not pass traffic, even DHCP client requests.

  • TASK 3: TEST CONNECTIVITY USING A STATIC IP ADDRESS

When solving any DHCP problem, verify network connectivity by configuring static IPv4 address information on a client workstation. If the workstation cannot reach network resources with a statically configured IPv4 address, the root cause of the problem is not DHCP. At this point, it is necessary to solve network connectivity problems.

  • TASK 4: VERIFY SWITCH PORT CONFIGURATION

If the DHCP client cannot obtain an IPv4 address from the DHCP server during startup, try to obtain an IPv4 address from the DHCP server by manually forcing the client to send a DHCP request.

Note : If there is a switch between the client and the DHCP server and the client cannot obtain the DHCP configuration, the cause may be problems with the switch port configuration. These causes may include trunk and pipeline problems, STP and RSTP. PortFast and perimeter configurations solve the most common DHCPv4 client problems that occur with an initial installation of a Cisco switch.

  • TASK 5: TEST THE OPERATION OF DHCPV4 ON THE SAME SUBNET OR VLAN

It is important to distinguish whether DHCPv4 works correctly when the client is on the same subnet or VLAN as the DHCPv4 server. If DHCPv4 works correctly when the client is on the same subnet or VLAN, the problem may be the DHCP relay agent. If the problem persists even with the DHCPv4 test on the same subnet or VLAN as the DHCPv4 server, there may actually be a problem with the DHCPv4 server.

Verification of the router's DHCPv4 configuration

When the DHCPv4 server is located on a LAN other than that of the client, the router interface that interacts with the client must be configured to relay DHCPv4 requests by configuring the help IPv4 address. If the help IPv4 address is not configured correctly, DHCP client requests are not forwarded to the DHCPv4 server.

Follow these steps to verify the router configuration:

  • Step 1:  Verify that the ip helper-address command   is configured on the correct interface. This command must be present on the LAN input interface that contains the DHCPv4 client workstations and must be directed to the correct DHCPv4 server. In the illustration, the result of the show running-config command   verifies that the DHCP4 relay IPv4 address refers to the DHCPv4 server address in 192.168.11.6.

The show ip interface command can also be used to verify DHCP re-transmission on an interface.
  • Step 2:  Verify that the global no service dhcp configuration command has not been configured  . This command disables all functionality of the DHCP server and router relay. The service dhcp command   does not appear in the running configuration, because it is the default configuration

In the illustration, the  show running-config | include no service dhcp  verifies that the DHCPv4 service is enabled, because there is no match for the  show running-config | include no service dhcp . If the service had been disabled, the result would show the no service dhcp command  .

R1 # show running-config | interface GigabitEthernet0 / 0
interface GigabitEthernet0 / 0
 ip address 192.168.10.1 255.255.255.0
 ip helper-address 192.168.11.6
 auto duplex
 speed auto
R1 #

R1 # show running-config | include no service dhcp

Debugging DHCP

On routers configured as DHCP servers, the DHCP process fails if the router does not receive requests from the client. As a troubleshooting task, verify that the router receives the DHCP request from the client. This troubleshooting step includes the configuration of an ACL for debugging.
The illustration shows an extended ACL that allows only packets with UDP destination ports of 67 or 68. These are the typical ports used by DHCP clients and servers when sending DHCP messages. The extended ACL is used with the debug ip packet command   to display only DHCP messages.
R1 (config) # access-list 100 permit udp any any eq 67
R1 (config) # access-list 100 permit udp any any eq 68
R1 (config) # end
R1 # debug ip packet 100 
IP packet debugging is on for access list 100
* IP: s = 0.0.0.0 (GigabitEthernet0 / 1), d = 255.255.255.255,
Len 333, rcvd 2
* IP: s = 0.0.0.0 (GigabitEthernet0 / 1), d = 255.255.255.255,
len 333, stop process pak for forus packet
* IP: s = 192.168.11.1 (local), d = 255.255.255.255
(GigabitEthernet0 / 1), len 328, sending broad / multicast
The result shown in the illustration shows that the router receives DHCP requests from the client. The source IP address is 0.0.0.0, because the client does not yet have an IP address. The destination is 255.255.255.255, because the client's DHCP detection message is sent as broadcast. In this result, only a summary of the package is shown, and not the DHCPv4 message itself. However, the router received a broadcast packet with the appropriate source and destination UDP and IP ports for DHCPv4. In the result of complete debugging, all packets in DHCPv4 communications between the client and the DHCPv4 server are displayed.
Another useful command to perform troubleshooting of DHCPv4 operation is the debug ip dhcp server events command  . This command reports server events, such as address assignments and database updates.
R1 # debug ip dhcp server events
DHCPD: returned 192.168.10.11 to address pool LAN-POOL-1
DHCPD: assigned IP address 192.168.10.12 to client
0100.0103.85e9.87.
DHCPD: checking for expired leases.
DHCPD: the lease for address 192.168.10.10 has expired.
DHCPD: returned 192.168.10.10 to address pool LAN-POOL-1

on No comments:
Labels: , ,

Configure of DHCP server and DHCP Client on Cisco Router

Configure of DHCP server and DHCP Client on Cisco Router

In this section, you will get complete details on Configure of DHCP server and DHCP Client on Cisco Router. Step by step and all the commands you should learn. If you learn about what is DHCP you can visit here.
A Cisco router running Cisco IOS software can be configured to function as a DHCP server . The DHCP server used by Cisco IOS assigns and manages IPv4 addresses from specified address sets within the router for DHCP clients. The topology shown in figure is used to illustrate this functionality.

HOW TO CONFIGURE A DHCP SERVER IN CISCO ROUTER

  • Step 1: Exclude IPv4 addresses

The router that functions as a DHCP server assigns all IPv4 addresses in a set of DHCP addresses, unless it is configured to exclude specific addresses. Generally, some IPv4 addresses in a set are assigned to network devices that require static address assignments. Therefore, these IPv4 addresses should not be assigned to other devices. To exclude specific addresses, use the ip dhcp excluded-address command  , as shown below:
R1 (config) # ip dhcp excluded-address  low-address [ high-address ]
A single address or range of addresses can be excluded by specifying the lowest address and the highest address in the range. Excluded addresses must include the addresses assigned to routers, servers, printers and other devices that were configured or will be configured manually.
R1 (config) # ip dhcp excluded-address 192.168.10.1 192.168.10.9
R1 (config) # ip dhcp excluded-address 192.168.10.254

  • Step 2: Configure a DHCPv4 pool

The configuration of a DHCP server involves defining a set of addresses to be assigned. As shown below, the ip dhcp pool set-  name command   creates a set with the specified name and places the router in DHCP configuration mode, which is identified with the Router (dhcp-config) # flag.
R1 (config) # ip dhcp pool  pool-name 
R1 (dhcp-config) #
R1 (config) # ip dhcp pool LAN-POOL-1 
R1 (dhcp-config) #

  • Step 3: Configure specific tasks

Finally, the tasks to complete the configuration of the DHCP pool are indicated. Some of them are optional, while others must be configured.

REQUIRED AND OPTIONAL TASKS FOR DHCP

Required Tasks
Required Tasks
Command
Define the address set.
network network number [mask | prefix-length]
Define the default router or gateway.
default-router address [address2… address8]
Table of configuration of specific tasks.
Optional Tasks

Optional Tasks
Command
Define a DNS server.
dns-server address [address2… address8]
Define the domain name.
domain-name domain
Define the duration of the DHCP grant.
read {days [hours] [minutes] | infinite}
Define the WINS server with NetBIOS.
netbios-name-server address [address2… address8]
Table of configuration of specific tasks.
Use the default-router command   to define the default gateway router. Normally, the gateway is the LAN interface of the router closest to the client devices. A gateway is required, but up to eight addresses can be indicated if there are several gateways.
Other commands in the DHCP pool are optional. For example, the IPv4 address of the DNS server that is available to a DHCP client is configured using the dns-server command  . The  domain-name  domain command  is used to define the domain name. The lease duration of DHCPv4 can be modified using the lease command  . The default lease value is one day. The netbios-name-server command   is used to define the WINS server with NetBIOS.

DHCP CONFIGURATION EXAMPLE

An example configuration with basic DHCPv4 parameters configured on router R1 is shown below. R1 is configured as a DHCPv4 server for LAN 192.168.10.0/24 using the example topology of Image 1.
R1 (config) # ip dhcp excluded-address 192.168.10.1 192.168.10.9
R1 (config) # ip dhcp excluded-address 192.168.10.254 
R1 (config) # ip dhcp pool LAN-POOL-1
R1 (dhcp-config) # network 192.168.10.0 255.255.255.0
R1 (dhcp-config) # default-router 192.168.10.1
R1 (dhcp-config) # dns-server 192.168.11.5
R1 (dhcp-config) # domain-name example.com
R1 (dhcp-config) # end
R1 #
The DHCP service is enabled by default. To disable the service, use the global configuration mode no service dhcp command  . Use the dhcp  global configuration mode command  to re-enable the DHCP server process. If the parameters are not set, enabling the service has no effect.

DHCP VERIFICATION

In the example result, the topology shown in Image 1 is used. In this example, R1 was configured to provide DHCP services. Since PC1 did not turn on, it does not have an IP address.

SHOW RUNNING-CONFIG COMMAND

As shown below, in the result of the  show running-config | dhcp section , the DHCP commands configured in R1 are displayed. The parameter  | section  shows only the commands associated with the DHCP configuration.
R1 # show running-config | dhcp section
ip dhcp excluded-address 192.168.10.1 192.168.10.9
ip dhcp excluded-address 192.168.10.254
ip dhcp excluded-address 192.168.11.1 192.168.11.9
ip dhcp excluded-address 192.168.11.254
ip dhcp pool LAN-POOL-1
 network 192.168.10.0 255.255.255.0
 default-router 192.168.10.1 
 dns-server 192.168.11.5 
 domain-name example.com
ip dhcp pool LAN-POOL-2
 network 192.168.11.0 255.255.255.0
 default-router 192.168.11.1 
 dns-server 192.168.11.5 
 domain-name example.com
R1 #
SHOW IP DHCP BINDING COMMAND
As shown in the following result, DHCPv4 operation can be verified using the show ip dhcp binding command  . This command shows a list of all the links of the IPv4 address with the MAC address that were provided by the DHCPv4 service.

 R1 # show ip dhcp binding Bindings from all pools not associated with VRF: IP address Client-ID / Lease expiration Type Hardware address / User Name
The following command,  show ip dhcp server statistics , is used to verify if the router receives or sends messages. This command displays counting information regarding the number of DHCPv4 messages that were sent and received.R1 # show ip dhcp server statistics
Memory usage 23543
Address pools 1
Database agents 0
Automatic bindings 0
Manual bindings 0
Expired bindings 0
Malformed messages 0
Secure arp entries 0

Message Received
BOOTREQUEST 0
DHCPDISCOVER 0
DHCPREQUEST 0
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 0

Message Sent
BOOTREPLY 0
DHCPOFFER 0
DHCPACK 0
DHCPNAK 0
R1 #
As seen in the result of these commands, there are currently no links, and statistics indicate that there are no messages sent or received. At this time, no device requested DHCPv4 services from router R1.

SHOW IP DHCP COMMAND

In the following result, the commands are issued after PC1 and PC2 were turned on and the boot process finished.
R1 # show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID / Lease expiration Type
           Hardware address /
           User Name
192.168.10.10 0100.e018.5bdd.35 May 28 2013 01:06 PM Automatic
192.168.11.10 0100.b0d0.d817.e6 May 28 2013 01:10 PM Automatic
R1 # show ip dhcp server statistics
Memory usage 25307
Address pools 2
Database agents 0
Automatic bindings 2
Manual bindings 0
Expired bindings 0
Malformed messages 0
Secure arp entries 0

Message Received
BOOTREQUEST 0
DHCPDISCOVER 8
DHCPREQUEST 3
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 0

Message Sent
BOOTREPLY 0
DHCPOFFER 3
DHCPACK 3
DHCPNAK 0
R1 #
Note that the information about the bindings now shows that IPv4 addresses 192.168.10.10 through 192.168.11.10 joined the MAC addresses. Statistics also show DHCPDISCOVER, DHCPREQUEST, DHCPOFFER and DHCPACK activity.

IPCONFIG / ALL COMMAND

As shown in Image 2, the ipconfig / all command  , when issued on PC1, shows the TCP / IP parameters. Since PC1 was connected to network segment 192.168.10.0/24, it automatically received a DNS suffix, an IPv4 address, a subnet mask, a default gateway and a DNS server address from that pool. No DHCP specific router interface configuration is required. If a computer is connected to a network segment that has an available DHCPv4 pool, the computer can obtain an IPv4 address from the appropriate pool automatically.

DHCP RELAY

In a complex hierarchical network, business servers are usually located in a server farm. These servers can provide DHCP, DNS, TFTP and FTP services for the network. Generally, network clients are not on the same subnet as those servers. To locate servers and receive services, clients often use broadcast messages.

In figure, PC1 attempts to acquire an IPv4 address from a DHCP server through a broadcast message. In this situation, router R1 is not configured as a DHCPv4 server and does not forward the broadcast message. Since the DHCPv4 server is located on a different network, PC1 cannot receive an IP address via DHCP.

IPCONFIG / RELEASE AND IPCONFIG / RENEW COMMANDS

In Image 4, PC1 tries to renew its IPv4 address. To do this, the ipconfig / release command is issued  . Note that the IPv4 address is released, and the address is shown to be 0.0.0.0. Next, the ipconfig / renew command is issued  . This command causes PC1 to broadcast a DHCPDISCOVER message. The result shows that PC1 cannot locate the DHCPv4 server. Since routers do not forward broadcast messages, the request is not correct.

As a solution to this problem, an administrator can add DHCP servers on all subnets. However, running these services on several computers generates an additional cost and administrative overhead.
A better solution is to configure a Cisco IOS help address. This solution allows the router to forward DHCPv4 broadcasts to the DHCPv4 server. When a router forwards assignment requests / address parameters, it acts as a DHCPv4 relay agent. In the example topology, PC1 would broadcast a request to locate a DHCPv4 server. If R1 was configured as a DHCPv4 relay agent, it would forward the request to the DHCPv4 server located on subnet 192.168.11.0.

IP HELPER-ADDRESS COMMAND

As shown below, the interface on R1 that receives the broadcast is configured with the ip helper-address interface configuration mode command  . The DHCP server address is configured as the only parameter.
R1 (config) # interface g0 / 0
R1 (config-if) # ip helper-address 192.168.11.6
R1 (config-if) # end
R1 # show ip interface g0 / 0
GigabitEthernet0 / 0 is up, line protocol is up 
 Internet address is 192.168.10.1/24
 Broadcast address is 255.255.255.255
 Address determined by setup command
 MTU is 1500 bytes
 Helper address is 192.168.11.6
When R1 is configured as a DHCP relay agent, it accepts broadcast requests for the DHCP service and then forwards those requests as a unicast to IPv4 address 192.168.11.6. The show ip interface command   is used to verify the configuration.
As shown in Image 5, PC1 can now acquire an IPv4 address from the DHCPv4 server.

DHCPv4 is not the only service that can be configured to relay the router. By default, the ip helper-address command   forwards the following eight UDP services:

  • Port 37: Time
  • Port 49: TACACS
  • Port 53: DNS
  • Port 67: DHCP / BOOTP client
  • Port 68: DHCP / BOOTP server
  • Port 69: TFTP
  • Port 137: NetBIOS Name Service
  • Port 138: NetBIOS datagram service

Configuration of a router as a DHCPv4 client

Occasionally, Cisco routers in small offices and home offices (SOHO) and at branch sites must be configured as DHCPv4 clients similar to client computers. The specific method used depends on the ISP. However, in its simplest configuration, the Ethernet interface is used to connect to a cable modem or a DSL modem. To configure an Ethernet interface as a DHCP client, use the ip address dhcp interface configuration mode command  .

In figure, suppose an ISP was configured to provide IP addresses of the network range 209.165.201.0/27 to select clients. After the G0 / 1 interface is configured with the  ip address dhcp command, the show ip interface g0 / 1 command   confirms that the interface is activated and that the address was assigned by a DHCPv4 server.

SOHO (config) # interface g0 / 1
SOHO (config-if) # ip address dhcp
SOHO (config-if) # no shutdown
SOHO (config-if) #
* Jan 31 17: 31: 11.507:% DHCP-6-ADDRESS_ASSIGN: Interface
GigabitEthernet0 / 1 assigned DHCP address 209.165.201.12, mask
255.255.255.224, hostname SOHO
SOHO (config-if) # end
SOHO # show ip interface g0 / 1
GigabitEthernet0 / 1 is up, line protocol is up
 Internet address is 209.165.201.12/27
 Broadcast address is 255.255.255.255
 Address determined by DHCP

CONFIGURING A WIRELESS ROUTER AS A DHCP CLIENT

Normally, wireless routers for home or small office use are connected to an ISP using a cable modem or DSL. In most cases, wireless routers are configured to receive IPv4 addressing information automatically from the ISP.

For example, the illustration shows the default WAN configuration page for a Packet Tracer wireless router. Note that the type of Internet connection is set to  Automatic Configuration - DHCP  . This selection is used when the router connects to a modem or DSL cable and acts as a DHCP client and requests an IPv4 address from the ISP.

on No comments:
Labels: , , ,

What is DHCP and How It Works

What is DHCP and How It Works

In this post you learn about What is DHCP and How It Works. This article explain Introduction to DHCP, IP address, DHCP operations and DHCP message format.

What is DHCP ?

DHCP assigns IPv4 addresses and other network configuration information dynamically. Since desktop clients often make up a large part of network nodes, DHCP is an extremely useful tool for network administrators and saves a lot of time.
A dedicated DHCP server is scalable and relatively easy to manage. However, in a small branch or SOHO location, a Cisco router can be configured to provide DHCP services without the need for a dedicated server. The Cisco IOS software supports a DHCP server with optional full functions.

The DHCP server dynamically assigns, or leases, an IPv4 address from a set of addresses for a limited period chosen by the server or until the client no longer needs the address.
Clients lease the server information for an administratively defined period. Administrators configure DHCP servers to establish leases, so that they expire at different intervals. The lease typically lasts 24 hours to a week or more . When the lease expires, the client must request another address, although it is usually reassigned.

Introduction to IP Addresses

Every device that connects to a network needs a unique IP address. Network administrators assign static IP addresses to routers, servers, printers and other network devices whose locations (physical and logical) probably do not change. In addition, static addresses enable administrators to administer these devices remotely. Network administrators find it easier to access a device when they can easily determine its IP address.
However, computers and users in an organization often change location, physically and logically. For network administrators, assigning new IP addresses each time an employee changes location can be difficult and time consuming. In addition, for mobile employees working from remote locations, it can be difficult to manually set the correct network parameters. Even for desktop clients, the manual assignment of IP addresses and other addressing information poses an administrative burden, especially as the network grows.
The introduction of a Dynamic Host Configuration Protocol (DHCP) server in the local network simplifies the assignment of IP addresses to both desktop and mobile devices. The use of a centralized DHCP server allows organizations to manage all IP address assignments from a single server. This practice makes IP address management more efficient and ensures consistency throughout the organization, including branches.

DHCP OPERATION

As shown in Image 2, DHCP works in a client / server mode. When a client communicates with a DHCP server, the server assigns or leases an IPv4 address to that client. The client connects to the network with that leased IP address until the lease expires. The client must contact the DHCP server periodically to extend the lease. This leasing mechanism ensures that customers who move or disconnect do not keep the addresses they no longer need. When a lease expires, the DHCP server returns the address to the set, where it can be reassigned as necessary.

ORIGIN OF THE LEASE

When the client starts (or wants to join a network), a four-step process begins to obtain a lease. As shown in Image 3, a client starts the process with a DHCPDISCOVER broadcast message with its own MAC address to detect available DHCP servers.

DHCP DETECTION

The DHCPDISCOVER message finds the DHCP servers in the network. Since the client does not have valid IPv4 information during startup, it uses Layer 2 and Layer 3 broadcast addresses to communicate with the server.

DHCP OFFER 

When the DHCP server receives a DHCPDISCOVER message, it reserves an available IPv4 address to lease to the client. The server also creates an ARP entry that consists of the MAC address of the client making the request and the leased IPv4 address of the client. The DHCP server sends the DHCPOFFER message assigned to the client making the request. The DHCPOFFER message is sent as a unicast, and the server's layer 2 MAC address is used as the source address and the client's layer 2 MAC address as the destination.

DHCP REQUEST (DHCPREQUEST)

When the client receives the DHCPOFFER message from the server, it sends a DHCPREQUEST message, as shown in Image 5. This message is used both for the origin and for the renewal of the lease. When used for the origin of the lease, the DHCPREQUEST message serves as a binding acceptance notification to the selected server for the parameters offered and as an implicit rejection to any other server that could have provided a binding offer to the client.
Many business networks use several DHCPv4 servers. The DHCPREQUEST message is sent in broadcast form to inform this DHCPv4 server and any other DHCPv4 server about the accepted offer.

DHCP ACKNOWLEDGMENT (DHCPACK)

Upon receiving the DHCPREQUEST message, the server verifies the lease information with an ICMP ping to that address to ensure that it is not in use, creates a new ARP entry for the client's lease and responds with a unicast DHCPACK message, as shown in Image 6. The DHCPACK message is a duplicate of the DHCPOFFER message, except for a change in the message type field. When the client receives the DHCPACK message, it records the configuration information and performs an ARP search for the assigned address.

LEASE RENEWAL

In following figure, before the lease expires, the client sends a DHCPREQUEST message directly to the DHCPv4 server that offered the IPv4 address in the first instance. If a DHCPACK message is not received within a specified amount of time, the client transmits another DHCPREQUEST message so that one of the other DHCPv4 servers can extend the lease.

DHCP ACKNOWLEDGMENT (DHCPACK)

Upon receiving the DHCPREQUEST message, the server verifies the lease information by returning a DHCPACK.

DHCP MESSAGE FORMAT

The DHCPv4 message format is used for all DHCPv4 transactions. DHCPv4 messages are encapsulated within the UDP transport protocol. If DHCPv4 messages are sent from the client, they use UDP source port 68 and destination port 67. And if DHCPv4 messages are sent from server to client they use UDP source port 67 and destination port 68.

 DHCPV4 MESSAGE FORMAT FIELDS


  • Operation code (OP):  Specifies the type of general message. The value 1 indicates a request message and the value 2 is a response message.
  • Hardware Type:  Identifies the type of hardware used in the network. For example, 1 is Ethernet, 15 is Frame Relay and 20 is a serial line. These are the same codes that are used in ARP messages.
  • Hardware address length:  Specifies the length of the address.
  • Hops:  controls message forwarding. A customer sets it to 0 before transmitting a request.
  • Transaction identifier:  used by the client to match the request with responses received from DHCPv4 servers.
  • Seconds:  Identify the number of seconds elapsed since a customer began trying to acquire or renew a lease. It is used by DHCPv4 servers to prioritize responses when there are several pending client requests.
  • Indicators:  used by a client who does not know his IPv4 address when sending a request. Only one of the 16 bits is used, which is the diffusion indicator. The value 1 in this field tells the DHCPv4 server or the relay agent that receives the request that the response should be sent as a broadcast.
  • Client IP address:  used by a client during the renewal of the lease when the client's address is valid and usable, not during the process of acquiring an address. The client places its own IPv4 address in this field only if it has a valid IPv4 address while in the linked state. Otherwise, set the field to 0.
  • Your IP address:  used by the server to assign an IPv4 address to the client.
  • Server IP address:  used by the server to identify the address of the server that the client should use for the next step in the bootstrap process, which may or may not be the server that sends this response. The sending server always includes its own IPv4 address in a special field called the DHCPv4 Server Identifier option.
  • Gateway IP address:  routes DHCPv4 messages when DHCPv4 relay agents intervene. The gateway address facilitates communications of DHCPv4 requests and responses between the client and a server that are located on different subnets or networks.
  • Client hardware address: Specifies the client's physical layer.
  • Server Name:  used by the server that sends a DHCPOFFER or DHCPACK message. The server can optionally place its name in this field. It can be a simple text nickname or a DNS domain name, such as dhcpserver.netacad.net.
  • Boot File Name:  An optional client uses it to request a certain type of boot file in a DHCPDISCOVER message. It is used by a server in a DHCPOFFER to fully specify a file directory and a boot file name.
  • DHCP Options:  Contains DHCP options, including several parameters required for basic DHCP operation. This field is of variable length. Both the client and the server can use it.

DISCOVER AND OFFER MESSAGES FROM DHCPV4

If a client is configured to receive its IPv4 configuration dynamically and wishes to join the network, it requests addressing values ​​from the DHCPv4 server. The client transmits a DHCPDISCOVER message on its local network when it starts or detects an active network connection. Since the client has no way of obtaining information about the subnet to which it belongs, the DHCPDISCOVER message is an IPv4 broadcast (destination IPv4 address 255.255.255.255). The client does not yet have an IPv4 address configured, so the source IPv4 address 0.0.0.0 is used.
When the DHCPv4 server receives the DHCPDISCOVER message, it responds with a DHCPOFFER message. This message includes initial configuration information for the client, such as the IPv4 address that the server offers, the subnet mask, the lease duration, and the IPv4 address of the DHCPv4 server that makes the offer.
It is possible to configure the DHCPOFFER message to include other information, such as the lease renewal time and the DNS address.
The DHCP server responds to the DHCPDISCOVER message by assigning values ​​to the CIADDR and the subnet mask. The frame is created by the client hardware address (CHADDR) and sent to the client making the request.
on No comments:
Labels: , ,
Subscribe to: Posts (Atom)