Sunteți pe pagina 1din 18

Chapter 7 – Accessing the WAN : IP Addressing Services

The Internet and IP-related technologies have experienced rapid growth. One reason for the growth has
been due in part to the flexibility of the original design. However, that design did not anticipate the
Internet's popularity and the resulting demand for IP addresses. For example, every host and device on
the Internet requires a unique IP version 4 (IPv4) address. Because of the dramatic growth, the number of
available IP addresses is quickly running out.

To cope with the depletion of IP addresses, several short-term solutions were developed. Two short-term
solutions are private addresses and Network Address Translation (NAT).

An inside host typically receives its IP address, subnet mask, default gateway IP address, DNS server IP
address, and other information from a Dynamic Host Configuration Protocol (DHCP) server. Instead of
providing inside hosts with valid Internet IP addresses, the DHCP server usually provides IP addresses
from a private pool of addresses. The problem is that these hosts may still require valid IP addresses to
access Internet resources. This is where NAT comes in.

NAT enables inside network hosts to borrow a legitimate Internet IP address while accessing Internet
resources. When the requested traffic returns, the legitimate IP address is repurposed and available for
the next Internet request by an inside host. Using NAT, network administrators only need one or a few IP
addresses for the router to provide to the hosts, instead of one unique IP address for every client joining
the network. Although it sounds inefficient, the process is actually very efficient, because host traffic
occurs very quickly.

Although private addresses with DHCP and NAT have helped reduce the need for IP addresses, it is
estimated that we will run out of unique IPv4 addresses by 2010. For this reason, in the mid-1990s, the
IETF requested proposals for a new IP addressing scheme. The IP Next Generation (IPng) working group
responded. By 1996, the IETF started releasing a number of RFCs defining IPv6.

The main feature of IPv6 that is driving adoption today is the larger address space: addresses in IPv6 are
128 bits long versus 32 bits in IPv4.

This chapter describes how to implement DHCP, NAT, and IPv6 on enterprise networks.

What is DHCP?

Every device that connects to a network needs an IP address. Network administrators assign static IP
addresses to routers, servers, and other network devices whose locations (physical and logical) are not
likely to change. Administrators enter static IP addresses manually when they configure devices to join
the network. Static addresses also enable administrators to manage those devices remotely.
However, computers in an organization often change
locations, physically and logically. Administrators are
unable to keep up with having to assign new IP
addresses every time an employee moves to a different
office or cubicle. Desktop clients do not require a static
address. Instead, a workstation can use any address
within a range of addresses. This range is typically within
an IP subnet. A workstation within a specific subnet can
be assigned any address within a specified range. Other
items such as the subnet mask, default gateway, and
Domain Name System (DNS) server are assigned a
value which is common either to that subnet or entire
administrated network. For example, all hosts within the
same subnet will receive different host IP addresses, but
will receive the same subnet mask and default gateway
IP address."

Recall from CCNA Exploration: Network Fundamentals


that DHCP makes the process of assigning new IP
addresses almost transparent. DHCP assigns IP
addresses and other important network configuration
information dynamically. Because desktop clients
typically make up the bulk of network nodes, DHCP is an
extremely useful and timesaving tool for network
administrators. RFC 2131 describes DHCP.

Administrators typically prefer a network server to offer DHCP services, because these solutions are
scalable and relatively easy to manage. However, in a small branch or SOHO location, a Cisco router can
be configured to provide DHCP services without the need for an expensive dedicated server. A Cisco IOS
feature set called Easy IP offers an optional, full-featured DHCP server.

DHCP Operation

Providing IP addresses to clients is the most fundamental task performed by a DHCP server. DHCP
includes three different address allocation mechanisms to provide flexibility when assigning IP addresses:

Manual Allocation: The administrator assigns a pre-allocated IP address to the client and DHCP
only communicates the IP address to the device.

Automatic Allocation: DHCP automatically assigns a static IP address permanently to a device,


selecting it from a pool of available addresses. There is no lease and the address is permanently
assigned to a device.

Dynamic Allocation: DHCP automatically dynamically assigns, or leases, an IP address from a


pool of addresses for a limited period of time chosen by the server, or until the client tells the
DHCP server that it no longer needs the address.

This section focuses on dynamic allocation.

DHCP works in a client/server mode and operates like any other client/server relationship. When a PC
connects to a DHCP server, the server assigns or leases an IP address to that PC. The PC connects to
the network with that leased IP address until the lease expires. The host must contact the DHCP server
periodically to extend the lease. This lease mechanism ensures that hosts that move or power off do not
hold onto addresses that they do not need. The DHCP server returns these addresses to the address
pool and reallocates them as necessary.
Click the Discover button in the figure.

When the client boots or otherwise wants to join a network, it completes four steps in obtaining a lease. In
the first step, the client broadcasts a DHCPDISCOVER message. The DHCPDISCOVER message finds
DHCP servers on the network. Because the host has no valid IP information at bootup, it uses L2 and L3
broadcast addresses to communicate with the server.

Click the Offer button in the figure.

When the DHCP server receives a DHCDISCOVER message, it finds an available IP address to lease,
creates an ARP entry consisting of the MAC address of the requesting host and the leased IP address,
and transmits a binding offer with a DHCPOFFER message. The DHCPOFFER message is sent as a
unicast, using the L2 MAC address of the server as the source address and the L2 address of the client
as the destination.

Note: Under certain circumstances, the DHCP message exchange from the server may be broadcasted
and not unicasted.

Click the Request button in the figure.

When the client receives the DHCPOFFER from the server, it sends back a DHCPREQUEST message.
This message has two purposes: lease origination and lease renewal and verification. When used for
lease origination, the DHCPREQUEST of the client is requesting that the IP information be verified just
after it has been assigned. The message provides error checking to ensure that the assignment is still
valid. The DHCPREQUEST also serves as a binding acceptance notice to the selected server and an
implicit decline to any other servers that may have provided the host a binding offer.

Many enterprise networks use multiple DHCP servers. The DHCPREQUEST message is sent in the form
of a broadcast to inform this DHCP server and any other DHCP servers about the accepted offer.

Click the Acknowledge button in the figure.

On receiving the DHCPREQUEST message, the server verifies the lease information, creates a new ARP
entry for the client lease, and replies with a unicast DHCPACK message. The DHCPACK message is a
duplicate of the DHCPOFFER, except for a change in the message type field. When the client receives
the DHCPACK message, it logs the configuration information and performs an ARP lookup for the
assigned address. If it does not receive a reply, it knows that the IP address is valid and starts using it as
its own.
Clients lease the information from the server for an administratively defined period. Administrators
configure DHCP servers to set the leases to time out at different intervals. Most ISPs and large networks
use default lease durations of up to three days. When the lease expires, the client must ask for another
address, although the client is typically reassigned the same address.

The DHCPREQUEST message also addresses the dynamic DHCP process. The IP information sent in
the DHCPOFFER might have been offered to another client during the dynamic allocation. Each DHCP
server creates pools of IP addresses and associated parameters. Pools are dedicated to individual,
logical IP subnets. The pools allow multiple DHCP servers to respond and IP clients to be mobile. If
multiple servers respond, a client can choose only one of the offers.

BOOTP and DHCP

The Bootstrap Protocol (BOOTP), defined in RFC 951, is the predecessor of DHCP and shares some
operational characteristics. BOOTP is a way to download address and boot configurations for diskless
workstations. A diskless workstation does not have a hard drive or an operating system. For example,
many automated cash register systems at your local super market are examples of diskless workstations.
Both DHCP and BOOTP are client/server based and use UDP ports 67 and 68. Those ports are still
known as BOOTP ports.

DHCP and BOOTP have two components, as shown in the figure. The server is a host with a static IP
address that allocates, distributes, and manages IP and configuration data assignments. Each allocation
(IP and configuration data) is stored on the server in a data set called a binding. The client is any device
using DHCP as a method for obtaining IP addressing or supporting configuration information.

To understand the functional differences between BOOTP and DHCP, consider the four basic IP
parameters needed to join a network:

IP address
Gateway address
Subnet mask
DNS server address

There are three primary differences between DHCP and BOOTP:

* The main difference is that BOOTP was designed for manual pre-configuration of the host
information in a server database, while DHCP allows for dynamic allocation of network addresses
and configurations to newly attached hosts. When a BOOTP client requests an IP address, the
BOOTP server searches a predefined table for an entry that matches the MAC address for the
client. If an entry exists, the corresponding IP address for that entry is returned to the client. This
means that the binding between the MAC address and the IP address must have already been
configured in the BOOTP server.

* DHCP allows for recovery and reallocation of network addresses through a leasing mechanism.
Specifically, DHCP defines mechanisms through which clients can be assigned an IP address for
a finite lease period. This lease period allows for reassignment of the IP address to another client
later, or for the client to get another assignment if the client moves to another subnet. Clients may
also renew leases and keep the same IP address. BOOTP does not use leases. Its clients have
reserved IP address which cannot be assigned to any other host.

* BOOTP provides a limited amount of information to a host. DHCP provides additional IP


configuration parameters, such as WINS and domain name.

DHCP Message Format

The developers of DHCP needed to maintain compatibility with BOOTP and consequently used the same
BOOTP message format. However, because DHCP has more functionality than BOOTP, the DHCP
options field was added. When communicating with older BOOTP clients, the DHCP options field is
ignored.

The figure shows the format of a DHCP message. The fields are as follows:

Operation Code (OP) - Specifies the general type of message. A value of 1 indicates a request
message; a value of 2 is a reply message.

Hardware Type - Identifies the type of hardware used in the network. For example, 1 is Ethernet,
15 is Frame Relay, and 20 is a serial line. These are the same codes used in ARP messages.

Hardware Address length - 8 bits to specify the length of the address.

Hops - Set to 0 by a client before transmitting a request and used by relay agents to control the
forwarding of DHCP messages.

Transaction Identifier - 32-bit identification generated by the client to allow it to match up the
request with replies received from DHCP servers.

Seconds - Number of seconds elapsed since a client began attempting to acquire or renew a
lease. Busy DHCP servers use this number to prioritize replies when multiple client requests are
outstanding.

Flags - Only one of the 16 bits is used, which is the broadcast flag. A client that does not know its
IP address when it sends a request, sets the flag to 1. This value tells the DHCP server or relay
agent receiving the request that it should send the reply back as a broadcast.

Client IP Address - The client puts its own IP address in this field if and only if it has a valid IP
address while in the bound state; otherwise, it sets the field to 0. The client can only use this field
when its address is actually valid and usable, not during the process of acquiring an address.

Your IP Address - IP address that the server assigns to the client.

Server IP Address - Address of the server that the client should use for the next step in the
bootstrap process, which may or may not be the server sending this reply. The sending server
always includes its own IP address in a special field called the Server Identifier DHCP option.
Gateway IP Address - Routes DHCP messages when DHCP relay agents are involved. The
gateway address facilitates communications of DHCP requests and replies between the client
and a server that are on different subnets or networks.
Client Hardware Address - Specifies the Physical layer of the client.

Server Name - The server sending a DHCPOFFER or DHCPACK message may optionally put its
name in this field. This can be a simple text nickname or a DNS domain name, such as
dhcpserver.netacad.net.

Boot Filename - Optionally used by a client to request a particular type of boot file in a
DHCPDISCOVER message. Used by a server in a DHCPOFFER to fully specify a boot file
directory and filename.

Options - Holds DHCP options, including several parameters required for basic DHCP operation.
This field is variable in length. Both client and server may use this field.

DHCP Discovery and Offer Methods

These figures provide some detail of the packet content of the DHCP discover and offer messages.

When a client wants to join the network, it requests addressing values from the network DHCP server. If a
client is configured to receive its IP settings dynamically, it transmits a DHCPDISCOVER message on its
local physical subnet when it boots or senses an active network connection. Because the client has no
way of knowing the subnet to which it belongs, the DHCPDISCOVER is an IP broadcast (destination IP
address of 255.255.255.255). The client does not have a configured IP address, so the source IP address
of 0.0.0.0 is used. As you see in the figure, the client IP address (CIADDR), default gateway address
(GIADDR), and subnetwork mask are all marked with question marks.
The DHCP server manages the allocation of the IP addresses and answers configuration requests from
clients.

When the DHCP server receives the DHCPDISCOVER message, it responds with a DHCPOFFER
message. This message contains initial configuration information for the client, including the MAC
address of the client, followed by the IP address that the server is offering, the subnet mask, the lease
duration, and the IP address of the DHCP server making the offer. The subnet mask and default gateway
are specified in the options field, subnet mask, and router options, respectively. The DHCPOFFER
message can be configured to include other information, such as the lease renewal time, domain name
server, and NetBIOS Name Service (Microsoft Windows Internet Name Service [Microsoft WINS]).

The server determines the configuration, based on the hardware address of the client as specified in the
CHADDR field.

As shown in the diagram, the DHCP server has responded to the DHCPDISCOVER by assigning values
to the CIADDR and subnetwork mask.

Administrators set up DHCP servers to assign addresses from predefined pools. Most DHCP servers also
allow the administrator to define specifically which client MAC addresses can be serviced and
automatically assign them the same IP address each time.

DHCP uses User Datagram Protocol (UDP) as its transport protocol. The client sends messages to the
server on port 67. The server sends messages to the client on port 68.

The client and server acknowledge messages, and the process is complete. The client sets the CIADDR
only when a host is in a bound state, which means that the client has confirmed and is using the IP
address.

Configuring a DHCP Server

Cisco routers running Cisco IOS software provide full support for a router to act as a DHCP server. The
Cisco IOS DHCP server assigns and manages IP addresses from specified address pools within the
router to DHCP clients.

The steps to configure a router as a DHCP server are as follows:


Step 1. Define a range of addresses that DHCP is not to allocate. These are usually static addresses
reserved for the router interface, switch management IP address, servers, and local network printers.

Configuring DHCP Step 1: Excluding IP Addresses

R1(config)#ip dhcp excluded-address low-address [high-address]

R1(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.9


R1(config)#ip dhcp excluded-address 192.168.10.254

Step 2. Create the DHCP pool using the ip dhcp pool command.

Configuring DHCP Step 2: Configuring a DHCP Pool

R1(config)#ip dhcp pool pool-name

R1(config)#ip dhcp pool POOL-NAME-1


R1(dhcp-config)#

Step 3. Configure the specifics of the pool.

Configuring DHCP Step 3: Specific Tasks

You should specify the IP addresses that the DHCP server should not assign to clients. Typically, some
IP addresses belong to static network devices, such as servers or printers. DHCP should not assign these
IP addresses to other devices. A best practice is to configure excluded addresses in global configuration
mode before creating the DHCP pool. This ensures that DHCP does not assign reserved addresses
accidentally. To exclude specific addresses, use the ip dhcp excluded-address command.

Configuring a DHCP server involves defining a pool of addresses to assign. The ip dhcp pool
command creates a pool with the specified name and puts the router in DHCP configuration mode, which
is identified by the Router(dhcp-config)# prompt.

Click the DHCP Tasks button in the figure.

This figure lists the tasks to complete the DHCP pool configuration. Some of these are optional, while
others must be configured.

You must configure the available addresses and specify the subnet network number and mask of the
DHCP address pool. Use the network statement to define the range of available addresses.
You should also define the default gateway or router for the clients to use with the default-router
command. Typically, the gateway is the LAN interface of the router. One address is required, but you can
list up to eight addresses.

The next DHCP pool commands are considered optional. For example, you can configure the IP address
of the DNS server that is available to a DHCP client using the dns-server command. When configured,
one address is required, but up to eight addresses can be listed.

Other parameters include configuring the duration of the DHCP lease. The default setting is one day, but
you can change this by using the lease command. You can also configure a NetBIOS WINS server that is
available to a Microsoft DHCP client. Usually, this would be configured in an environment that supports
pre-Windows 2000 clients. Because most installations now have clients with newer Windows operating
system, this parameter is usually not required.

DHCP Example!

R1(config)#ip dhcp excluded-address 192.168.10.1 192.168.10.9


R1(config)#ip dhcp excluded-address 192.168.10.254
R1(config)#ip dhcp pool LAN-POOL-1
R1(dhcp-config)#network 192.168.10.0 255.255.255.0
R1(dhcp-config)#default-router 192.168.10.1
R1(dhcp-config)#domain-name span.com
R1(dhcp-config)#end

This figure displays a sample configuration with basic DHCP parameters configured on router R1.

Disabling DHCP

The DHCP service is enabled by default on versions of Cisco IOS software that support it. To disable the
service, use the no service dhcp command. Use the service dhcp global configuration command
to re-enable the DHCP server process. Enabling the service has no effect if the parameters are not
configured.

Verifying DHCP

To illustrate how a Cisco router can be configured to provide DHCP services, refer to the figure. PC1 has
not been powered up and therefore does not have an IP address.

Router R1 has been configured with the following commands:

ip dhcp excluded-address 192.168.10.1 192.168.10.9


ip dhcp excluded-address 192.168.10.254
ip dhcp pool LAN-POOL-1
network 192.168.10.0 255.255.255.0
default-router 192.168.10.1
domain-name span.com

To verify the operation of DHCP, use the show ip dhcp binding command. This command displays a
list of all IP address to MAC address bindings that have been provided by the DHCP service.

To verify that messages are being received or sent by the router, use the show ip dhcp server
statistics command. This command displays count information regarding the number of DHCP
messages that have been sent and received.

Click the DHCP-1


As you can see in the figure, currently there are no bindings or statistics being displayed.

Now, assume that PC1 has been powered and completed its booting process.

DHCP-2
Notice that the binding information now displays that the IP address of 192.168.10.10 has been bound to
a MAC address. The statistics are also displaying DHCPDISCOVER, DHCPREQUEST, DHCPOFFER,
and DHCPACK activity.
DHCP Client

The ipconfig /all command displays the TCP/IP configured parameters on PC1. Because PC1 was
connected to the network segment 192.168.10.0 /24, it automatically received an IP address, DNS suffix,
and default gateway from that pool. There is no DHCP interface configuration required. If a PC is
connected to a network segment that has a DHCP pool available, it can obtain an IP address
automatically.

So how does PC2 receive an IP address? Router R1 would have to be configured to provide a
192.168.11.0 /24 DHCP pool as follows:

ip dhcp excluded-address 192.168.11.1 192.168.11.9


ip dhcp excluded-address 192.168.11.254
ip dhcp pool LAN-POOL-2
network 192.168.11.0 255.255.255.0
default-router 192.168.11.1
domain-name span.com

When PC2 has completed its booting process, it is provided with an IP address for the network segment
to which it is connected.

Verifying DHCP-3
Notice that the DHCP bindings now indicate that two hosts have been provided with IP addresses. The
DHCP statistics are also reflecting the exchange of DHCP messages.

Another useful command to view multiple pools is the show ip dhcp pool command.

This command summarizes the DHCP pool information.

DHCP Sample Topology


Configuring a DHCP Client

Typically, small broadband routers for home use, such as Linksys routers, can be configured to connect
to an ISP using a DSL or cable modem. In most cases, small home routers are set to acquire an IP
address automatically from their ISPs. For example, the figure shows the default WAN setup page for a
Linksys WRVS4400N router. Notice that the Internet connection type is set to Automatic Configuration -
DHCP. This means that when the router is connected to a cable modem, for example, it is a DHCP client
and requests an IP address from the ISP.

Sometimes, Cisco routers in SOHO and branch sites have to be configured in a similar manner. The
method used depends on the ISP. However, in its simplest configuration, the Ethernet interface is used to
connect to a cable modem. To configure an Ethernet interface as a DHCP client, the ip address dhcp
command must be configured.

In the figure, assume that an ISP has been configured to provide select customers with IP addresses from
the 209.165.201.0 / 27 range. The output confirms the assigned address.
What is DHCP Relay?

In a complex hierarchical network, enterprise servers are usually contained in a server farm. These
servers may provide DHCP, DNS, TFTP, and FTP services for the clients. The problem is that the
network clients typically are not on the same subnet as those servers. Therefore, the clients must locate
the servers to receive services and often these services are located using broadcast messages.

In the figure, PC1 is attempting to acquire an IP address from the DHCP server located at 192.168.11.5.
In this scenario router R1 is not configured as a DHCP server.

Click the Host Problem button in the figure.

In the figure, PC1 is attempting to renew its IP address. To do so, the ipconfig /release command is
issued. Notice that the IP address is released and the current address is now 0.0.0.0. Next, the ipconfig
/renew command is issued. This initiates the host to broadcast a DHCPDISCOVER message. However,
PC1 is unable to locate the DHCP server. What happens when the server and the client are separated by
a router and therefore are not on the same network segment? Remember, routers do not forward
broadcasts.

Note: Certain Windows clients have a feature called Automatic Private IP Addressing (APIPA). With this
feature, a Windows computer can automatically assign itself an IP address in the 169.254.x.x range in the
event that a DHCP server is not available or does not exist on the network.

To make matters worse, DHCP is not the only critical service that uses broadcasts. For example, Cisco
routers and other devices may use broadcasts to locate TFTP servers or to locate an authentication
server such as a TACACS server.

As a solution to this problem, an administrator could add DHCP servers on all the subnets. However,
running these services on several computers creates both cost and administrative overhead.

A simpler solution is to configure the Cisco IOS helper address feature on intervening routers and
switches. This solution enables routers to forward DHCP broadcasts to the DHCP servers. When a router
forwards address assignment/parameter requests, it is acting as a DHCP relay agent.

For example, PC1 would broadcast a request to locate a DHCP server. If router R1 were configured as a
DHCP relay agent, it would intercept this request and forward it to the DHCP server located on subnet
192.168.11.0.

To configure router R1 as a DHCP relay agent, you need to configure the nearest interface to the client
with the ip helper-address interface configuration command. This command relays broadcast requests for
key services to a configured address. Configure the IP helper address on the interface receiving the
broadcast.

Click the Relay Config button in the figure.

Router R1 is now configured as a DHCP relay agent. It accepts broadcast requests for the DHCP service
and then forwards them as a unicast to the IP address 192.168.11.5.

Click the Host Renew button in the figure.

As you can see, PC1 is now able to acquire an IP address from the DHCP server.
DHCP is not the only service that the router can be configured to relay. By default, the ip helper-address
command forwards the following eight UDP services:

Port 37: Time


Port 49: TACACS
Port 53: DNS
Port 67: DHCP/BOOTP server
Port 68: DHCP/BOOTP client
Port 69: TFTP
Port 137: NetBIOS name service
Port 138: NetBIOS datagram service

To specify additional ports, use the ip forward-protocol command to specify exactly which types of
broadcast packets to forward.

7.1.7 Configuring a DHCP Server Using SDM

Cisco routers can also be configured as a DHCP server using SDM. In this example, router R1 will be
configured as the DHCP server on the Fa0/0 and Fa0/1interfaces.

Click the DHCP Tasks button in the figure.

The DHCP server function is enabled under Additional Tasks in the Configure tab. From the list of tasks,
click on the DHCP folder and then select DHCP Pools to add a new pool. Click Add to create the new
DHCP pool.

Click the Add Pool button in the figure.

The Add DHCP Pool window contains the options you need to configure the DHCP IP address pool. The
IP addresses that the DHCP server assigns are drawn from a common pool. To configure the pool,
specify the starting and ending IP addresses of the range.

Cisco SDM configures the router to automatically exclude the LAN interface IP address in the pool. You
must not use the network or subnetwork IP address or broadcast address on the network in the range of
addresses that you specify.

If you need to exclude other IP addresses in the range, you can do so by adjusting the starting and
ending IP addresses. For instance, if you needed to exclude IP addresses 192.168.10.1 through
192.168.10.9, you would set the Starting IP address to 192.168.10.10. This allows the router to begin
address assignment with 192.168.10.10.

The other options that are available are:

DNS Server1 and DNS Server2 - The DNS server is typically a server that maps a known device name
with its IP address. If you have a DNS server configured for your network, enter the IP address for the
server here. If there is an additional DNS server on the network, you can enter the IP address for that
server in this field.
WINS Server1 and WINS Server2 - Recall that WINS configuration is typically in environments that
support pre-Windows 2000 clients.
Import All DHCP Options into the DHCP Server Database - Allows the DHCP options to be imported from
a higher level server, and is typically used in conjunction with an Internet DHCP server. This option allows
you to pull higher level information without having to configure it in for this pool.
Click the DHCP Pools button in the figure.

This screen provides you with a summary of the pools configured on your router. In this example, there
have been two pools configured, one for each of the Fast Ethernet interfaces on the R1 router.
7.1.8Troubleshooting DHCP Configuration

DHCP problems can arise for a multitude of reasons, such as software defects in operating systems, NIC
drivers, or DHCP/BOOTP relay agents, but the most common are configuration issues. Because of the
number of potentially problematic areas, a systematic approach to troubleshooting is required.

Troubleshooting Task 1: Resolve IP Address Conflicts

An IP address lease can expire on a client still connected to a network. If the client does not renew the
lease, the DHCP server can reassign that IP address to another client. When the client reboots, it
requests an IP address. If the DHCP server does not respond quickly, the client uses the last IP address.
The situation then arises that two clients are using the same IP address, creating a conflict.

The show ip dhcp conflict command displays all address conflicts recorded by the DHCP server. The
server uses the ping command to detect conflicts. The client uses Address Resolution Protocol (ARP) to
detect clients. If an address conflict is detected, the address is removed from the pool and not assigned
until an administrator resolves the conflict.

This example displays the detection method and detection time for all IP addresses that the DHCP server
has offered that have conflicts with other devices.

R2# show ip dhcp conflict

IP address Detection Method Detection time

192.168.1.32 Ping Feb 16 2007 12:28 PM

192.168.1.64 Gratuitous ARP Feb 23 2007 08:12 AM

Troubleshooting Task 2: Verify Physical Connectivity

First, use the show interfaceinterface command to confirm that the router interface acting as the default
gateway for the client is operational. If the state of the interface is anything other than up, the port does
not pass traffic, including DHCP client requests.

Troubleshooting Task 3: Test Network Connectivity by Configuring a Client Workstation with a Static IP
Address

When troubleshooting any DHCP issue, verify network connectivity by configuring a static IP address on a
client workstation. If the workstation is unable to reach network resources with a statically configured IP
address, the root cause of the problem is not DHCP. At this point, network connectivity troubleshooting is
required.

Troubleshooting Task 4: Verify Switch Port Configuration (STP Portfast and Other Commands)

If the DHCP client is unable to obtain an IP address from the DHCP server on startup, attempt to obtain
an IP address from the DHCP server by manually forcing the client to send a DHCP request.

If there is a switch between the client and the DHCP server, verify that the port has STP PortFast enabled
and trunking/channeling disabled. The default configuration is PortFast disabled and trunking/channeling
auto, if applicable. These configuration changes resolve the most common DHCP client issues that occur
with an initial installation of a Catalyst switch. A review of CCNA Exploration: LAN Switching and Wireless
assists in solving this issue.

Troubleshooting Task 5: Distinguishing Whether DHCP Clients Obtain IP Address on the Same Subnet or
VLAN as DHCP Server

It is important to distinguish whether DHCP is functioning correctly when the client is on the same subnet
or VLAN as the DHCP server. If the DHCP is working correctly, the problem may be the DHCP/BOOTP
relay agent. If the problem persists even with testing DHCP on the same subnet or VLAN as the DHCP
server, the problem may actually be with the DHCP server.

Verify Router DHCP/BOOTP Relay Configuration

When the DHCP server is located on a separate LAN from the client, the router interface facing the client
must be configured to relay DHCP requests. This is accomplished by configuring the IP helper address. If
the IP helper address is not configured properly, client DHCP requests are not forwarded to the DHCP
server.

Follow these steps to verify the router configuration:

Step 1. Verify that the ip helper-address command is configured on the correct interface. It must be
present on the inbound interface of the LAN containing the DHCP client workstations and must be
directed to the correct DHCP server. In the figure, the output of the show running-config command verifies
that the DHCP relay IP address is referencing the DHCP server address at 192.168.11.5.

Step 2. Verify that the global configuration command no service dhcp has not been configured. This
command disables all DHCP server and relay functionality on the router. The command service dhcp
does not appear in the configuration, because it is the default configuration.

Verify that the Router Is Receiving DHCP Requests Using debug Commands.

On routers configured as DHCP servers, the DHCP process fails if the router is not receiving requests
from the client. As a troubleshooting task, verify that the router is receiving the DHCP request from the
client. This troubleshooting step involves configuring an access control list for debugging output. The
debug access control list is not intrusive to the router.

In global configuration mode, create the following access control list:

access-list 100 permit ip host 0.0.0.0 host 255.255.255.255

Start debugging by using ACL 100 as the defining parameter. In exec mode, enter the following debug
command:

debug ip packet detail 100

The output in the figure shows that the router is receiving the DHCP requests from the client. The source
IP address is 0.0.0.0 because the client does not yet have an IP address. The destination is
255.255.255.255 because the DHCP discovery message from the client is a broadcast. The UDP source
and destination ports, 68 and 67, are the typical ports used for DHCP.

This output only shows a summary of the packet and not the packet itself. Therefore, it is not possible to
determine if the packet is correct. Nevertheless, the router did receive a broadcast packet with the source
and destination IP and UDP ports that are correct for DHCP.

Verify that the Router Is Receiving and Forwarding DHCP Request Using debug ip dhcp server packet
Command
A useful command for troubleshooting DHCP operation is the debug ip dhcp server events command.
This command reports server events, like address assignments and database updates. It is also used for
decoding DHCP receptions and transmissions.

DHCP assigns IP addresses and other important network configuration information dynamically. Cisco
routers can use the Cisco IOS feature set, Easy IP, as an optional, full-featured DHCP server. Easy IP
leases configurations for 24 hours by default. In this activity, you will configure DHCP services on two
routers and test your configuration.

S-ar putea să vă placă și