华为三层交换机DHCP中继
网络2年前 (2021-02-07)
在某些局域网中存在多个VLAN子网,因为DHCP客户端通过网络广播消息获得DHCP服务器的响应后得到IP地址,但广播消息是不能跨越子网。因此DHCP客户端和DHCP服务器在不同的子网内需要用到DHCP中继功能才可以获得ip地址,DHCP中继功能承担不同子网间DHCP客户端和服务器的通信功能
拓扑
3层核心划分了4个VLAN,每个2层交换为一个VLAN的接入,DHCP配置在路由器中
VLAN10 192.168.0.0/24
VLAN20 192.168.1.0/24
VLAN30 192.168.2.0/24
VLAN40 192.168.3.0/24
VLAN100管理vlan 3.3.3.0/48
VLAN900为3层和路由互通地址9.9.9.0/30
三层核心配置
vlan batch 10 20 30 40 100 900 # dhcp enable # interface Vlanif10 description mangment-address ip address 192.168.0.254 255.255.255.0 dhcp select relay #开启dhcp中继 dhcp relay server-ip 9.9.9.1 #指定dhcp中继服务器为路由器 # interface Vlanif20 description mangment-address ip address 192.168.1.254 255.255.255.0 dhcp select relay dhcp relay server-ip 9.9.9.1 # interface Vlanif30 description mangment-address ip address 192.168.2.254 255.255.255.0 dhcp select relay dhcp relay server-ip 9.9.9.1 # interface Vlanif40 description mangment-address ip address 192.168.3.254 255.255.255.0 dhcp select relay dhcp relay server-ip 9.9.9.1 # interface Vlanif100 description mangment-address ip address 3.3.3.1 255.255.255.248 # interface Vlanif900 description TO-Route ip address 9.9.9.2 255.255.255.252 # interface GigabitEthernet0/0/1 description TO-Route-Port port link-type access port default vlan 900 # interface GigabitEthernet0/0/3 description TO-SW2 # interface GigabitEthernet0/0/4 description TO-SW3 # interface GigabitEthernet0/0/5 description TO-SW1 port link-type access port default vlan 40 # interface GigabitEthernet0/0/6 port link-type access port default vlan 10 # interface GigabitEthernet0/0/24 port link-type access port default vlan 10 # ip route-static 0.0.0.0 0.0.0.0 9.9.9.1 permanent # port-group 1 group-member GigabitEthernet0/0/3 to group-member GigabitEthernet0/0/4 port link-type trunk port trunk allow-pass vlan 10 20 30 40 100 900 # port-group 2 group-member GigabitEthernet0/0/6 to group-member GigabitEthernet0/0/24 port link-type access port default vlan 10 # return
2层接入配置
vlan batch 10 20 30 40 100 # interface Vlanif100 description mangment-address ip address 3.3.3.2 255.255.255.0 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 20 30 40 100 # port-group 1 group-member GigabitEthernet 0/0/2 to GigabitEthernet 0/0/24 port link-type access port default vlan 20 # ip route-static 0.0.0.0 0.0.0.0 3.3.3.1 ip route-static 3.3.3.0 255.255.255.0 9.9.9.1 # user-interface con 0 user-interface vty 0 4 authentication-mode aaa user privilege level 15 # return
路由器配置
dhcp enable dhcp check dhcp-rate enable dhcp check dhcp-rate 90 # dhcp server ping packet 10 dhcp server ping timeout 100 # acl number 3000 rule 1 permit ip source 192.168.0.0 0.0.0.252 # ip pool vlan10 gateway-list 192.168.0.254 network 192.168.0.0 mask 255.255.255.0 excluded-ip-address 192.168.0.1 dns-list 218.30.19.40 61.134.1.4 # ip pool vlan20 gateway-list 192.168.1.254 network 192.168.1.0 mask 255.255.255.0 excluded-ip-address 192.168.1.1 dns-list 218.30.19.40 61.134.1.4 # ip pool vlan30 gateway-list 192.168.2.254 network 192.168.2.0 mask 255.255.255.0 excluded-ip-address 192.168.2.1 dns-list 218.30.19.40 61.134.1.4 # ip pool vlan40 gateway-list 192.168.3.254 network 192.168.3.0 mask 255.255.255.0 excluded-ip-address 192.168.3.1 dns-list 218.30.19.40 61.134.1.4 # interface GigabitEthernet0/0/0 ip address 9.9.9.1 255.255.255.252 dhcp select global # interface GigabitEthernet0/0/1 ip address 1.1.1.2 255.255.255.252 nat outbound 3000 # ip route-static 0.0.0.0 0.0.0.0 1.1.1.1 ip route-static 9.9.9.0 255.255.255.252 1.1.1.1 ip route-static 192.168.0.0 255.255.252.0 9.9.9.2 # return
ISP路由器
interface GigabitEthernet0/0/0 ip address 1.1.1.1 255.255.255.252 # ip route-static 0.0.0.0 0.0.0.0 1.1.1.2 # return
VLAN10 PC测试
VLAN20 PC测试
VLAN30 PC测试
VLAN40 PC测试
本站所有文章均可随意转载,转载时请保留原文链接及作者。
,想必也是非常愉悦的事!
