Router Installation and Configuration Manual/Configuring DHCP Services

From ImageStream Router Documentation

(Difference between revisions)
Jump to: navigation, search
Line 176: Line 176:
  end
  end
-
==Troubleshooting==
+
===Troubleshooting===
:Configuration errors will be displayed in the router's event log (syslog). Enable event logging to obtain troubleshooting information from the router. For more detailed information a "ip dhcp debug" command can be used to enable detailed transaction logging for each client. This information will be logged to the router's event log.  
:Configuration errors will be displayed in the router's event log (syslog). Enable event logging to obtain troubleshooting information from the router. For more detailed information a "ip dhcp debug" command can be used to enable detailed transaction logging for each client. This information will be logged to the router's event log.  
-
===tcpdump===
+
====tcpdump====
:Advanced users can use the following command from the command prompt to view all DHCP traffic on all interfaces:  
:Advanced users can use the following command from the command prompt to view all DHCP traffic on all interfaces:  

Revision as of 21:20, 29 July 2007

Contents

Introduction

This chapter describes how to configure the ImageStream router to act as a DHCP client or a DHCP relay by using SAND's dhcp commands in the main WAN interface configuration file.
This chapter covers the following topics:
  • Network interface as a DHCP client
  • DHCP relay services
  • Router as a DHCP server
Before configuring DHCP services, you must first configure your WAN interfaces and make the appropriate cabling connection for your needs. Refer to the hardware installation guide for your ImageStream product for information on making the WAN connection. See Chapter 7, Router Installation and Configuration Manual/Configuring a Synchronous Serial WAN Interface the Command Reference for more detailed command descriptions and instructions.
After logging in, the main menu is displayed (your menu may look slightly different):
ISis-Router main menu 
1. Configuration menu 
2. Show interface status 
3. Advanced 
4. Router software management 
5. Backup/Restore 
6. halt/reboot 
0. Log off 
Select the menu option 1, Configuration menu, and press Enter to configure the router. The next menu should appear (your menu may look slightly different):
Configuration menu 
1. AAA (Password) Configuration 
2. Global configuration 
3. Network interface configuration 
4. Firewall and QOS configuration 
5. Service configuration 
6. Dynamic routing configuration 
7. Save configuration to flash 
0. ISis-Router main menu 
From the "Configuration menu", select menu option 6, Network interface configuration, and press Enter. This will open the ImageStream router's primary configuration file, the wan.conf in the default editor. The wan.conf file is also accessible from the command line in the /usr/local/sand directory.

Configuring an Interface as a DHCP Client

Some routers, especially those connected to broadband Internet connections via an Ethernet port, may obtain an IP address from a DHCP server. To change the IP address and netmask of the interface to a dynamically assigned address, modify the ip address command to instruct the router to act as a DHCP client on this interface. The syntax of this DHCP client command is:
ip address dhcp [ client-id   { your-client-id }] 	[ client-name 	{ your-client-name }] 
The client-id and client-name commands are optional. If your DHCP server, or your broadband provider, require a client ID or name, specify either one or both of these optional parameters as necessary.
Using the default configuration below, we set the Ethernet0 IP address to be a dynamic IP address. When the router boots, or when the SAND service is reloaded, the router will make a DHCP request on the Ethernet0 device and wait for a response from the DHCP server. The DHCP client will accept an IP address, netmask, default gateway IP, DNS server addresses, and domain name if supplied by the DHCP server.
! 
 interface Ethernet0 
 description Dynamic IP connection duplex auto 
 speed auto 
 ip address dhcp
! 
The example above uses the device Ethernet0, but the ip address dhcp command is valid on any network interface, including Serial, Tunnel, Bonder, frame relay subinterfaces, ATM subinterfaces and hardware multiplexing subinterfaces.

Configuring DHCP Relay Services

Networks that serve IP addresses from a single, centrally located DHCP server must have devices that relay DHCP address broadcast requests to the central DHCP server. Since DHCP/boot broadcasts cannot travel over unicast networks natively, ImageStream routers support DHCP relaying. The DHCP relaying client embedded in ImageStream’s Enterprise Linux reformulates the DHCP broadcast request into a special unicast packet and relays this request to a specified DHCP server. The DHCP server replies with a special unicast packet with a DHCP address assignment. The router accepts this packet, recreates the regular DHCP address reply broadcast and relays it to the network where the original request was made.


o enable DHCP relaying on one or more interfaces, add the ip helper-address command to the global configuration section of the router’s main configuration file (wan.conf). The global configuration section normally appears at the bottom of the file after all interface declarations. The placement of the ip helper-address commands in the global section is done by convention for ease of configuration management. The actual placement of the command in the file is not important to the operation of the command.

T
syntax of this DHCP relay command is: 
'

ip helper-address { DH{P server IP address } server-device { in{erface connected to DHCP server } [ [interfaces <int<rface list> ] [ [agent-id { ag{nt-id }]

T
interfaces and agent-id commands are optional.  The interfaces command allows you to limit DHCP relaying to a specific list of interfaces.  If your DHCP server requires an agent ID to identify the requesting network, specify the agent-id optional parameter. 
I

the configuration below, we will use the ip helper-address command to relay DHCP requests from all interfaces to a DHCP server connected on Ethernet0 at the IP address 192.168.100.7:

!
 i

terface Ethernet0

 d

scription LAN segment #1

 d

plex auto

 s

eed auto

 i
address 192.168.100.1 255.255.255.0
!

in erface Ethernet1

 d

scription LAN segment #2

 i
address 192.168.10.1 255.255.255.0
!

in erface Ethernet2

 d

scription LAN segment #3

 i
address 192.168.1.1 255.255.255.0
!

in erface Ethernet3

 d

scription LAN segment - Dallas bridge

 b

idge-group 1

 b

idge-group 1 spanning-disabled

!

in erface Serial0

 #

OC phone: 800-555-1212 - Our account #58935 interface Serial0

 d

scription Connection to New York encapsulation hdlc

 b

ndwidth 1536000

 i
address 25.0.0.1 255.255.255.252 
! 
in

erface Serial1

de

cription Connection to Mexico City encapsulation ppp

ba

dwidth 1536000

ip

address 25.0.0.5 255.255.255.252

!

in erface Serial2

 d

scription Connection to Dallas office encapsulation hdlc

 b

idge-group 1

 b

idge-group 1 spanning-disabled

!

in erface bvi1

 i
address 30.0.0.1 255.255.255.0
!

ip helper-address 30.0.0.7 server-device bvi1

I

the example above, any DHCP requests received on Ethernet1, Ethernet2, Serial0 or bvi1 will be relayed to the DHCP server at 30.0.0.7, using the device bvi1.

U

ng regular expressions, it is possible to restrict DHCP relaying to only selected interfaces. The regular expression must be comma-delimited with no whitespace, and may use wildcards (‘*’). Using the same WAN configuration, the ip helper-address command below limits DHCP relaying to Ethernet devices only. Serial0 is excluded in this example:

ip 

lper-address 192.168.100.7 server-device bvi1 interfaces Ethernet*,Serial0

===Con

ing the Router as a DHCP Server

====Bas

nfiguration

In thi
example, we are going to assume the following: 
  • The

outer has an Ethernet IP address of 192.168.0.1 with a netmask of 255.255.255.0 .

  • The

outer will assign IP addresses from 192.168.0.20 through 192.168.0.254 (exclude addresses .1 through .19).

  • The

P address lease time will be 12 hours.

  • The

lients will use 192.168.0.1 as the default gateway (default router).

  • The

lients will use 192.168.0.10 and 192.168.0.11 as DNS servers.

  • The

lients will use imagestream.com as their domain name.

  • The

P addresses used in this Technical Note are examples only. You will need to use an IP network given to you by your Internet Service Provider.

!
ve

io

2.00
!
int

rf ce Ethernet0

 ip ad

ress 192.168.0.1 255.255.255.0

!
ip 

hc

pool 0
 netwo

k 192.168.0.0 255.255.255.0

 ip dh

p excluded-address 192.168.0.1 192.168.0.19

 domai

-name imagestream.com

 dns-s

rver 192.168.0.10 192.168.0.11

 defau

t-router 192.168.0.1

 lease

12 hours

! 
en


= ==Ad

Configuration

In thi
example, we are going to assume the following: 
  • The

outer has an Ethernet IP address of 192.168.0.1 with a netmask of 255.255.255.0 .

  • The

outer will assign IP addresses from 192.168.0.20 through 192.168.0.254 (exclude addresses .1 through .19).

  • The

P address lease time will be 10 minutes.

  • The

lients will use 192.168.0.1 as the default gateway (default router).

  • The

lients will use 192.168.0.10 and 192.168.0.11 as DNS servers.

  • The

lients will use imagestream.com as their domain name.

  • The

lients will use 192.168.0.12 as their NetBIOS server.

  • A cl

ent with the MAC address 00:30:64:02:AF:CC will be assigned 192.168.0.35.

  • A cl

ent with the MAC address 00:30:61:12:00:09 will be assigned 192.168.0.36.

The I

addresses used in this Technical Note are examples only. You will need to use an IP network given to you by your Internet Service Provider.

!
ve

io

2.00
!
int

rf ce Ethernet0

 ip ad

ress 192.168.0.1 255.255.255.0

!
ip 

hc

pool 0
 netwo

k 192.168.0.0 255.255.255.0

 ip dh

p excluded-address 192.168.0.1 192.168.0.19

 domai

-name imagestream.com

 dns-s

rver 192.168.0.10 192.168.0.11

 defau

t-router 192.168.0.1

 lease

10 minutes

 netbi

s-name-server 192.168.0.12

 netbi

s-node-type h-node

 host 

92.168.0.35 hardware-address 00:30:64:02:AF:CC

 host 

92.168.0.36 hardware-address 00:30:61:12:00:09

! 
en


= =Tro

hooting

Config

ration errors will be displayed in the router's event log (syslog). Enable event logging to obtain troubleshooting information from the router. For more detailed information a "ip dhcp debug" command can be used to enable detailed transaction logging for each client. This information will be logged to the router's event log.

====tc

=

Advanc

d users can use the following command from the command prompt to view all DHCP traffic on all interfaces:

<geStream:/usr/local/sand# tcpdump -n -s0 -v -e -i Ethernet0 port 67 or port 68 <Comman

description:

tcpdum
Program used to capture and display packets
 -n: D

n't resolve IP addresses to DNS names

 -s0: 

apture the entire packet - provides more information when used with -v

 -v: V

rbose - provide as much information as possible

 -e: D

splay the ethernet MAC addresses

 -i Et

ernet0: Capture on the Ethernet0 interface.

 port 

7 or port 68: Capture only packets on the DHCP ports

Sample

utput:

tcpdum
listening on Ethernet0
  23:0
14.706036 0:90:fb:9:20:4f ff:ff:ff:ff:ff:ff 0800 590: 0.0.0.0.68 >
  255.

55.255.255.67: [udp sum[ok] xid:0xb01cc42b vend-rfc1048

  DHCP

DISCOVER CID:[ether]0[:90:fb:09:20:4f VC:"udhcp 0.9.9-pre2"

  PR:S

+DG+NS+HN+DN+BR+YD+YS+NTP (ttl 64, id 0, len 576)

  23

0

15.000739 0:e:c:a9:f8:cb 0:90:fb:9:20:4f 0800 342: 192.168.0.1.67 >
  192.

68.0.254.68: [udp sum[ok] xid:0xb01cc42b Y:192.168.0.254 vend-rfc1048

  DHCP

OFFER SID:192.168.0.1 LT:43200 SM:255.255.255.0 DG:192.168.0.1

  NS:1

2.168.0.10,192.168.0.11 DN:"imagestream.com" [tos 0x1[] (ttl 16, id 0,

  len 

28)

  23

0

15.001078 0:90:fb:9:20:4f ff:ff:ff:ff:ff:ff 0800 590: 0.0.0.0.68 >
  255.

55.255.255.67: [udp sum[ok] xid:0xb01cc42b vend-rfc1048

  DHCP

REQUEST CID:[ether]0[:90:fb:09:20:4f VC:"udhcp 0.9.9-pre2"

  RQ:1

2.168.0.254 SID:192.168.0.1 PR:SM+DG+NS+HN+DN+BR+YD+YS+NTP (ttl 64, id 0,

  len 

76)

  23

0

15.001244 0:e:c:a9:f8:cb 0:90:fb:9:20:4f 0800 342: 192.168.0.1.67 >
  192.

68.0.254.68: [udp sum[ok] xid:0xb01cc42b Y:192.168.0.254 vend-rfc1048

  DHCP

ACK SID:192.168.0.1 LT:43200 SM:255.255.255.0 DG:192.168.0.1

  NS:1

2.168.0.10,192.168.0.11 DN:"imagestream.com" [tos 0x1[] (ttl 16, id 0,

  len 

28)

Personal tools
Router software releases