Home | 简体中文 | 繁体中文 | 杂文 | 打赏(Donations) | ITEYE 博客 | OSChina 博客 | Facebook | Linkedin | 知乎专栏 | Search | Email

2.2. DHCP

2.2.1. DHCP Server

S3600 SI 没有DHCP Server,只有EI版本提供,狗日的H3C(fuck h3c)

			
dhcp enable
dhcp server ip-pool 0
static-bind ip-address 172.16.0.2
static-bind mac-address 000f-e200-0002
dns-list 172.16.0.254
gateway-list 172.16.0.254
quit
			
			
			
dhcp server ip-pool 0
network 10.1.1.0 mask 255.255.255.0
domain-name aabbcc.com
dns-list 10.1.1.2
nbns-list 10.1.1.4
expired day 10 hour 12
quit
			
			
			
3. 配置步骤

(1)        配置端口属于VLAN及对应VLAN接口的IP地址(略)

(2)        配置DHCP服务

# 使能DHCP服务。

<H3C> system-view

[H3C] dhcp enable

# 配置不参与自动分配的IP地址(DNS服务器、WINS服务器和出口网关地址)。

[H3C] dhcp server forbidden-ip 10.1.1.2

[H3C] dhcp server forbidden-ip 10.1.1.4

[H3C] dhcp server forbidden-ip 10.1.1.126

[H3C] dhcp server forbidden-ip 10.1.1.254

# 配置DHCP地址池0的共有属性(地址池范围、DNS服务器地址)。

[H3C] dhcp server ip-pool 0

[H3C-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0

[H3C-dhcp-pool-0] domain-name aabbcc.com

[H3C-dhcp-pool-0] dns-list 10.1.1.2

[H3C-dhcp-pool-0] quit

# 配置DHCP地址池1的属性(地址池范围、出口网关、地址租用期限)。

[H3C] dhcp server ip-pool 1

[H3C-dhcp-pool-1] network 10.1.1.0 mask 255.255.255.128

[H3C-dhcp-pool-1] gateway-list 10.1.1.126

[H3C-dhcp-pool-1] expired day 10 hour 12

[H3C-dhcp-pool-1] quit

# 配置DHCP地址池2的属性(地址池范围、出口网关、WINS服务器地址、地址租用期限)。

[H3C] dhcp server ip-pool 2

[H3C-dhcp-pool-2] network 10.1.1.128 mask 255.255.255.128

[H3C-dhcp-pool-2] expired day 5

[H3C-dhcp-pool-2] nbns-list 10.1.1.4

[H3C-dhcp-pool-2] gateway-list 10.1.1.254
			
			

2.2.1.1. 排除IP地址

排除单个IP地址

dhcp server forbidden-ip 10.1.1.2
dhcp server forbidden-ip 10.1.1.4
dhcp server forbidden-ip 10.1.1.126
dhcp server forbidden-ip 10.1.1.254				
				

排除一段IP地址

#
 dhcp server forbidden-ip 192.168.2.200 192.168.2.254
 dhcp server forbidden-ip 192.168.3.200 192.168.3.254
 dhcp server forbidden-ip 192.168.4.1 192.168.4.10
 dhcp server forbidden-ip 192.168.4.200 192.168.4.254
 dhcp server forbidden-ip 192.168.3.1 192.168.3.10
 dhcp server forbidden-ip 192.168.5.1 192.168.5.10
 dhcp server forbidden-ip 192.168.5.200 192.168.5.254
 dhcp server forbidden-ip 192.168.6.200 192.168.6.254
 dhcp server forbidden-ip 192.168.7.1 192.168.7.10
 dhcp server forbidden-ip 192.168.7.200 192.168.7.254
 dhcp server forbidden-ip 192.168.8.1 192.168.8.10
 dhcp server forbidden-ip 192.168.8.200 192.168.8.254
 dhcp server forbidden-ip 192.168.9.1 192.168.9.10
 dhcp server forbidden-ip 192.168.9.200 192.168.9.254
 dhcp server forbidden-ip 192.168.2.1 192.168.2.30
 dhcp server forbidden-ip 192.168.6.1 192.168.6.30
#
				

2.2.2. DHCP中继配置

			
# 进入系统视图。

<H3C> system-view

# 使能DHCP服务。

[H3C] dhcp enable

# 配置DHCP Server的组号为1,IP地址为202.38.1.2。

[H3C] dhcp-server 1 ip 202.38.1.2

# 配置VLAN接口2对应DHCP Server组1。

[H3C] interface Vlan-interface 2

[H3C-Vlan-interface2] dhcp-server 1

# 配置VLAN接口2的IP地址,需与DHCP Client属于同一网段。

[H3C-Vlan-interface2] ip address 10.110.1.1 255.255.0.0
			
			

2.2.3. DHCP Snooping

			
# 进入系统视图。

<H3C> system-view

# 开启交换机DHCP-Snooping功能。

[H3C] dhcp-snooping

# 进入Ethernet1/0/1端口视图。

[H3C] interface Ethernet1/0/1

# 设置端口为信任端口。

[H3C-Ethernet1/0/1] dhcp-snooping trust
			
			

2.2.4. 查看地址池配置

2.2.4.1. 查看地址池配置

				
<H3C>display dhcp server tree all
Global pool:

Pool name: vlan2
 network 192.168.2.0 mask 255.255.255.0
 Sibling node:vlan3
 gateway-list 192.168.2.254 
 dns-list 211.162.78.2 8.8.8.8 
 expired 7 0 0

Pool name: vlan3
 network 192.168.3.0 mask 255.255.255.0
 PrevSibling node:vlan2
 Sibling node:vlan4
 gateway-list 192.168.3.254 
 dns-list 211.162.78.2 8.8.8.8 
 expired 1 0 0

Pool name: vlan4
 network 192.168.4.0 mask 255.255.255.0
 PrevSibling node:vlan3
 Sibling node:vlan5
 gateway-list 192.168.4.254 
 dns-list 202.96.134.133 202.96.128.68 208.67.222.222 208.67.220.220 
 expired 1 0 0
                
Pool name: vlan5
 network 192.168.5.0 mask 255.255.255.0
 PrevSibling node:vlan4
 Sibling node:vlan6
 gateway-list 192.168.5.254 
 dns-list 211.162.78.2 8.8.8.8 
 expired 1 0 0

Pool name: vlan6
 network 192.168.6.0 mask 255.255.255.0
 PrevSibling node:vlan5
 Sibling node:vlan7
 gateway-list 192.168.6.254 
 dns-list 202.45.84.58 203.80.96.10 8.8.8.8 
 expired 1 0 0

Pool name: vlan7
 network 192.168.7.0 mask 255.255.255.0
 PrevSibling node:vlan6
 Sibling node:vlan8
 gateway-list 192.168.7.254 
 dns-list 208.67.222.222 208.67.220.220 8.8.8.8 4.4.4.4 
 expired 1 0 0  

Pool name: vlan8
 network 192.168.8.0 mask 255.255.255.0
 PrevSibling node:vlan7
 Sibling node:vlan9
 gateway-list 192.168.8.254 
 dns-list 208.67.222.222 208.67.220.220 8.8.8.8 4.4.4.4 
 expired 1 0 0

Pool name: vlan9
 network 192.168.9.0 mask 255.255.255.0
 PrevSibling node:vlan8
 gateway-list 192.168.9.254 
 dns-list 208.67.222.222 208.67.220.220 8.8.8.8 4.4.4.4 
 expired 1 0 0
<H3C>			
				
				

2.2.4.2. 查看地址租约

				
<H3C>display dhcp server ip-in-use all
Global pool: 
 IP address       Client-identifier/    Lease expiration          Type
                  Hardware address                                
 192.168.2.39     201a-065b-c488        Jun  3 2000 15:42:50      Auto:COMMITTED
 192.168.2.51     78e3-b590-bed0        Jun  3 2000 07:37:22      Auto:COMMITTED
 192.168.2.71     001b-3899-e518        Jun  4 2000 11:32:43      Auto:COMMITTED
 192.168.3.35     6c62-6da6-8aa3        May 30 2000 06:44:22      Auto:COMMITTED
 192.168.3.33     902b-340b-5b38        May 30 2000 07:45:48      Auto:COMMITTED
 192.168.2.31     001e-ec64-9b46        Jun  3 2000 11:17:01      Auto:COMMITTED
 192.168.2.72     78e3-b5ab-2891        Jun  5 2000 06:57:37      Auto:COMMITTED
 192.168.2.63     50e5-4919-15a9        Jun  3 2000 07:45:42      Auto:COMMITTED
 192.168.6.42     80c1-6edf-b997        May 30 2000 10:49:35      Auto:COMMITTED
 192.168.3.41     5254-0054-dd26        May 29 2000 14:41:22      Auto:COMMITTED
 192.168.2.46     6c62-6dbf-1ea8        Jun  5 2000 11:30:58      Auto:COMMITTED
 192.168.2.53     902b-340b-669f        Jun  3 2000 07:39:01      Auto:COMMITTED
 192.168.2.32     78e3-b590-cc1a        Jun  5 2000 06:44:34      Auto:COMMITTED
 192.168.3.23     80c1-6edf-b844        May 30 2000 10:48:46      Auto:COMMITTED
 192.168.3.30     6c62-6dd2-f8ea        May 30 2000 06:45:07      Auto:COMMITTED
 192.168.3.42     902b-340b-66ab        May 30 2000 08:45:11      Auto:COMMITTED
 192.168.3.40     5254-0032-6e05        May 29 2000 12:03:14      Auto:COMMITTED
 192.168.2.77     78e3-b5ab-5cdf        Jun  5 2000 07:48:11      Auto:COMMITTED
 192.168.2.50     78e3-b596-c42c        Jun  5 2000 06:42:09      Auto:COMMITTED
 192.168.2.73     74d4-3585-ae8a        Jun  5 2000 06:50:13      Auto:COMMITTED
 192.168.2.34     78e3-b5ab-2ab9        Jun  5 2000 06:54:54      Auto:COMMITTED
 192.168.2.35     78e3-b5ab-59ed        Jun  3 2000 06:45:34      Auto:COMMITTED
 192.168.3.16     78e3-b59b-99c5        May 30 2000 09:13:29      Auto:COMMITTED
 192.168.2.49     6c62-6db1-aab5        Jun  5 2000 06:44:27      Auto:COMMITTED
 192.168.3.25     78e3-b5ab-2ac7        May 30 2000 07:07:10      Auto:COMMITTED
 192.168.2.62     78e3-b590-beb0        Jun  5 2000 06:48:40      Auto:COMMITTED
 192.168.3.36     74d4-3585-a743        May 30 2000 10:50:28      Auto:COMMITTED
 192.168.3.39     5254-001a-2f7d        May 29 2000 12:02:49      Auto:COMMITTED
 192.168.2.40     001d-92f0-3200        Jun  5 2000 06:40:34      Auto:COMMITTED
 192.168.2.70     78e3-b59b-818c        Jun  5 2000 06:53:36      Auto:COMMITTED
 192.168.3.29     60a4-4cad-b643        May 30 2000 10:35:06      Auto:COMMITTED
 192.168.6.41     78e3-b590-d14c        May 30 2000 06:56:14      Auto:COMMITTED
 192.168.2.58     78e3-b596-ddfc        Jun  5 2000 06:48:25      Auto:COMMITTED
 192.168.3.38     0025-90af-9e3c        May 30 2000 00:00:50      Auto:COMMITTED
 192.168.2.76     0025-90af-9e3c        Jun  4 2000 11:32:34      Auto:COMMITTED
 192.168.6.39     5254-006a-616e        May 30 2000 06:42:31      Auto:COMMITTED
 192.168.3.32     902b-3440-c54e        May 30 2000 07:46:29      Auto:COMMITTED

 --- total 37 entry ---		
 						
				

2.2.4.3. 查看可分配的地址

				
<H3C> display dhcp server free-ip
IP Range from 192.168.2.78         to  192.168.2.199       
IP Range from 192.168.3.43         to  192.168.3.199       
IP Range from 192.168.4.11         to  192.168.4.199       
IP Range from 192.168.5.12         to  192.168.5.199       
IP Range from 192.168.6.43         to  192.168.6.199       
IP Range from 192.168.7.11         to  192.168.7.199       
IP Range from 192.168.8.12         to  192.168.8.199       
IP Range from 192.168.9.11         to  192.168.9.199  				
				
				

2.2.4.4. 查看租约过期地址

				
<H3C>display dhcp server expired all
Global pool: 
 IP address       Client-identifier/    Lease expiration          Type
                  Hardware address                                
 192.168.2.67     f4ec-383f-7bf9        May 17 2000 14:08:22      Release
 192.168.2.36     78e3-b590-c26a        May 29 2000 10:52:22      Release
 192.168.3.12     201a-065b-c488        May  1 2000 12:12:56      Release
 192.168.3.37     001b-3899-e518        May 29 2000 11:40:08      Release
 192.168.8.11     001e-ec64-9b46        May  2 2000 14:07:08      Release
 192.168.3.11     001e-ec64-9b46        May 18 2000 13:50:54      Release
 192.168.2.65     3c97-0ea7-e1a9        May  8 2000 12:05:43      Release
 192.168.3.24     6c62-6dbf-1f38        May  7 2000 06:51:49      Release
 192.168.6.31     5254-00f0-fb87        May 14 2000 13:24:45      Release
 192.168.2.38     78e3-b590-c7d5        May 16 2000 14:43:26      Release
 192.168.2.54     1cfa-68ee-9a15        Apr 30 2000 08:08:54      Release
 192.168.3.14     80c1-6edf-b997        Apr 28 2000 16:06:51      Release
 192.168.2.68     000c-29a4-38eb        May 16 2000 12:18:02      Release
 192.168.2.47     78e3-b59b-989f        May 13 2000 12:56:44      Release
 192.168.6.35     5254-009f-afd1        May 14 2000 14:21:53      Release
 192.168.2.45     78e3-b5ab-3ef4        May  2 2000 13:04:38      Release
 192.168.3.18     78e3-b598-f057        May 17 2000 06:45:23      Release
 192.168.6.37     5254-00e5-c31e        May 14 2000 14:25:33      Release
 192.168.3.20     78e3-b590-c82b        May 16 2000 11:22:44      Release
 192.168.3.17     d067-e527-be93        May  9 2000 10:38:25      Release
 192.168.2.56     000c-29c9-b264        Apr 30 2000 13:09:15      Release
 192.168.2.44     78e3-b596-dddd        May 24 2000 13:37:01      Release
 192.168.2.69     78e3-b596-de80        May 17 2000 12:22:29      Release
 192.168.3.34     984b-e1a9-7167        May  3 2000 07:14:17      Release
                
 --- total 54 entry ---				
				
				

2.2.4.5. 查看冲突IP地址

				
<H3C>display dhcp server conflict all
    Address             Discover time                 
    192.168.2.57        Apr 30 2000 15:12:40          
    192.168.2.75        May 20 2000 14:39:46          
 --- total 2 entry ---