CCNP Guía SWITCH v2.

DHCP Snooping ..........................................................................................................................2

1
@ 2017
CCNP Guía SWITCH v2.0

DHCP Snooping

 Cree la topología de la figura.

 Configure el direccionamiento mostrado en los routers (utilice interfaces Giga en los routers). Compruebe
que exista conectividad entre los routers R1 y R2.

R1
interface GigabitEthernet0/0
ip address 10.1.1.1 255.255.255.0
no shut

R2
interface GigabitEthernet0/0
ip address 10.1.1.2 255.255.255.0
no shut

R1#ping 10.1.1.2
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.1.1.2, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 0/0/0 ms

SW#sh mac address-table

Mac Address Table
-------------------------------------------
Vlan Mac Address Type Ports
---- ----------- -------- -----
1 0060.3e39.5601 DYNAMIC Fa0/2
1 0090.0c88.9201 DYNAMIC Fa0/1

R1#sh interfaces gigabitEthernet 0/0

GigabitEthernet0/0 is up, line protocol is up (connected)
Hardware is CN Gigabit Ethernet, address is 0090.0c88.9201 (bia 0090.0c88.9201)
Internet address is 10.1.1.1/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is RJ45

R2#sh interfaces gigabitEthernet 0/0

2
@ 2017
CCNP Guía SWITCH v2.0

GigabitEthernet0/0 is up, line protocol is up (connected)

Hardware is CN Gigabit Ethernet, address is 0060.3e39.5601 (bia 0060.3e39.5601)
Internet address is 10.1.1.2/24
MTU 1500 bytes, BW 1000000 Kbit, DLY 100 usec,
reliability 255/255, txload 1/255, rxload 1/255
Encapsulation ARPA, loopback not set
Keepalive set (10 sec)
Full-duplex, 100Mb/s, media type is RJ45

 Configure R1 como servidor DHCP utilizando los siguientes valores de red:

- Red 10.1.1.0/24
- DG 10.1.1.1
- DNS 8.8.8.8

 Configure R2 como servidor DHCP utilizando los siguientes valores de red:

- Red 10.1.1.0/24
- DG 10.1.1.2
- DNS 8.8.8.8

 Habilite cliente DHCP en PC1.

R1
ip dhcp excluded-address 10.1.1.1 10.1.1.49

ip dhcp pool R1POOL

network 10.1.1.0 255.255.255.0
default-router 10.1.1.1
dns-server 8.8.8.8

R2
ip dhcp excluded-address 10.1.1.1 10.1.1.49

ip dhcp pool R2POOL

network 10.1.1.0 255.255.255.0
default-router 10.1.1.2
dns-server 8.8.8.8

R2#sh ip dhcp binding

IP address Client-ID/ Lease expiration Type
Hardware address

3
@ 2017
CCNP Guía SWITCH v2.0

 Habilite DHCP Snooping para la VLAN predeterminada y vuelva a habilitar DHCP en el cliente.

Nota: Con la asignación automática de direcciones IP privadas (APIPA- Automatic Private IP Addressing), los
clientes DHCP se asignan automáticamente una dirección IP y una máscara de subred, cuando no está disponible
un servidor DHCP. El dispositivo se asigna su propia dirección IP en el rango 169.254.1.0 a 169.254.254.255. La
máscara de subred se ajusta automáticamente a 255.255.0.0 y la dirección del gateway se ajusta a 0.0.0.0.

SW1
ip dhcp snooping
ip dhcp snooping vlan 1

SW#sh ip dhcp snooping

Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
----------------------- ------- ----------------

Commented [c1]: Para realizar una nueva petición DHCP

seleccionamos Static y luego DHCP.

¿Que indica el mensaje DHCP failed. APIPA is being used?

Al configurar DHCP snooping todos los puertos quedan en modo unstrusted. Debemos indicar que puerto es
confiable para DHCP.
Vuelva a rehabilitar DHCP en el cliente (es análogo a ipconfig /renew)

4
@ 2017
CCNP Guía SWITCH v2.0

SW1#sh ip dhcp snooping

Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is enabled
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
----------------------- ------- ----------------
FastEthernet0/3 no unlimited
FastEthernet0/1 yes unlimited

5
@ 2017
CCNP Guía SWITCH v2.0

SW1
no ip dhcp snooping information option

SW1#sh ip dhcp snooping

Switch DHCP snooping is enabled
DHCP snooping is configured on following VLANs:
1
Insertion of option 82 is disabled
Option 82 on untrusted port is not allowed
Verification of hwaddr field is enabled
Interface Trusted Rate limit (pps)
----------------------- ------- ----------------
FastEthernet0/3 no unlimited
FastEthernet0/2 no unlimited
FastEthernet0/1 yes unlimited

R1#sh ip dhcp binding

IP address Client-ID/ Lease expiration Type
Hardware address
10.1.1.50 0002.4AAC.DC87 -- Automatic

¿Que función cumple el comando no ip dhcp snooping information option? ¿Que comando se puede utilizar como
alternativa?

6
@ 2017