Beruflich Dokumente
Kultur Dokumente
1
Configure DHCP in an Enterprise Branch Network
2
Configure DHCP in an Enterprise Branch Network
Describe how DHCP dynamically assigns an IP address to a
client
3
DHCPDISCOVER message:
Broadcast forwarded by the host looking for a DHCP server.
Messages are forwarded to the DHCP BOOTP server, using UDP port 67.
DHCPOFFER message:
When the DHCPDISCOVER messages reaches the DHCP server, the server responds
with a unicast DHCPOFFER message containing the MAC address o f the client,
offered IP address and mask, default gateway, and the IP address of the server.
Messages are forwarded to the DHCP BOOTP client, using UDP port 68.
DHCPREQUEST message:
Used for two purposes: first, to initially negotiate an IP address lease, and the second
is to renegotiate (or renew) the IP address halfway through its lease time.
The client broadcasts the DHCPREQUEST message to the DHCP server using UDP
port 67.
DHCPACK message:
Nearly identical to the original DHCPOFFER but sent to the client to confirm that it now
can use that address using UDP port 68.
4
Step 1. Define a range of addresses that DHCP is not to allocate. These
are usually static addresses reserved for the router interface, switch
management IP address, servers, and local network printers.
Step 2. Create the DHCP pool using the ip dhcp pool command.
5
Step 3. Configure the specifics of the pool
6
DHCP Relay can be used to configure a router to relay DHCP messages
when the server and the client are not on the same segment
enables routers to forward DHCP broadcasts to the DHCP servers. When
a router forwards address assignment/parameter requests, it is acting as a
DHCP relay agent.
7
DHCP problems can arise for a multitude of reasons, such
as software defects in operating systems, NIC drivers, or
DHCP/BOOTP relay agents, but the most common are
configuration issues. Because of the number of potentially
problematic areas, a systematic approach to troubleshooting
is required.
8
Network Address Translation
9
Network Address Translation
12
Forms of NAT
Static NAT
–Allow one-to-one mapping of local and global addresses.
–Useful when device needs to be accessible from the outside network
Dynamic NAT
–Any IP address from a pool of global IP addresses is assigned to a
local address.
Overloading (PAT)
–Maps multiple private IP addresses to a single public IP address by
using different ports.
13
Port Address Translation
14
Translating Inside Source Addresses
15
Configuring Static Translation
16
Enabling Static NAT
Address Mapping Example
17
Configuring Dynamic Translation
Router(config)#access-list access-list-number permit
source [source-wildcard]
19
Overloading an Inside Global Address
20
Configuring Overloading Using One Address
21
Overloading an Inside
Global Address Example
23
Clearing the NAT Translation Table
24
• Clears an extended dynamic translation entry
Displaying Information with show Commands
Router#debug ip nat
26
Translation Not Installed in the Translation
Table?
Verify that:
–The configuration is correct
–There are not any inbound ACLs denying the packets entry to the NAT router
–The ACL referenced by the NAT command is permitting all necessary
networks
–There are enough addresses in the NAT pool
–The router interfaces are appropriately defined as NAT inside or NAT outside
27
Summary
–NAT enables private IP internetworks that use non-registered IP
addresses to connect to the Internet. PAT, a feature of NAT, enables
several internal addresses to be translated to only one or a few
external addresses.
–You can translate your own IP addresses into globally unique IP
addresses when you are communicating outside of your network.
–Overloading is a form of dynamic NAT that maps multiple
unregistered IP addresses to a single registered IP address (many-to-
one) by using different ports, known also as PAT.
–Once NAT is configured, the clear and show commands can be used
to verify that it is operating as expected.
–The debug command can be used to troubleshoot NAT connectivity
problems.
28