H3C模拟器 DHCP Snooping 、中继 实例配置

1.DHCP 实例配置

## 配置步骤(在路由器上配置)
### (1)  # 配置接口的 IP 地址。
 system-view
[H3C] interface g 0/0
[[H3C-GigabitEthernet0/0]] ip address 192.168.1.254 24
[[H3C-GigabitEthernet0/0]] quit

### (2)# 启用 DHCP 服务。
[H3C] dhcp enable

### (3)  # 配置不参与自动分配的 IP 地址。
[H3C] dhcp server forbidden-ip 192.168.1.10
[H3C] dhcp server forbidden-ip 192.168.1.254

(4)# 配置 DHCP 地址池 0,采用动态绑定方式分配 IP 地址。
可分配的网段为 192.168.1.0/24,租约有效期限为 10 天,DNS 服务器地址为 192.168.1.10。
[H3C] dhcp server ip-pool 0
[H3C-dhcp-pool-0] network 192.168.1.0 mask 255.255.255.0
[H3C-dhcp-pool-0] expired day 10
[H3C-dhcp-pool-0] dns-list 192.168.1.10
[H3C-dhcp-pool-0] gateway-list 192.168.1.254
[H3C-dhcp-pool-0] quit

2.DHCP中继

DHCP服务器在路由器上,而SWA上有3个VLAN,分属于3个不同网段,
DHCP的请求报文是广播,因此必须在SWA上设置中继才能够传到路由器。

配置步骤
(1)  # 配置路由器。
 system-view
[H3C] interface g 0/0
[[H3C-GigabitEthernet0/0]] ip address 10.1.1.2 30
[[H3C-GigabitEthernet0/0]] quit
 # 启用 DHCP 服务。
[H3C] dhcp enable

# 配置 DHCP 地址池 1,为来自 192.168.1.0/24网段内的客户端分配地址。
[H3C] dhcp server ip-pool 1
[H3C-dhcp-pool-0] network 192.168.10.0 mask 255.255.255.0
[H3C-dhcp-pool-0] dns-list 8.8.8.8
[H3C-dhcp-pool-0] gateway-list 192.168.10.254
[H3C-dhcp-pool-0] quit

# 配置 DHCP 地址池 2,为来自 192.168.20.0/24网段内的客户端分配地址。
[H3C] dhcp server ip-pool 2
[H3C-dhcp-pool-0] network 192.168.20.0 mask 255.255.255.0
[H3C-dhcp-pool-0] dns-list 8.8.8.8
[H3C-dhcp-pool-0] gateway-list 192.168.20.254
[H3C-dhcp-pool-0] quit

# 配置 DHCP 地址池 3,为来自 192.168.30.0/24网段内的客户端分配地址。
[H3C] dhcp server ip-pool 3
[H3C-dhcp-pool-0] network 192.168.30.0 mask 255.255.255.0
[H3C-dhcp-pool-0] dns-list 8.8.8.8
[H3C-dhcp-pool-0] gateway-list 192.168.30.254
[H3C-dhcp-pool-0] quit

# 配置静态路由到192.168.0.0/16网段
[H3C]ip route-static 192.168.0.0 16 10.1.1.1

(2)# 配置 SWA交换机。

建立vlan,并且配置各接口的 IP 地址。

 system-view
[H3C]vlan 10
[H3C-vlan10]quit
[H3C]vlan 20
[H3C-vlan20]quit
[H3C]vlan 30
[H3C-vlan30]quit

[H3C]inter range g 1/0/1 to g 1/0/5
[H3C-if-range]port link-type access
[H3C-if-range]port access vlan 10
[H3C-if-range]quit
[H3C]inter range g 1/0/6 to g 1/0/10
[H3C-if-range]port link-type access
[H3C-if-range]port access vlan 20
[H3C-if-range]quit
[H3C]inter range g 1/0/11 to g 1/0/15
[H3C-if-range]port link-type access
[H3C-if-range]port access vlan 30
[H3C-if-range]quit

[H3C]inter vlan 10
[H3C-Vlan-interface10]ip add 192.168.10.254 24
[H3C-Vlan-interface10]quit
[H3C]inter vlan 20
[H3C-Vlan-interface20]ip add 192.168.20.254 24
[H3C-Vlan-interface20]quit
[H3C]inter vlan 30
[H3C-Vlan-interface30]ip add 192.168.30.254 24
[H3C-Vlan-interface30]quit
[H3C]
[H3C]inter g 1/0/23
[H3C-GigabitEthernet1/0/23]port link-m r
[H3C-GigabitEthernet1/0/23]ip add 10.1.1.1 30
[H3C-GigabitEthernet1/0/23]quit

(3)#配置DHCP中继(SWA交换机)

# 启用 DHCP 服务。
[H3C] dhcp enable

# 配置 VLAN 接口 10 工作在 DHCP 中继模式。
[H3C] interface vlan-interface 10
[H3C-Vlan-interface10] dhcp select relay
# 配置 DHCP 服务器的地址。
[H3C-Vlan-interface10] dhcp relay server-address 10.1.1.2
[H3C-Vlan-interface10] quit

# 配置 VLAN 接口 20 工作在 DHCP 中继模式。
[H3C] interface vlan-interface 20
[H3C-Vlan-interface20] dhcp select relay
[H3C-Vlan-interface20] dhcp relay server-address 10.1.1.2
[H3C-Vlan-interface20] quit

# 配置 VLAN 接口 30 工作在 DHCP 中继模式。
[H3C] interface vlan-interface 30
[H3C-Vlan-interface30] dhcp select relay
[H3C-Vlan-interface30] dhcp relay server-address 10.1.1.2
[H3C-Vlan-interface30] quit

3.DHCP Snooping

DHCP服务器在路由器上,而SWA上有3个VLAN,分属于3个不同网段,
DHCP的请求报文是广播,因此必须在SWA上设置中继才能够传到路由器。
伪DHCP Server已经配置好,将发布172.22.1.1-99的地址池,网关172.22.1.254,DNS 9.9.9.9

配置步骤

(1)  # 配置路由器。
 system-view
[H3C] interface g 0/0
[[H3C-GigabitEthernet0/0]] ip address 10.1.1.2 30
[[H3C-GigabitEthernet0/0]] quit
 # 启用 DHCP 服务。
[H3C] dhcp enable

# 配置 DHCP 地址池 1,为来自 192.168.1.0/24网段内的客户端分配地址。
[H3C] dhcp server ip-pool 1
[H3C-dhcp-pool-0] network 192.168.10.0 mask 255.255.255.0
[H3C-dhcp-pool-0] dns-list 8.8.8.8
[H3C-dhcp-pool-0] gateway-list 192.168.10.254
[H3C-dhcp-pool-0] quit

# 配置 DHCP 地址池 2,为来自 192.168.20.0/24网段内的客户端分配地址。
[H3C] dhcp server ip-pool 2
[H3C-dhcp-pool-0] network 192.168.20.0 mask 255.255.255.0
[H3C-dhcp-pool-0] dns-list 8.8.8.8
[H3C-dhcp-pool-0] gateway-list 192.168.20.254
[H3C-dhcp-pool-0] quit

# 配置 DHCP 地址池 3,为来自 192.168.30.0/24网段内的客户端分配地址。
[H3C] dhcp server ip-pool 3
[H3C-dhcp-pool-0] network 192.168.30.0 mask 255.255.255.0
[H3C-dhcp-pool-0] dns-list 8.8.8.8
[H3C-dhcp-pool-0] gateway-list 192.168.30.254
[H3C-dhcp-pool-0] quit

# 配置静态路由到192.168.0.0/16网段
[H3C]ip route-static 192.168.0.0 16 10.1.1.1
(2)# 配置 SWA交换机。
# 建立vlan,并且配置各接口的 IP 地址。
 system-view
[H3C]vlan 10
[H3C-vlan10]quit
[H3C]vlan 20
[H3C-vlan20]quit
[H3C]vlan 30
[H3C-vlan30]quit

[H3C]inter range g 1/0/1 to g 1/0/5
[H3C-if-range]port link-type access
[H3C-if-range]port access vlan 10
[H3C-if-range]quit
[H3C]inter range g 1/0/6 to g 1/0/10
[H3C-if-range]port link-type access
[H3C-if-range]port access vlan 20
[H3C-if-range]quit
[H3C]inter range g 1/0/11 to g 1/0/15
[H3C-if-range]port link-type access
[H3C-if-range]port access vlan 30
[H3C-if-range]quit

[H3C]inter vlan 10
[H3C-Vlan-interface10]ip add 192.168.10.254 24
[H3C-Vlan-interface10]quit
[H3C]inter vlan 20
[H3C-Vlan-interface20]ip add 192.168.20.254 24
[H3C-Vlan-interface20]quit
[H3C]inter vlan 30
[H3C-Vlan-interface30]ip add 192.168.30.254 24
[H3C-Vlan-interface30]quit
[H3C]
[H3C]inter g 1/0/23
[H3C-GigabitEthernet1/0/23]port link-t
[H3C-GigabitEthernet1/0/23]ip add 10.1.1.1 30
[H3C-GigabitEthernet1/0/23]quit
(3)#配置DHCP中继(SWA交换机)
# 启用 DHCP 服务。
[H3C] dhcp enable

# 配置 VLAN 接口 10 工作在 DHCP 中继模式。
[H3C] interface vlan-interface 10
[H3C-Vlan-interface10] dhcp select relay
# 配置 DHCP 服务器的地址。
[H3C-Vlan-interface10] dhcp relay server-address 10.1.1.2
[H3C-Vlan-interface10] quit

# 配置 VLAN 接口 20 工作在 DHCP 中继模式。
[H3C] interface vlan-interface 20
[H3C-Vlan-interface20] dhcp select relay
[H3C-Vlan-interface20] dhcp relay server-address 10.1.1.2
[H3C-Vlan-interface20] quit

# 配置 VLAN 接口 30 工作在 DHCP 中继模式。
[H3C] interface vlan-interface 30
[H3C-Vlan-interface30] dhcp select relay
[H3C-Vlan-interface30] dhcp relay server-address 10.1.1.2
[H3C-Vlan-interface30] quit

(4)#配置DHCP Snooping(SWB交换机)
# 启用 DHCP Snooping 功能。
[H3C] dhcp snooping enable
# 设置 GigabitEthernet1/0/21 端口为信任端口。
[H3C] interface GigabitEthernet 1/0/21
[H3C-GigabitEthernet1/0/21] dhcp snooping trust
[H3C-GigabitEthernet1/0/21] quit
# 在 GigabitEthernet1/0/1 上启用 DHCP Snooping 表项功能。
[H3C] interface GigabitEthernet 1/0/1
[H3C-GigabitEthernet1/0/1] dhcp snooping binding record
[H3C-GigabitEthernet1/0/1] quit

转载于:https://blog.51cto.com/13664810/2380593

你可能感兴趣的:(H3C模拟器 DHCP Snooping 、中继 实例配置)