拨号和接入 : 异步连接

在接入服务器上使用 Cisco IOS DHCP 服务器

2015 年 8 月 28 日 - 机器翻译
其他版本: PDFpdf | 英语 (2015 年 4 月 23 日) | 反馈


目录


简介

本文提供一配置示例为使用Cisco IOS DHCP服务器在接入服务器。

先决条件

要求

本文档没有任何特定的要求。

使用的组件

本文档中的信息基于以下软件和硬件版本:

  • 在Cisco 5300路由器的Cisco IOS�软件版本12.1(9)。

    Cisco IOS DHCP服务功能在Cisco IOS软件版本12.0(1)T介绍。是否请使用软件顾问检查您的当前IOS版本和平台支持IOS DHCP服务功能。

    注意: 您需要Cisco IOS软件版本12.0(2)T或以后为了用在Cisco 1700系列路由器上。

本文档中的信息都是基于特定实验室环境中的设备编写的。本文档中使用的所有设备最初均采用原始(默认)配置。如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响。

规则

有关文档规则的详细信息,请参阅 Cisco 技术提示规则

背景信息

有传送的IP地址几不同的机制给接入服务器的拨入客户端。用于向客户端分配 IP 地址的部分可能选项包括:

  • 从接入服务器上的 IP 池分配地址。

  • 使用外部动态主机控制协议 (DHCP) 服务器。

  • 使用RADIUS或TACACS。

本文着重如何以接入服务器分配IP地址和其他DHCP变量使用思科IOS�服务器功能对拨入客户端。这避免使用一个外部DHCP服务器,并且,反而,使用从Cisco IOS的内置的DHCP服务器功能。您可通过 DHCP 自动将可重复使用的 IP 地址分配给 DHCP 客户端。

Cisco IOS DHCP服务功能是分配并且管理从特定地址池的IP地址在路由器内给DHCP客户端的全双工DHCP服务器实施。如果Cisco IOS DHCP服务器不能满足从其自己的数据库的DHCP请求,能转发请求到网络管理员定义的一个或更多第二DHCP服务器。

要得知更多Cisco IOS DHCP功能,限制和支持的平台,请参考Cisco IOS DHCP服务器文档。这时,称作是有用的哪些参数可以通过对PPP客户端。

注意: 我们无法使用屏蔽对PPP客户端的子网。这归结于与请求注释(RFC)的一个限制。对此的原因是,当PPP协商与PPP客户端时,以下参数通过PPP和IP Control Protocol (IPCP)协商:

  • IP 地址。

  • 主要的和附属域名系统(DNS)地址。

  • 主要的和辅NetBIOS名字服务(NBNS)地址。

  • TCP/IP报头压缩。

通过的子网掩码功能对PPP客户端不作为协议的部分PPP (RFC 1548)或IPCP的(RFC 1332)。因为这些字段通过PPP,协商async-bootp命令例如async-bootp dns-serverasync-bootp nbns-server给PPP客户端传递信息。async-bootp subnet-mask不是通过PPP通过的参数。

延长的Bootstrap协议(BOOTP)请求的async-bootp全局配置命令enable (event)支持,如对RFC 1084定义,当您配置串行线路互联网协议(SLIP)的路由器。当运行拨号网络时的Windows 95或NT PC拨号到您的路由器,执行PPP、不是BOOTP或者SLIP。这意味着那没有办法就此而言通过子网掩码对Windows 95或NT PPP拨号客户端或者网关。当您有从接入服务器动态地获得其IP地址的一个Windows拨入客户端时,您能看到子网掩码设置为255.0.0.0。因为这是点对点连接,子网掩码不是重要,因为拨入客户端为接入服务器所知作为单个主机路由(255.255.255.255网络屏蔽)。接入服务器有其中每一个的一个主机路由已连接拨入客户端。

关于PPP协商的信息,检查以下RFC :

  • RFC 1332

  • RFC 2484

  • RFC 1877

您能访问从所有公共RFC信息库的这些RFC。

配置

本部分提供有关如何配置本文档所述功能的信息。

注意: 要查找本文档所用命令的其他信息,请使用命令查找工具仅限注册用户)。

网络图

本文档使用以下网络设置:

/image/gif/paws/10315/dhcp_access.gif

配置

本文档使用以下配置:

  • 焦糖

焦糖
caramel#show running-config
Building configuration...
Current configuration : 3030 bytes
!
! Last configuration change at 14:02:23 CEST Thu Aug 23 2001
! NVRAM config last updated at 12:25:26 CEST Thu Aug 23 2001
!
version 12.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname caramel
!
boot system flash:
aaa new-model
AAA authentication login default local
AAA authentication ppp default local
AAA authorization network default local
enable password ww
!
username ww password 0 ww
username vpdn password 0 vpdn
username async password 0 async
username test password 0 test
spe 2/0 2/9
firmware location flash:mica-modem-pw.2.7.3.0.bin
!
!
resource-pool disable
!
!
!
!
!
clock timezone CET 2
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
modem country mica belgium
ip subnet-zero
ip host rund 172.17.247.195
ip domain-name nba.cisco.com
ip name-server 10.200.20.134
no ip dhcp conflict logging
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.10.253
ip dhcp excluded-address 10.10.10.254
ip dhcp excluded-address 10.10.10.252
!
ip dhcp pool 0
network 10.10.10.0 255.255.255.0
dns-server 10.10.10.254
default-router 10.10.10.1
domain-name CISCO.COM
netbios-name-server 10.10.10.253 10.10.10.252
!
ip address-pool dhcp-proxy-client
ip dhcp-server 10.10.10.1
isdn switch-type primary-net5
mta receive maximum-recipients 0
!
controller E1 0
clock source line primary
pri-group timeslots 1-31
!
controller E1 1
clock source line secondary 1
!
controller E1 2
clock source line secondary 2
!
controller E1 3
clock source line secondary 3
!
!
!
!
!
interface Loopback0
ip address 10.10.10.1 255.255.255.0
!
interface Ethernet0
ip address 10.200.20.7 255.255.255.0
no cdp enable
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial2
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial3
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial0:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
!
interface Serial1:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
!
interface Serial2:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
!
interface Serial3:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
interface FastEthernet0
no ip address
shutdown
duplex auto
speed auto
no cdp enable
!
interface Group-Async0
ip unnumbered Loopback0
encapsulation ppp
no ip route-cache
no ip mroute-cache
async mode interactive
peer default ip address dhcp
ppp authentication chap
group-range 1 60
!
interface Dialer1
ip unnumbered Loopback0
encapsulation ppp
no ip route-cache
no ip mroute-cache
dialer-group 1
peer default ip address dhcp
no cdp enable
ppp authentication chap
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.200.20.1
no ip http server
!
!
!
line con 0
exec-timeout 0 0
line 1 120
no exec
modem InOut
autoselect ppp
line aux 0
line vty 0 4
exec-timeout 0 0
password ww
transport input telnet
!
ntp clock-period 17179736
ntp server 10.200.20.134
end

验证

本部分所提供的信息可用于确认您的配置是否正常工作。

命令输出解释程序工具仅限注册用户)支持某些 show 命令,使用此工具可以查看对 show 命令输出的分析。

  • show caller ip —显示您提供的IP地址的一个主叫信息汇总。

  • show ip dhcp server statistics —显示DHCP服务器统计信息。

  • show ip dhcp binding —显示在DHCP服务器的地址绑定。

  • show users —显示控制台端口是否是活跃的,并且列出有源主机的IP地址或IP别名的所有活动的Telnet会话。

  • ping —检查设备是否操作,并且,如果网络连接是完整的。

这些命令输出如下所示:

caramel#
Aug 23 11:05:25.553: %LINK-3-UPDOWN: Interface Serial0:12, changed state to up
Aug 23 11:05:25.553: Se0:12 PPP: Treating connection as a callin
Aug 23 11:05:25.553: Se0:12 PPP: Phase is ESTABLISHING, Passive Open
Aug 23 11:05:25.553: Se0:12 LCP: State is Listen
Aug 23 11:05:25.681: Se0:12 LCP: I CONFREQ [Listen] id 1 len 17
Aug 23 11:05:25.681: Se0:12 LCP:    MagicNumber 0x003EDA4F (0x0506003EDA4F)
Aug 23 11:05:25.681: Se0:12 LCP:    PFC (0x0702)
Aug 23 11:05:25.681: Se0:12 LCP:    ACFC (0x0802)
Aug 23 11:05:25.681: Se0:12 LCP:    Callback 6  (0x0D0306)
Aug 23 11:05:25.681: Se0:12 LCP: O CONFREQ [Listen] id 1 len 15
Aug 23 11:05:25.681: Se0:12 LCP:    AuthProto CHAP (0x0305C22305)
Aug 23 11:05:25.681: Se0:12 LCP:    MagicNumber 0x14AAE40E (0x050614AAE40E)
Aug 23 11:05:25.681: Se0:12 LCP: O CONFREJ [Listen] id 1 len 7
Aug 23 11:05:25.681: Se0:12 LCP:    Callback 6  (0x0D0306)
Aug 23 11:05:25.705: Se0:12 LCP: I CONFACK [REQsent] id 1 len 15
Aug 23 11:05:25.705: Se0:12 LCP:    AuthProto CHAP (0x0305C22305)
Aug 23 11:05:25.705: Se0:12 LCP:    MagicNumber 0x14AAE40E (0x050614AAE40E)
Aug 23 11:05:25.709: Se0:12 LCP: I CONFREQ [ACKrcvd] id 2 len 14
Aug 23 11:05:25.709: Se0:12 LCP:    MagicNumber 0x003EDA4F (0x0506003EDA4F)
Aug 23 11:05:25.709: Se0:12 LCP:    PFC (0x0702)
Aug 23 11:05:25.709: Se0:12 LCP:    ACFC (0x0802)
Aug 23 11:05:25.709: Se0:12 LCP: O CONFACK [ACKrcvd] id 2 len 14
Aug 23 11:05:25.709: Se0:12 LCP:    MagicNumber 0x003EDA4F (0x0506003EDA4F)
Aug 23 11:05:25.709: Se0:12 LCP:    PFC (0x0702)
Aug 23 11:05:25.709: Se0:12 LCP:    ACFC (0x0802)
Aug 23 11:05:25.709: Se0:12 LCP: State is Open
Aug 23 11:05:25.709: Se0:12 PPP: Phase is AUTHENTICATING, by this end
Aug 23 11:05:25.709: Se0:12 CHAP: O CHALLENGE id 1 len 28 from "caramel"
Aug 23 11:05:25.733: Se0:12 CHAP: I RESPONSE id 1 len 25 from "test"
Aug 23 11:05:25.733: Se0:12 PPP: Phase is FORWARDING
Aug 23 11:05:25.733: Se0:12 PPP: Phase is AUTHENTICATING
Aug 23 11:05:25.737: Se0:12 CHAP: O SUCCESS id 1 len 4
Aug 23 11:05:25.737: Se0:12 PPP: Phase is UP
Aug 23 11:05:25.737: Se0:12 IPCP: O CONFREQ [Not negotiated] id 1 len 10
Aug 23 11:05:25.737: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:25.753: Se0:12 IPCP: I CONFREQ [REQsent] id 1 len 34
Aug 23 11:05:25.753: Se0:12 IPCP:    Address 0.0.0.0 (0x030600000000)
Aug 23 11:05:25.753: Se0:12 IPCP:    PrimaryDNS 0.0.0.0 (0x810600000000)
Aug 23 11:05:25.753: Se0:12 IPCP:    PrimaryWINS 0.0.0.0 (0x820600000000)
Aug 23 11:05:25.753: Se0:12 IPCP:    SecondaryDNS 0.0.0.0 (0x830600000000)
Aug 23 11:05:25.757: Se0:12 IPCP:    SecondaryWINS 0.0.0.0 (0x840600000000)
Aug 23 11:05:25.757: Se0:12 AAA/AUTHOR/IPCP: Start.  
Her address 0.0.0.0, we want 0.0.0.0
Aug 23 11:05:25.757: Se0:12 AAA/AUTHOR/IPCP: Done.  
Her address 0.0.0.0, we want 0.0.0.0
Aug 23 11:05:25.757: Se0:12: Pools to search :
Aug 23 11:05:25.757: DHCPD: DHCPDISCOVER received from client 0074.6573.74 
through relay 10.10.10.1.
Aug 23 11:05:26.737: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:12, 
changed state to up
Aug 23 11:05:27.756: DHCPD: assigned IP address 10.10.10.9 to client 0074.6573.74.
Aug 23 11:05:27.756: DHCPD: Sending DHCPOFFER to client 0074.6573.74 (10.10.10.9).
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.756: DHCPD: unicasting BOOTREPLY for client 0010.7be6.4498 
to relay 10.10.10.1.
Aug 23 11:05:27.756: DHCPD: DHCPREQUEST received from client 0074.6573.74.
Aug 23 11:05:27.756: DHCPD: Sending DHCPACK to client 0074.6573.74 (10.10.10.9).
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.760: DHCPD: unicasting BOOTREPLY for client 0010.7be6.4498 
to relay 10.10.10.1.
Aug 23 11:05:27.804: Se0:12: Default pool returned address = 10.10.10.9
Aug 23 11:05:27.804: Se0:12 IPCP: Pool returned 10.10.10.9
Aug 23 11:05:27.804: Se0:12 IPCP: O CONFREJ [REQsent] id 1 len 10
Aug 23 11:05:27.804: Se0:12 IPCP:    SecondaryDNS 0.0.0.0 (0x830600000000)
Aug 23 11:05:27.804: Se0:12 IPCP: I CONFACK [REQsent] id 1 len 10
Aug 23 11:05:27.804: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:27.804: Se0:12 IPCP: TIMEout: State ACKrcvd
Aug 23 11:05:27.804: Se0:12 IPCP: O CONFREQ [ACKrcvd] id 2 len 10
Aug 23 11:05:27.804: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:27.820: Se0:12 IPCP: I CONFREQ [REQsent] id 2 len 28
Aug 23 11:05:27.820: Se0:12 IPCP:    Address 0.0.0.0 (0x030600000000)
Aug 23 11:05:27.820: Se0:12 IPCP:    PrimaryDNS 0.0.0.0 (0x810600000000)
Aug 23 11:05:27.820: Se0:12 IPCP:    PrimaryWINS 0.0.0.0 (0x820600000000)
Aug 23 11:05:27.820: Se0:12 IPCP:    SecondaryWINS 0.0.0.0 (0x840600000000)
Aug 23 11:05:27.820: Se0:12 AAA/AUTHOR/IPCP: Start.  
Her address 0.0.0.0, we want 10.10.10.9
Aug 23 11:05:27.820: Se0:12 AAA/AUTHOR/IPCP: Done.  
Her address 0.0.0.0, we want 10.10.10.9
Aug 23 11:05:27.824: Se0:12 IPCP: O CONFNAK [REQsent] id 2 len 28
Aug 23 11:05:27.824: Se0:12 IPCP:    Address 10.10.10.9 (0x03060A0A0A09)
Aug 23 11:05:27.824: Se0:12 IPCP:    PrimaryDNS 10.10.10.254 (0x81060A0A0AFE)
Aug 23 11:05:27.824: Se0:12 IPCP:    PrimaryWINS 10.10.10.253(0x82060A0A0AFD)
Aug 23 11:05:27.824: Se0:12 IPCP:    SecondaryWINS 10.10.10.252(0x84060A0A0AFC)
Aug 23 11:05:27.824: Se0:12 IPCP: I CONFACK [REQsent] id 2 len 10
Aug 23 11:05:27.824: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:27.844: Se0:12 IPCP: I CONFREQ [ACKrcvd] id 3 len 28
Aug 23 11:05:27.844: Se0:12 IPCP:    Address 10.10.10.9 (0x03060A0A0A09)
Aug 23 11:05:27.844: Se0:12 IPCP:    PrimaryDNS 10.10.10.254(0x81060A0A0AFE)
Aug 23 11:05:27.844: Se0:12 IPCP:    PrimaryWINS 10.10.10.253(0x82060A0A0AFD)
Aug 23 11:05:27.844: Se0:12 IPCP:    SecondaryWINS 10.10.10.252(0x84060A0A0AFC)
Aug 23 11:05:27.844: Se0:12 AAA/AUTHOR/IPCP: Start.  
Her address 10.10.10.9, we want 10.10.10.9
Aug 23 11:05:27.848: Se0:12 AAA/AUTHOR/IPCP: Reject 10.10.10.9, using 10.10.10.9
Aug 23 11:05:27.848: Se0:12 AAA/AUTHOR/IPCP: Done.  
Her address 10.10.10.9, we want 10.10.10.9
Aug 23 11:05:27.848: Se0:12 IPCP: O CONFACK [ACKrcvd] id 3 len 28
Aug 23 11:05:27.848: Se0:12 IPCP:    Address 10.10.10.9(0x03060A0A0A09)
Aug 23 11:05:27.848: Se0:12 IPCP:    PrimaryDNS 10.10.10.254(0x81060A0A0AFE)
Aug 23 11:05:27.848: Se0:12 IPCP:    PrimaryWINS 10.10.10.253(0x82060A0A0AFD)
Aug 23 11:05:27.848: Se0:12 IPCP:    SecondaryWINS 10.10.10.252(0x84060A0A0AFC)
Aug 23 11:05:27.848: Se0:12 IPCP: State is Open
Aug 23 11:05:27.848: Di1 IPCP: Install route to 10.10.10.9
Aug 23 11:05:31.552: %ISDN-6-CONNECT: Interface Serial0:12 is now connected 
to 6133 test
Aug 23 11:05:38.688: DHCPD: DHCPINFORM received from 
client 00e0.1e57.6af0(10.200.20.12)

caramel#show ip dhcp binding
IP address       Hardware address        Lease expiration        Type
10.10.10.9       0074.6573.74            Aug 24 2001 02:05 PM    Automatic
caramel#

caramel#show ip dhcp server statistics
Memory usage         13975
Address pools        1
Database agents      0
Automatic bindings   1
Manual bindings      0
Expired bindings     0
Malformed messages   2
Message              Received
BOOTREQUEST          9
DHCPDISCOVER         9
DHCPREQUEST          8
DHCPDECLINE          0
DHCPRELEASE          18
DHCPINFORM           5
Message              Sent
BOOTREPLY            0
DHCPOFFER            8
DHCPACK              8
DHCPNAK              0

caramel#show caller ip
Line           User       IP Address      Local Number    Remote Number
<->
Se0:12         test       10.10.10.9      211             6133
in
caramel#show user
   Line         User       Host(s)                 Idle       Location
*  0 con 0                  idle                 00:00:00
 Interface      User        Mode                   Idle     Peer Address
  Se0:12        test       Sync PPP              00:00:27   PPP: 10.10.10.9

caramel#ping 10.10.10.9
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/56/60 ms
caramel#


!--- User disconnects now.


caramel#
Aug 23 11:06:11.332: DHCPD: checking for expired leases.
Aug 23 11:07:25.552: %ISDN-6-DISCONNECT: Interface Serial0:12  disconnected
from 6133 test, call lasted 120 seconds
Aug 23 11:07:25.588: %LINK-3-UPDOWN: Interface Serial0:12, changed state to down
Aug 23 11:07:25.592: Se0:12 IPCP: State is Closed
Aug 23 11:07:25.592: Se0:12 set_ip_peer(0): new address
Aug 23 11:07:25.592: ip_free_pool: Se0:12: address = 10.10.10.9 (1)0.0.0.0
Aug 23 11:07:25.592: Se0:12 PPP: Phase is TERMINATING
Aug 23 11:07:25.592: Se0:12 LCP: State is Closed
Aug 23 11:07:25.592: Se0:12 PPP: Phase is DOWN
Aug 23 11:07:25.592: Di1 IPCP: Remove route to 10.10.10.9
Aug 23 11:07:26.588: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:12, 
changed state to down
Aug 23 11:07:30.592: DHCPD: DHCPRELEASE message received from client 
0074.6573.74 (10.10.10.9).
Aug 23 11:07:30.592: DHCPD: returned 10.10.10.9 to address pool 0.
Aug 23 11:07:31.592: DHCPD: DHCPRELEASE message received from client 
0074.6573.74 (10.10.10.9).
Aug 23 11:07:32.592: DHCPD: DHCPRELEASE message received from client 
0074.6573.74 (10.10.10.9).
Aug 23 11:08:11.332: DHCPD: checking for expired leases.

如果正确地实现IOS DHCP服务器功能,您能查看在拨入客户端的IP配置、Windows IP配置程序(winipcfg)或适当命令检查已接收DHCP参数。我们能从DHCP服务器获得以下参数通过使用在我们使用测验的Windows 98 PC的winipcfg

ip address       10.10.10.9
mask             255.0.0.0 
default gateway  10.10.10.10 
dhcp server      - 
primary wins     10.10.010.253 
secondary wins   10.10.10.252 
lease obtained   - 
lease expires    -

故障排除

本部分提供的信息可用于对配置进行故障排除。

故障排除命令

注意: 在发出 debug 命令之前,请参阅有关 Debug 命令的重要信息

  • debug ppp协商—导致debug ppp命令显示在PPP启动期间传送的PPP数据包, PPP选项协商。

  • 当池组定义时, debug ip peer —包含更多输出。

  • debug ip dhcp server linkage —显示数据库链接信息。

  • debug ip dhcp server events —报告服务器事件,类似地址分配和数据库更新。

  • debug ip dhcp server packets —解码DHCP接收和发射。

相关的思科支持社区讨论

思科支持社区是您提问、解答问题、分享建议以及与工作伙伴协作的论坛。


相关信息


Document ID: 10315