在接入伺服器上使用Cisco IOS DHCP伺服器

簡介

本文檔提供在接入伺服器上使用Cisco IOS DHCP伺服器的配置示例。

必要條件

需求

本文件沒有特定需求。

採用元件

本文中的資訊係根據以下軟體和硬體版本：

• Cisco 5300路由器上的Cisco IOS®軟體版本12.1(9)。

  Cisco IOS軟體版本12.0(1)T中引入了Cisco IOS DHCP伺服器功能。使用Software Advisor檢查當前的IOS版本和平台是否支援IOS DHCP伺服器功能。

  注意：您需要使用Cisco IOS軟體版本12.0(2)T或更高版本，以便與Cisco 1700系列路由器配合使用。

本文中的資訊是根據特定實驗室環境內的裝置所建立。文中使用到的所有裝置皆從已清除（預設）的組態來啟動。如果您的網路正在作用，請確保您已瞭解任何指令可能造成的影響。

慣例

如需文件慣例的詳細資訊，請參閱思科技術提示慣例。

背景資訊

有幾種不同的機制可以將IP地址傳送給接入伺服器上的撥入客戶端。為客戶端分配IP地址的一些可能的選項包括：

• 從接入伺服器上的本地IP池分配地址。

• 使用外部動態主機控制協定(DHCP)伺服器。

• 使用RADIUS或TACACS。

本文檔重點介紹如何將Cisco IOS®伺服器功能與接入伺服器配合使用，將IP地址和其它DHCP變數分配給撥入客戶端。這樣可以避免使用外部DHCP伺服器，而是使用Cisco IOS本身的內建DHCP伺服器功能。DHCP 可自動向 DHCP 用戶端指派可重複使用的 IP 位址。

Cisco IOS DHCP伺服器功能是完整的DHCP伺服器實施，它可將路由器內指定地址池中的IP地址分配並管理給DHCP客戶端。如果Cisco IOS DHCP伺服器無法滿足來自其自身資料庫的DHCP請求，它可以將請求轉發到網路管理員定義的一個或多個輔助DHCP伺服器。

要瞭解有關Cisco IOS DHCP功能、限制和支援的平台的更多資訊，請參閱Cisco IOS DHCP伺服器文檔。此時，瞭解哪些引數可以傳遞到PPP客戶端很有用。

注意：無法對PPP客戶端使用子網掩碼。這是因為要求建議(RFC)存在限制。 這是因為當PPP與PPP客戶端協商時，以下引數是通過PPP和IP控制協定(IPCP)協商的：

• IP 位址.

• 主要和輔助域名系統(DNS)地址。

• 主要和輔助NetBIOS名稱服務(NBNS)地址。

• TCP/IP標頭壓縮。

將子網路遮罩傳遞到PPP使用者端的功能不屬於PPP(RFC 1548)或IPCP(RFC 1332)的通訊協定。 async-bootp命令(例如async-bootp dns-server和async-bootp nbns-server)將資訊傳遞給PPP客戶端，因為這些欄位是通過PPP協商的。async-bootp subnet-mask不是通過PPP傳遞的引數。

為串列線路網際網路協定(SLIP)配置路由器時，async-bootp全域性配置命令可支援擴展引導協定(BOOTP)請求，如RFC 1084中所定義。 當正在運行撥號網路的Windows 95或NT PC撥入您的路由器時，它會執行PPP，而不是BOOTP或SLIP。這意味著無法將子網掩碼傳遞給Windows 95或NT PPP撥號客戶端或網關。當您有從接入伺服器動態獲取其IP地址的Windows撥入客戶端時，可以看到子網掩碼設定為255.0.0.0。由於這是點對點連線，因此子網掩碼並不重要，因為接入伺服器將撥入客戶端稱為單個主機路由（255.255.255.255網路掩碼）。 接入伺服器為每個連線的撥入客戶端都具有一個主機路由。

有關PPP協商的資訊，請檢視以下RFC:

• RFC 1332

• RFC 2484

• RFC 1877

您可以從任何公有RFC資料庫存取這些RFC。

設定

本節提供用於設定本文件中所述功能的資訊。

注意：要查詢有關本文檔中使用的命令的其他資訊，請使用命令查詢工具(僅限註冊客戶)。

網路圖表

本檔案會使用以下網路設定：

組態

本檔案會使用以下設定：

• 焦糖

caramel#show running-config
Building configuration...
Current configuration : 3030 bytes
!
! Last configuration change at 14:02:23 CEST Thu Aug 23 2001
! NVRAM config last updated at 12:25:26 CEST Thu Aug 23 2001
!
version 12.1
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname caramel
!
boot system flash:
aaa new-model
AAA authentication login default local
AAA authentication ppp default local
AAA authorization network default local
enable password ww
!
username ww password 0 ww
username vpdn password 0 vpdn
username async password 0 async
username test password 0 test
spe 2/0 2/9
firmware location flash:mica-modem-pw.2.7.3.0.bin
!
!
resource-pool disable
!
!
!
!
!
clock timezone CET 2
clock summer-time CEST recurring last Sun Mar 2:00 last Sun Oct 3:00
modem country mica belgium
ip subnet-zero
ip host rund 172.17.247.195
ip domain-name nba.cisco.com
ip name-server 10.200.20.134
no ip dhcp conflict logging
ip dhcp excluded-address 10.10.10.1
ip dhcp excluded-address 10.10.10.253
ip dhcp excluded-address 10.10.10.254
ip dhcp excluded-address 10.10.10.252
!
ip dhcp pool 0
network 10.10.10.0 255.255.255.0
dns-server 10.10.10.254
default-router 10.10.10.1
domain-name CISCO.COM
netbios-name-server 10.10.10.253 10.10.10.252
!
ip address-pool dhcp-proxy-client
ip dhcp-server 10.10.10.1
isdn switch-type primary-net5
mta receive maximum-recipients 0
!
controller E1 0
clock source line primary
pri-group timeslots 1-31
!
controller E1 1
clock source line secondary 1
!
controller E1 2
clock source line secondary 2
!
controller E1 3
clock source line secondary 3
!
!
!
!
!
interface Loopback0
ip address 10.10.10.1 255.255.255.0
!
interface Ethernet0
ip address 10.200.20.7 255.255.255.0
no cdp enable
!
interface Serial0
no ip address
shutdown
!
interface Serial1
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial2
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial3
no ip address
shutdown
no fair-queue
clockrate 2015232
no cdp enable
!
interface Serial0:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
!
interface Serial1:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
!
interface Serial2:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
!
interface Serial3:15
no ip address
encapsulation ppp
dialer rotary-group 1
isdn switch-type primary-net5
isdn incoming-voice modem
no peer default ip address
no cdp enable
ppp authentication chap
!
interface FastEthernet0
no ip address
shutdown
duplex auto
speed auto
no cdp enable
!
interface Group-Async0
ip unnumbered Loopback0
encapsulation ppp
no ip route-cache
no ip mroute-cache
async mode interactive
peer default ip address dhcp
ppp authentication chap
group-range 1 60
!
interface Dialer1
ip unnumbered Loopback0
encapsulation ppp
no ip route-cache
no ip mroute-cache
dialer-group 1
peer default ip address dhcp
no cdp enable
ppp authentication chap
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.200.20.1
no ip http server
!
!
!
line con 0
exec-timeout 0 0
line 1 120
no exec
modem InOut
autoselect ppp
line aux 0
line vty 0 4
exec-timeout 0 0
password ww
transport input telnet
!
ntp clock-period 17179736
ntp server 10.200.20.134
end

驗證

本節提供的資訊可用於確認您的組態是否正常運作。

輸出直譯器工具(僅供註冊客戶使用)支援某些show命令，此工具可讓您檢視show命令輸出的分析。

• show caller ip — 顯示您提供的IP地址的呼叫者資訊摘要。

• show ip dhcp server statistics — 顯示DHCP伺服器統計資訊。

• show ip dhcp binding — 顯示DHCP伺服器上的地址繫結。

• show user — 顯示控制檯埠是否處於活動狀態，並列出所有具有始發主機的IP地址或IP別名的活動Telnet會話。

• ping — 檢查裝置是否正在運行以及網路連線是否完整。

這些命令的輸出如下所示：

caramel#
Aug 23 11:05:25.553: %LINK-3-UPDOWN: Interface Serial0:12, changed state to up
Aug 23 11:05:25.553: Se0:12 PPP: Treating connection as a callin
Aug 23 11:05:25.553: Se0:12 PPP: Phase is ESTABLISHING, Passive Open
Aug 23 11:05:25.553: Se0:12 LCP: State is Listen
Aug 23 11:05:25.681: Se0:12 LCP: I CONFREQ [Listen] id 1 len 17
Aug 23 11:05:25.681: Se0:12 LCP:    MagicNumber 0x003EDA4F (0x0506003EDA4F)
Aug 23 11:05:25.681: Se0:12 LCP:    PFC (0x0702)
Aug 23 11:05:25.681: Se0:12 LCP:    ACFC (0x0802)
Aug 23 11:05:25.681: Se0:12 LCP:    Callback 6  (0x0D0306)
Aug 23 11:05:25.681: Se0:12 LCP: O CONFREQ [Listen] id 1 len 15
Aug 23 11:05:25.681: Se0:12 LCP:    AuthProto CHAP (0x0305C22305)
Aug 23 11:05:25.681: Se0:12 LCP:    MagicNumber 0x14AAE40E (0x050614AAE40E)
Aug 23 11:05:25.681: Se0:12 LCP: O CONFREJ [Listen] id 1 len 7
Aug 23 11:05:25.681: Se0:12 LCP:    Callback 6  (0x0D0306)
Aug 23 11:05:25.705: Se0:12 LCP: I CONFACK [REQsent] id 1 len 15
Aug 23 11:05:25.705: Se0:12 LCP:    AuthProto CHAP (0x0305C22305)
Aug 23 11:05:25.705: Se0:12 LCP:    MagicNumber 0x14AAE40E (0x050614AAE40E)
Aug 23 11:05:25.709: Se0:12 LCP: I CONFREQ [ACKrcvd] id 2 len 14
Aug 23 11:05:25.709: Se0:12 LCP:    MagicNumber 0x003EDA4F (0x0506003EDA4F)
Aug 23 11:05:25.709: Se0:12 LCP:    PFC (0x0702)
Aug 23 11:05:25.709: Se0:12 LCP:    ACFC (0x0802)
Aug 23 11:05:25.709: Se0:12 LCP: O CONFACK [ACKrcvd] id 2 len 14
Aug 23 11:05:25.709: Se0:12 LCP:    MagicNumber 0x003EDA4F (0x0506003EDA4F)
Aug 23 11:05:25.709: Se0:12 LCP:    PFC (0x0702)
Aug 23 11:05:25.709: Se0:12 LCP:    ACFC (0x0802)
Aug 23 11:05:25.709: Se0:12 LCP: State is Open
Aug 23 11:05:25.709: Se0:12 PPP: Phase is AUTHENTICATING, by this end
Aug 23 11:05:25.709: Se0:12 CHAP: O CHALLENGE id 1 len 28 from "caramel"
Aug 23 11:05:25.733: Se0:12 CHAP: I RESPONSE id 1 len 25 from "test"
Aug 23 11:05:25.733: Se0:12 PPP: Phase is FORWARDING
Aug 23 11:05:25.733: Se0:12 PPP: Phase is AUTHENTICATING
Aug 23 11:05:25.737: Se0:12 CHAP: O SUCCESS id 1 len 4
Aug 23 11:05:25.737: Se0:12 PPP: Phase is UP
Aug 23 11:05:25.737: Se0:12 IPCP: O CONFREQ [Not negotiated] id 1 len 10
Aug 23 11:05:25.737: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:25.753: Se0:12 IPCP: I CONFREQ [REQsent] id 1 len 34
Aug 23 11:05:25.753: Se0:12 IPCP:    Address 0.0.0.0 (0x030600000000)
Aug 23 11:05:25.753: Se0:12 IPCP:    PrimaryDNS 0.0.0.0 (0x810600000000)
Aug 23 11:05:25.753: Se0:12 IPCP:    PrimaryWINS 0.0.0.0 (0x820600000000)
Aug 23 11:05:25.753: Se0:12 IPCP:    SecondaryDNS 0.0.0.0 (0x830600000000)
Aug 23 11:05:25.757: Se0:12 IPCP:    SecondaryWINS 0.0.0.0 (0x840600000000)
Aug 23 11:05:25.757: Se0:12 AAA/AUTHOR/IPCP: Start.  
Her address 0.0.0.0, we want 0.0.0.0
Aug 23 11:05:25.757: Se0:12 AAA/AUTHOR/IPCP: Done.  
Her address 0.0.0.0, we want 0.0.0.0
Aug 23 11:05:25.757: Se0:12: Pools to search :
Aug 23 11:05:25.757: DHCPD: DHCPDISCOVER received from client 0074.6573.74 
through relay 10.10.10.1.
Aug 23 11:05:26.737: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:12, 
changed state to up
Aug 23 11:05:27.756: DHCPD: assigned IP address 10.10.10.9 to client 0074.6573.74.
Aug 23 11:05:27.756: DHCPD: Sending DHCPOFFER to client 0074.6573.74 (10.10.10.9).
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.756: DHCPD: unicasting BOOTREPLY for client 0010.7be6.4498 
to relay 10.10.10.1.
Aug 23 11:05:27.756: DHCPD: DHCPREQUEST received from client 0074.6573.74.
Aug 23 11:05:27.756: DHCPD: Sending DHCPACK to client 0074.6573.74 (10.10.10.9).
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.756: DHCPD: child  pool: 10.10.10.0 / 255.255.255.0 (0)
Aug 23 11:05:27.756: DHCPD: pool 0 has no parent.
Aug 23 11:05:27.760: DHCPD: unicasting BOOTREPLY for client 0010.7be6.4498 
to relay 10.10.10.1.
Aug 23 11:05:27.804: Se0:12: Default pool returned address = 10.10.10.9
Aug 23 11:05:27.804: Se0:12 IPCP: Pool returned 10.10.10.9
Aug 23 11:05:27.804: Se0:12 IPCP: O CONFREJ [REQsent] id 1 len 10
Aug 23 11:05:27.804: Se0:12 IPCP:    SecondaryDNS 0.0.0.0 (0x830600000000)
Aug 23 11:05:27.804: Se0:12 IPCP: I CONFACK [REQsent] id 1 len 10
Aug 23 11:05:27.804: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:27.804: Se0:12 IPCP: TIMEout: State ACKrcvd
Aug 23 11:05:27.804: Se0:12 IPCP: O CONFREQ [ACKrcvd] id 2 len 10
Aug 23 11:05:27.804: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:27.820: Se0:12 IPCP: I CONFREQ [REQsent] id 2 len 28
Aug 23 11:05:27.820: Se0:12 IPCP:    Address 0.0.0.0 (0x030600000000)
Aug 23 11:05:27.820: Se0:12 IPCP:    PrimaryDNS 0.0.0.0 (0x810600000000)
Aug 23 11:05:27.820: Se0:12 IPCP:    PrimaryWINS 0.0.0.0 (0x820600000000)
Aug 23 11:05:27.820: Se0:12 IPCP:    SecondaryWINS 0.0.0.0 (0x840600000000)
Aug 23 11:05:27.820: Se0:12 AAA/AUTHOR/IPCP: Start.  
Her address 0.0.0.0, we want 10.10.10.9
Aug 23 11:05:27.820: Se0:12 AAA/AUTHOR/IPCP: Done.  
Her address 0.0.0.0, we want 10.10.10.9
Aug 23 11:05:27.824: Se0:12 IPCP: O CONFNAK [REQsent] id 2 len 28
Aug 23 11:05:27.824: Se0:12 IPCP:    Address 10.10.10.9 (0x03060A0A0A09)
Aug 23 11:05:27.824: Se0:12 IPCP:    PrimaryDNS 10.10.10.254 (0x81060A0A0AFE)
Aug 23 11:05:27.824: Se0:12 IPCP:    PrimaryWINS 10.10.10.253(0x82060A0A0AFD)
Aug 23 11:05:27.824: Se0:12 IPCP:    SecondaryWINS 10.10.10.252(0x84060A0A0AFC)
Aug 23 11:05:27.824: Se0:12 IPCP: I CONFACK [REQsent] id 2 len 10
Aug 23 11:05:27.824: Se0:12 IPCP:    Address 10.10.10.1 (0x03060A0A0A01)
Aug 23 11:05:27.844: Se0:12 IPCP: I CONFREQ [ACKrcvd] id 3 len 28
Aug 23 11:05:27.844: Se0:12 IPCP:    Address 10.10.10.9 (0x03060A0A0A09)
Aug 23 11:05:27.844: Se0:12 IPCP:    PrimaryDNS 10.10.10.254(0x81060A0A0AFE)
Aug 23 11:05:27.844: Se0:12 IPCP:    PrimaryWINS 10.10.10.253(0x82060A0A0AFD)
Aug 23 11:05:27.844: Se0:12 IPCP:    SecondaryWINS 10.10.10.252(0x84060A0A0AFC)
Aug 23 11:05:27.844: Se0:12 AAA/AUTHOR/IPCP: Start.  
Her address 10.10.10.9, we want 10.10.10.9
Aug 23 11:05:27.848: Se0:12 AAA/AUTHOR/IPCP: Reject 10.10.10.9, using 10.10.10.9
Aug 23 11:05:27.848: Se0:12 AAA/AUTHOR/IPCP: Done.  
Her address 10.10.10.9, we want 10.10.10.9
Aug 23 11:05:27.848: Se0:12 IPCP: O CONFACK [ACKrcvd] id 3 len 28
Aug 23 11:05:27.848: Se0:12 IPCP:    Address 10.10.10.9(0x03060A0A0A09)
Aug 23 11:05:27.848: Se0:12 IPCP:    PrimaryDNS 10.10.10.254(0x81060A0A0AFE)
Aug 23 11:05:27.848: Se0:12 IPCP:    PrimaryWINS 10.10.10.253(0x82060A0A0AFD)
Aug 23 11:05:27.848: Se0:12 IPCP:    SecondaryWINS 10.10.10.252(0x84060A0A0AFC)
Aug 23 11:05:27.848: Se0:12 IPCP: State is Open
Aug 23 11:05:27.848: Di1 IPCP: Install route to 10.10.10.9
Aug 23 11:05:31.552: %ISDN-6-CONNECT: Interface Serial0:12 is now connected 
to 6133 test
Aug 23 11:05:38.688: DHCPD: DHCPINFORM received from 
client 00e0.1e57.6af0(10.200.20.12)

caramel#show ip dhcp binding
IP address       Hardware address        Lease expiration        Type
10.10.10.9       0074.6573.74            Aug 24 2001 02:05 PM    Automatic
caramel#

caramel#show ip dhcp server statistics
Memory usage         13975
Address pools        1
Database agents      0
Automatic bindings   1
Manual bindings      0
Expired bindings     0
Malformed messages   2
Message              Received
BOOTREQUEST          9
DHCPDISCOVER         9
DHCPREQUEST          8
DHCPDECLINE          0
DHCPRELEASE          18
DHCPINFORM           5
Message              Sent
BOOTREPLY            0
DHCPOFFER            8
DHCPACK              8
DHCPNAK              0

caramel#show caller ip
Line           User       IP Address      Local Number    Remote Number
<->
Se0:12         test       10.10.10.9      211             6133
in
caramel#show user
   Line         User       Host(s)                 Idle       Location
*  0 con 0                  idle                 00:00:00
 Interface      User        Mode                   Idle     Peer Address
  Se0:12        test       Sync PPP              00:00:27   PPP: 10.10.10.9

caramel#ping 10.10.10.9
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.10.10.9, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 52/56/60 ms
caramel#

 !--- User disconnects now.


caramel#
Aug 23 11:06:11.332: DHCPD: checking for expired leases.
Aug 23 11:07:25.552: %ISDN-6-DISCONNECT: Interface Serial0:12  disconnected
from 6133 test, call lasted 120 seconds
Aug 23 11:07:25.588: %LINK-3-UPDOWN: Interface Serial0:12, changed state to down
Aug 23 11:07:25.592: Se0:12 IPCP: State is Closed
Aug 23 11:07:25.592: Se0:12 set_ip_peer(0): new address
Aug 23 11:07:25.592: ip_free_pool: Se0:12: address = 10.10.10.9 (1)0.0.0.0
Aug 23 11:07:25.592: Se0:12 PPP: Phase is TERMINATING
Aug 23 11:07:25.592: Se0:12 LCP: State is Closed
Aug 23 11:07:25.592: Se0:12 PPP: Phase is DOWN
Aug 23 11:07:25.592: Di1 IPCP: Remove route to 10.10.10.9
Aug 23 11:07:26.588: %LINEPROTO-5-UPDOWN: Line protocol on Interface Serial0:12, 
changed state to down
Aug 23 11:07:30.592: DHCPD: DHCPRELEASE message received from client 
0074.6573.74 (10.10.10.9).
Aug 23 11:07:30.592: DHCPD: returned 10.10.10.9 to address pool 0.
Aug 23 11:07:31.592: DHCPD: DHCPRELEASE message received from client 
0074.6573.74 (10.10.10.9).
Aug 23 11:07:32.592: DHCPD: DHCPRELEASE message received from client 
0074.6573.74 (10.10.10.9).
Aug 23 11:08:11.332: DHCPD: checking for expired leases.

如果您已正確實施IOS DHCP伺服器功能，則可以檢視IP配置、Windows IP配置程式(winipcfg)或撥入客戶端上的相應命令，以檢查收到的DHCP引數。在用於測試的Windows 98 PC上使用winipcfg，可以從DHCP伺服器獲取以下引數：

ip address       10.10.10.9
mask             255.0.0.0 
default gateway  10.10.10.10 
dhcp server      - 
primary wins     10.10.010.253 
secondary wins   10.10.10.252 
lease obtained   - 
lease expires    -

疑難排解

本節提供的資訊可用於對組態進行疑難排解。

疑難排解指令

注意：發出debug命令之前，請參閱有關Debug命令的重要資訊。

• debug ppp negotiation — 使debug ppp命令顯示PPP啟動期間傳輸的PPP資料包，其中會協商PPP選項。

• debug ip peer — 定義池組時包含其他輸出。

• debug ip dhcp server linkage — 顯示資料庫連結資訊。

• debug ip dhcp server events — 報告伺服器事件，如地址分配和資料庫更新。

• debug ip dhcp server packets — 對DHCP接收和傳輸進行解碼。

相關資訊

• Cisco IOS DHCP伺服器
• 自動配置Cisco IOS DHCP伺服器選項
• 配置DHCP
• 配置介質無關的PPP和多鏈路PPP
• 技術支援與文件 - Cisco Systems