Home > Others

Use vswitches and routes to configure DHCP

Source: Internet
Author: User
Developer on Alibaba Coud: Build your first app with APIs, SDKs, and tutorials on the Alibaba Cloud. Read more >

DHCP servers manage IP addresses, so it is not surprising that vswitches and vrouters are used for related configuration. Here we will introduce these content in detail.

Network Environment: A 3550EMI switch is divided into three VLANs. vlan2 is the network where the server is located, named server, IP address segment is 192.168.2.0, subnet mask: 255.255.255.0, Gateway: 192.168.2.1, the Domain server is windows 2000 advance server and serves as a DNS server. The IP address is 192.168.2.10, vlan3 is the network where client 1 is located, the IP address segment is 192.168.3.0, The subnet mask is 255.255.255.0, And the Gateway: 192.168.3.1 is named work01, vlan4 is the network where client 2 is located, named work02, IP address segment is 192.168.4.0, subnet mask: 255.255.255.0, Gateway: 192.168.4.1, 3550 as DHCP server, ports 1-8 are divided into VLAN 2, ports 9-16 are divided into VLAN 3, and ports 17-24 are divided into VLAN 4.

DHCP server implementation function: each VLAN retains 2-10 IP addresses regardless of configuration. For example, the IP address ranges of 192.168.2.0 and 192.168.2.2 to 192.168.2.10 are not allocated.

Security requirements: VLAN 3 and VLAN 4 do not allow mutual access, but both can access VLAN 2 where the server is located. By default, the access control list rules reject all packets.

Configure the DHCP command and follow these steps:

Step 1: Create a VLAN:

 
 
    
  
  
  1. Switch>en  
    2. 
  
  
  2. Switch#Vlan Database  
    3. 
  
  
  3. Switch(Vlan)>Vlan 2 Name server  
    4. 
  
  
  4. Switch(Vlan)>Vlan 3 Name work01  
    5. 
  
  
  5. Switch(vlan)>Vlan 4 Name work02 
    6.

Step 2: Set the vlan ip Address:

 
 
    
  
  
  1. Switch # Config T
    2. 
  
  
  2. Switch (Config)> Int Vlan 2
    3. 
  
  
  3. Switch (Config-vlan) Ip Address 192.168.2.1 255.255.255.0
    4. 
  
  
  4. Switch (Config-vlan) No Shut
    5. 
  
  
  5. Switch (Config-vlan)> Int Vlan 3
    6. 
  
  
  6. Switch (Config-vlan) Ip Address 192.168.3.1 255.255.255.0
    7. 
  
  
  7. Switch (Config-vlan) No Shut
    8. 
  
  
  8. Switch (Config-vlan)> Int Vlan 4
    9. 
  
  
  9. Switch (Config-vlan) Ip Address 192.168.4.1 255.255.255.0
    10. 
  
  
  10. Switch (Config-vlan) No Shut
    11. 
  
  
  11. Switch (Config-vlan) Exit
    12. 
  
  
  12. /* Note: Because the ports are not configured to VLAN2, 3, 4 at this time, each VLAN will be DOWN. After the ports are allocated to each VLAN, the VLAN will get up */
    13.

Step 3: Set port global Parameters

 
 
    
  
  
  1. Switch (Config) Interface Range Fa 0/1-24
    2. 
  
  
  2. Switch (Config-if-range) Switchport Mode Access
    3. 
  
  
  3. Switch (Config-if-range) Spanning-tree Portfast
    4. 
  
  
  4.  
    5. 
  
  
  5. Step 4: add the port to VLAN2, 3, 4
    6. 
  
  
  6. /* Add Port 1-8 to VLAN 2 */
    7. 
  
  
  7. Switch (Config) Interface Range Fa 0/1-8
    8. 
  
  
  8. Switch (Config-if-range) Switchport Access Vlan 2
    9. 
  
  
  9.  
    10. 
  
  
  10. /* Add Port 9-16 to VLAN 3 */
    11. 
  
  
  11. Switch (Config) Interface Range Fa 0/9-16
    12. 
  
  
  12. Switch (Config-if-range) Switchport Access Vlan 3
    13. 
  
  
  13.  
    14. 
  
  
  14. /* Add Port 17-24 to VLAN 4 */
    15. 
  
  
  15. Switch (Config) Interface Range Fa 0/17-24
    16. 
  
  
  16. Switch (Config-if-range) Switchport Access Vlan 4
    17. 
  
  
  17. Switch (Config-if-range) Exit
    18. 
  
  
  18.  
    19. 
  
  
  19. /* After this step, each VLAN will get up */
    20.

Step 5: configure the DHCP server with 3550

 
 
    
  
  
  1. /* Configure available address pools and corresponding parameters for VLAN 2. You need to set several address pools for several VLANs */
    2. 
  
  
  2. Switch (Config) Ip Dhcp Pool Test01
    3. 
  
  
  3. /* Set the allocable subnet */
    4. 
  
  
  4. Switch (Config-pool) Network 192.168.2.0 255.255.255.0
    5. 
  
  
  5. /* Set the DNS server */
    6. 
  
  
  6. Switch (Config-pool) Dns-server 192.168.2.10
    7. 
  
  
  7. /* Set the gateway for this subnet */
    8. 
  
  
  8. Switch (Config-pool) Default-router 192.168.2.1
    9. 
  
  
  9.  
    10. 
  
  
  10. /* Configure the address pool used by VLAN 3 and corresponding parameters */
    11. 
  
  
  11. Switch (Config) Ip Dhcp Pool Test02
    12. 
  
  
  12. Switch (Config-pool) Network 192.168.3.0 255.255.255.0
    13. 
  
  
  13. Switch (Config-pool) Dns-server 192.168.2.10
    14. 
  
  
  14. Switch (Config-pool) Default-router 192.168.3.1
    15. 
  
  
  15.  
    16. 
  
  
  16. /* Configure the address pool and corresponding parameters used by VLAN 4 */
    17. 
  
  
  17. Switch (Config) Ip Dhcp Pool Test03
    18. 
  
  
  18. Switch (Config-pool) Network 192.168.4.0 255.255.255.0
    19. 
  
  
  19. Switch (Config-pool) Dns-server 192.168.2.10
    20. 
  
  
  20. Switch (Config-pool) Default-router 192.168.4.1
    21.

Step 6: Configure DHCP to retain unassigned addresses

 
 
    
  
  
  1. Switch(Config)Ip Dhcp Excluded-address 192.168.2.2 192.168.2.10  
    2. 
  
  
  2. Switch(Config)Ip Dhcp Excluded-address 192.168.3.2 192.168.3.10  
    3. 
  
  
  3. Switch(Config)Ip Dhcp Excluded-address 192.168.4.2 192.168.4.10 
    4.

Step 7: Enable Routing

 
 
    
  
  
  1. /* After a route is enabled, each VLAN host can access each other */
    2. 
  
  
  2. Switch (Config) Ip Routing
    3.

Step 8: configure the access control list

 
 
    
  
  
  1. Switch(Config)access-list 103 permit ip 192.168.2.0 0.0.0.255 192.168.3.0 0.0.0.255  
    2. 
  
  
  2. Switch(Config)access-list 103 permit ip 192.168.3.0 0.0.0.255 192.168.2.0 0.0.0.255  
    3. 
  
  
  3. Switch(Config)access-list 103 permit udp any any eq bootpc  
    4. 
  
  
  4. Switch(Config)access-list 103 permit udp any any eq tftp  
    5. 
  
  
  5. Switch(Config)access-list 103 permit udp any eq bootpc any  
    6. 
  
  
  6. Switch(Config)access-list 103 permit udp any eq tftp any  
    7. 
  
  
  7. Switch(Config)access-list 104 permit ip 192.168.2.0 0.0.0.255 192.168.4.0 0.0.0.255  
    8. 
  
  
  8. Switch(Config)access-list 104 permit ip 192.168.4.0 0.0.0.255 192.168.2.0 0.0.0.255  
    9. 
  
  
  9. Switch(Config)access-list 104 permit udp any eq tftp any  
    10. 
  
  
  10. Switch(Config)access-list 104 permit udp any eq bootpc any  
    11. 
  
  
  11. Switch(Config)access-list 104 permit udp any eq bootpc any  
    12. 
  
  
  12. Switch(Config)access-list 104 permit udp any eq tftp any 
    13.

Step 9: Application access control list

 
 
    
  
  
  1. /* Apply the access control list to VLAN 3 and VLAN 4. VLAN 2 is not required */
    2. 
  
  
  2. Switch (Config) Int Vlan 3
    3. 
  
  
  3. Switch (Config-vlan) ip access-group 103 out
    4. 
  
  
  4. Switch (Config-vlan) Int Vlan 4
    5. 
  
  
  5. Switch (Config-vlan) ip access-group 104 out
    6.

Step 10: end and save the configuration

 
 
    
  
  
  1. Switch(Config-vlan)End  
    2. 
  
  
  2. Switch#Copy Run Start  
    3.

This article is an English version of an article which is originally in the Chinese language on aliyun.com and is provided for information purposes only. This website makes no representation or warranty of any kind, either expressed or implied, as to the accuracy, completeness ownership or reliability of the article or any translations thereof. If you have any concerns or complaints relating to the article, please send an email, providing a detailed description of the concern or complaint, to info-contact@alibabacloud.com. A staff member will contact you within 5 working days. Once verified, infringing content will be removed immediately.

Related Keywords:
configure dhcp on cisco switch configure dhcp on cisco router how to configure router to use wpa2 configure sendmail to use smtp server configure dhcp on cisco router interface how to install and configure apache and how to use

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

What's Trending
Top 10 Tags
datastax versions naming convention zookeeper client class definition md5 microsoft sql server 2005 data structures exception handling error handling
Top 10 Keywords
microsoft download center down wordpress address url site address url wordpress address url windows installer 4 0 download 302 not found web address url definition site address url wordpress db2 integer mac os installation step by step pdf abbreviation for return

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

Get Started for Free

  • Sales Support

    1 on 1 presale consultation

    Chat Contact Sales

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

    Open a Ticket

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.

    Learn More