评分并提供意见反馈 :
华为采用机器翻译与人工审校相结合的方式将此文档翻译成不同语言,希望能帮助您更容易理解此文档的内容。 请注意:即使是最好的机器翻译,其准确度也不及专业翻译人员的水平。 华为对于翻译的准确性不承担任何责任,并建议您参考英文文档(已提供链接)。
配置设备作为DHCP中继示例(中继与服务器之间跨越GRE隧道)
组网需求
如图3-16所示,某企业的总部和分支机构部署在不同的区域,为了使企业总部和分支机构能够跨越公网互联,总部与分支机构之间部署了GRE隧道。为了方便统一管理,企业管理员在总部设备Switch_1上部署DHCP服务器,为总部和分支机构的终端分配IP地址,总部和分支机构规划的IP地址网段分别为10.1.1.0/24和10.2.1.0/24。
仅S5720-EI、S5720-HI、S5730-HI、S5731-H-K、S5731-H、S5731S-H、S5731-S、S5731S-S、S6720-HI、S5732-H-K、S5732-H、S6730-H、S6730-H-K、S6730S-H、S6730-S、S6730S-S、S6720-EI和S6720S-EI支持GRE功能。
配置思路
DHCP中继与服务器之间跨越GRE隧道时,DHCP中继的配置思路如下:
在Switch_1、Switch_2和Switch_3之间运行OSPF路由协议实现设备间路由互通。
在Switch_1和Switch_3上,配置Tunnel接口,创建GRE隧道。
在Switch_1上,配置基于全局地址池的DHCP服务器,实现DHCP服务器从全局地址池中选择IP地址分配给总部和分支机构的终端。
在Switch_3上,配置DHCP中继功能,作为分支机构的网关转发终端与DHCP服务器之间的DHCP报文,实现终端向DHCP服务器申请IP地址。
DHCP服务器(Switch_1)以华为S系列交换机为例。
二层交换机LSW_1和LSW_2上,需要配置接口的链路类型和加入的VLAN,实现二层互通。
操作步骤
- 配置Switch_1~Switch_3上各物理接口的IP地址
# 配置Switch_1。
<HUAWEI> system-view [HUAWEI] sysname Switch_1 [Switch_1] vlan batch 10 30 [Switch_1] interface gigabitethernet 0/0/1 [Switch_1-GigabitEthernet0/0/1] port link-type trunk [Switch_1-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 [Switch_1-GigabitEthernet0/0/1] quit [Switch_1] interface gigabitethernet 0/0/2 [Switch_1-GigabitEthernet0/0/2] port link-type trunk [Switch_1-GigabitEthernet0/0/2] port trunk allow-pass vlan 30 [Switch_1-GigabitEthernet0/0/2] quit [Switch_1] interface vlanif 10 [Switch_1-Vlanif10] ip address 192.168.20.1 24 [Switch_1-Vlanif10] quit [Switch_1] interface vlanif 30 [Switch_1-Vlanif30] ip address 10.1.1.1 24 [Switch_1-Vlanif30] quit
# 配置Switch_2。
<HUAWEI> system-view [HUAWEI] sysname Switch_2 [Switch_2] vlan batch 10 20 [Switch_2] interface gigabitethernet 0/0/1 [Switch_2-GigabitEthernet0/0/1] port link-type trunk [Switch_2-GigabitEthernet0/0/1] port trunk allow-pass vlan 10 [Switch_2-GigabitEthernet0/0/1] quit [Switch_2] interface gigabitethernet 0/0/2 [Switch_2-GigabitEthernet0/0/2] port link-type trunk [Switch_2-GigabitEthernet0/0/2] port trunk allow-pass vlan 20 [Switch_2-GigabitEthernet0/0/2] quit [Switch_2] interface vlanif 10 [Switch_2-Vlanif10] ip address 192.168.20.2 24 [Switch_2-Vlanif10] quit [Switch_2] interface vlanif 20 [Switch_2-Vlanif20] ip address 192.168.30.1 24 [Switch_2-Vlanif20] quit
# 配置Switch_3。
<HUAWEI> system-view [HUAWEI] sysname Switch_3 [Switch_3] vlan batch 20 30 [Switch_3] interface gigabitethernet 0/0/1 [Switch_3-GigabitEthernet0/0/1] port link-type trunk [Switch_3-GigabitEthernet0/0/1] port trunk allow-pass vlan 20 [Switch_3-GigabitEthernet0/0/1] quit [Switch_3] interface gigabitethernet 0/0/2 [Switch_3-GigabitEthernet0/0/2] port link-type trunk [Switch_3-GigabitEthernet0/0/2] port trunk allow-pass vlan 30 [Switch_3-GigabitEthernet0/0/2] quit [Switch_3] interface vlanif 20 [Switch_3-Vlanif20] ip address 192.168.30.2 24 [Switch_3-Vlanif20] quit [Switch_3] interface vlanif 30 [Switch_3-Vlanif30] ip address 10.2.1.1 24 [Switch_3-Vlanif30] quit
- 配置Switch_1、Switch_2和Switch_3之间使用OSPF路由
# 配置Switch_1。
[Switch_1] ospf 1 [Switch_1-ospf-1] area 0 [Switch_1-ospf-1-area-0.0.0.0] network 192.168.20.0 0.0.0.255 [Switch_1-ospf-1-area-0.0.0.0] quit [Switch_1-ospf-1] quit
# 配置Switch_2。
[Switch_2] ospf 1 [Switch_2-ospf-1] area 0 [Switch_2-ospf-1-area-0.0.0.0] network 192.168.20.0 0.0.0.255 [Switch_2-ospf-1-area-0.0.0.0] network 192.168.30.0 0.0.0.255 [Switch_2-ospf-1-area-0.0.0.0] quit [Switch_2-ospf-1] quit
# 配置Switch_3。
[Switch_3] ospf 1 [Switch_3-ospf-1] area 0 [Switch_3-ospf-1-area-0.0.0.0] network 192.168.30.0 0.0.0.255 [Switch_3-ospf-1-area-0.0.0.0] quit [Switch_3-ospf-1] quit
- 配置Tunnel接口
# 配置Switch_1。
[Switch_1] interface tunnel 1 [Switch_1-Tunnel1] tunnel-protocol gre [Switch_1-Tunnel1] ip address 192.168.40.1 24 [Switch_1-Tunnel1] source 192.168.20.1 [Switch_1-Tunnel1] destination 192.168.30.2 [Switch_1-Tunnel1] quit
# 配置Switch_3。
[Switch_3] interface tunnel 1 [Switch_3-Tunnel1] tunnel-protocol gre [Switch_3-Tunnel1] ip address 192.168.40.2 24 [Switch_3-Tunnel1] source 192.168.30.2 [Switch_3-Tunnel1] destination 192.168.20.1 [Switch_3-Tunnel1] quit
- 配置Switch_1的DHCP服务器功能
# 使能DHCP服务,缺省未使能。
[Switch_1] dhcp enable
# 创建全局地址池并配置相关参数。
[Switch_1] ip pool pool1 [Switch_1-ip-pool-pool1] network 10.2.1.0 mask 255.255.255.0 [Switch_1-ip-pool-pool1] gateway-list 10.2.1.1 [Switch_1-ip-pool-pool1] quit [Switch_1] ip pool pool2 [Switch_1-ip-pool-pool2] network 10.1.1.0 mask 255.255.255.0 [Switch_1-ip-pool-pool2] gateway-list 10.1.1.1 [Switch_1-ip-pool-pool2] quit
# 配置接口VLANIF30下的终端从全局地址池中获取IP地址。[Switch_1] interface vlanif 30 [Switch_1-Vlanif30] dhcp select global [Switch_1-Vlanif30] quit
# 配置到分支机构终端网段的静态路由。[Switch_1] ip route-static 10.2.1.0 255.255.255.0 tunnel 1 - 配置Switch_3的DHCP中继功能
# 使能DHCP服务,缺省未使能。
[Switch_3] dhcp enable
# 配置接口VLANIF30的DHCP中继功能并指定代理的DHCP服务器地址。[Switch_3] interface vlanif 30 [Switch_3-Vlanif30] dhcp select relay [Switch_3-Vlanif30] dhcp relay server-ip 10.1.1.1 [Switch_3-Vlanif30] quit
# 配置到服务器网段的静态路由。[Switch_3] ip route-static 10.1.1.0 255.255.255.0 tunnel 1 - 配置各终端自动获取IP地址(以操作系统为Windows 7的PC为例)
- 右击桌面“网络”,单击“属性”,进入“网络和共享中心”窗口。
- 单击“本地连接”,进入“本地连接状态”窗口。
- 单击“属性”,进入“本地链接属性”窗口。
- 选择“Internet协议版本4(TCP/IPv4)”,点击“属性”,进入“Internet协议版本4(TCP/IPv4)属性”窗口,选择“自动获得IP地址”,单击“确定”。
- 验证配置结果
# 在Switch_3上执行命令display dhcp relay interface vlanif 30用来查看DHCP中继的配置信息。
[Switch_3] display dhcp relay interface vlanif 30 DHCP relay agent running information of interface Vlanif30 : Server IP address [00] : 10.1.1.1 Gateway address in use : 10.2.1.1
# 在Switch_1上执行命令display ip pool查看地址池pool1和pool2的IP地址分配情况。假设总部终端有100个,分支机构终端有50个。
[Switch_1] display ip pool name pool1 Pool-name : pool1 Pool-No : 0 Lease : 1 Days 0 Hours 0 Minutes Domain-name : - DNS-server0 : - NBNS-server0 : - Netbios-type : - Position : Local Status : Unlocked Gateway-0 : 10.2.1.1 Network : 10.2.1.0 Mask : 255.255.255.0 VPN instance : -- Logging : Disable Conflicted address recycle interval: - Address Statistic: Total :253 Used :50 Idle :203 Expired :0 Conflict :0 Disabled :0 ------------------------------------------------------------------------------- Network section Start End Total Used Idle(Expired) Conflict Disabled ------------------------------------------------------------------------------- 10.2.1.1 10.2.1.254 253 50 203(0) 0 0 -------------------------------------------------------------------------------
[Switch_1] display ip pool name pool2 Pool-name : pool2 Pool-No : 1 Lease : 1 Days 0 Hours 0 Minutes Domain-name : - DNS-server0 : - NBNS-server0 : - Netbios-type : - Position : Local Status : Unlocked Gateway-0 : 10.1.1.1 Network : 10.1.1.0 Mask : 255.255.255.0 VPN instance : -- Logging : Disable Conflicted address recycle interval: - Address Statistic: Total :253 Used :50 Idle :203 Expired :0 Conflict :0 Disabled :0 ------------------------------------------------------------------------------- Network section Start End Total Used Idle(Expired) Conflict Disabled ------------------------------------------------------------------------------- 10.1.1.1 10.1.1.254 253 100 153(0) 0 0 -------------------------------------------------------------------------------
配置文件
Switch_1的配置文件
# sysname Switch_1 # vlan batch 10 30 # dhcp enable # ip pool pool1 gateway-list 10.2.1.1 network 10.2.1.0 mask 255.255.255.0 # ip pool pool2 gateway-list 10.1.1.1 network 10.1.1.0 mask 255.255.255.0 # interface Vlanif10 ip address 192.168.20.1 255.255.255.0 # interface Vlanif30 ip address 10.1.1.1 255.255.255.0 dhcp select global # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 30 # interface Tunnel1 ip address 192.168.40.1 255.255.255.0 tunnel-protocol gre source 192.168.20.1 destination 192.168.30.2 # ospf 1 area 0.0.0.0 network 192.168.20.0 0.0.0.255 # ip route-static 10.2.1.0 255.255.255.0 Tunnel1 # return
Switch_2的配置文件
# sysname Switch_2 # vlan batch 10 20 # interface Vlanif10 ip address 192.168.20.2 255.255.255.0 # interface Vlanif20 ip address 192.168.30.1 255.255.255.0 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 10 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 20 # ospf 1 area 0.0.0.0 network 192.168.20.0 0.0.0.255 network 192.168.30.0 0.0.0.255 # return
Switch_3的配置文件
# sysname Switch_3 # vlan batch 20 30 # dhcp enable # interface Vlanif20 ip address 192.168.30.2 255.255.255.0 # interface Vlanif30 ip address 10.2.1.1 255.255.255.0 dhcp select relay dhcp relay server-ip 10.1.1.1 # interface GigabitEthernet0/0/1 port link-type trunk port trunk allow-pass vlan 20 # interface GigabitEthernet0/0/2 port link-type trunk port trunk allow-pass vlan 30 # interface Tunnel1 ip address 192.168.40.2 255.255.255.0 tunnel-protocol gre source 192.168.30.2 destination 192.168.20.1 # ospf 1 area 0.0.0.0 network 192.168.30.0 0.0.0.255 # ip route-static 10.1.1.0 255.255.255.0 Tunnel1 # return
