DHCP中继实验兼报文分析

实验拓扑:

 

 

DHCP中继实验兼报文分析_休闲

 

 

配置如下:

RT5

version 12.3
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname rt5
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
!
resource policy
!
memory-size iomem 5
ip subnet-zero
!
!
ip cef
no ip dhcp use vrf connected
ip dhcp excluded-address 192.168.10.1 192.168.10.100// 排除地址
ip dhcp excluded-address 192.168.11.1 192.168.11.100
!
ip dhcp pool vlan10                                            //给vlan10分配的地址和DNS
   network 192.168.10.0 255.255.255.0
   dns-server 202.103.12.1
   default-router 192.168.10.1
!
ip dhcp pool vlan11                                         //给vlan10分配的地址和DNS
   network 192.168.11.0 255.255.255.0
   dns-server 202.103.12.1
   default-router 192.168.11.1

interface Ethernet0/0                                           
 ip address 192.168.12.200 255.255.255.0
 !
router rip                                                          //此处亦可用静态路由指回去
 version 2
 network 192.168.12.0
 no auto-summary
!
line con 0
 exec-timeout 0 0
 privilege level 15
line aux 0
line vty 0 4
 exec-timeout 0 0
 privilege level 10
 no login
!
end

SW1

interface FastEthernet0/1
 switchport trunk allowed vlan 1,2,8-12,1002-1005  //允许通过TRUNK的vlan
 switchport mode trunk
!
interface FastEthernet0/2
 switchport trunk allowed vlan 1,2,8-12,1002-1005
 switchport mode trunk
!
interface FastEthernet0/12
 switchport access vlan 12
!
interface Vlan1
 no ip address
!
interface Vlan8
 ip address 192.168.8.129 255.255.255.128
!
interface Vlan10
 ip address 192.168.10.1 255.255.255.0
 ip helper-address 192.168.12.200              // 注意配置DHCP中继地址
!
interface Vlan11
 ip address 192.168.11.1 255.255.255.0
 ip helper-address 192.168.12.200
!
interface Vlan12
 ip address 192.168.12.1 255.255.255.0
!
router rip
 version 2
 network 192.168.10.0
 network 192.168.11.0
 network 192.168.12.0
 no auto-summary

报文分析:

DHCP中继实验兼报文分析_dhcp _02

DHCP中继实验兼报文分析_dhcp _03

通过抓包,我们发现其DHCP中继过程如下:

客户端—————————DHCP relay————————服务器

(1)    dhcp discover(广播)                      dhcp discover (单播)

      源0.0.0.0  目 255.255.255.255                   源 192.168.10.1 目 192.168.12.200

(2)  dhcp offer  (广播)                                   dhcp offer  (单播)

(3) dhcp request (广播)                                dhcp request (单播)

 (4) dhcp ack   (广播)                                   dhcp ack   (单播)

 

其中 在(1)(2)中间 会有一个免费icmp报文,发给要分配的IP地址,以测试其是否被占用。

要点:1. dhcp 采用udp封装

            2.  dhcp sever 端口号67                     dhcp client 端口号 68

             3. 地址使用租期达到50%,发送单播 dhcp request。使用租期达到87.5%发送广播dhcp request报文。

           4.dhcp 地址分配优先级:(1)自己正在用的地址(老地址)(2)最先查找到得地址 (3)未找到可用地址,依次查询租期过期,发生冲突的地址,找到可用的进行分配。

           5.免费的ICMP