-

 

LAB: DHCP Relay Agent


 

Our Objectives:

1.       Upper router will be configured as a DHCP Server, which will provide IP information to 4 regions (Green, Purple, Yellow, Blue) of 2 Branches

2.       Hosts of Green color region will get IP of 10.10.10.0/24 Network.

Hosts of purple color region will get IP of 10.10.20.0/24 Network.

Hosts of Yellow color region will get IP of 10.10.30.0/24 Network.

Hosts of Blue color region will get IP of 10.10.40.0/24 Network.

3.       WEB-Server of Green Region will get Fixed IP (10.10.10.2/24) from DHCP Server

4.       FTP-Server of Blue Region will get Fixed IP (10.10.40.2/24) from DHCP Server

5.       You have to configure DHCP Snooping feature into Core-Switch

 

Let’s  Start guys!!!!!!!!!!

1.       We will configure IN-DC-DHCP-Server first. From here we will access internet.

 


WAN side configuration(Internet Access from DHCP Router) & LAN side configuration

IN-DC-DHCP_Server

[WAN side configuration(Internet Access from DHCP Router)]

IN-DC-DHCP_Server#conf t

IN-DC-DHCP_Server(config)#int f1/0

IN-DC-DHCP_Server(config-if)#ip add dhcp

IN-DC-DHCP_Server(config-if)#no shut

IN-DC-DHCP_Server(config-if)#do sh ip int brief

 

[For Accessing Internet { For resolving Name from IP address }]

IN-DC-DHCP_Server(config)#ip domain lookup

IN-DC-DHCP_Server(config)#do ping google.com                     [you should get google access now]

 =========================================================

[LAN side Configuration by Setting IP statically]

IN-DC-DHCP_Server(config)#int f0/0

IN-DC-DHCP_Server(config-if)#ip add 172.16.1.1 255.255.255.252

IN-DC-DHCP_Server(config-if)#no sh

 ===========================================================


DHCP Server Configuration by creating 4 pools

IN-DC-DHCP_Server(config)#hostname server                              [Changing the hostname ]

server(config)#ip dhcp pool 10-Net

server(dhcp-config)#network 10.10.10.0 255.255.255.0

server(dhcp-config)#default-router 10.10.10.1

server(dhcp-config)#dns-server 8.8.8.8

server(dhcp-config)#ip dhcp pool 20-Net

server(dhcp-config)#network 10.10.20.0 255.255.255.0

server(dhcp-config)#default-router 10.10.20.1

server(dhcp-config)#dns-server 9.9.9.9

 

server(dhcp-config)#ip dhcp pool 30-Net

server(dhcp-config)#network 10.10.30.0 255.255.255.0

server(dhcp-config)#default-router 10.10.30.1

server(dhcp-config)#dns-server 8.8.4.4

 

server(dhcp-config)#ip dhcp pool 40-Net

server(dhcp-config)#network 10.10.40.0 255.255.255.0

server(dhcp-config)#default-router 10.10.40.1

server(dhcp-config)#dns-server 1.1.1.1

 

 

 

At Core-Switch Configuration:

Sometimes you may see such kind of below message.


Then, what we will do?

By Default, Switch port is enabled by Half-Duplex Mode. However, Router port is Full Duplex. That is why there will appear a miss match error. Therefore, you have to configure switch port as full duplex mode.

Here, I have used "no negotiation auto" command. By default, auto negotiation is enabled in switch. That is why "duplex full" command may not be executed. If there is problem with this "duplex full" command then you should use this "no negotiation auto" command.

Switch

vIOS-L2-01(config)#int range g0/0-1                            [2 interfaces are configured by range command]

vIOS-L2-01(config-if-range)#no negotiation auto

vIOS-L2-01(config-if-range)#duplex full

 


 

 

 

By Default, Switch port is enabled by Half-Duplex Mode. However, Router port is Full Duplex. That is why there will appear a miss match error. Therefore, you have to configure switch port as full duplex mode.

Here, I have used "no negotiation auto" command. By default, auto negotiation is enabled in switch. That is why "duplex full" command may not be executed. If there is problem with this "duplex full" command then you should use this "no negotiation auto" command.

 

HO Router Configuration:

HO Router

HO(config)#int f0/0

HO(config-if)#ip add 172.16.1.2 255.255.255.252

HO(config-if)#no sh

 

HO(config-if)#int f1/0

HO(config-if)#ip add 192.168.1.1 255.255.255.252

HO(config-if)#no sh

 

HO(config-if)#int f2/0

HO(config-if)#ip add 192.168.1.5 255.255.255.252

HO(config-if)#no sh

HO(config-if)#do wr

 

BR-1 Router Configuration:

BR-1 Router

BR-1(config)#int f0/0

BR-1(config-if)#ip add 192.168.1.2 255.255.255.252

BR-1(config-if)#no sh

 

BR-1(config-if)#int f1/0

BR-1(config-if)#ip add 10.10.10.1 255.255.255.0

BR-1(config-if)#no sh

 

BR-1(config-if)#int f2/0

BR-1(config-if)#ip add 10.10.20.1 255.255.255.0

BR-1(config-if)#no sh

BR-1(config-if)#do wr

 

BR-2 Router Configuration:

BR-2 Router

BR-2(config)#int f0/0

BR-2(config-if)#ip add 192.168.1.6 255.255.255.252

BR-2(config-if)#no sh

 

BR-2(config-if)#int f1/0

BR-2(config-if)#ip add 10.10.30.1 255.255.255.0

BR-2(config-if)#no sh

 

BR-2(config-if)#int f2/0

BR-2(config-if)#ip add 10.10.40.1 255.255.255.0

BR-2(config-if)#no sh

BR-2(config-if)#do wr

 

Routing Protocol implementation into all routers

Server

HO

server(config-router)#router rip

server(config-router)#net 172.16.1.0

server(config-router)#no au

HO(config-if)#router rip

HO(config-router)#version 2

HO(config-router)#net 172.16.1.0

HO(config-router)#net  192.168.1.0

HO(config-router)#net 192.168.1.4

HO(config-router)#no au

 


 

BR-1

BR-2

BR-1(config-if)#router rip

BR-1(config-router)#version 2

BR-1(config-router)#net 10.10.10.0

BR-1(config-router)#net 10.10.20.0

BR-1(config-router)#net  192.168.1.0

BR-1(config-router)#no au

 

BR-2(config-if)#router rip

BR-2(config-router)#version 2

BR-2(config-router)#net 10.10.30.0

BR-2(config-router)#net 10.10.40.0

BR-2(config-router)#net 192.168.1.4

BR-2(config-router)#no au

 

 

Relay Agent Configuration & Verification

Router

Interface

Connected local subnet

BR-1

Fa1/0

10.10.10.0/24

BR-1

Fa2/0

10.10.20.0/24

BR-2

Fa1/0

10.10.30.0/24

BR-2

Fa2/0

10.10.40.0/24

 

 

 

Therefore, we have to configure the DHCP-Relay at those ports.

Configuration:

BR-1

BR-2

BR-1(config)#int f1/0

BR-1(config-if)#ip helper-address 172.16.1.1

BR-1(config-if)#int f2/0

BR-1(config-if)#ip helper-address 172.16.1.1

 


 

BR-2(config)#int f1/0

BR-2(config-if)#ip helper-address 172.16.1.1

BR-2(config-if)#int f2/0

BR-2(config-if)#ip helper-address 172.16.1.1

 


 

 

Verification:

We are getting IP by dhcp from my DHCP-Server into WEB-Server & FTP-Server. See below image. Means our DHCP server is able to give IP information to all client devices because of

DHCP Relay Agent configuration is working properly.

 


Here, WEB-Server is located into 10-Network. It is getting from 10-Net Pool properly. It’s IP=10.10.40.2


Here, FTP-Server is located into 40-Network. It is getting from 40-Net Pool properly. It’s IP=10.10.40.2


MAC Binding Configuration

Now, we want that, WEB & FTP servers will get fixed IP from relative pool.

WEB-Server will get a fixed IP like – 10.10.10.100/24

FTP-Server will get a fixed IP like – 10.10.40.100/24

As, already DHCP server has given IP info to those servers, so already a binding is created. We have to clear those first. Otherwise when we will configure binding process an error message will appear.


We will clear those bindings by “clear ip dhcp binding *” command. Here, * à means all entry will be cleared. If you want to clear specific entry, you can also do that by setting that specific IP instead of  * . Like if I want to clear only 10.10.10.2, then we will give à clear ip dhcp binding 10.10.10.2


 

Now we will configure the MAC-Binding process at DHCP-Server.

** Note: Here need client-identifier, which we will get by “show ip dhcp binding” command. You need to copy from “Client ID/Hardwer Address/User Name” part & paste it into a notepad. Then it needs to organize as like below image.


[For WEB Server]

server(config)#ip dhcp pool WEB-Server

server(dhcp-config)#host 10.10.10.100

server(dhcp-config)#client-identifier 0063.6973.636f.2d63.6130.352e.3166.6363.2e30.3030.302d.4661.302f.30


[For FTP Server]

server(dhcp-config)#ip dhcp pool FTP-Server

server(dhcp-config)#host 10.10.40.100

server(dhcp-config)# client-identifier 0063.6973.636f.2d63.6130.362e.3037.6563.2e30.3030.302d.4661.302f.30


Verification from WEB-Server & FTP-Server


 


 

DHCP Snooping Configuration into Core-Switch

Core-Switch

vIOS-L2-01(config)#hostname core-sw

core-sw(config)#ip dhcp snooping

core-sw(config)#ip dhcp snooping vlan 1

core-sw(config)#int g0/0

core-sw(config-if)#ip dhcp snooping trust

core-sw(config-if)#exit

 


 

 

A command may have to execute at DHCP Server:

Server

server(config)#ip dhcp relay information trust-all         [To accept DHCP Option 82 Packets]

 


 

 

** Note: Another command may be executed in configuration mode when another Switch is inserted here.

ip dhcp snooping information option allow-untrusted



** Document Link:
=============
https://drive.google.com/file/d/147mv7MpZIcBmIEA0XSMge6kF2ziyzLbE/view?usp=sharing

Comments

  1. Rekha RoyDecember 26, 2021 at 8:43 AM

    Red Prism Group ins one of the best Django coaching in Noida. Learn Django from industry expert with practical training, live projects and got your certificate.

    ReplyDelete

Post a Comment

Popular posts from this blog

Some Questions for MTCNA Exam

-
Image
  ** Some Questions for MTCNA Exam **  ## Link for testing your skill for MTCNA: https://www.proprofs.com/quiz-school/story.php?title=ODQzMzMy1LXH 1.  Choose correct statements for MikroTik proxy (MULTI) A. Controls domains or servers which are allowed to cache by Proxy B. To deny access to a specific website, caching should be enabled C. Destination NAT rule is required to utilize transparent proxy facility D. Can deny access to a specific domains or servers, but not specific web pages 2.  What can be used as ’target-address’ in the simple queue? (ONE) A. server’s address B. client’s address C. client’s MAC address D. address list name 3.  A MikoTik PPPoE Server can be used only within a broadcast domain, that is, users can not run PPPoE protocol with a server if there is a router between the customer and that PPPoE server. TRUE / FALSE 4.   What is the minimal possible wireless configuration to create an Access Point? (ONE) A. ssid B. DFS mode C. radio na...
Read more

ডিপ্লোমা লেভেল এর ইন্ডাস্ট্রিয়াল এটাচমেন্ট এ আসার পূর্বে একটু ভেবে আসার অনুরোধ রইলো

-
Image
আসসালামু আলাইকুম , আইটি বাংলাদেশ এর পক্ষ থেকে আপনাদেরকে স্বাগতম। আশা করি আপনারা ভালো ভাবে পড়াশোনা করছেন।  আপনারা অনেকেই ইন্ডাস্ট্রিয়াল এটাচমেন্ট এ আইটি বাংলাদেশ এ আসার জন্য আগ্রহ প্রকাশ করছেন।  সেটা সত্যি আমাদের জন্য ভালো লাগার বিষয়।  তবে কিছু  বিষয় আপনাদের কে জানিয়ে রাখা ভালো মনে করছি । আপনারা  যদি আইটি বাংলাদেশ এ আসেন তাহলে মন মানুষিকতা একটু পরিবর্তন করে আসার চেষ্টা করবেন।               আইটি বাংলাদেশ এর পক্ষ থেকে আপনাদেরকে সেই বিষয় গুলো একটু জানাচ্ছি      ১) আপনি জব না নিয়ে ঢাকা ছেড়ে বাবা মার্ কাছে যাবেন না নেহাত একদম দরকার না হলে। আর তাছাড়া এইবার জুলাই মাসের ২-৩ তারিখ থেকে আমরা স্টার্ট করবো , তাই কুরবানী ঈদ শেষ করে আসতে পারছেন আপনারা।  তাই ৩ - ৪ মাস বাড়ি না গেলেও প্রব্লেম হবার কথা না। বাসায় বাবা মা কে  বলে আসবেন, প্রব্লেম হবার কথা না।        ২) মুশফিক স্যার  ( আইটি বাংলাদেশ এর পরিচালক )   যেভাবে বলে সেইভাবে কাজ করার জন্য দৃঢ় প্রতিজ্ঞাবদ্ধ হয়ে আসবেন। ...
Read more

Basic Router & Switch IOS commands

-
Image
  Video Links: Purpose Command To See running config file Show    running-config    or sh  run   Displays configuration saved in NVRAM Show   startup-config To see IP info of interfaces Show   ip interface brief      To see statistics of all interfaces Show   interfaces To see specific item from  running configuration                            Show interface f0/0   [ Only see the info of the specific interface f0/0 ] sh  run  | section  line  [ Only see the info of all line sections ] * If you want to see only DHCP section, nothing else sh  run  | section  dhcp show run | begin ip [ If you want to see from that line where 'ip' word is present to last line...
Read more