配置启用dhcp
启用dhcp 时间:2021-04-03 阅读:()
ASA:DHCPv6中继配置示例和故障排除目录简介先决条件要求使用的组件有状态的与无状态的DHCPv6网络图DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置数据包流验证调试Wireshark快照有状态的DHCPv6配置数据包流验证调试Wireshark快照故障排除DHCP中继输出版本地址调试相关信息相关的思科支持社区讨论简介本文描述如何配置思科可适应安全工具(ASA),DHCPv6中继代理并且包括那些基本故障排除.
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
快云科技:夏季大促销,香港VPS7.5折特惠,CN2 GIA线路; 年付仅不到五折巨惠,续费永久同价
快云科技怎么样?快云科技是一家成立于2020年的新起国内主机商,资质齐全 持有IDC ICP ISP等正规商家。我们秉承着服务于客户服务于大众的理念运营,机器线路优价格低。目前已注册用户达到5000+!主营产品有:香港弹性云服务器,美国vps和日本vps,香港物理机,国内高防物理机以及美国日本高防物理机!产品特色:全配置均20M带宽,架构采用KVM虚拟化技术,全盘SSD硬盘,RAID10阵列, 国...
DogYun27.5元/月香港/韩国/日本/美国云服务器,弹性云主机
DogYun怎么样?DogYun是一家2019年成立的国人主机商,称为狗云,提供VPS及独立服务器租用,其中VPS分为经典云和动态云(支持小时计费及随时可删除),DogYun云服务器基于Kernel-based Virtual Machine(Kvm)硬件的完全虚拟化架构,您可以在弹性云中,随时调整CPU,内存,硬盘,网络,IPv4路线(如果该数据中心接入了多条路线)等。DogYun弹性云服务器优...
【IT狗】在线ping,在线tcping,路由追踪
IT狗为用户提供 在线ping、在线tcping、在线路由追踪、域名被墙检测、域名被污染检测 等实用工具。【工具地址】https://www.itdog.cn/【工具特色】1、目前同类网站中,在线ping 仅支持1次或少量次数的测试,无法客观的展现目标服务器一段时间的网络状况,IT狗Ping工具可持续的进行一段时间的ping测试,并生成更为直观的网络质量柱状图,让用户更容易掌握服务器在各地区、各线...
启用dhcp为你推荐
-
酒店回应名媛拼单酒店分房时出现单男单女时,怎样处理?梦之队官网梦之队是什么呢?是那个国家的呢?他们又是参加那个项目的呢?得了几块金牌呢?access数据库ACCESS数据库有什么用22zizi.comwww 地址 didi22怎么打不开了,还有好看的吗>com巫正刚阿迪三叶草彩虹板鞋的鞋带怎么穿?详细点,最后有图解。高分求www.622hh.comwww.710av.com怎么不可以看了www.765.com下载小说地址www.sesehu.comwww.121gao.com 是谁的网站啊ip查询器怎么样查看自己电脑上的IP地址www.zhiboba.com上什么网看哪个电视台直播NBA