配置启用dhcp
启用dhcp 时间:2021-04-03 阅读:()
ASA:DHCPv6中继配置示例和故障排除目录简介先决条件要求使用的组件有状态的与无状态的DHCPv6网络图DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置数据包流验证调试Wireshark快照有状态的DHCPv6配置数据包流验证调试Wireshark快照故障排除DHCP中继输出版本地址调试相关信息相关的思科支持社区讨论简介本文描述如何配置思科可适应安全工具(ASA),DHCPv6中继代理并且包括那些基本故障排除.
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
美国云服务器 1核 1G 30M 50元/季 兆赫云
【双十二】兆赫云:全场vps季付六折优惠,低至50元/季,1H/1G/30M/20G数据盘/500G流量/洛杉矶联通9929商家简介:兆赫云是一家国人商家,成立2020年,主要业务是美西洛杉矶联通9929线路VPS,提供虚拟主机、VPS和独立服务器。VPS采用KVM虚拟架构,线路优质,延迟低,稳定性强。是不是觉得黑五折扣力度不够大?还在犹豫徘徊中?这次为了提前庆祝双十二,特价推出全场季付六折优惠。...
RAKsmart 年中活动 独立服务器限时$30秒杀 VPS主机低至$1.99
RAKsmart 虽然是美国主机商,但是商家的主要客户群还是在我们国内,于是我们可以看到每次的国内节日促销活动期间商家也会发布促销。包括这次年中大促活动,RAKsmart商家也有发布为期两个月的年终活动,其中有商家擅长的独立服务器和便宜VPS主机。服务器包括站群服务器、特价服务器、高达10G带宽不限制流量的美国服务器。商家优惠活动,可以看到对应商品的优惠,同时也可以使用 优惠码 RAKBL9 同时...
cera:秋季美国便宜VPS促销,低至24/月起,多款VPS配置,自带免费Windows
介绍:819云怎么样?819云创办于2019,由一家从2017年开始从业的idc行业商家创办,主要从事云服务器,和物理机器819云—-带来了9月最新的秋季便宜vps促销活动,一共4款便宜vps,从2~32G内存,支持Windows系统,…高速建站的美国vps位于洛杉矶cera机房,服务器接入1Gbps带宽,采用魔方管理系统,适合新手玩耍!官方网站:https://www.8...
启用dhcp为你推荐
-
vc组合VC 组合框 禁用 破解sonicchat苹果手机微信显示WeChat留学生认证留学生服务中心认证内容和范围?关键字关键词编故事原代码什么叫源代码,源代码有什么作用百度关键词工具常见百度关键词挖掘方法分别是什么请列举?www.yahoo.com.hk香港有什么网页777k7.comwww 地址 777rv怎么打不开了,还有好看的吗>com同一服务器网站一个服务器能运行多少个网站mole.61.com摩尔庄园RK的秘密是什么?