配置启用dhcp
启用dhcp 时间:2021-04-03 阅读:()
ASA:DHCPv6中继配置示例和故障排除目录简介先决条件要求使用的组件有状态的与无状态的DHCPv6网络图DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置数据包流验证调试Wireshark快照有状态的DHCPv6配置数据包流验证调试Wireshark快照故障排除DHCP中继输出版本地址调试相关信息相关的思科支持社区讨论简介本文描述如何配置思科可适应安全工具(ASA),DHCPv6中继代理并且包括那些基本故障排除.
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
onevps:新增(支付宝+中文网站),香港/新加坡/日本等9机房,1Gbps带宽,不限流量,仅需$4/月
onevps最新消息,为了更好服务中国区用户:1、网站支付方式新增了支付宝,即将增加微信;原信用卡、PayPal方式不变;(2)可以切换简体中文版网站,在网站顶部右上角找到那个米字旗,下拉可以换中国简体版本。VPS可选机房有:中国(香港)、新加坡、日本(东京)、美国(纽约、洛杉矶)、英国(伦敦)、荷兰(阿姆斯特丹)、瑞士(苏黎世)、德国(法兰克福)、澳大利亚(悉尼)。不管你的客户在亚太区域、美洲区...
无忧云(25元/月),国内BGP高防云服务器 2核2G5M
无忧云官网无忧云怎么样 无忧云服务器好不好 无忧云值不值得购买 无忧云,无忧云是一家成立于2017年的老牌商家旗下的服务器销售品牌,现由深圳市云上无忧网络科技有限公司运营,是正规持证IDC/ISP/IRCS商家,主要销售国内、中国香港、国外服务器产品,线路有腾讯云国外线路、自营香港CN2线路等,都是中国大陆直连线路,非常适合免北岸建站业务需求和各种负载较高的项目,同时国内服务器也有多个BGP以及高...
VirMach(8元/月)KVM VPS,北美、欧洲
VirMach,成立于2014年的美国IDC商家,知名的低价便宜VPS销售商,支持支付宝、微信、PayPal等方式付款购买,主打美国、欧洲暑假中心产品,拥有包括洛杉矶、西雅图、圣何塞、凤凰城在内的11个数据中心可以选择,可以自由搭配1Gbps、2Gbps、10Gbps带宽端口,有Voxility DDoS高防IP可以选择(500Gbps以上的防御能力),并且支持在控制面板付费切换机房和更换IP(带...
启用dhcp为你推荐
-
vc组合洛天依的组合都有谁同ip网站查询服务器禁PING 是不是就可以解决同IP网站查询问题bbs.99nets.com做一款即时通讯软件难吗 像hi qq这类的同ip域名什么是同主机域名同ip站点同ip站点很多有没有影响?javmoo.com找下载JAV软件格式的网站haole10.com空人电影网改网址了?www.10yyy.cn是空人电影网么抓站工具一起来捉妖神行抓妖辅助工具都有哪些?www.toutoulu.com老板强大的外包装还是被快递弄断了5566.com5566网址大全