配置启用dhcp
启用dhcp 时间:2021-04-03 阅读:()
ASA:DHCPv6中继配置示例和故障排除目录简介先决条件要求使用的组件有状态的与无状态的DHCPv6网络图DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置数据包流验证调试Wireshark快照有状态的DHCPv6配置数据包流验证调试Wireshark快照故障排除DHCP中继输出版本地址调试相关信息相关的思科支持社区讨论简介本文描述如何配置思科可适应安全工具(ASA),DHCPv6中继代理并且包括那些基本故障排除.
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
在ASA代码版本9.
0中及以后,ASA支持先决条件要求Cisco建议您了解以下主题:IPv6基本概念q寻址的IPv6机制qDHCPv6数据包流qDHCP中继概念q使用的组件本文档中的信息根据ASA5500版本9.
1.
2.
本文档中的信息都是基于特定实验室环境中的设备编写的.
本文档中使用的所有设备最初均采用原始(默认)配置.
如果您使用的是真实网络,请确保您已经了解所有命令的潜在影响.
有状态的与无状态的DHCPv6如果了解地址分配不同的说法在IPv6的,帮助您知道DHCPv6中继功能如何在ASA运作.
对动态地址分配的Refre在IPv6使用SLAAC和DHCP简介的无状态的地址自动配置(SLAAC)和DHCPv6.
网络图此配置示例描述如何配置ASA作为DHCPv6中继代理.
在此配置中,客户端是IPv6客户端连接的接口.
服务器是DHCPv6服务器2001:db8:200:2/64是可及的接口.
DHCPv6与DHCPv4消息类型无状态的DHCPv6中继配置这是无状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enableipv6ndother-config-flag!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用无状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试如果启用dhcprelay调试的IPv6并且调试IPv6dhcp,则相关输出打印对屏幕.
此输出从一个工作的方案被采取:IPv6DHCP:ReceivedINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNIPv6DHCP_RELAY:RelayingINFORMATION-REQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len34typeINFORMATION-REQUEST(11),xid1588088optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len6DNS-SERVERS,DOMAIN-LIST,UNKNOWNoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len67typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid1588088optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
com在INFORMATION-REQUEST请求包中,客户端仅请求dns-server和域,预计,因为cilent为无状态的DHCPv6配置.
Wireshark快照DHCP客户端请求ASA中继的DHCP请求从服务器的DHCP回复转发的回复对客户端有状态的DHCPv6配置这是有状态的DHCPv6中继配置的基本配置在ASA:interfaceGigabitEthernet0/1nameifCLIENTsecurity-level100ipv6address2001:db8:100::1/64ipv6enable!
interfaceGigabitEthernet0/0nameifSERVERsecurity-level0ipv6address2001:db8:200:1/64ipv6enable!
ipv6dhcprelayserver2001:db8:200:2insideipv6dhcprelayenableoutside数据包流使用有状态的DHCPv6,这是从客户端的数据包流:ASA截断这些数据包并且包裹他们到DHCP中继格式:验证调试IPv6DHCP:ReceivedSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20IPv6DHCP_RELAY:RelayingSOLICITfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:Creatingrelaybindingforfe80::c671:feff:fe93:b51aatinterfaceCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len48typeSOLICIT(1),xid2490681optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionIA-NA(3),len12IAID0x00040001,T10,T20optionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:ADVERTISEIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingADVERTISEtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeADVERTISE(2),xid2490681optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comIPv6DHCP:ReceivedREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::c671:feff:fe93:b51a(CLIENT)dstff02::1:2typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYIPv6DHCP_RELAY:RelayingREQUESTfromfe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP_RELAY:to2001:db8:200::2via2001:db8:200::2usingSERVERIPv6DHCP:SendingRELAY-FORWARDto2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::1dst2001:db8:200::2(SERVER)typeRELAY-FORWARD(12),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len90typeREQUEST(3),xid2492842optionELAPSED-TIME(8),len2elapsed-time0optionCLIENTID(1),len1000030001c471fe93b516optionORO(6),len4DNS-SERVERS,DOMAIN-LISToptionSERVERID(2),len1000030001002414a33c94optionIA-NA(3),len40IAID0x00040001,T10,T20optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionINTERFACE-ID(18),len40x00000015IPv6DHCP:ReceivedRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP:detailedpacketcontentssrc2001:db8:200::2(SERVER)dst2001:db8:200::1typeRELAY-REPLY(13),hop0link2001:db8:100::1peerfe80::c671:feff:fe93:b51aoptionRELAY-MSG(9),len111typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comoptionINTERFACE-ID(18),len40x00000015IPv6DHCP_RELAY:RelayingRELAY-REPLYfrom2001:db8:200::2onSERVERIPv6DHCP_RELAY:relayedmsg:REPLYIPv6DHCP_RELAY:tofe80::c671:feff:fe93:b51aIPv6DHCP:SendingREPLYtofe80::c671:feff:fe93:b51aonCLIENTIPv6DHCP:detailedpacketcontentssrcfe80::219:7ff:fe24:2e44dstfe80::c671:feff:fe93:b51a(CLIENT)typeREPLY(7),xid2492842optionSERVERID(2),len1000030001002414a33c94optionCLIENTID(1),len1000030001c471fe93b516optionIA-NA(3),len40IAID0x00040001,T143200,T269120optionIAADDR(5),len24IPv6address2001:db8:300:0:48ae:5f5d:8290:e926preferredINFINITY,validINFINITYoptionDNS-SERVERS(23),len162001:db8:1000::1optionDOMAIN-LIST(24),len11cisco.
comWireshark快照恳求(1)DHCPv6客户端传送请求信息为了找出DHCPv6服务器.
ASA中继请求消息.
通告(2)服务器传送通告信息为了表明为DHCP服务是可用的,以回应从客户端接收的请求消息.
REQUEST(3)客户端发送Request信息为了要求配置参数,包括IP地址或分配的前缀,从一个特定服务器.
回复(7)服务器传送包含已分配地址和配置参数以回应请求的回复信息,请求,更新或者重新绑定从客户端接收的消息.
服务器传送包含配置参数以回应Information-request消息的回复信息.
服务器传送回复信息以回应确认的确认消息或拒绝地址分配到客户端是适当的对客户端连接的链路.
服务器传送回复信息为了确认版本的收据或拒绝消息.
故障排除确认连接用DHCPv6服务器.
ciscoasa#showipv6neighborIPv6AddressAgeLink-layerAddrStateInterface2001:db8:200::200024.
14a3.
3c98REACHSERVER确认您收到从客户端的数据包,当它请求IPv6地址.
客户端发送的数据包将取决于地址分配设置(即有状态的与无状态).
当客户端开始DHCPv6进程时,发送路由器恳求消息为了发现IPv6路由器在线状态链路的.
它传送组播路由器垦请信息为了提示IPv6路由器响应.
在路由器垦请消息的以太网报头,这些字段显示:源地址域是请求IPv6地址主机的MAC地址.
q目的地址字段设置到33-33-00-00-00-02.
q在路由器垦请消息的IPv6报头,这些字段显示.
源地址域设置为链路本地IPv6地址分配到发送的接口或IPv6未指明的地址(::).
q目的地址字段设置为链路本地范围所有路由器组播地址(FF02::2).
q跳Limit字段设置到255.
q合情合理IPv6路由器发送未经请求的路由器通告消息路由器通告消息由主机包含需的信息为了确定链路前缀、链路最大传输单元(MTU)和特定路由.
ciscoasa(config)#showcapturecapindetailfe80::c671:feff:fe93:b51a.
546>ff02::1:2.
547:[udpsumok]udp42[hlim255](len100)---->Requestfromclientfe80::219:7ff:fe24:2e44.
547>fe80::c671:feff:fe93:b51a.
546:[udpsumok]udp75[class0xe0](len133,hlim255)ciscoasa(config)#showcapturecapoutdetail2packetscaptured1:12:06:52.
7007992001:db8:200:1.
547>2001:db8:200:2.
547:udp88[class0xe0]---->ASAforwardsrequesttoDHCPv6router2:12:06:53.
2890472001:db8:200:2.
547>2001:db8:200:1.
547:udp121[class0xe0]---->ReplyfromDHCPV6server.
DHCP中继输出ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56seconds注意:捆绑由ASA删除在短期之后.
这在dhcprelay调试的IPv6被看到.
ciscoasa#showipv6dhcprelaybinding1inuse,1mostusedClient:fe80::c671:feff:fe93:b51a(CLIENT)DUID:00030001c471fe93b516,Timeoutin56secondsciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8版本地址在他们执行使用它为网络后,客户端能发布他们的分配的DHCPv6地址.
下一部分显示用在有状态的DHCPv6的地址版本关联的debug输出.
调试ciscoasa#showipv6dhcprelaystatisticsRelayMessages:SOLICIT2ADVERTISE2REQUEST2CONFIRM0RENEW0REBIND0REPLY9RELEASE1DECLINE0RECONFIGURE0INFORMATION-REQUEST6RELAY-FORWARD11RELAY-REPLY11RelayErrors:Malformedmessage:0Blockallocation/duplicationfailure:0Hopcountlimitexceeded:0Forwardbindingcreationfailure:0Replybindinglookupfailure:0Nooutputroute:0Conflictrelayserverroute:0Failedtoaddserverinputrule:0Unitorcontextisnotactive:0TotalRelayBindingsCreated:8相关信息了解多种DHCP选项ASADHCP中继配置示例配置ASA通过IPv6流量有CLI和ASDM配置示例的ASA数据包捕获
Megalayer 香港CN2优化线路VPS主机速度和性能综合评测
对于Megalayer云服务器提供商在之前也有对于他们家的美国服务器和香港服务器进行过评测和介绍,但是对于大部分网友来说需要独立服务器和站群服务器并不是特别的普及,我们很多网友使用较多的还是云服务器或者VPS主机比较多。在前面也有在"Megalayer新增香港VPS主机 1GB内存 50GB SSD 2M带宽 月59元"文章中有介绍到Megalayer商家有新增香港CN2优化VPS主机。那时候看这...
御云(RoyalYun):香港CN2 GIA VPS仅7.9元每月起,美国vps仅8.9/月,续费同价,可叠加优惠
御云怎么样?炎炎暑期即将来临,御云(royalyun)香港、美国服务器开启大特惠模式。御云是新成立的云服务提供商,主要提供香港、美国的云服务器,不久将开启虚拟主机业务。我们的香港和美国主机采用CN2 GIA线路。目前,香港cn2 gia vps仅7.9元每月起,美国vps仅8.9/月,续费同价,可叠加优惠,香港云服务器国内延迟一般在50ms左右,是搭建网站的最佳选择,但是请不要用于违法用途。点击进...
瓜云互联:全场9折优惠,香港CN2、洛杉矶GIA高防vps套餐,充值最高返300元
瓜云互联怎么样?瓜云互联之前商家使用的面板为WHMCS,目前商家已经正式更换到了魔方云的面板,瓜云互联商家主要提供中国香港和美国洛杉矶机房的套餐,香港采用CN2线路直连大陆,洛杉矶为高防vps套餐,三网回程CN2 GIA,提供超高的DDOS防御,瓜云互联商家承诺打死退款,目前商家提供了一个全场9折和充值的促销,有需要的朋友可以看看。点击进入:瓜云互联官方网站瓜云互联促销优惠:9折优惠码:联系在线客...
启用dhcp为你推荐
-
安徽汽车网安徽省各地车牌号简称是按照什么顺序排的今日油条油条是怎样由来留学生认证国外留学生毕业证怎么进行认证呢?比肩工场比肩成局 什么意思同一服务器网站服务器建设:一个服务器有多个网站该如何设置?同一服务器网站一个服务器能运行多少个网站m.yushuwu.org花样滑冰名将YU NA KIM的资料谁有?梦遗姐昨晚和姐姐和她朋友一起吃晚饭,我们都喝了酒,我迷糊着回到家的,早上我回想起我好像发生关系射过,会不会是我姐姐,如果是这样我怎么办彪言彪语()言() 语b.faloo.com坏蛋是这样炼成的2出的最快的网站是那个?