IPv4 Management and Interfaces
IP interface addresses can be configured manually by the user, or automatically configured by a DHCP server. This section provides information for defining the device IP addresses, either manually or by making the device a DHCP client. This section covers the IPv4 management and interfaces.
IPv4 Interface
IPv4 interface addresses can be configured manually by the user, or automatically configured by a DHCP server. This section provides information for defining the device IPv4 addresses, either manually or by making the device a DHCP client. The IPv4 Interface page is used to configure IP addresses for device management. This IP address can be configured on a port, a LAG, VLAN, loopback interface or out-of-band interface. You can configure multiple IP addresses (interfaces) on the device. It then supports traffic routing between these various interfaces and also to remote networks. By default and typically, the routing functionality is performed by the hardware. If hardware resources are exhausted or there’s a routing table overflow in the hardware, IP routing is performed by the software.
Note |
The device software consumes one VLAN ID (VID) for every IP address configured on a port or LAG. The device takes the first VID that isn’t used starting from 4094. |
To configure the IPv4 addresses, follow these steps:
Procedure
Step 1 |
Click IP Configuration >IPv4 Management and Interfaces > IPv4 Interface. Enter the following fields:
|
||
Step 2 |
Click Apply. The parameter is saved to the Running Configuration file. The following fields are displayed in the IPv4 Interface Table:
|
||
Step 3 |
Click Add. |
||
Step 4 |
Select the Interface: Select the port, LAG, VLAN or loopback as the interface associated with this IP configuration, and select an interface from the list. select an interface from the associated list. |
||
Step 5 |
Select the IP Address Type: Select one of the following options:
|
||
Step 6 |
Click Apply. The IPv4 address settings are written to the Running Configuration file.
|
IPv4 Static Routes
This page enables configuring and viewing IPv4 static routes on the device. When routing traffic, the next hop is decided on according to the longest prefix match (LPM algorithm). A destination IPv4 address may match multiple routes in the IPv4 Static Route Table. The device uses the matched route with the highest subnet mask, that is, the longest prefix match. If more than one default gateway is defined with the same metric value, the lowest IPv4 address from among all the configured default gateways is used.
To define an IP static route, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > IPv4 Static Routes. The IPv4 Static Routes Table is displayed. The following fields are displayed for each entry:
|
||
Step 2 |
Click Add. |
||
Step 3 |
Enter values for the following fields:
|
||
Step 4 |
Click Apply. The IP Static route is saved to the Running Configuration file. |
IPv4 Forwarding Table
To view the IPv4 Forwarding Table, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces >IPv4 Forwarding Table. The IPv4 Forwarding Table is displayed. The following fields are displayed for each entry:
|
Step 2 |
Click the Refresh icon to refresh the data. |
RIPv2
This section describes the Routing Information Protocol (RIP) version 2 feature.
Routing Information Protocol (RIP) is an implementation of a distance-vector protocol for local and wide-area networks. It classifies routers as either active or passive (silent). Active routers advertise their routes to others; passive routers listen and update their routes based on advertisements, but do not advertise. Typically, routers run RIP in active mode, while hosts use passive mode.
The default gateway is a static route and it is advertised by RIP in the same way as all other static routers, if it is enabled by configuration.
When IP Routing is enabled, RIP works fully. When IP Routing is disabled, RIP works in the passive mode, meaning that it only learns routes from the received RIP messages and does not send them.
Note |
To enable IP Routing, go to the IPv4 Interface page. |
The device supports RIP version 2, which is based on the following standards:
-
RFC2453 RIP Version 2, November 1998
-
RFC2082 RIP-2 MD5 Authentication, January 1997
-
RFC1724 RIP Version 2 MIB Extension
Received RIPv1 packets are dropped.
Enabling RIP
-
RIP must be enabled globally and per interface.
-
RIP can only be configured if it is enabled.
-
Disabling RIP globally deletes the RIP configuration on the system.
-
Disabling RIP on an interface deletes the RIP configuration on the specified interface.
-
If IP Routing is disabled, RIP messages are not sent, although when RIP messages are received, they are used to update the routing table information.
Note |
RIP can only be defined on manually-configured IP interfaces, meaning that RIP cannot be defined on an interface whose IP address was received from a DHCP server or whose IP address is the default IP address. |
RIPv2 Properties
Note |
This feature is only supported on 550 family of devices. |
To enable/disable RIP on the device.
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces> RIPv2 > RIPv2 Properties. |
Step 2 |
Select the following options as required:
|
Step 3 |
Redistribute Static Route—Select to enable this feature. |
Step 4 |
If Redistribute Static Route is enabled, select an option for the Redistribute Static Metric field. The following options are available:
|
Step 5 |
Redistribute Connected Route—Select to enable this feature (described in Redistributing Static Route Configuration. |
Step 6 |
If Redistribute Connected Route is enabled, select an option for the Redistribute Connected Metric field. The following options are available:
|
Step 7 |
Click Apply. The settings are written to the Running Configuration file. |
RIPv2 Settings
To configure RIP on an IP interface:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > RIPv2 > RIPv2 Settings. |
Step 2 |
RIP parameters are displayed per IP interface. To add a new IP interface, click Add and enter the following fields:
|
Step 3 |
Click Apply. The settings are written to the Running Configuration file. |
RIPv2 Statistics
To view the RIP statistical counters for each IP address:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > RIPv2 > RIPv2 Statistics. The following fields are displayed:
|
Step 2 |
To clear all interface counters, click Clear All Interface Counters. |
RIPv2 Peer Router Database
To view the RIP Peers (neighbors) database:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > RIPv2 > RIPv2 Peer Router Database. The following fields are displayed for the peer router database:
|
Step 2 |
To clear all counters, click Clear All Interface Counters. |
Access List
Access lists consists of permit and/or deny statements that filter traffic on a device. These statements are executed in a top down fashion. As traffic encounters the access list, the access list is parsed top to bottom, looking for a match. The first match encountered will determine if the traffic is permitted or denied. Therefore, the order of your access list statements is extremely important. Access list should be built from most specific to least specific. This will keep unintentional matching to a minimum. If no match is found, there is an implicit "deny everything" at the end of all access list statements.
Access lists are an integral part of working with switches, and they are vital to security.
Access List Settings
To set the global configuration of an access list, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > Access List > Access List Settings. |
Step 2 |
To add a new Access List, click Add to open the Add Access List page and enter the following fields:
|
Step 3 |
Click Apply. The settings are written to the Running Configuration file. |
Source IPv4 Address List
To populate an access list with IP addresses, complete the following:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > Access List > Source IPv4 Address List. |
Step 2 |
To modify the parameters of an access list, click Add and modify any of the following fields:
|
Step 3 |
Click Apply. The settings are written to the Running Configuration file. |
VRRP
Note |
The VRRP feature is only available on the Cisco 550x series switches. |
VRRP is an election and redundancy protocol that dynamically assigns the responsibility of a virtual router to one of the physical routers on a LAN. This increase the availability and reliability of routing paths in the network.
In VRRP, one physical router in a virtual router is elected as the stack active unit, with the other physical router of the same virtual router acting as backups in case the stack active unit fails. The physical routers are referred as VRRP routers.
The default gateway of a participating host is assigned to the virtual router instead of a physical router. If the physical router that is routing packets on behalf of the virtual router fails, another physical router is selected to automatically replace it. The physical router that is forwarding packets at any given time is called the active router.
VRRP also enables load sharing of traffic. Traffic can be shared equitably among available routers by configuring VRRP in such a way that traffic to and from LAN clients are shared by multiple routers.
Virtual Routers
VRRP properties can be configured and customized in the VRRP Virtual Routers page.
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > VRRP > Virtual Routers. The virtual routers are displayed. The fields are described in the Add page except for the following fields that are generated by the system:
|
||
Step 2 |
To add a virtual router, click Add. |
||
Step 3 |
Enter the following fields:
|
||
Step 4 |
To add your new router to the list, click Apply. |
||
Step 5 |
To see further information about a virtual router, select it and click Details. The following fields are displayed for the selected virtual router:
|
VRRP Statistics
To view VRRP statistics and to clear interface counters:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > VRRP> VRRP Statistics. The following fields are displayed for every interface on which VRRP is enabled:
|
Step 2 |
Select an interface. |
Step 3 |
Click Clear Interface Counters to clear the counters for that interface. |
Step 4 |
Click Clear All Interface Counters to clear all the counters. |
SLA
Note |
The SLA feature is only available on the Cisco 550x series switches. |
Object tracking of IP Service Level Agreements (SLAs) operations allows tracking clients to track the output from IP SLAs objects and use the provided information to trigger an action.
Cisco IOS IP SLAs is a network performance measurement and diagnostics tool that uses active monitoring. Active monitoring is the generation of traffic in a reliable and predictable manner to measure network performance. software uses IP SLAs to collect real-time metrics such as response time, network resource availability, application performance, jitter (interpacket delay variance), connect time, throughput, and packet loss. These metrics can be used for troubleshooting, for proactive analysis before problems occur, and for designing network topologies.
ICMP-Echo Operations
IP SLA ICMP-Echo operations can be configured in this page. These operations will be executed according to the frequency entered.
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > SLA > ICMP-Echo Operations. The ICMP-Echo operations are displayed (some fields described in the Add page):
|
||
Step 2 |
To add a new operation, click Add. |
||
Step 3 |
Enter the following fields:
|
||
Step 4 |
Click Apply to save the settings. |
SLA Tracks
SLA tracks can be configured in this page. SLA tracks are used to track IP SLA return codes and set a state of up or down, accordingly.
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > SLA > SLA Tracks. The SLA Track objects are displayed (some fields are described in the Add page):
|
Step 2 |
To add a new object, click Add. |
Step 3 |
Enter the following fields:
|
Step 4 |
Click Apply to save the settings. |
ICMP-Echo Statistics
To view SLA statistics.
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > SLA > ICMP-Echo Statistics. |
Step 2 |
Enter the following fields:
|
Step 3 |
View the following fields:
|
ARP
The device maintains an ARP (Address Resolution Protocol) table for all known devices that reside in the IP subnets directly connected to it. A directly connected IP subnet is the subnet to which an IPv4 interface of the device is connected. When the device is required to send/route a packet to a local device, it searches the ARP table to obtain the MAC address of the device. The ARP table contains both static and dynamic addresses. Static addresses are manually configured and don’t age out. The device creates dynamic addresses from the ARP packets it receives. Dynamic addresses age out after a configured time.
Note |
The mapping information is used for routing and to forward generated traffic. |
To define the ARP tables, complete the following steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > ARP. |
Step 2 |
Enter the parameters.
|
Step 3 |
Click Apply. The ARP global settings are written to the Running Configuration file. The ARP table displays the following fields:
|
Step 4 |
Click Add. |
Step 5 |
Enter the parameters:
|
Step 6 |
Click Apply. The ARP entry is saved to the Running Configuration file. |
ARP Proxy
The Proxy ARP technique is used by the device on a given IP subnet to answer ARP queries for a network address that isn’t on that network.
Note |
The ARP proxy feature is only available when the device is in L3 mode. |
The ARP Proxy is aware of the destination of traffic, and offers another MAC address in reply. Serving as an ARP Proxy for another host effectively directs LAN traffic destination to the host. The captured traffic is then typically routed by the Proxy to the intended destination by using another interface, or by using a tunnel. The process in which an ARP-query-request for a different IP address, for proxy purposes, results in the node responding with its own MAC address is sometimes referred to as publishing.
To enable ARP Proxy on all IP interfaces, complete the following steps:
Procedure
Step 1 |
Click IP Configuration> IPv4 Management and Interfaces >ARP Proxy. |
Step 2 |
Select ARP Proxy to enable the device to respond to ARP requests for remotely-located nodes with the device MAC address. |
Step 3 |
Click Apply. The ARP proxy is enabled, and the Running Configuration file is updated. |
UDP Relay/IP Helper
Switches don’t typically route IP Broadcast packets between IP subnets. However, this feature enables the device to relay specific UDP Broadcast packets, received from its IPv4 interfaces, to specific destination IP addresses.
To configure the relaying of UDP packets received from a specific IPv4 interface with a specific destination UDP port, add a UDP Relay:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > UDP Relay/IP Helper. |
Step 2 |
Click Add. |
Step 3 |
Select the Source IP Interface to where the device is to relay UDP Broadcast packets based on a configured UDP destination port. The interface must be one of the IPv4 interfaces configured on the device. |
Step 4 |
Enter the UDP Destination Port number for the packets that the device is to relay. Select a well-known port from the drop-down list, or click the port radio button to enter the number manually. |
Step 5 |
Enter the Destination IP Address that receives the UDP packet relays. If this field is 0.0.0.0, UDP packets are discarded. If this field is 255.255.255.255, UDP packets are flooded to all IP interfaces. |
Step 6 |
Click Apply. The UDP relay settings are written to the Running Configuration file. |
DHCP Snooping/Relay
This section covers Dynamic Host Configuration Protocol (DHCP) Snooping/Relay. A DHCP relay agent is any host that forwards DHCP packets between clients and servers. Relay agents are used to forward requests and replies between clients and servers when they are not on the same physical subnet. Relay agent forwarding is distinct from the normal forwarding of an IP router, where IP datagrams are switched between networks somewhat transparently. By contrast, relay agents receive DHCP messages and then generate a new DHCP message to send on another interface.
DHCP snooping is a layer 2 security technology built into the operating system of a capable network switch that drops DHCP traffic determined to be unacceptable. The fundamental use case for DHCP snooping is to prevent unauthorized (rogue) DHCP servers offering IP addresses to DHCP clients.
Properties
DHCP Relay transfers DHCP packets to the DHCP server. The device can transfer DHCP messages received from VLANs that do not have IP addresses. Whenever DHCP Relay is enabled on a VLAN without an IP address, Option 82 is inserted automatically.
TO set the DHCP Snooping/Relay properties, complete the followin steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Snooping/Relay > Properties. |
Step 2 |
Configure the following fields:
|
Step 3 |
Click Apply. The settings are written to the Running Configuration file. |
Step 4 |
To define a DHCP server, click Add. The Add DHCP Server dialog appears, with the IP version indicated. |
Step 5 |
Enter the IP address of the DHCP server and click Apply. The settings are written to the Running Configuration file. |
Option 82 Settings
Option 82 (DHCP Relay Agent Information Option) passes port and agent information to a central DHCP server, indicating where an assigned IP address physically connects to the network. The main goal of option 82 is to help to the DHCP server select the best IP subnet (network pool) from which to obtain an IP address.
Option 82, when enabled, applies to DHCP Relay interface with IP address and DHCP Snooping. Even if Option 82 isn’t enabled, and if DCHP relay is enabled on VLAN without an IP address, option 82 information will be inserted to DHCP packets received on this VLAN.
To configure the status on the device and the format of the Option 82 data within the DHCP message, follow these steps:
Procedure
Step 1 |
Click IP Configuration >IPv4 Management and Interfaces> DHCP Snooping/Relay> Option 82 Settings. Enter the following fields:
|
||
Step 2 |
Enter the Circuit-ID Template. Select Use Default to use the default Circuit-ID. Select User Defined to configure the Circuit-ID. Use the text box to enter the Circuit-ID template. The template is a string of free text and pre-defined tokens (see table below). You can enter tokens manually, or use the drop-down to select a token from the list of available tokens and add it to the Circuit-ID text by clicking the arrow button. Use the Preview button to view actual Sub option byte content and text representation of the selected sub-option. |
||
Step 3 |
Enter the Remote-ID Template in the same way as the Circuit-ID Template, using the related text box and drop-down list.
|
||
Step 4 |
Click Apply. The settings are written to the Running Configuration file. |
These are the tokens that are available from the drop-down box.
Option |
Description |
Reserved bytes |
Bytes used in Hex format |
Bytes used in ASCII format |
---|---|---|---|---|
$int-ifindex$ |
The ifIndex of the interface on which the DHCP client request was received. Value is taken from the ifIndex field of the ifTable MIB entry |
4 |
2 |
4 |
$int-portid$ |
The interface number relative to the specific unit (standalone or stacking unit). For physical interfaces this value begins with 1 for the 1st port on a specific unit, 2 for the 2nd port on that unit, until N for last port on that unit. For LAG interfaces the value is determined globally (and not based on specific unit), according to the LAG ID. For example, 1,2,3…. |
2 |
1 |
2 |
$int-name$ |
The full name of the interface, upon which the DHCP client request was received. The name is based on the interface full name format as used by CLI when configuring or displaying information for this interface |
32 |
NA |
Actual bytes used for the ASCII representation of the interface name (up to the limit of reserved bytes) |
$int-abrvname$ |
The abbreviated name of the interface, upon which the DHCP client request was received. This parameter is based on the abbreviated interface name format as used by CLI when configuring or displaying information for this interface. |
8 |
NA |
|
$int-desc-16$ |
Up to 16 (first) bytes of the interface description - for the interface, upon which the DHCP client packet was received. The value for this variable is taken from the description added by the user to the interface using the interface level "description" command. Max number of bytes to use is 16 (first bytes) - even if description is longer than 16 bytes. For interfaces without a user-defined description - the interface abbreviated interface name format is used. |
16 |
NA |
Actual bytes used for the ASCII representation of the interface description (up to the limit of reserved bytes) |
$int-desc-32$ |
Up to 32 (first) bytes of the interface description - for the interface, upon which the DHCP client packet was received. The value for this variable is taken from the description added by the user to the interface using the interface level "description" command. Max number of bytes to use is 32 (1st bytes) - even if description is longer than 32 bytes. For interfaces without user-defined description - the interface abbreviated interface name format is used. |
32 |
NA |
Actual bytes used for the ASCII representation of the interface description (up to the limit of reserved bytes) |
$int-desc-64$ |
The full interface description (up to 64 bytes) - for the interface, upon which the DHCP client packet was received. The value for this variable is taken from the description added by the user to the interface using the interface level "description" command. For interfaces without user-defined description - the interface abbreviated interface name format is used. |
64 |
NA |
|
$int-mac$ |
The MAC address of the physical interface upon which the DHCP client request was received. The format of this field is always HEX format, with no delimiter (for example, 000000112205). |
6 |
6 |
NA |
$switch-mac$ |
The base MAC address of the device inserting the option 82 (the relay agent). The format of this field is always HEX format, with no delimiter (for example, 000000112200). |
6 |
6 |
NA |
$switch-hostname-16$ |
Up to the first 16 bytes of the device hostname. |
16 |
NA |
Actual bytes used for the ASCII representation of the hostname (up to the limit of reserved bytes) |
$switch-hostname-32$ |
Up to the first 32 bytes of the device hostname. |
32 |
NA |
|
$switch-hostname-58$ |
The full hostname of the device. |
58 |
NA |
|
$switch-module-id$ |
The unit ID of the unit upon which the DHCP client request was received. In standalone systems ID is always equal 1. |
2 |
1 |
2 |
$vlan-id$ |
The VLAN ID of the VLAN upon the DHCP client request was received. Values 1-4094 |
4 |
2 |
4 |
$vlan-name-16$ |
Up to the first 16 bytes of the VLAN name, for the VLAN upon which the DHCP client request was received. If a name isn’t configure for the specified VLAN, the value is taken from the relevant VLAN ifDescr MIB field of ifTable MIB entry. |
16 |
NA |
Actual bytes used for the ASCII representation of the VLAN name (up to the limit of reserved bytes) |
$vlan-name-32$ |
The full VLAN name of the VLAN upon the DHCP client request was received. If a name is configure for the specified VLAN, the value is taken from the relevant ifDescr MIB field of ifTable MIB entry. |
32 |
NA |
Note |
The total reserved byte count of the payload of both sub-options must not exceed 247. The byte count isn’t updated dynamically and shown at the bottom of the screen. Byte count is based on the reserved length (see above) of the tokens included in the sub-option, plus the number of free text chars used in the sub-option. |
Interface Settings
DHCP Relay and Snooping can be enabled on any interface or VLAN. For DHCP relay to be functional, an IP address must be configured on the VLAN or interface.
DHCP Relay relays DHCP packets to the DHCP server. The device can relay DHCP messages received from VLANs that do not have IP addresses. Whenever DHCP Relay is enabled on a VLAN without an IP address, Option 82 is inserted automatically. This insertion is in the specific VLAN and does not influence the global administration state of Option 82 insertion.
DHCP snooping provides a security mechanism to prevent receiving false DHCP response packets and to log DHCP addresses. It does this by treating ports on the device as either trusted or untrusted. A trusted port is a port that is connected to a DHCP server and is allowed to assign DHCP addresses. DHCP messages received on trusted ports are allowed to pass through the device. An untrusted port is a port that is not allowed to assign DHCP addresses. By default, all ports are considered untrusted until you declare them trusted (in the Interface Settings page).
To enable DHCP Snooping/Relay on specific interfaces, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Snooping/Relay > Interface Settings. |
Step 2 |
To enable DHCP Relay or DHCP Snooping on an interface, click ADD. |
Step 3 |
Select DHCP Relay or DHCP Snooping or both to enable. |
Step 4 |
Click Apply. The settings are written to the Running Configuration file. |
DHCP Snooping Trusted Interfaces
Packets from untrusted ports/LAGs are checked against the DHCP Snooping Binding database. By default, interfaces are untrusted. To designate an interface as trusted, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Snooping/Relay > DHCP Snooping Trusted Interfaces. |
Step 2 |
Select the interface and click Edit. |
Step 3 |
Select Trusted Interface (Yes for trusted or No for untrusted). |
Step 4 |
Click Apply to save the settings to the Running Configuration file. |
DHCP Snooping Binding Database
Note the following points about maintenance of the DHCP Snooping Binding database:
-
The device doesn’t update the DHCP Snooping Binding database when a station moves toanother interface.
-
If a port is down, the entries for that port aren’t deleted.
-
When DHCP Snooping is disabled for a VLAN, the binding entries that collected for that VLAN are removed.
-
If the database is full, DHCP Snooping continue to forward packets but new entries aren’t created. Note that if the IP source guard and/or ARP inspection features are active, the clients that aren’t written in the DHCP Snooping Binding database aren’t been able to connect to the network.
To add entries to the DHCP Snooping Binding database, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Snooping/Relay > DHCP Snooping Binding Database. To see a subset of entries in the DHCP Snooping Binding database, enter the relevant search criteria in the filter and click Go. |
Step 2 |
To add an entry, click Add. The supported address type is IPv4. |
Step 3 |
Enter the fields:
|
Step 4 |
Click Apply. The settings are defined, and the device is updated. |
DHCP Server
The DHCP Server feature enables you to configure the device as a DHCPv4 server. A DHCPv4 server is used to assign IPv4 address and other information to another device (DHCP client) The DHCPv4 server allocates IPv4 addresses from a user-defined pool of IPv4 addresses.
These can be in the following modes:
-
Static Allocation—The hardware address or client identifier of a host is manually mapped to an IP address.
-
Dynamic Allocation—A client obtains a leased IP address for a specified period of time (that can be infinite). If the DHCP client does not renew the allocated IP Address, the IP address is revoked at the end of this period, and the client must request another IP address.
DHCP Server Properties
To configure the device as a DHCPv4 server, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Server > Properties. |
Step 2 |
Select Enable to configure the device as a DHCP server. |
Step 3 |
Click Apply. The device immediately begins functioning as a DHCP server. However, it does not assign IP addresses to clients until a pool is created. |
Network Pools
When the device is serving as a DHCP server, one or more pools of IP addresses must be defined, from which the device allocates IP addresses to DHCP clients. Each network pool contains a range of addresses that belong to a specific subnet. These addresses are allocated to various clients within that subnet.
When a client requests an IP address, the device as DHCP server allocates an IP address according to the following:
-
Directly Attached Client—The device allocates an address from the network pool whose subnet matches the subnet configured on the device’s IP interface from which the DHCP request was received.
If the message arrived directly (not via DHCP Relay) the pool is a Local pool and belongs to one of IP subnets defined on the input layer 2 interface. In this case, the IP mask of the pool equals to the IP mask of the IP interface and the minimum and maximum IP addresses of the pool belong to the IP subnet.
-
Remote Client—The device takes an IP address from the network pool with the IP subnet that matches the IP address of the DHCP relay agent.
If the message arrived via DHCP relay, the address used belongs to the IP subnet specified by minimum IP address and IP mask of the pool. That pool is a remote pool.
Up to 16 network pools can be defined.
To create a pool of IP addresses, and define their lease durations, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Server > Network Pools. The previously defined network pools are displayed. These fields are described below in the Add page. The following field is displayed (but not in the Add page):
|
Step 2 |
Click Add to define a new network pool. Note that you either enter the Subnet IP Address and the Mask, or enter the Mask, the Address Pool Start and Address Pool End. |
Step 3 |
Enter the fields:
|
Step 4 |
Click Apply. The Running Configuration file is updated. |
Excluded Addresses
By default, the DHCP server assumes that all pool addresses in a pool may be assigned to clients. A single IP address or a range of IP addresses can be excluded. The excluded addresses are excluded from all DHCP pools.
To define an excluded address range, follow these steps:
Procedure
Step 1 |
Click IP Configuration > > IPv4 Management and Interfaces > DHCP Server > Excluded Addresses. The previously defined excluded IP addresses are displayed. |
Step 2 |
To add a range of IP addresses to be excluded, click Add, and enter the fields:
|
Step 3 |
Click Apply. The Running Configuration file is updated. |
Static Hosts
You might want to assign some DHCP clients a permanent IP address that never changes. This client is then known as a static host. You can define up to 120 static hosts.
To manually allocate a permanent IP address to a specific client, complete the following steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Server > Static Hosts. The static hosts are displayed. The fields displayed are described in the Add page, except for the following:
|
||||||||||||||||||||||||||||||
Step 2 |
To add a static host, click Add, and enter the fields:
|
||||||||||||||||||||||||||||||
Step 3 |
Click Apply. The Running Configuration file is updated. |
DHCP Options
When the device is acting as a DHCP server, the DHCP options can be configured using the HEX option. A description of these options can be found in RFC2131. The configuration of these options determines the reply that is sent to DHCP clients whose packets include a request (using option 55) for the configured DHCP options. Example: The DHCP option 66 is configured with the name of a TFTP server in the DHCP Options page. When a client DHCP packet is received containing option 66, the TFTP server is returned as the value of option 66.
To configure one or more DHCP options, follow these steps:
Procedure
Step 1 |
Click IP Configuration > IPv4 Management and Interfaces > DHCP Server > DHCP Options. The previously configured DHCP options are displayed. |
Step 2 |
To configure an option that has not been configured yet, enter the field:
|
Step 3 |
Click Add and enter the fields:
|
Step 4 |
Click Apply. The Running Configuration file is updated. |
Address Binding
Use the Address Binding page to view and remove the IP addresses allocated by the device and their corresponding MAC addresses.
To view and/or remove address bindings, complete the following steps:
Procedure
Step 1 |
Click IP Configuration > > IPv4 Management and Interfaces > DHCP Server > Address Binding. The following fields for the address bindings are displayed:
|
Step 2 |
Click Delete. The Running Configuration file is updated. |