AUF DIESER SEITE
So konfigurieren Sie DHCP in einem IP-Clos-Netzwerk
Anforderungen
Konfigurieren Sie DHCP auf den folgenden Geräten, die Sie im Konfigurationsbeispiel Konfigurieren einer IP-Clos-Fabric für ein Campus-Netzwerk konfiguriert haben. In diesem Konfigurationsbeispiel wird das folgende Gerät verwendet:
Ein EX4600-Switch, auf dem Junos OS Version 20.2R3 als DCHP-Server ausgeführt wird. Der DHCP-Server kann ein externes Gerät in Ihrem Netzwerk sein.
Übersicht
In diesem Abschnitt erfahren Sie, wie Sie DHCP im Netzwerk konfigurieren. Um zu vermeiden, dass das Netzwerk mit DHCP-Erkennungspaketen überflutet wird, konfigurieren Sie DHCP auf einer Schnittstelle in einer VRF-Routing-Instanz. Beide Verteilungsgeräte sind mit EVPN-Multihoming (auch ESI-LAG genannt) konfiguriert, um als DHCP-Relay an einen über Layer 3 erreichbaren externen DHCP-Server zu fungieren. Dadurch wird redundante Konnektivität zur Aufrechterhaltung der DHCP-Dienste bereitgestellt, wenn eines der Verteilungsgeräte ausfällt. Die Verbindung zwischen dem Server und der Verteilungsschicht ist eine ESI. zeigt die Topologie des virtuellen Netzwerks mit einem DHCP-Server. Abbildung 1 zeigt die virtuelle Netzwerktopologie mit einem DHCP-Server.
Abbildung 1: Überlagerung der virtuellen Netzwerktopologie mit einem DHCP-Server
Konfiguration
CLI-Schnellkonfiguration
DHCP-Relay-Konfiguration für Access-Switches.
Schritt-für-Schritt-Anleitung
Konfigurieren Sie auf dem Zugriffs-Switch DHCP Relay.
set groups dhcp-relay forwarding-options dhcp-relay forward-only set groups dhcp-relay forwarding-options dhcp-relay forward-only-replies set groups dhcp-relay forwarding-options dhcp-relay group test interface vme.0 exclude set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay dhcpv6 group v6_relay active-server-group v6_server_group set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay dhcpv6 group v6_relay forward-only set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay dhcpv6 group v6_relay interface irb.1 set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay dhcpv6 group v6_relay interface irb.2 set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay dhcpv6 group v6_relay interface vme.0 exclude set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay dhcpv6 group v6_relay interface em0.0 exclude set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay dhcpv6 server-group v6_server_group abcd::80:01:01:02 set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay forward-only set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay forward-only-replies set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay server-group server_group_1 172.16.38.1 set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay group dhcp_relay_1 active-server-group server_group_1 set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay group dhcp_relay_1 forward-only set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay group dhcp_relay_1 route-suppression destination set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay group dhcp_relay_1 interface irb.1 set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay group dhcp_relay_1 interface irb.2 set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay group dhcp_relay_1 interface em0.0 exclude set groups dhcp-relay routing-instances VRF-ep-type2-1 forwarding-options dhcp-relay group dhcp_relay_1 interface vme.0 exclude set apply-groups dhcp-relay
Vergewissern Sie sich auf dem Zugriffs-Switch, dass die Route zum DHCP-Server über eine EVPN-Route vom Typ 5 erreichbar ist.
user@access-1>show route table VRF-ep-type2-1.evpn.0 VRF-ep-type2-1.evpn.0: 13 destinations, 17 routes (13 active, 0 holddown, 0 hidden) + = Active Route, - = Last Active, * = Both 5:172.16.3.1:3001::0::172.16.38.0::24/248 *[BGP/170] 01:41:21, localpref 100, from 172.16.3.1 AS path: I, validation-state: unverified > to 192.168.3.2 via ge-2/0/2.0 [BGP/170] 01:41:24, localpref 100, from 172.16.4.1 AS path: I, validation-state: unverified > to 192.168.3.2 via ge-2/0/2.0 5:172.16.4.1:3001::0::172.16.38.0::24/248 *[BGP/170] 01:41:24, localpref 100, from 172.16.4.1 AS path: I, validation-state: unverified to 192.168.4.2 via ge-0/0/1.0 > to 192.168.6.2 via ge-2/0/1.0 [BGP/170] 01:41:21, localpref 100, from 172.16.3.1 AS path: I, validation-state: unverified to 192.168.4.2 via ge-0/0/1.0 > to 192.168.6.2 via ge-2/0/1.0 5:172.16.3.1:3001::0::abcd::80:1:1:0::112/248 *[BGP/170] 01:41:21, localpref 100, from 172.16.3.1 AS path: I, validation-state: unverified > to 192.168.3.2 via ge-2/0/2.0 [BGP/170] 01:41:24, localpref 100, from 172.16.4.1 AS path: I, validation-state: unverified > to 192.168.3.2 via ge-2/0/2.0 5:172.16.4.1:3001::0::abcd::80:1:1:0::112/248 *[BGP/170] 01:41:24, localpref 100, from 172.16.4.1 AS path: I, validation-state: unverified > to 192.168.4.2 via ge-0/0/1.0 to 192.168.6.2 via ge-2/0/1.0 [BGP/170] 01:41:21, localpref 100, from 172.16.3.1 AS path: I, validation-state: unverified > to 192.168.4.2 via ge-0/0/1.0 to 192.168.6.2 via ge-2/0/1.0Konfigurieren Sie auf dem Zugriffs-Switch die VRF-Unterstützung, um EVPN-Routen vom Typ 5 an die Verteilungsschicht anzukündigen.
set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 protocols evpn ip-prefix-routes advertise direct-nexthop set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 protocols evpn ip-prefix-routes encapsulation vxlan set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 protocols evpn ip-prefix-routes vni 203001 set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 instance-type vrf set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 interface lo0.1 set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 interface irb.1 set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 interface irb.2 set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 interface irb.3 set groups VRF-TYPE-2-BD-1-52 routing-instances VRF-ep-type2-1 interface irb.4
Konfigurieren Sie auf den Verteilungsgeräten eine ESI-LAG-Schnittstelle zwischen den Verteilungsgeräten und dem DHCP-Server.
Verbreitung 1
set interfaces xe-0/0/5 ether-options 802.3ad ae1 set interfaces ae1 esi 00:00:00:ff:00:01:00:01:00:02 set interfaces ae1 esi all-active set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 aggregated-ether-options lacp system-id 00:00:00:99:99:01 set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk set interfaces ae1 unit 0 family ethernet-switching vlan members v3001 set interfaces irb unit 3001 virtual-gateway-accept-data set interfaces irb unit 3001 family inet address 172.16.38.2/24 virtual-gateway-address 172.16.38.3 set interfaces irb unit 3001 family inet6 address abcd::80:01:01:03/112 preferred set interfaces irb unit 3001 family inet6 address abcd::80:01:01:03/112 virtual-gateway-address abcd::80:01:01:01 set interfaces irb unit 3001 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 3001 virtual-gateway-v6-mac 00:00:5e:00:00:04 set vlans v3001 vlan-id 3001 set vlans v3001 l3-interface irb.3001 set vlans v3001 vxlan vni 103001 set groups type5-dhcp-server interfaces lo0 unit 3001 family inet set groups type5-dhcp-server routing-instances VRF-ep-type5-2 routing-options rib VRF-ep-type5-2.inet6.0 multipath set groups type5-dhcp-server routing-instances VRF-ep-type5-2 routing-options multipath set groups type5-dhcp-server routing-instances VRF-ep-type5-2 protocols evpn ip-prefix-routes advertise direct-nexthop set groups type5-dhcp-server routing-instances VRF-ep-type5-2 protocols evpn ip-prefix-routes encapsulation vxlan set groups type5-dhcp-server routing-instances VRF-ep-type5-2 protocols evpn ip-prefix-routes vni 203001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 instance-type vrf set groups type5-dhcp-server routing-instances VRF-ep-type5-2 interface lo0.3001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 interface irb.3001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 route-distinguisher 172.16.3.1:3001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 vrf-target target:100:1 set apply-groups dhcp-relay-fwd
Verteilung 2
set interfaces xe-0/0/5 ether-options 802.3ad ae1 set interfaces ae1 esi 00:00:00:ff:00:01:00:01:00:02 set interfaces ae1 esi all-active set interfaces ae1 aggregated-ether-options minimum-links 1 set interfaces ae1 aggregated-ether-options lacp active set interfaces ae1 aggregated-ether-options lacp periodic fast set interfaces ae1 aggregated-ether-options lacp system-id 00:00:00:99:99:01 set interfaces ae1 unit 0 family ethernet-switching interface-mode trunk set interfaces ae1 unit 0 family ethernet-switching vlan members v3001 set interfaces irb unit 3001 virtual-gateway-accept-data set interfaces irb unit 3001 family inet address 172.16.38.4/24 virtual-gateway-address 172.16.38.3 set interfaces irb unit 3001 family inet6 address abcd::80:01:01:04/112 preferred set interfaces irb unit 3001 family inet6 address abcd::80:01:01:04/112 virtual-gateway-address abcd::80:01:01:01 set interfaces irb unit 3001 virtual-gateway-v4-mac 00:00:5e:00:00:04 set interfaces irb unit 3001 virtual-gateway-v6-mac 00:00:5e:00:00:04 set vlans v3001 vlan-id 3001 set vlans v3001 l3-interface irb.3001 set vlans v3001 vxlan vni 103001 set groups type5-dhcp-server interfaces lo0 unit 3001 family inet set groups type5-dhcp-server routing-instances VRF-ep-type5-2 routing-options rib VRF-ep-type5-2.inet6.0 multipath set groups type5-dhcp-server routing-instances VRF-ep-type5-2 routing-options multipath set groups type5-dhcp-server routing-instances VRF-ep-type5-2 protocols evpn ip-prefix-routes advertise direct-nexthop set groups type5-dhcp-server routing-instances VRF-ep-type5-2 protocols evpn ip-prefix-routes encapsulation vxlan set groups type5-dhcp-server routing-instances VRF-ep-type5-2 protocols evpn ip-prefix-routes vni 203001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 instance-type vrf set groups type5-dhcp-server routing-instances VRF-ep-type5-2 interface lo0.3001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 interface irb.3001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 route-distinguisher 172.16.4.1:3001 set groups type5-dhcp-server routing-instances VRF-ep-type5-2 vrf-target target:100:1 set apply-groups type5-dhcp-server
Schließlich konfigurieren wir den EX4600-Switch so, dass er als DHCP-Server fungiert.
set groups DHCP_SERVER system services dhcp-local-server dhcpv6 group v6group interface irb.3001 set groups DHCP_SERVER system services dhcp-local-server group DHCP_Server interface irb.3001 set groups DHCP_SERVER system services dhcp-local-server group DHCP_Server interface em0.0 exclude set groups DHCP_SERVER interfaces irb unit 3000 family inet address 200.11.184.10/24 preferred set groups DHCP_SERVER routing-options rib inet6.0 static route 2001:db8::10:0:2:0/112 next-hop abcd::80:1:1:1 set groups DHCP_SERVER routing-options static route 10.0.2.0/24 next-hop 172.16.38.3 set groups DHCP_SERVER routing-options static route 10.0.1.0/24 next-hop 172.16.38.3 set groups DHCP_SERVER routing-options static route 172.16.1.0/24 next-hop 172.16.38.3 set groups DHCP_SERVER access address-assignment pool p1 family inet network 10.0.1.0/24 set groups DHCP_SERVER access address-assignment pool p1 family inet range p1_range low 10.0.1.10 set groups DHCP_SERVER access address-assignment pool p1 family inet range p1_range high 10.0.1.220 set groups DHCP_SERVER access address-assignment pool p1 family inet dhcp-attributes maximum-lease-time infinite set groups DHCP_SERVER access address-assignment pool p1 family inet dhcp-attributes router 10.0.1.254 set groups DHCP_SERVER access address-assignment pool p2 family inet network 10.0.2.0/24 set groups DHCP_SERVER access address-assignment pool p2 family inet range p2_range low 10.0.2.10 set groups DHCP_SERVER access address-assignment pool p2 family inet range p2_range high 10.0.2.220 set groups DHCP_SERVER access address-assignment pool p2 family inet dhcp-attributes maximum-lease-time infinite set groups DHCP_SERVER access address-assignment pool p2 family inet dhcp-attributes router 10.0.2.254 set groups DHCP_SERVER access address-assignment pool v6-p1 family inet6 range v6_p1_range low 2001:db8::10:0:2:10/112 set groups DHCP_SERVER access address-assignment pool v6-p1 family inet6 range v6_p1_range high 2001:db8::10:0:2:100/112
Überprüfen Sie auf dem EX4600-Switch, der als DHCP-Server fungiert, ob den DHCP-Clients erfolgreich IP-Adressen zugewiesen wurden.
user@ex4600-03> show dhcp server binding IP address Session Id Hardware address Expires State Interface 10.0.2.10 2 00:10:94:00:3c:f1 537735079 BOUND irb.3001 10.0.2.11 5 00:10:94:00:3c:f2 537735079 BOUND irb.3001 10.0.2.12 6 00:10:94:00:3c:f3 537735079 BOUND irb.3001 10.0.2.13 7 00:10:94:00:3c:f4 537735079 BOUND irb.3001 10.0.2.14 8 00:10:94:00:3c:f5 537735079 BOUND irb.3001 10.0.2.15 9 00:10:94:00:3c:f6 537735079 BOUND irb.3001 10.0.2.16 10 00:10:94:00:3c:f7 537735079 BOUND irb.3001 10.0.2.17 11 00:10:94:00:3c:f8 537735079 BOUND irb.3001 10.0.2.18 12 00:10:94:00:3c:f9 537735079 BOUND irb.3001 10.0.2.19 13 00:10:94:00:3c:fa 537735079 BOUND irb.3001