Configuring DHCP Server

What is DHCP?

The DHCP (Dynamic Host Configuration Protocol) is an Internet protocol responsible for automating the configuration of computers which use TCP/IP. DHCP can be used to assign IP addresses to computers by delivering TCP/IP configuration addresses such as IP address, subnet masks, default routers and DNS addresses. It can also be used to provide information for a number of other services such as printers, time, news and TFTP servers.

Config

A Cisco router can be configured as a DHCP server to assign IP addresses. The range of IP addresses which can be given out is called a 'pool'. From this pool clients are leased addresses for a given time, after which the lease expires and the client needs to request a new IP address lease.
The following config lines show how to setup a DHCP pool of addresses in the 192.168.0.0 IP range:

no ip dhcp conflict logging
ip dhcp excluded-address 192.168.0.1 192.168.0.50
!
ip dhcp pool 1 
  network 192.168.0.0 255.255.255.0
  default-router 192.168.0.100
  domain-name jlsnet.co.uk
  dns-server 192.168.0.1 19 194.168.8.100
  next-server 192.168.0.1

The config above also shows how to set the Default Gateway and DNS Servers which are assigned to clients.
The Ethernet address of the switch is "00:07:eb:94:73:c0" and I wanted to assign a manual IP address 192.168.0.100 to it. So I declared:

ip dhcp pool switch
  host 192.168.0.99
  hardware-address 0007.eb94.73c0
  client-name switch
  default-router 192.168.0.100
  dns-server 192.168.0.1 194.168.8.100 194.168.4.100
  next-server 192.168.0.1

Afterwards, as I did a "show ip dhcp binding" on the router, I get the following results:

router1#sh ip dhcp binding

IP address       Client-ID/              Lease expiration        Type
                 Hardware address
192.168.0.51     0100.02b3.91f7.34       Apr 05 2003 06:14 AM    Automatic
192.168.0.53     0100.0423.468b.31       Apr 05 2003 08:42 AM    Automatic
192.168.0.69     0100.0423.4682.ab       Apr 05 2003 07:15 AM    Automatic
192.168.0.99     0007.eb94.73c0          Infinite                Manual

more.

Switching - Introducing Spanning Tree Protocol (STP)

A loop avoidance mechanism called STP has been developed to alleviate the 3 issues above.

There are two varieties of Spanning Tree Protcol, STP (802.1d) and RSTP ('Rapid' 802.1w) both work in a similar way.

A Spanning Tree Algorithm examines the switched network, and, through a series of decisions (discussed below) places each port in the loop into either Forwarding or Blocking state, therefore breaking the loop.

Types of port in STP:

1. Designated Port (DP) Closest to Root i.e. All Ports on the Root Switch.
2. Route Port (RP) One Per Switch.
3. Blocking Port.

The process the switches go through to decide which port they place in blocking or forwarding state is governed by the position of a 'Root Switch' (also known as 'Root Bridge'):

• To decide which switch is the root switch, each switch begins by claiming to be the Root Switch they all send out an STP messages called BPDU's (Bridge Protocol Data Unit). A fight-off happens to determine the final root based on a unique BID (Bridge Identifier) contained within the BPDU, the BID is made up of two components; a priority value and the switch MAC address. By default each switch begins off with a priority of 32,768. The switch with the lowest BID wins the honor of being the Root Bridge.
• All ports on the root switch are placed into forwarding state. These ports are known as 'Designated Ports' (DP). You can NOT have a Root Port or Blocking Port on the root switch.

• All the remaining non-root switches determine which port is closest to the root switch and places the port with the least cost (based on hops and/or bandwidth) into forwarding state. These are known as 'Root Ports' (RP).
• There can only ever be one RP per segment, and so if there are more than one paths with the same cost the decision is made based on the BID of the neighboring switches, the port connecting to the switch with the lowest BID becomes a RP.
• All ports are placed in blocking state and the loops stopped.

Once the switches have all assigned ports then the switched network is said to be "Converged".

As discussed above the BID is made up of:

• A Priority Value
• MAC Address

The Priority Value of the BID can be manually changed by an administrator, this is useful of you want to force a switch in the middle of a network to be a Root Switch.

note: If a newer switch is plugged into a working network of a different manufacturer it may disrupt the network if manual BID priorities are not set. A Cisco Switch (MAC Vendor ID 00000C) will win over a 3COM switch (MAC Vendor ID 001AFC) because Cisco equipment has a lower MAC address.

STP is switched on in all Cisco switches by default, if you have no loops for example:

You could switch STP off on all the switches, but this is not advisable, as all it would take is someone to plug a cable in the wrong port to cause a loop.

note: If two links between two switches, the decision of which port to block can no longer be based on the BID because they would be the same for both links, the selection is therefore made on the lowest port number.

During the STP selection process ports can be in one of the following statuses:

• Disabled
• Blocked
• Listening *
• Learning *
• Forwarding

* Ports in Listening & Learning state can take upto 30 seconds, during which no traffic will pass through the port. This may disrupt services such as DHCP and Network Neighborhood. Switching on 'portfast' by using the "spanning-tree portfast" command will skip the Listening and Learning stage. Do not set portfast on inter switch ports or branch ports, however you could set portfast on a leaf port (ports connected to hosts).

more.

Switching - Switched Networks with Virtual LAN?

VLAN's (Virtual Local Area Networks) are a way to structure a network logically; put simply a VLAN is a collection of nodes which are grouped together in a single broadcast domain (address range) that is based on something other than physical location. If a host in a particular VLAN sends a message to a switch it will only forward the message to hosts within the same VLAN.

Another way to think of VLAN's is to think that when you split a switch into 2 VLAN's and assign half the ports to VLAN 1 and the other half to VLAN 2, this is the same as if it was two totally separate unlinked switches.

• A switches internal TCP/IP software resides in VLAN 1
• By default all ports belong to VLAN 1
• Different VLAN's would also be different broadcast domains

VLAN Trunking

If you have two switches with VLAN's configured on both you could link the VLANs on individually but this means you need lots of cables and take up lots of switch ports:

or You could use 1 cable and one port on each switch to be a 'Trunk' which carries information from multiple VLAN's:

There are 3 Trunking protocols:

1. Cisco ISL (Inter Switch Link)
2. 802.1q (aka dot1q)
3. 802.1p (newer prioritized ? for voice, not widespread)

There is not much difference between the way ISL and dot1q work.

• ISL tags traffic in VLAN's by encapsulating the Ethernet frames with a 26-byte Header and 4 Byte CRC footer, the 26-byte header contains a 15-bit VLAN ID, only the lower 10-bits are used for 1,024 VLANs.
• dot1q tags traffic by inserting a tag in the middle of the Ethernet frame in between the Source and Length fields. The dot1q VLAN ID is 12-bits and can have 4,096 VLAN's.

VLAN's ? VTP (VLAN Trunking Protocol)

Where you have multiple switches linked with trunks it is important you ensure VLAN consistency across all the switches. You need to make sure each VLAN exists on each switch.

In the diagram above the two computers will not be able to talk because the VLAN does not exist on the middle switch.

Cisco have come up with VTP (VLAN Trunking Protocol) which automatically distributes VLAN's across switches

* VTP does not assign ports *

* VTP only works down trunk ports (ISL or 802.1q)

There are 3 modes to VTP

- Server ? Add any VLAN on any switch, forwards VTP messages

- Transparent ? Act as though cant hear VTP messages, cant send VTP messages

- Client ? Read Only, Forwards VTP messages

VTP servers create, modify and delete VLAN's and other configuration parameters fot the entire VTP domain; this information, in turn, is propagated to the VTP clients in the same domain.

VTP Clients can not creat, change or delete VLAN's. They can only receive them from a server.

VTP Transparent can create, delete and modify its own VLAN's only and does not transmit them or receive transmissions.

VLAN's ? Communicating Between VLAN's

To communicate between VLAN's you need a router:

You can buy a Layer 3 switch, which has a router built into it.

more.

Switching - Configuring VLAN?

To setup 2 switches with VLAN's 4 and 5 and link with a trunk in 802.1q mode, for example:

conf t 

vlan 4 name jim 

vlan 5 name claire 

int fa0/1 

switchport access vlan 4 

int fa0/2 

switchport access vlan 5 

int fa0/11 

switchport mode trunk 

switchport trunk encapsulation dot1q 

exit

On older IOS:

vlan database   vlan 4 name jim   vlan 5 name claire   exit

To view VLAN's use "sh vlan".
note: In the example above if Switch 1 is in VTP server mode and switch 2 in client mode, the VLAN information shoud be transmitted on the trunk and appear on switch 2. more.