3 1

Added by Mark Jacob September 30, 2013

This blog will address the configuration of DHCP pools on Cisco routers as well as how to verify that addresses from the correct pools have been distributed.  I have built a small networking environment with which to test and troubleshoot the config, so let’s get started.

Here is a diagram of the network:

What I want to do is to configure one pool on HQ to serve IP addresses to BRANCH2 and one pool to serve IP addresses to BRANCH3.  In an actual scenario, one would normally begin by determining the IP addressing scheme to use so that the address pools will coordinate with the host requirements.  The IP addressing scheme has already been determined for this small network and is noted in the upper right of the diagram.  If we begin with BRANCH2, we note that interface f0/1 should receive 209.165.202.1/27 as its IP address.  Let’s go to HQ and create that pool.

Here is what was typed on HQ:

HQ(config)#ip dhcp pool BRANCH2
HQ(dhcp-config)#network 209.165.202.0 /27
HQ(dhcp-config)#default-router 209.165.202.2
HQ(dhcp-config)#lease 8
HQ(dhcp-config)#dns-server 4.2.2.2
HQ(dhcp-config)#

Let’s examine these commands one at a time.  The first command, ip dhcp pool BRANCH2, is just creating the pool and giving it a name.  The text of the name should be selected so that if you, the network admin, come back three months later and examine the config on this router, it will remind you what you were trying to accomplish when you typed it.  It is funny how much stuff slips out of our heads merely with the passing of time.  So help yourself out by choosing a name that jogs your memory.

The second line, network 209.165.202.0 /27, lets the router know how many addresses are in the DHCP pool.  With a /27 mask, we know there are 30 possible valid host IP addresses.  (5 host bits, 2 to the 5^th minus 2 is 30.)

The next command, default-router 209.165.202.2, will be the address that any hosts that acquire addresses from this pool will use as their default gateway.  This command also causes the generation of a default route on a downstream router, or a 0.0.0.0 path on an IP endpoint.  We will verify this once the configuration is complete.

lease 8 just sets the lease time to 8 days.  Recall that halfway through the lease time, the host will begin negotiating with the server to keep the same IP address it already has.  I don’t like to set my lease times too low, because I don’t want this unnecessary traffic soaking up network bandwidth.

I am in the habit of configuring a real DNS server in my pools, so I used the next command, dns-server 4.2.2.2 as noted above.  You may use any other DNS server of your choice, or may even be in an environment where an internal DNS server is provided.  Whatever your situation, make sure not to leave out the DNS server from your pool.

Now, all that remains is to go to BRANCH2 and set its interface to use DHCP to get its IP address.  Here is the output from that process:

BRANCH2(config)#int f0/1
BRANCH2(config-if)#ip address dhcp
BRANCH2(config-if)#no shut
BRANCH2(config-if)#
*Mar  1 00:56:05.123: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/1 assigned DHCP address 209.165.202.1, mask 255.255.255.224, hostname BRANCH2

As we desired, interface f0/1 on BRANCH2 has requested and received an IP address that was issued by HQ.  Notice that the IP address DID come from the pool that was configured with 202 in the third octet.  At this point, it is the only pool on HQ, so it is not surprising that the IP information was pulled from this pool.  Let’s examine some additional output:

BRANCH2#sh ip int f0/1
FastEthernet0/1 is up, line protocol is up
Internet address is 209.165.202.1/27

Let’s verify that the default-router portion of our config generated the information that we expected.

BRANCH2#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is 209.165.202.2 to network 0.0.0.0

209.165.202.0/27 is subnetted, 1 subnets
C       209.165.202.0 is directly connected, FastEthernet0/1
S*   0.0.0.0/0 [254/0] via 209.165.202.2
BRANCH2#

It seems like the plan is coming together.  Now let’s verify connectivity.  As you can see in the diagram, there is a loopback interface on HQ with the IP address of 172.16.1.100.  Let’s see if we can hit it.

BRANCH2#ping 172.16.1.100

Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 172.16.1.100, timeout is 2 seconds:
.!!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 16/23/32 ms
BRANCH2#

It looks to me like we are getting all the way there and all the way back.  This DHCP stuff is cool.  Now let’s do the same thing for BRANCH3 and see if we can get the HQ DHCP server to issue IP addresses correctly to match our network scenario.  With more than one pool, then we can be certain that each client is getting the correct IP address for its portion of this network by verifying the third octet once an address is obtained.  This means creating a second DHCP pool on HQ.  Let’s do it.

HQ(config)#ip dhcp pool BRANCH3
HQ(dhcp-config)#network 209.165.203.0 /27
HQ(dhcp-config)#default-router 209.165.203.2
HQ(dhcp-config)#lease 8
HQ(dhcp-config)#dns-server 4.2.2.2
HQ(dhcp-config)#

The commands are almost identical to the previous ones save for the different IP address information.  Let’s go to BRANCH3 and set its interface to acquire an IP address via DHCP.

BRANCH3(config)#int f0/1
BRANCH3(config-if)#ip address dhcp
BRANCH3(config-if)#no shut
BRANCH3(config-if)#
*Mar  1 01:09:53.299: %DHCP-6-ADDRESS_ASSIGN: Interface FastEthernet0/1 assigned DHCP address 209.165.203.1, mask 255.255.255.224, hostname BRANCH3

BRANCH3(config-if)#

Once again, we have achieved the sought-after results.  The third octet demonstrates that this address was pulled from our newly created DHCP pool for BRANCH3.  Once more, let’s verify default route and connectivity on BRANCH3.

BRANCH3#sh ip route
Codes: C – connected, S – static, R – RIP, M – mobile, B – BGP

D – EIGRP, EX – EIGRP external, O – OSPF, IA – OSPF inter area
N1 – OSPF NSSA external type 1, N2 – OSPF NSSA external type 2
E1 – OSPF external type 1, E2 – OSPF external type 2
i – IS-IS, su – IS-IS summary, L1 – IS-IS level-1, L2 – IS-IS level-2
ia – IS-IS inter area, * – candidate default, U – per-user static route
o – ODR, P – periodic downloaded static route

Gateway of last resort is 209.165.203.2 to network 0.0.0.0

209.165.203.0/27 is subnetted, 1 subnets
C       209.165.203.0 is directly connected, FastEthernet0/1
S*   0.0.0.0/0 [254/0] via 209.165.203.2
BRANCH3#ping 172.16.1.100

Type escape sequence to abort.

Sending 5, 100-byte ICMP Echos to 172.16.1.100, timeout is 2 seconds:
.!!!
Success rate is 80 percent (4/5), round-trip min/avg/max = 12/28/44 ms
BRANCH3#

So we have verified that clients (ok, just one client) of HQ have correctly received IP addresses.  Let’s take a quick look at the status of the pools on HQ.

HQ#sh ip dhcp pool

Pool BRANCH2 :
Utilization mark (high/low)    : 100 / 0
Subnet size (first/next)       : 0 / 0
Total addresses                : 30
Leased addresses               : 1
Pending event                  : none
1 subnet is currently in the pool :
Current index        IP address range         Leased addresses
209.165.202.2        209.165.202.1            – 209.165.202.30    1

Pool BRANCH3 :
Utilization mark (high/low)    : 100 / 0
Subnet size (first/next)       : 0 / 0
Total addresses                : 30
Leased addresses               : 1
Pending event                  : none
1 subnet is currently in the pool :
Current index        IP address range        Leased addresses
209.165.203.2        209.165.203.1            – 209.165.203.30    1
HQ#

We see that the pools are in use, that one address has been issued from each pool, and that the index shows that the next address in the pool is the .2 address in the 30-address pool.  Of course, .2 is in use by HQ, so it won’t give those addresses to any clients.  One odd thing I have found is that the only way to reset the index number back to the first address in the pool is to delete and then reconfigure the pool.  If you know of another way to reset the pool back to the first number, I would love to hear about it.

The whole idea behind DHCP is to save yourselves the headache of statically configuring IP addresses on hosts.  Why do that when you can get it done dynamically?  There are also other options that can be configured via DHCP, such as reservations, specialty options, conflict logging, and others, but the point of this blog was just to demonstrate how to configure a couple of pools and verify that addresses were being disseminated correctly.

Now you can get out there and assign those IP addresses dynamically!!

Until next time…

Mark Jacob
Cisco Instructor – Interface Technical Training
Phoenix, AZ