DHCP Request over NAT from Taufik Kurniawan on 2010-06-19 (Ccielab archives 06/2010)

From: Taufik Kurniawan <ktaufik_at_gmail.com>
Date: Sat, 19 Jun 2010 10:02:17 +0300

studying nat, dhcp and access list at the same time.
i am interested to try them work together ....... but no lucks

does ..... DHCP request work over NAT ? ... I try both PAT ( interface
overload ) ( pool overload ) and ( pool )

R3# ( DHCP Requestor )

interface Ethernet0
ip address dhcp
half-duplex
!
interface FastEthernet0
no ip address
shutdown
speed auto
!
ip forward-protocol nd
!
!
no ip http server
no ip http secure-server

debug

*Mar 1 15:35:41.532: B'cast on Ethernet0 interface from
0.0.0.0%Unknown DHCP problem.. No allocation possible
*Mar 1 15:35:54.244: DHCP: Waiting for 60 seconds on interface Ethernet0
*Mar 1 15:36:24.548: DHCP: deleting entry 84F7C8F4 0.0.0.0 from list
*Mar 1 15:36:54.244: DHCP: Try 19 to acquire address for Ethernet0
*Mar 1 15:36:54.256: DHCP: allocate request
*Mar 1 15:36:54.260: DHCP: new entry. add to queue, interface Ethernet0
*Mar 1 15:36:54.260: DHCP: SDiscover attempt # 1 for entry:
*Mar 1 15:36:54.260: DHCP: SDiscover: sending 289 byte length DHCP packet
*Mar 1 15:36:54.264: DHCP: SDiscover 289 bytes
*Mar 1 15:36:54.264: B'cast on Ethernet0 interface from 0.0.0.0
*Mar 1 15:36:57.556: DHCP: SDiscover attempt # 2 for entry:
*Mar 1 15:36:57.556: DHCP: SDiscover: sending 289 byte length DHCP packet
*Mar 1 15:36:57.556: DHCP: SDiscover 289 bytes
*Mar 1 15:36:57.556: B'cast on Ethernet0 interface from 0.0.0.0
*Mar 1 15:37:01.568: DHCP: SDiscover attempt # 3 for entry:
*Mar 1 15:37:01.568: DHCP: SDiscover: sending 289 byte length DHCP packet
*Mar 1 15:37:01.572: DHCP: SDiscover 289 bytes
*Mar 1 15:37:01.572: B'cast on Ethernet0 interface from
0.0.0.0%Unknown DHCP problem.. No allocation possible

R distribution ( Access list and NAT and dhcp helper )

interface FastEthernet0/0
ip address 202.155.155.1 255.255.255.0
ip nat outside
ip virtual-reassembly
duplex auto
speed auto
!
interface FastEthernet0/1
no ip address
shutdown
duplex auto
speed auto
!
interface Ethernet1/0
ip address 202.155.1.1 255.255.255.0
ip helper-address 202.155.155.10
ip nat inside
ip virtual-reassembly
half-duplex
!
interface Ethernet1/1
ip address 202.155.3.1 255.255.255.0
ip helper-address 202.155.155.10
ip nat inside
ip virtual-reassembly
half-duplex
!
interface Ethernet1/2
ip address 202.155.5.1 255.255.255.0
ip helper-address 202.155.155.10
ip nat inside
ip virtual-reassembly
half-duplex
!
interface Ethernet1/3
ip address 202.155.27.1 255.255.255.0
ip helper-address 202.155.155.10
ip nat inside
ip virtual-reassembly
half-duplex
!
ip http server
no ip http secure-server
!
ip route 10.10.10.0 255.255.255.0 202.155.155.10
ip nat pool natpool 202.155.155.100 202.155.155.200 netmask 255.255.255.0
ip nat inside source list 1 pool natpool
!
access-list 1 permit 202.155.15.0 0.0.0.255
access-list 1 deny 202.155.1.0 0.0.14.255
access-list 1 permit any

debug

*Mar 1 15:49:32.444: NAT: i: udp (202.155.27.1, 67) -> (202.155.155.10, 67)
[1258]
*Mar 1 15:49:32.444: NAT: s=202.155.27.1->202.155.155.100, d=202.155.155.10
[1258]
*Mar 1 15:49:35.644: NAT: i: udp (202.155.27.1, 67) -> (202.155.155.10, 67)
[1259]
*Mar 1 15:49:35.644: NAT: s=202.155.27.1->202.155.155.100, d=202.155.155.10
[1259]
*Mar 1 15:49:39.676: NAT: i: udp (202.155.27.1, 67) -> (202.155.155.10, 67)
[1260]
*Mar 1 15:49:39.676: NAT: s=202.155.27.1->202.155.155.100, d=202.155.155.10
[1260]
*Mar 1 15:49:57.704: NAT: i: udp (202.155.27.1, 67) -> (202.155.155.10, 67)
[1261]
*Mar 1 15:49:57.704: NAT: s=202.155.27.1->202.155.155.100, d=202.155.155.10
[1261]
*Mar 1 15:50:00.800: NAT: i: udp (202.155.27.1, 67) -> (202.155.155.10, 67)
[1262]
*Mar 1 15:50:00.800: NAT: s=202.155.27.1->202.155.155.100, d=202.155.155.10
[1262]
*Mar 1 15:50:04.796: NAT: i: udp (202.155.27.1, 67) -> (202.155.155.10, 67)
[1263]
*Mar 1 15:50:04.796: NAT: s=202.155.27.1->202.155.155.100, d=202.155.155.10
[1263]

the gateway ( dhcp server router )

gateway# sh conf
Using 2034 out of 29688 bytes
!
version 12.4
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
!
hostname gateway
!
boot-start-marker
boot-end-marker
!
!
no aaa new-model
memory-size iomem 15
ip cef
!
!
no ip dhcp use vrf connected
ip dhcp excluded-address 202.155.1.1
ip dhcp excluded-address 202.155.11.1
ip dhcp excluded-address 202.155.13.1
ip dhcp excluded-address 202.155.15.1
ip dhcp excluded-address 202.155.3.1
ip dhcp excluded-address 202.155.5.1
ip dhcp excluded-address 202.155.7.1
ip dhcp excluded-address 202.155.27.1
!
ip dhcp pool dhcppool
   network 202.155.1.0 255.255.255.0
   network 202.155.11.0 255.255.255.0 secondary
     override default-router 202.155.11.1
   network 202.155.13.0 255.255.255.0 secondary
     override default-router 202.155.13.1
   network 202.155.15.0 255.255.255.0 secondary
     override default-router 202.155.15.1
   network 202.155.3.0 255.255.255.0 secondary
     override default-router 202.155.3.1
   network 202.155.35.0 255.255.255.0 secondary
     override default-router 202.155.5.1
   network 202.155.5.0 255.255.255.0 secondary
     override default-router 202.155.5.1
   network 202.155.7.0 255.255.255.0 secondary
     override default-router 202.155.7.1
   network 202.155.27.0 255.255.255.0 secondary
     override default-router 202.155.27.1
default-router 202.155.1.1
   domain-name namadomain.com
   dns-server 202.155.155.10
   lease 2 2 2
!
interface Ethernet0
ip address 10.10.10.1 255.255.255.0
half-duplex
!
interface FastEthernet0
ip address 202.155.155.10 255.255.255.0
speed auto
!

debug

*Mar 1 15:54:15.196: DHCPD: DHCPDISCOVER received from client
0063.6973.636f.2d64.3030.332e.3039.3932.2e30.3030.312d.4574.30 through relay
202.155.27.1.
*Mar 1 15:54:15.196: DHCPD: Seeing if there is an internally specified pool
class:
*Mar 1 15:54:15.196: DHCPD: htype 1 chaddr d003.0992.0001
*Mar 1 15:54:15.196: DHCPD: remote id 020a0000ca9b9b0a00000000
*Mar 1 15:54:15.196: DHCPD: circuit id 00000000
*Mar 1 15:54:15.196: DHCPD: Sending DHCPOFFER to client
0063.6973.636f.2d64.3030.332e.3039.3932.2e30.3030.312d.4574.30
(202.155.27.2).
*Mar 1 15:54:15.196: DHCPD: unicasting BOOTREPLY for client d003.0992.0001
to relay 202.155.27.1.
*Mar 1 15:54:19.172: DHCPD: Sending notification of DISCOVER:
*Mar 1 15:54:19.176: DHCPD: htype 1 chaddr d003.0992.0001
*Mar 1 15:54:19.176: DHCPD: remote id 020a0000ca9b9b0a00000000
*Mar 1 15:54:19.176: DHCPD: circuit id 00000000
*Mar 1 15:54:19.176: DHCPD: DHCPDISCOVER received from client
0063.6973.636f.2d64.3030.332e.3039.3932.2e30.3030.312d.4574.30 through relay
202.155.27.1.
*Mar 1 15:54:19.176: DHCPD: Seeing if there is an internally specified pool
class:
*Mar 1 15:54:19.180: DHCPD: htype 1 chaddr d003.0992.0001
*Mar 1 15:54:19.180: DHCPD: remote id 020a0000ca9b9b0a00000000
*Mar 1 15:54:19.180: DHCPD: circuit id 00000000
*Mar 1 15:54:19.180: DHCPD: Sending DHCPOFFER to client
0063.6973.636f.2d64.3030.332e.3039.3932.2e30.3030.312d.4574.30
(202.155.27.2).
*Mar 1 15:54:19.184: DHCPD: unicasting BOOTREPLY for client d003.0992.0001
to relay 202.155.27.1.
*Mar 1 15:54:47.072: DHCPD: Sending notification of DISCOVER:
*Mar 1 15:54:47.076: DHCPD: htype 1 chaddr d003.0992.0001
*Mar 1 15:54:47.076: DHCPD: remote id 020a0000ca9b9b0a00000000
*Mar 1 15:54:47.076: DHCPD: circuit id 00000000
*Mar 1 15:54:47.076: DHCPD: DHCPDISCOVER received from client
0063.6973.636f.2d64.3030.332e.3039.3932.2e30.3030.312d.4574.30 through relay
202.155.27.1.
*Mar 1 15:54:47.076: DHCPD: Seeing if there is an internally specified pool
class:

the internet ( router simulating the internet )

interface Ethernet0
ip address 10.10.10.10 255.255.255.0
half-duplex
!
interface FastEthernet0
no ip address
shutdown
speed auto
!
ip forward-protocol nd
ip route 0.0.0.0 0.0.0.0 10.10.10.1
!

Blogs and organic groups at http://www.ccie.net
Received on Sat Jun 19 2010 - 10:02:17 ART

This archive was generated by hypermail 2.2.0 : Sun Aug 01 2010 - 09:11:37 ART