構成
[FW]----------------[PC(RT)]
|<-------------->|
Local
10.0.0.0/24
構成
- 機器
- FW: SRX (DHCP-Server)
- PC: CiscoRT (RouterをPCとして利用)
- DHCP情報
- セグメント: 10.0.0.0/24
- デフォルトGW: 10.0.0.1
- DNS: 8.8.8.8, 8.8.4.4 (Google)
- リースタイム: 86400
- Pool名: TEST
- 配布範囲:
- Name : TEST-RANGE
- Low : 10.0.0.2
- High : 10.0.0.200
- 除外するIP : 10.0.0.100
- DHCP受けI/F: ge-0/0/0
- 固定IP:
- 管理名: hoge (任意の名前)
- MAC-Address: xx:xx:xx:xx:xx:xx
- IP-Address: 10.0.0.99
前提設定
RT (CiscoRT)
interface GigabitEthernet0/0
ip address dhcp
FW
set interfaces ge-0/0/0 unit 0 family inet address 10.0.0.1/24
全設定
set access address-assignment pool TEST family inet network 10.0.0.0/24
set access address-assignment pool TEST family inet range TEST-RANGE low 10.0.0.2
set access address-assignment pool TEST family inet range TEST-RANGE high 10.0.0.200
set access address-assignment pool TEST family inet dhcp-attributes maximum-lease-time 86400
set access address-assignment pool TEST family inet dhcp-attributes name-server 8.8.8.8
set access address-assignment pool TEST family inet dhcp-attributes name-server 8.8.4.4
set access address-assignment pool TEST family inet dhcp-attributes router 10.0.0.1
set access address-assignment pool TEST family inet excluded-address 10.0.0.100
set system services dhcp-local-server group TEST interface ge-0/0/0.0
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services dhcp
set security zones security-zone trust interfaces ge-0/0/0.0 host-inbound-traffic system-services ping
設定詳細
set access address-assignment pool [NAME] family inet network [SEGMENT] :配布するセグメントを指定
set access address-assignment pool [NAME] family inet range [RANGE-NAME] low [LOW-IP] :IP配布範囲の下限を指定
set access address-assignment pool [NAME] family inet range [RANGE-NAME] high [HIGH-IP] :IP配布範囲の上限を指定
set access address-assignment pool [NAME] family inet dhcp-attributes maximum-lease-time [TIME] :DHCPの最大リースタイムを指定 (Second)
set access address-assignment pool [NAME] family inet dhcp-attributes name-server [DNS] :DNSのIPを指定 (最初に指定したものがプライマリ)
set access address-assignment pool [NAME] family inet dhcp-attributes router [GW] :デフォルトゲートウェイのIPを指定
set access address-assignment pool [NAME] family inet excluded-address [EXC-IP] :IP配布範囲から除外するIPを指定
set access address-assignment pool [NAME] family inet dhcp-attributes domain-name [DOMAIN] :ドメイン名の指定
set system services dhcp-local-server group [NAME] interface [I/F] :DHCPグループを動作させるI/Fを指定
set security zones security-zone [ZONE] interfaces [I/F] host-inbound-traffic system-services dhcp :I/FでDHCPリクエスト受付を許可
set security zones security-zone [ZONE] interfaces [I/F] host-inbound-traffic system-services ping :I/Fでping受付を許可
show access address-assignment | display set :DHCPのConfig確認
show dhcp server binding :払い出し済みのIPを確認
clear dhcp server binding :払い出しIPのクリア
設定パターン
ホストに特定のIPを割り当て (最初の設定に以下のものを追加)
set access address-assignment pool TEST family inet host hoge hardware-address xx:xx:xx:xx:xx:xx
set access address-assignment pool TEST family inet host hoge ip-address 10.0.0.99
set access address-assignment pool TEST family inet host hoge ip-address [IP] :割り当てるIPを指定
set access address-assignment pool [NAME] family inet host hoge hardware-address [MAC-ADDR] :割り当てる対象を指定
