So everyone inside home network can reach the Internet thanks to NAT translation described in SOHO #004 and reach now their favorite Internet service by name thanks for SOHO #005.
Requirement- Basic Linux/Unix knowledge
- Service provider networking knowledge
| |
Overview
In the previous article during the verification we assume to have one host connected to a subnetwork cascaded behind SOHO router@sdn6. However, we did not described how the host could get connectivity.
Article objective
In this article we will pursue the SOHO network appliance installation and enable DHCP for IPv4 server. SOHO router can then answer to DHCPv4 request ingressing sdn6 interface.
- Let's assume we have a switch connected to SOHO router@sdn6 for the future
- sdn6 has ipv4 interface 192.168.136.1 manually configured
- switch has IPv4 192.168.136.2
- subnetwork behind sdn6 is 192.168.136.0/24
- DHCPv4 will serve 192.168.136.3 → 192.168.136.254
Diagrams
[ SOHO #006 ] - "Do you need an IP ?"
Configure interface sdn6, gateway for 192.168.136.0/24 subnet
First step, configure sdn6 and bind it to VRF inet. few considerations:
- sdn6 has ipv4 192.168.136.1 manually configured
- sdn6 will act as gateway for all connected host in subnetwork 192.168.136.0/24
- In SOHO #004 , 192.168.136.0/24 NAT is already taken into account
conf t
interface sdn6
mtu 1500
vrf forwarding inet
ipv4 address 192.168.136.1 255.255.255.0
no shutdown
no log-link-change
exit
!
Configure DHCPv4 server
Second step, configure a DHCPv4 server@ SOHO router
conf t
server dhcp4 dh4-16
pool 192.168.136.3 192.168.136.254
gateway 192.168.136.1
netmask 255.255.255.0
dns-server 192.168.254.1
domain-name local
interface sdn6
vrf inet
exit
!
In this case DHCPv4 will allocate IPv4 address:
- from a pool going from 192.168.136.3 → 192.168.136.254
- All host will set their gateway to 192.168.136.1 (which is SOHO@sdn6)
- All connected host to sdn6 subnet will get an IP from pool within 192.168.136.0/24 subnet
- All hosts will also consider SOHO@192.168.254.1 as DNS server as we implemented in SOHO #005
- And we bind this DHCPv4 to interface sdn6 (without binding DHCP request coming from all interface belonging to VRF inet will be processed)
- lastly DHCPv4 server will act into VRF inet only
Verification
DHCP verification
Connect a host to the switch connected to sdn6 then issue DHCP debug command
debug server dhcp?
dhcp4 - ipv4 dynamic host config protocol
dhcp6 - ipv6 dynamic host config protocol
mjolnir#debug server dhcp4 ?
<cr>
mjolnir#debug server dhcp4
mjolnir#terminal monitor
mjolnir#.. debug serv.servDhcp4worker.doer:servDhcp4.java:679 rx op=req sec=1 cia=0.0.0.0 yia=0.0.0.0 sia=0.0.0.0 gia=0.0.0.0 cha=9ceb.e8d5.2c51 srv= fil= op=discover dhcpsrv=null hstnm=MBP-de-Frederic dom=null lease=7776000 renew=0 mask=null gw=null dns1=null dns2=null req=null
debug serv.servDhcp4.sendPack:servDhcp4.java:482 tx 192.168.136.123 op=rep sec=1 cia=0.0.0.0 yia=192.168.136.123 sia=192.168.136.1 gia=0.0.0.0 cha=9ceb.e8d5.2c51 srv= fil= op=offer dhcpsrv=192.168.136.1 hstnm=null dom=lan lease=43200 renew=21600 mask=255.255.255.0 gw=192.168.136.1 dns1=192.168.254.1 dns2=null req=null
debug serv.servDhcp4worker.doer:servDhcp4.java:686 tx op=rep sec=1 cia=0.0.0.0 yia=192.168.136.123 sia=192.168.136.1 gia=0.0.0.0 cha=9ceb.e8d5.2c51 srv= fil= op=offer dhcpsrv=192.168.136.1 hstnm=null dom=lan lease=43200 renew=21600 mask=255.255.255.0 gw=192.168.136.1 dns1=192.168.254.1 dns2=null req=null
debug serv.servDhcp4worker.doer:servDhcp4.java:679 rx op=req sec=2 cia=0.0.0.0 yia=0.0.0.0 sia=0.0.0.0 gia=0.0.0.0 cha=9ceb.e8d5.2c51 srv= fil= op=request dhcpsrv=192.168.136.1 hstnm=MBP-de-Frederic dom=null lease=0 renew=0 mask=null gw=null dns1=null dns2=null req=192.168.136.123
debug serv.servDhcp4.sendPack:servDhcp4.java:482 tx 192.168.136.123 op=rep sec=2 cia=0.0.0.0 yia=192.168.136.123 sia=192.168.136.1 gia=0.0.0.0 cha=9ceb.e8d5.2c51 srv= fil= op=ack dhcpsrv=192.168.136.1 hstnm=null dom=lan lease=43200 renew=21600 mask=255.255.255.0 gw=192.168.136.1 dns1=192.168.254.1 dns2=null req=null
debug serv.servDhcp4worker.doer:servDhcp4.java:686 tx op=rep sec=2 cia=0.0.0.0 yia=192.168.136.123 sia=192.168.136.1 gia=0.0.0.0 cha=9ceb.e8d5.2c51 srv= fil= op=ack dhcpsrv=192.168.136.1 hstnm=null dom=lan lease=43200 renew=21600 mask=255.255.255.0 gw=192.168.136.1 dns1=192.168.254.1 dns2=null req=null
info ip.ipCor6.parseIPheader:ipCor6.java:95 got bad version from ::
...
mjolnir#
So based on the debug output:
- DHCP allocated 192.168.136.123
- Primary DNS (dns1) is 192.168.136.1
- Network has /24 CIDR
DHCP check @ laptop
╭─[11/2/20|4:30:09]loui@MacBook-Pro-de-Frederic.local ~
╰─➤ ifconfig en8
en8: flags=8863<UP,BROADCAST,SMART,RUNNING,SIMPLEX,MULTICAST> mtu 1500
options=6407<RXCSUM,TXCSUM,VLAN_MTU,CHANNEL_IO,PARTIAL_CSUM,ZEROINVERT_CSUM>
ether 9c:eb:e8:d5:2c:51
inet6 fe80::c93:c3b1:dfb3:77c0%en8 prefixlen 64 secured scopeid 0x13
inet 192.168.136.123 netmask 0xffffff00 broadcast 192.168.136.255
inet6 2a01:e0a:159:2856:832:82f5:8519:70 prefixlen 64 autoconf secured
inet6 2a01:e0a:159:2856:653c:d1b2:dca9:c9da prefixlen 64 autoconf temporary
nd6 options=201<PERFORMNUD,DAD>
media: autoselect (1000baseT <full-duplex>)
status: active
╭─[11/2/20|4:37:05]loui@MacBook-Pro-de-Frederic.local ~
╰─➤ nslookup www.free.fr
Server: 192.168.254.1
Address: 192.168.254.1#53
Non-authoritative answer:
Name: www.free.fr
Address: 212.27.48.10
Pay attention to the DNS server that answered ! Sweet !
IPv4 connectivity verification from laptop
╭─[11/2/20|4:30:11]loui@MacBook-Pro-de-Frederic.local ~
╰─➤ ping 8.8.8.8 -c 5
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=119 time=4.171 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=119 time=4.334 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=119 time=4.208 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=119 time=3.856 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=119 time=4.090 ms
mjolnir#show ipv4 nat inet translations | i 192.168.136.123
1 8.8.8.8 710148096 192.168.0.90 710148096 8.8.8.8 710148096 192.168.136.123 710148096 00:02:46 00:02:46 00:05:00 1 84
1 192.168.136.123 710148096 8.8.8.8 710148096 192.168.0.90 710148096 8.8.8.8 710148096 00:02:46 00:02:46 00:05:00 1 84
1 8.8.8.8 710148097 192.168.0.90 710148097 8.8.8.8 710148097 192.168.136.123 710148097 00:02:45 00:02:45 00:05:00 1 84
1 192.168.136.123 710148097 8.8.8.8 710148097 192.168.0.90 710148097 8.8.8.8 710148097 00:02:45 00:02:45 00:05:00 1 84
1 8.8.8.8 710148098 192.168.0.90 710148098 8.8.8.8 710148098 192.168.136.123 710148098 00:02:44 00:02:44 00:05:00 1 84
Internet connectivity Check
╭─[11/2/20|4:36:18]loui@MacBook-Pro-de-Frederic.local ~
╰─➤ ping www.free.fr -c 5
PING www.free.fr (212.27.48.10): 56 data bytes
64 bytes from 212.27.48.10: icmp_seq=0 ttl=57 time=3.903 ms
64 bytes from 212.27.48.10: icmp_seq=1 ttl=57 time=5.883 ms
64 bytes from 212.27.48.10: icmp_seq=2 ttl=57 time=3.658 ms
64 bytes from 212.27.48.10: icmp_seq=3 ttl=57 time=4.872 ms
64 bytes from 212.27.48.10: icmp_seq=4 ttl=57 time=4.488 ms
--- www.free.fr ping statistics ---
5 packets transmitted, 5 packets received, 0.0% packet loss
round-trip min/avg/max/stddev = 3.658/4.561/5.883/0.787 ms
mjolnir#show ipv4 nat inet translations | i 212.27.48.10
1 192.168.136.123 1263796224 212.27.48.10 1263796224 192.168.0.90 1263796224 212.27.48.10 1263796224 00:03:47 00:03:47 00:05:00 1 84
1 212.27.48.10 1263796224 192.168.0.90 1263796224 212.27.48.10 1263796224 192.168.136.123 1263796224 00:03:47 00:03:47 00:05:00 1 84
1 192.168.136.123 1263796225 212.27.48.10 1263796225 192.168.0.90 1263796225 212.27.48.10 1263796225 00:03:46 00:03:46 00:05:00 1 84
1 212.27.48.10 1263796225 192.168.0.90 1263796225 212.27.48.10 1263796225 192.168.136.123 1263796225 00:03:46 00:03:46 00:05:00 1 84
1 192.168.136.123 1263796226 212.27.48.10 1263796226 192.168.0.90 1263796226 212.27.48.10 1263796226 00:03:45 00:03:45 00:05:00 1 84
Conclusion
In this article DHCP service has been enabled at:
- SOHO router level
- All host getting an IPv4 via DHCP will get a DNS server set to SOHO@loopback0 (192.168.254.1)
