Day 23. DHCP and DNS
CCNA 200-301 Exam Topics
Explain the role of DHCP and DNS within the network
Configure and verify DHCP client and relay
Verify IP parameters for Client OS (Windows, Mac OS, Linux)
Key Topics
Imagine that you have to manually configure the IP addressing for every device you want to connect to the network. Furthermore, imagine that you have to type in the IP address for every website you want to visit. Today we review the two protocols that automate this process: Dynamic Host Configuration Protocol (DHCP) and Domain Name System (DNS). DHCP and DNS make the life of Internet users easier. We also review how to verify IP configuration of end devices for Windows, macOS, and Linux.
DHCPv4
DHCPv4 allows a host to obtain an IP address dynamically when it connects to the network. The DHCPv4 client contacts the DHCPv4 server by sending a request for an IP address. The DHCPv4 server chooses an address from a configured range of addresses called a pool and assigns it to the host client for a set period. Figure 23-1 graphically shows the process by which a DHCPv4 server fulfills a request from a DHCPv4 client.
Figure 23-1 Allocating IP Addressing Information Using DHCPv4
When a DHCPv4-configured device boots up or connects to the network, the client broadcasts a DHCPDISCOVER packet to identify any available DHCPv4 servers on the network. A DHCPv4 server replies with a DHCPOFFER, which is a lease offer message with an assigned IP address, subnet mask, DNS server, and default gateway information, as well as the duration of the lease.
The client can receive multiple DHCPOFFER packets if the local network has more than one DHCPv4 server. The client chooses the first offer and broadcasts a DHCPREQUEST packet that identifies the explicit server and lease offer that it is accepting.
Assuming that the IP address is still valid, the chosen server returns a DHCPACK (acknowledgment) message, finalizing the lease. If the offer is no longer valid for some reason, the chosen server responds to the client with a DHCPNAK (negative acknowledgment) message. After it is leased, the client renews before the lease expiration through another DHCPREQUEST. If the client is powered down or taken off the network, the address is returned to the pool for reuse.
DHCPv4 Configuration Options
A Cisco router can be configured to handle DHCP requests in two ways: as a DHCP server or as a DHCP relay agent. A Cisco router can also be configured as a DHCP client, requesting an IPv4 address from a DHCP server for one or more of its interfaces. All these options can be configured at the same time on the same device. For example, a router might be the DHCP server for a directly connected LAN while at the same time forwarding DHCP server requests to another DHCP server for other LANs. In addition, the router could have one or more of its interfaces configured to request DHCP addressing from a remote server.
Configuring a Router as a DHCPv4 Server
A Cisco router running Cisco IOS Software can be configured to act as a DHCPv4 server. The Cisco IOS DHCPv4 server assigns and manages IPv4 addresses from specified address pools within the router to DHCPv4 clients.
The steps to configure a router as a DHCPv4 server follow:
Step 1. Use the ip dhcp excluded-address low-address [high-address] command to identify an address or range of addresses to exclude from the DHCPv4 pool. For example:
R1(config)# ip dhcp excluded-address 192.168.10.1 192.168.10.9 R1(config)# ip dhcp excluded-address 192.168.10.254
Step 2. Create the DHCPv4 pool by using the ip dhcp pool pool-name command, which places you in DHCP configuration mode:
R1(config)# ip dhcp pool LAN-POOL-10 R1(dhcp-config)#
Step 3. Configure the IP addressing parameter you need to automatically assign to requesting clients. Table 23-1 lists the required commands.
Table 23-1 Required DHCPv4 Configuration Commands
Required Task |
Command |
Define the address pool |
|
Define the default router or gateway |
|
Table 23-2 lists some of the common optional DHCPv4 tasks.
Table 23-2 Optional DHCPv4 Configuration Commands
Optional Task |
Command |
Define a DNS server |
|
Define the domain name |
|
Define the duration of the DHCPv4 lease |
|
Define the NetBIOS WINS server |
|
Figure 23-2 shows a sample DHCPv4 topology.
Figure 23-2 DHCPv4 Sample Topology
Example 23-1 shows DHCPv4 required and optional commands to configure R1 as the DHCPv4 server for both LANs in Figure 23-2.
Example 23-1 DHCPv4 Configuration Example
!Configure IP addresses that you want excluded from the DHCPv4 pool of addresses R1(config)# ip dhcp excluded-address 192.168.10.1 192.168.10.9 R1(config)# ip dhcp excluded-address 192.168.10.254 R1(config)# ip dhcp excluded-address 192.168.11.1 192.168.11.9 R1(config)# ip dhcp excluded-address 192.168.11.254 !R1 needs two DHCPv4 pools for the two LANs. Each pool is configured with required and optional commands. R1(config)# ip dhcp pool LAN-POOL-10 R1(dhcp-config)# network 192.168.10.0 255.255.255.0 R1(dhcp-config)# default-router 192.168.10.1 R1(dhcp-config)# dns-server 192.168.50.195 209.165.202.158 R1(dhcp-config)# domain-name cisco.com R1(dhcp-config)# lease 2 R1(dhcp-config)# netbios-name-server 192.168.10.254 R1(dhcp-config)# ip dhcp pool LAN-POOL-11 R1(dhcp-config)# network 192.168.11.0 255.255.255.0 R1(dhcp-config)# default-router 192.168.11.1 R1(dhcp-config)# dns-server 192.168.50.195 209.165.202.158 R1(dhcp-config)# domain-name cisco.com R1(dhcp-config)# lease 2 R1(dhcp-config)# netbios-name-server 192.168.11.254 R1(dhcp-config)# end
Cisco IOS Software supports DHCPv4 service by default. To disable it, use the global command no service dhcp.
To verify DHCPv4 operations on R1 in Figure 23-2, use the commands in Example 23-2.
Example 23-2 Verifying DHCPv4 Operation
R1# show ip dhcp binding
Bindings from all pools not associated with VRF:
IP address Client-ID/ Lease expiration Type
Hardware address/
User name
192.168.10.10 0100.1641.aea5.a7 Jul 18 2008 08:17 AM Automatic
192.168.11.10 0100.e018.5bdd.35 Jul 18 2008 08:17 AM Automatic
R1# show ip dhcp server statistics
Memory usage 26455
Address pools 2
Database agents 0
Automatic bindings 2
Manual bindings 0
Expired bindings 0
Malformed messages 0
Secure arp entries 0
Message Received
BOOTREQUEST 0
DHCPDISCOVER 2
DHCPREQUEST 2
DHCPDECLINE 0
DHCPRELEASE 0
DHCPINFORM 0
Message Sent
BOOTREPLY 0
DHCPOFFER 2
DHCPACK 2
DHCPNAK 0
R1#
Because PC1 and PC2 are connected to the LANs, each automatically receives its IP addressing information from the router’s DHCPv4 server. Example 23-3 shows the output from the ipconfig/all command on PC1.
Example 23-3 DHCPv4 Client Configuration
C:> ipconfig/all
Windows IP Configuration
Host Name . . . . . . . . . . . . : ciscolab
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . : cisco.com
Description . . . . . . . . . . . : Intel(R) PRO/1000 PL
Physical Address. . . . . . . . . : 00-7-41-AE-A5-A7
Dhcp Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
IP Address. . . . . . . . . . . . : 192.168.10.11
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.10.1
DHCP Server . . . . . . . . . . . : 192.168.10.1
DNS Servers . . . . . . . . . . . : 192.168.50.195
209.165.202.158
Primary WINS Server . . . . . . . : 192.168.10.254
Lease Obtained. . . . . . . . . . : Wednesday, July 16, 2008 8:16:59 AM
Lease Expires . . . . . . . . . . : Friday, July 18, 2008 8:16:59 AM
C:>
To release the DHCPv4 configuration on a Windows-based client, enter the ipconfig/release command. To renew the DHCPv4 configuration, enter the ipconfig/renew command.
Configuring a Router to Relay DHCPv4 Requests
In a complex network, the DHCPv4 servers are usually contained in a server farm. Therefore, clients typically are not on the same subnet as the DHCPv4 server, as in the previous example. To ensure that broadcasted DHCPDISCOVER messages are sent to the remote DHCPv4 server, use the ip helper-address command.
For example, in Figure 23-3, the DHCPv4 server is located on the 192.168.11.0/24 LAN and is serving IP addressing information for both LANs.
Figure 23-3 DHCPv4 Relay Topology
Without the ip helper-address command, R1 would discard any broadcasts from PC1 requesting DHCPv4 services. To configure R1 to relay DHCPDISCOVER messages, enter the following commands:
R1(config)# interface gigabitethernet 0/0 R1(config-if)# ip helper-address 192.168.11.5
Notice that the commands are entered on the interface that will receive DHCPv4 broadcasts. R1 then forwards DHCPv4 broadcast messages as a unicast to 192.168.11.5. By default, the ip helper-address command forwards the following eight UDP services:
Port 37: Time
Port 49: TACACS
Port 53: DNS
Port 67: DHCP/BOOTP server
Port 68: DHCP/BOOTP client
Port 69: TFTP
Port 137: NetBIOS name service
Port 138: NetBIOS datagram service
To specify additional ports, use the global command ip forward-protocol udp [port-number | protocol]. To disable broadcasts of a particular protocol, use the no form of the command.
Configuring a Router as a DHCPv4 Client
Cisco routers in small offices or branch sites are often configured as DHCPv4 clients. The method used depends on the ISP. However, in its simplest configuration, the interface used to connect to a cable or DSL modem is configured with the ip address dhcp interface configuration command.
For example, in Figure 23-4, the BRANCH router’s GigabitEthernet 0/1 interface can be configured to request addressing from the ISP router.
Figure 23-4 Router as a DHCP Client
Example 23-4 shows the configuration and verification of DHCP addressing on BRANCH.
Example 23-4 Configuring a Router as a DHCP Client
BRANCH(config)# interface g0/1 BRANCH(config-if)# ip address dhcp BRANCH(config-if)# no shutdown *Mar 15 08:45:34.632: %DHCP-6-ADDRESS_ASSIGN: Interface GigabitEthernet0/1 assigned DHCP address 209.165.201.12, mask 255.255.255.224, hostname BRANCH BRANCH(config-if)# end BRANCH# show ip interface g0/1 GigabitEthernet0/1 is up, line protocol is up Internet address is 209.165.201.12/27 Broadcast address is 255.255.255.255 Address determined by DHCP <output omitted> BRANCH#
DHCPv6
IPv6 has two methods for automatically obtaining a global unicast address:
Stateless address autoconfiguration (SLAAC)
Stateful DHCPv6 (Dynamic Host Configuration Protocol for IPv6)
SLAAC
SLAAC uses ICMPv6 Router Solicitation (RS) and Router Advertisement (RA) messages to provide addressing and other configuration information. A client then uses the RA information to build an IPv6 address and verify it with a special type of Neighbor Solicitation (NS) message through duplicate address detection (DAD). These three message types—RS, RA, and NS—belong to the Neighbor Discovery Protocol:
Router Solicitation (RS) message: When a client is configured to obtain its addressing information automatically using SLAAC, the client sends an RS message to the router. The RS message is sent to the IPv6 all-routers multicast address, FF02::2.
Router Advertisement (RA) message: A client uses this information to create its own IPv6 global unicast address. A router sends RA messages periodically or in response to RS messages. An RA message includes the prefix and prefix length of the local segment. By default, Cisco routers send RA messages every 200 seconds. RA messages are sent to the IPv6 all-nodes multicast address, FF02::1.
Neighbor Solicitation (NS) message: An NS message is normally used to learn the data link layer address of a neighbor on the same network. In the SLAAC process, a host uses DAD by inserting its own IPv6 address as the destination address in an NS message. The NS message is sent out on the network to verify that a newly minted IPv6 address is unique. If a Neighbor Advertisement message is received, the host knows that the IPv6 address is not unique.
Figure 23-5 shows the SLAAC process using three messages of NDP.
Figure 23-5 Neighbor Discovery and the SLAAC Process
Let’s briefly review the steps in Figure 23-5.
Step 1. PC-B sends an RS message to the all-routers multicast address, FF02::2, to inform the local IPv6 router that it needs an RA message.
Step 2. RouterA receives the RS message and responds with an RA message. Included in the RA message are the prefix and prefix length of the network. The RA message is sent to the IPv6 all-nodes multicast address, FF02::1, with the link-local address of the router as the IPv6 source address.
Step 3. PC-B uses this information to create its own IPv6 global unicast address. It appends the 64-bit prefix address to its own locally generated 64-bit interface ID, which it creates using either the EUI process (see Figure 23-5) or a random number generator. It uses RouterA’s link-local address as the default gateway.
Step 4. Before PC-B can use this newly created IPv6 address, it uses the DAD process, sending out an NS message to verify that the address is unique.
An RA message informs a client how to obtain automatic IPv6 addressing: using SLAAC, DHCPv6, or a combination of the two. The RA message contains two flags to indicate the configuration option: the Managed Address Configuration flag (M flag) and the Other Configuration flag (O flag).
The default setting for these flags is 0, or both bits off. To the client, this means it is to use the SLAAC process exclusively to obtain all of its IPv6 addressing information. If either of these flags is set to 1 for some reason, you can use the no form of the following ipv6 nd commands in interface configuration mode to reset them to 0:
Router(config-if)# no ipv6 nd managed-config-flag Router(config-if)# no ipv6 nd other-config-flag
Stateless DHCPv6
In stateless DHCPv6, the client uses the RA message from the router to generate its global unicast address. However, the client then sends a request to the DHCPv6 server to obtain any additional information that the RA has not already supplied.
For stateless DHCPv6, the O flag is set to 1 so that the client is informed that additional configuration information is available from a stateless DHCPv6 server. Use the following command on the interface to modify the RA message:
Router(config-if)# ipv6 nd other-config-flag
Stateful DHCPv6
For stateful DHCPv6, the RA message tells the client to obtain all its addressing information from a DHCPv6 server. The M flag must be set on the interface with the following command:
Router(config-if)# ipv6 nd managed-config-flag
Stateless and Stateful DHCPv6 Operation
Figure 23-6 shows the full operation of DHCPv6, regardless of the method used: SLAAC, stateless DHCPv6, or stateful DHCPv6.
Figure 23-6 DHCPv6 Operations
The following steps occur in Figure 23-6:
Step 1. PC1 sends an RS message on bootup to begin the process of obtaining IPv6 addressing.
Step 2. R1 replies with an RA message. If the M and O flags are not set, PC1 uses SLAAC. If either the M flag or the O flag is set, PC1 begins the DHCPv6 process.
Step 3. PC1 sends a DHCPv6 SOLICIT message to the all-DHCPv6-servers address, FF02::1:2—a link-local multicast address that will not be forwarded by routers.
Step 4. A DHCPv6 server responds with a DHCPv6 ADVERTISE unicast message informing the client of its presence.
Step 5. The client sends either a unicast DHCPv6 REQUEST (the M flag was set, and the client is using stateful DHCPv6) or a unicast DHCPv6 INFORMATION-REQUEST (the O flag was set, and the client is using stateless DHCPv6).
Step 6. The server replies with the information requested.
DHCPv6 Configuration Options
A router can be configured as a stateless DHCPv6 server, a stateful DHCPv6 server, and a DHCPv6 client. As in DHCPv4, the router can be configured with all three, depending on what role it plays for its various interfaces.
Configuring a Router as a Stateless DHCPv6 Server
We use Figure 23-7 for all the examples in this section. R1 is the DHCPv6 server, and R3 is the DHCPv6 client.
Figure 23-7 DHCPv6 Server and Client Topology
To configure R1 as a stateless DHCP server, you need to make sure that ipv6 unicast-routing is enabled. Then, in global configuration mode, configure the pool name, DNS server, and domain name. Finally, enable the DHCPv6 pool on the appropriate interface and set the O flag so that clients on that interface know to request DHCPv6 services from the router. Example 23-5 shows the configuration for R1.
Example 23-5 Configuring a Router as a Stateless DHCPv6 Server
R1(config)# ipv6 unicast-routing R1(config)# ipv6 dhcp pool O-FLAG-SET R1(config-dhcpv6)# dns-server 2001:db8:acad:1::5 R1(config-dhcpv6)# domain-name cisco.com R1(config-dhcpv6)# exit R1(config)# interface g0/1 R1(config-if)# ipv6 address 2001:db8:1:1::1/64 R1(config-if)# ipv6 dhcp server O-FLAG-SET R1(config-if)# ipv6 nd other-config-flag R1(config-if)# end R1# show ipv6 dhcp pool DHCPv6 pool: O-FLAG-SET DNS server: 2001:DB8:ACAD:1::5 Domain name: cisco.com Active clients: 0 R1#
To configure a router interface as a DHCPv6 client, enable IPv6 on the interface and enter the ipv6 address autoconfig command, as in Example 23-6. Verify the configuration with the show ipv6 interface command.
Example 23-6 Configuring an Interface as a DHCPv6 Client
R3(config)# interface g0/1
R3(config-if)# ipv6 enable
R3(config-if)# ipv6 address autoconfig
R3(config-if)# end
R3# show ipv6 interface g0/1
GigabitEthernet0/1 is up, line protocol is up
IPv6 is enabled, link-local address is FE80::32F7:DFF:FE25:2DE1
No Virtual link-local address(es):
Stateless address autoconfig enabled
Global unicast address(es):
2001:DB8:1:1:32F7:DFF:FE25:2DE1, subnet is 2001:DB8:1:1::/64 [EUI/CAL/PRE]
valid lifetime 2591935 preferred lifetime 604735
Joined group address(es):
FF02::1
FF02::1:FF25:2DE1
MTU is 1500 bytes
ICMP error messages limited to one every 100 milliseconds
ICMP redirects are enabled
ICMP unreachables are sent
ND DAD is enabled, number of DAD attempts: 1
ND reachable time is 30000 milliseconds (using 30000)
ND NS retransmit interval is 1000 milliseconds
Default router is FE80::D68C:B5FF:FECE:A0C1 on GigabitEthernet0/1
R3#
Configuring a Router as a Stateful DHCPv6 Server
The main difference between a stateless configuration and a stateful configuration is that a stateful server includes IPv6 addressing information and keeps a record of the IPv6 addresses that are leased out. Also, for the client side, the ipv6 address dhcp command is used instead of the ipv6 address autoconfig command. Example 23-7 shows the stateful DHCPv6 server configuration with stateful address information added and the M bit set instead of the O bit.
Example 23-7 Configuring a Router as a Stateful DHCPv6 Server
R1(config)# ipv6 unicast-routing R1(config)# ipv6 dhcp pool M-FLAG-SET R1(config-dhcpv6)# address prefix 2001:db8:1:1::/64 lifetime infinite infinite R1(config-dhcpv6)# dns-server 2001:db8:acad:1::5 R1(config-dhcpv6)# domain-name cisco.com R1(config-dhcpv6)# exit R1(config)# interface g0/1 R1(config-if)# ipv6 address 2001:db8:1:1::1/64 R1(config-if)# ipv6 nd managed-config-flag R1(config-if)# end !After R3 is configured as a DHCP client, verify DHCP with the following commands: R1# show ipv6 dhcp pool DHCPv6 pool: M-FLAG-SET Address allocation prefix: 2001:DB8:1:1::/64 valid 4294967295 preferred 4294967295 (1 in use, 0 conflicts) DNS server: 2001:DB8:ACAD:1::5 Domain name: cisco.com Active clients: 1 R1# show ipv6 dhcp binding Client: FE80::32F7:DFF:FEA3:1640 DUID: 0003000130F70DA31640 Username: unassigned IA NA: IA ID 0x00060001, T1 43200, T2 69120 Address: 2001:DB8:1:1:8902:60D6:E76:6C16 preferred lifetime INFINITY, , valid lifetime INFINITY, R1#
DHCP Troubleshooting
DHCP problems can arise for a multitude of reasons, such as software defects in operating systems, NIC drivers, or DHCP relay agents. However, the most common problems are configuration issues.
Resolving IPv4 Address Conflicts
An IPv4 address lease can expire on a client that is still connected to a network. If the client does not renew the lease, the DHCP server can reassign that IPv4 address to another client. When the client reboots, it requests an IPv4 address. If the DHCP server does not respond quickly, the client uses the last IPv4 address. Then two clients begin using the same IPv4 address, creating a conflict.
The show ip dhcp conflict command displays all address conflicts recorded by the DHCP server. The server uses the ping command to detect conflicts. The client uses Address Resolution Protocol (ARP) to detect clients. If an address conflict is detected, the address is removed from the pool and is not assigned until an administrator resolves the conflict.
Testing Connectivity Using a Static IP Address
When troubleshooting any DHCP issue, verify network connectivity by configuring static IPv4 address information on a client workstation. If the workstation cannot reach network resources with a statically configured IPv4 address, the root cause of the problem is not the DHCP server. At this point, network connectivity troubleshooting is required.
Verifying Switch Port Configuration
If the DHCP client cannot obtain an IPv4 address from the DHCP server at startup, attempt to obtain an IPv4 address from the DHCP server by manually forcing the client to send a DHCP request. If a switch lies between the client and the DHCP server and the client cannot obtain the DHCP configuration, switch port configuration issues might be the cause. These causes can include issues from trunking and channeling to STP and RSTP. PortFast configuration and edge port configurations resolve the most common DHCPv4 client issues that occur with an initial installation of a Cisco switch.
Testing DHCPv4 Operation on the Same Subnet or VLAN
Distinguishing whether DHCP is functioning correctly is important when the client is on the same subnet or VLAN as the DHCP server. If DHCP is working correctly when the client is on the same subnet or VLAN, the problem might be the DHCP relay agent. If the problem persists even when testing DHCP on the same subnet or VLAN as the DHCP server, the problem might be with the DHCP server.
DNS Operation
DNS is a distributed system of servers that resolve domain names to IP addresses. The domain name is part of the uniform resource identifier (URI), as Figure 23-8 shows.
Figure 23-8 URI Structure
When you type a new URI in your browser, your computer uses DNS to send out a request to resolve the URI into an IP address. Figure 23-9 summarizes the DNS process.
Figure 23-9 DNS Process
The DNS server stores different types of resource records used to resolve names. These records contain the name, address, and type of record. Some of these record types follow:
A: An end device IPv4 address
NS: An authoritative name server
AAAA: An end device IPv6 address (pronounced “quad-A”)
MX: A mail exchange record
When a client makes a query, the server’s DNS process first looks at its own records to resolve the name. If it cannot resolve the name using its stored records, it contacts other servers to resolve the name.
DNS root servers manage the top-domain suffixes, such as these:
.com: Commercial businesses
.edu: Educational organizations
.gov: Government organizations
.mil: Military organizations
.net: Networking organizations, such as ISPs
.org: Noncommercial organizations
Top-level DNS servers also exist for each country code, such as .ca (Canada), .de (Germany), .ru (Russia), and .cn (China).
Troubleshooting DNS
As a network administrator, your control over DNS issues is limited to two basic issues: DHCP server configurations and DNS server configurations.
In a small branch office, you are most likely using your ISP for all your DNS resolutions. Therefore, all the clients on your network will most likely have the IP address of the default gateway configured as the DNS server, as shown in the ipconfig /all output in Example 23-8.
Example 23-8 DNS Server As the Default Gateway
C:> ipconfig /all Windows IP Configuration <output omitted> DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes IPv4 Address. . . . . . . . . . . : 10.10.10.2(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Sunday, November 13, 2016 1:28:51 PM Lease Expires . . . . . . . . . . : Monday, November 14, 2016 1:28:50 PM Default Gateway . . . . . . . . . : 10.10.10.1 DHCP Server . . . . . . . . . . . : 10.10.10.1 DNS Servers . . . . . . . . . . . :10.10.10.1
Therefore, issues with DNS are most likely due to issues with the default gateway router or the connection to your ISP. If you know the IP address of a publicly available server, you can verify that DNS is the issue if you can ping the IP address but not the URI.
In larger organizations, the network administrator is responsible for making sure the DHCP server is configured with accurate DNS IP addresses. Those DNS servers are most likely managed in-house to reduce the amount of outbound traffic to the public DNS servers. DNS server misconfiguration could be the cause if end-user devices cannot resolve URIs. Therefore, the hierarchy of DNS servers within the organization should ensure that there are backup DNS servers and that, when a record doesn’t exist, the DNS server can accurately forward the request to another DNS server.
Verifying Host IP Configuration
Whether manually configured or dynamically learned, every device on the network must have a valid IP address configuration. The following are some examples of those settings on Windows, Linux, and macOS.
IP Settings
To work correctly, an IP host needs to know these values:
DNS server IP addresses
Default gateway (router) IP address
Device’s own IP address
Device’s own subnet mask
Host IP Settings on Windows
In Windows 10, you can access IP address details from the Network and Sharing Center, as shown in Figure 23-10, to quickly view the four important settings: address, mask, router, and DNS.
Figure 23-10 Windows 10 Network Connection Details
However, network administrators typically open a command line window to verify IP settings. All Windows versions support ipconfig and ipconfig /all, as shown in Example 23-9. Both list the address, mask, and default gateway. But you need ipconfig /all to see DNS server settings. Also notice in Example 23-9 that the Ethernet adapter does not have a default gateway. That is because the computer is currently using the wireless adapter for network connectivity.
Example 23-9 Windows Command Line IP Settings Verification
C:> ipconfig <some output omitted> Windows IP Configuration Ethernet adapter Ethernet 2: Connection-specific DNS Suffix . : cisco.com IPv6 Address. . . . . . . . . . . : 2001:db8:acad:1008::3d Link-local IPv6 Address . . . . . : fe80::ad66:4abd:d554:f703%20 IPv4 Address. . . . . . . . . . . : 10.24.247.53 Subnet Mask . . . . . . . . . . . : 255.255.255.255 Default Gateway . . . . . . . . . : :: 0.0.0.0 Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : lan Link-local IPv6 Address . . . . . : fe80::90cb:adf9:9331:8ded%13 IPv4 Address. . . . . . . . . . . : 10.10.10.73 Subnet Mask . . . . . . . . . . . : 255.255.255.0 Default Gateway . . . . . . . . . : 10.10.10.1 C:> ipconfig /all <some output omitted> Windows IP Configuration Host Name . . . . . . . . . . . . : ALLANJ Primary Dns Suffix . . . . . . . : cisco.com Node Type . . . . . . . . . . . . : Hybrid IP Routing Enabled. . . . . . . . : No WINS Proxy Enabled. . . . . . . . : No DNS Suffix Search List. . . . . . : cisco.com lan Wireless LAN adapter Wi-Fi: Connection-specific DNS Suffix . : lan Description . . . . . . . . . . . : Intel(R) Dual Band Wireless-AC 8265 Physical Address. . . . . . . . . : 88-B1-11-77-4A-D9 DHCP Enabled. . . . . . . . . . . : Yes Autoconfiguration Enabled . . . . : Yes Link-local IPv6 Address . . . . . : fe80::90cb:adf9:9331:8ded%13(Preferred) IPv4 Address. . . . . . . . . . . : 10.10.10.73(Preferred) Subnet Mask . . . . . . . . . . . : 255.255.255.0 Lease Obtained. . . . . . . . . . : Saturday, August 31, 2019 12:17:12 PM Lease Expires . . . . . . . . . . : Tuesday, September 3, 2019 11:03:11 AM Default Gateway . . . . . . . . . : 10.10.10.1 DHCP Server . . . . . . . . . . . : 10.10.10.1 DHCPv6 IAID . . . . . . . . . . . : 92844305 DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-21-8E-02-90-54-E1-AD-83-2C-77 DNS Servers . . . . . . . . . . . : 10.10.10.1 NetBIOS over Tcpip. . . . . . . . : Enabled C:Usersallan>
Host IP Settings on macOS
On a Mac, open Network Preferences > Advanced to get the IP addressing information shown in Figure 23-11. The router IP address is the default gateway and also serves as the DNS server for this device.
Figure 23-11 macOS Network Settings
On the command line for macOS, use the ifconfig command to view IP addressing information, as shown in Example 23-10. Other useful commands include networksetup -listallnetworkservices, networksetup -getinfo <network service>, and networksetup -getdnsservers <network service> (not shown).
Example 23-10 macOS Command Line IP Settings Verification
MacBook-Air:~ Becky$ ifconfig en0
en0: flags=8863 mtu 1500
ether c4:b3:01:a0:64:98
inet6 fe80::c0f:1bf4:60b1:3adb%en0 prefixlen 64 secured scopeid 0x5
inet 10.10.10.113 netmask 0xffffff00 broadcast 10.10.10.255
nd6 options=201
media: autoselect
status: active
MacBook-Air:~ Becky$ networksetup -listallnetworkservices
An asterisk (*) denotes that a network service is disabled.
iPhone USB
Wi-Fi
Bluetooth PAN
Thunderbolt Bridge
MacBook-Air:~ Becky$ networksetup -getinfo Wi-Fi
DHCP Configuration
IP address: 10.10.10.113
Subnet mask: 255.255.255.0
Router: 10.10.10.1
Client ID:
IPv6: Automatic
IPv6 IP address: none
IPv6 Router: none
Wi-Fi ID: c4:b3:01:a0:64:98
MacBook-Air:~ Becky$
Host IP Settings on Linux
Verifying IP settings using the GUI on a Linux machine differs depending on the Linux distribution and desktop interface. Figure 23-12 shows the Connection Information dialog box on the Ubuntu distro running the Gnome desktop.
Figure 23-12 Linux Ubuntu Connection Information
Example 23-11 shows the commands to verify the IP settings on a Linux machine.
Example 23-11 Linux OS Command Line IP Settings Verification
allan@allan-VirtualBox:~$ ifconfig enp0s3
enp0s3 Link encap:Ethernet HWaddr 08:00:27:b5:d6:cb
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
inet6 addr: fe80::57c6:ed95:b3c9:2951/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:1332239 errors:0 dropped:0 overruns:0 frame:0
TX packets:105910 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1855455014 (1.8 GB) TX bytes:13140139 (13.1 MB)
allan@allan-VirtualBox:~$ ip address
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 08:00:27:b5:d6:cb brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
valid_lft 86130sec preferred_lft 86130sec
inet6 fe80::57c6:ed95:b3c9:2951/64 scope link
valid_lft forever preferred_lft forever
Study Resources
For today’s exam topics, refer to the following resources for more study.
Resource |
Module or Chapter |
Cisco Network Academy: CCNA 1 |
4 |
|
6 |
|
7 |
CCNA 200-301 Official Cert Guide, Volume 1 |
5 |
|
8 |
Portable Command Guide |
17 |