我目前正在尝试设置 DHCP 服务器以在 ZTP 环境中使用它。我的第一个目标是能够基于硬件自动升级我的瞻博网络设备。
我真正想要实现的是将适当的 JUNOS 软件分配给适当的瞻博网络硬件。例如,MX104 应下载 MX104 目标映像,EX4550 应下载 EX4550 目标映像。
到现在为止,我已经用 ISC 成功地设置了一个 DHCP 服务器。但这很简单,直到这里。
现在我正在尝试使用类和池来匹配供应商类标识符集,并将其设置为正确的池。
我的 DHCP 服务器配置如下:
option domain-name "example.com";
option domain-name-servers 8.8.8.8, 8.8.4.4;
option domain-search "example.com";
set vendor-string = option vendor-class-identifier;
option ztp-file-server code 150 = { ip-address };
option space ztp-ops;
option ztp-ops.image-file-name code 0 = text;
option ztp-ops.config-file-name code 1 = text;
option ztp-ops.image-file-type code 2 = text;
option ztp-ops.transfer-mode code 3 = text;
option ztp-ops-encapsulation code 43 = encapsulate ztp-ops;
class "juniper-mx10003" {
match if substring(option vendor-class-identifier, 0, 15) = "Juniper-mx10003";
}
subnet 10.24.0.0 netmask 255.255.0.0 {
default-lease-time 600;
max-lease-time 86400;
option routers 10.24.0.1;
range 10.24.254.0 10.24.254.254;
# Address pool(s)
pool {
range 10.24.253.0 10.24.253.10;
allow members of "juniper-mx10003";
option ztp-file-server 10.24.1.2;
option ztp-ops.transfer-mode "http";
option ztp-ops.image-file-name "/junos-vmhost-install-mx-x86-64-18.1R1.9.tgz";
}
}
我的 MX10003 有一个瞻博网络配置,如下所示:
system {
root-authentication {
encrypted-password "YEAH"; ## SECRET-DATA
}
syslog {
user * {
any emergency;
}
file messages {
any notice;
authorization info;
}
file interactive-commands {
interactive-commands any;
}
}
}
interfaces {
fxp0 {
unit 0 {
family inet {
dhcp {
vendor-id Juniper-mx10003;
}
}
}
}
}
在启动或清除并请求租用时,MX 要求 IP 地址,但这是分配的 10.24.254.0 到 10.24.254.254 范围之一,而不是从 10.24.253.0 到 10.24.253.10。
我尝试使用 dhcpdump 转储 DHCP 交换,结果如下:
TIME: 2018-06-01 15:07:50.357
IP: 0.0.0.0 (d8:18:d3:1e:a9:66) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 1 (BOOTPREQUEST)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 52cccd10
SECS: 0
FLAGS: 7f80
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: d8:18:d3:1e:a9:66:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 1 (DHCPDISCOVER)
OPTION: 60 ( 15) Vendor class identifier Juniper-mx10003
OPTION: 51 ( 4) IP address leasetime 86400 (24h)
---------------------------------------------------------------------------
TIME: 2018-06-01 15:07:51.297
IP: 10.24.1.2 (0:c:29:8:a6:dd) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 2 (BOOTPREPLY)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 52cccd10
SECS: 0
FLAGS: 7f80
CIADDR: 0.0.0.0
YIADDR: 10.24.254.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: d8:18:d3:1e:a9:66:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 2 (DHCPOFFER)
OPTION: 54 ( 4) Server identifier 10.24.1.2
OPTION: 51 ( 4) IP address leasetime 86400 (24h)
OPTION: 1 ( 4) Subnet mask 255.255.0.0
OPTION: 3 ( 4) Routers 10.24.0.1
OPTION: 6 ( 8) DNS server 8.8.8.8,8.8.4.4
OPTION: 119 ( 30) Domain Search 0a6c75786e657477 .example
6f726b0269 .com.
OPTION: 15 ( 13) Domainname example.com
---------------------------------------------------------------------------
TIME: 2018-06-01 15:07:51.302
IP: 0.0.0.0 (d8:18:d3:1e:a9:66) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 1 (BOOTPREQUEST)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 52cccd10
SECS: 0
FLAGS: 7f80
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: d8:18:d3:1e:a9:66:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 54 ( 4) Server identifier 10.24.1.2
OPTION: 55 ( 14) Parameter Request List 3 (Routers)
51 (IP address leasetime)
1 (Subnet mask)
15 (Domainname)
6 (DNS server)
66 (TFTP server name)
67 (Bootfile name)
120 (SIP Servers DHCP Option)
44 (NetBIOS name server)
43 (Vendor specific info)
150 (???)
12 (Host name)
7 (Log server)
42 (NTP servers)
OPTION: 50 ( 4) Request IP address 10.24.254.0
OPTION: 53 ( 1) DHCP message type 3 (DHCPREQUEST)
OPTION: 60 ( 15) Vendor class identifier Juniper-mx10003
OPTION: 51 ( 4) IP address leasetime 86400 (24h)
---------------------------------------------------------------------------
TIME: 2018-06-01 15:07:51.398
IP: 10.24.1.2 (0:c:29:8:a6:dd) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 2 (BOOTPREPLY)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 52cccd10
SECS: 0
FLAGS: 7f80
CIADDR: 0.0.0.0
YIADDR: 10.24.254.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: d8:18:d3:1e:a9:66:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 5 (DHCPACK)
OPTION: 54 ( 4) Server identifier 10.24.1.2
OPTION: 51 ( 4) IP address leasetime 86400 (24h)
OPTION: 1 ( 4) Subnet mask 255.255.0.0
OPTION: 3 ( 4) Routers 10.24.0.1
OPTION: 15 ( 13) Domainname example.com
OPTION: 6 ( 8) DNS server 8.8.8.8,8.8.4.4
---------------------------------------------------------------------------
有没有人尝试做同样的事情?也许我缺少一些明显的东西?
删除
range 10.24.254.0 10.24.254.254;
配置行后一切正常。class
andmatch
语句实际上是有效的,我能够通过为另一种硬件定义一个新类来确认这一点。这是现在使用的正确配置: