configuring the dhcp server for huawei firewall
DESCRIPTION
Leading Huawei networking products distributor-huanetwork.com Configuring the DHCP Server for Huawei FirewallTRANSCRIPT
Configuring the DHCP Server for Huawei Firewall
This chapter we will tell you the DHCP Server function and how to configure the DHCP
Server for Huawei symantec firewall.
DHCP Server
Dynamic Host Configuration Protocol (DHCP) is a technology for dynamically managing
and configuring users in a centralized way. The DHCP technology realizes dynamic
assignment and centralized management of user addresses and configuration
information, enabling enterprises to rapidly and dynamically assign addresses to users
and manage these addresses. This manner avoids complex manual configuration and
adapts to network changes rapidly.
DHCP uses the Client/Server (C/S) mode. The client applies for configurations. In
response, the server replies with corresponding configurations (including the IP address,
default gateway, DNS server, and WINS server) to dynamically assign IP addresses, and
configure and manage other network parameters in a centralized manner.
DHCP delivers the following functions:
Device Serving as a DHCP Server
The device supports the configuration of the DHCP server on the interface. It assigns IP
addresses and network parameters to clients on different network segments or those on
cross-network segments by interworking with the DHCP relay.
Policies for IP Address Allocation
According to the different requirements, the DHCP server provides the following IP
address allocation policies:
l Static address allocation
A few specific hosts (such as the PCs of high access permissions and the servers of
various types) require fixed IP addresses. To address their requirements, you can
configure the static address allocation on these hosts. After that, when a client with a
designated MAC address applies for an IP address, the server assigns a bound fixed IP
address to the client based on its MAC address. This allows the specific hosts to use
their fixed IP addresses.
l Dynamic address allocation
The DHCP server chooses IP addresses from the available IP address range and
assigns
them to the client in lease mode. After the lease expires, the clients need to re-apply for
IP
addresses. The "infinite" lease is a special case in dynamic address allocation, which
allows the clients to occupy their assigned IP addresses for a long time.
1
Before the DHCP server dynamically allocates IP addresses, it proactively excludes
certain IP addresses, including those that have been assigned, reserved, or configured
as static addresses. This avoids that the same address is assigned to different clients
and eliminates IP address collision.
Assignable IP address range
You can define the start and end IP addresses of the allocatable IP address range. The
start IP address and end IP address can be on different network segments.
l When the DHCP server and DHCP client are on the same network segment, the DHCP
server assigns its interface IP addresses on the same network segment to the DHCP
client.
l When the DHCP server and DHCP client are on the different network segments, the
DHCP server assigns the IP addresses that are on the same network segment as the
interface IP address of the DHCP relay to the DHCP client.
By default, the allocatable IP address range is on the network segment where the
interface IP address resides, after the DHCP server is enabled on the interface.
Network parameter service accessible to the client
The DHCP server, by using the Option fields in the DHCP packets, can centrally specify
the client network parameters, including:
l Client domain name and DNS server address.
l Windows Internet Naming Server (WINS).
l Egress gateway address.
Device Serving as a DHCP Relay
A DHCP client sends the request packets to apply for a dynamic IP address in broadcast
mode; therefore, the DHCP service is applicable only to the application scenarios where
the DHCP server and the DHCP clients reside on the same network segment. It is
uneconomical to deploy a DHCP server on each network segment to dynamically
configure the host. Therefore, it is unnecessary to configure each segment with a DHCP
server to perform dynamic host configuration
.
The DHCP relay is developed as a solution to this problem. The DHCP relay
communicates with the DHCP servers on other subnets and obtains the valid IP
addresses. In this manner, DHCP clients on multiple networks can share a single DHCP
server. This is more cost-effective and facilitates centralized management.
The device supports the configuration of the DHCP relay on the interface. The DHCP
relay interface forwards DHCP packets transparently between the DHCP client and
DHCP server.
The interface IP address must be on the same network segment as the IP address of the
DHCP client.
2
Device Serving as a DHCP Client
The device supports the enabling of the DHCP client on the interface. It uses DHCP to
obtain IP addresses and network segments from the DHCP server, simplifying
configurations and centralized management.
Configuring the DHCP Service
Enabling DHCP Service
Enabling the DHCP service enables other related DHCP functions. Although you can
perform related DHCP configurations in the case of the DHCP service disabled, the
configurations do not take effect.
Step 1 Choose Network > DHCP Server > Settings.
Step 2 Select the Enable check box corresponding to DHCP Service in Configure
DHCP Basic Parameter.
Step 3 Click Apply.
If the Operation succeeded dialog box is displayed, the function is successfully enabled.
----End
Creating a DHCP Server
The DHCP server not only provides clients on the same network segment with
dynamically assigned IP addresses, statically assigned IP addresses, designated DNS
servers, gateways, and WINS servers, but also collaborates with the DHCP relay to
assign IP addresses and network parameters to client across network segments.
The DHCP server and DHCP relay services cannot coexist on the same interface.
Step 1 Choose Network > DHCP Server > Settings.
Step 2 Click Add in DHCP Service Information List.
Step 3 Enter or select parameters listed in Table 1.
Step 4 Click Apply.
If the operation succeeds, DHCP Service Information List is displayed on the page and
new configuration items are added to the list.
Repeat the previous operations to configure the DHCP server function on multiple
interfaces.
3
4
5
6
7
8
----End
Creating a DHCP Relay
The DHCP client can communicate with DHCP servers on other network segments
through a DHCP relay, and finally obtains the IP address. In so doing, DHCP clients on
multiple network segments can use the same DHCP server, which saves costs and
facilitates centralized management.
Before configuring the DHCP relay on an interface, make sure that the DHCP server is
already configured, and the DHCP server and DHCP relay interface are routable. In
addition, the IP address of the DHCP relay interface should be on the same network
segment as the IP address assigned by the DHCP server to the client, and the default
gateway of the DHCP client is the IP address of the DHCP relay interface.
The DHCP server and DHCP relay services cannot coexist on the same interface.
Step 1 Choose Network > DHCP Server > Settings.
Step 2 Click Add in DHCP Service Information List.
Step 3 Enter or select parameters listed in Table 2.
Step 4 Click Apply.
If the operation succeeds, DHCP Service Information List is displayed on the page and
new configuration items are added to the list.
Repeat the previous operations to configure the DHCP relay function on multiple
interfaces.
Table 2 Parameters of the DHCP relay
----End
9
Modifying the DHCP Service
Step 1 Choose Network > DHCP Server > Settings.
Step 2 In DHCP Service Information List, click in the line where the DHCP service to
be modified resides.
Step 3 Enter or select parameters listed in Table 1 and Table 2. Interface Name cannot
be modified.
Step 4 Click Apply.
If the operation succeeds, DHCP Service Information List is displayed.
----End
Deleting the DHCP Service
Step 1 Choose Network > DHCP Server > Setting.
Step 2 Select the check boxes of multiple entries or the check box in the table header for
selecting all.
Step 3 Click Delete.
If the operation succeeds, DHCP Service Information List is displayed on the page and
entries that are just selected are not displayed in the list.
----End
More related:
Huawei Next Generaion Firewall Comprehensively Resolve Enterprise
Configuration for Huawei Symantec Firewall
How to Enable DST for USG2000/5000
Huawei Firewall USG5300: Configuring System Parameters
More Huawei products and Reviews you can visit: http://www.huanetwork.com/blog
Huanetwork.com is a world leading Huawei networking products distributor, we wholesale
original new Huawei networking equipments, including Huawei switches, Huawei routers,
Huaweisymantec security products, Huawei IAD, Huawei SFP and other Huawei
networking products. Our customers include telecom operators, Huawei resellers, ISP
and system integrators. Right now most of our sales are contributed by regular
customers
Our website: http://www.huanetwork.com
Telephone: +852-30501940
Email: [email protected]
Address: 23/F Lucky Plaza, 315-321 Lockhart Road, Wanchai, Hongkong
10