The OpenNET Project / Index page

[ новости /+++ | форум | теги | ]




Версия для распечатки Пред. тема | След. тема
Новые ответы [ Отслеживать ]
DNS для LAN и DHCP, !*! kvasik, 27-Сен-08, 19:58  [смотреть все]
Добрый вечер.
Не так давно стал обладателем CISCO 851, настроил PPPoE, но есть вопросы:

1) Когда компьютер в ЛАНе соединяется по DHCP, ему присваиваются:
Шлюз: 192.168.0.1
ДНС1: 80.*.*.*
ДНС2: 80.*.*.*
Есть желание, чтобы при соединении в ЛАН, в качестве DNS сервера можно было указывать тот же ИП-адрес, что и на Шлюзе (192.168.0.1)
Это связано с тем, что у провайдера могут меняться ИП-адреса ДНС-северов, а при соединении по PPPoE они обычно не указываются вручную, а присваиваются автоматически.

2) DHCP сервер на Сиске довольно долго раздает ИП-дареса (около минуты), как можно ускорить этот процесс и увеличит ли это нагрузку на маршрутизатор?

Конфиг ниже, буду благодарен за ответы :)

=====
Building configuration...                                                      
                                                                                
Current configuration : 1654 bytes                                              
!                                                                              
version 12.4                                                                    
no service pad                                                                  
service timestamps debug datetime msec                                          
service timestamps log datetime msec                                            
service password-encryption                                                    
!                                                                              
hostname Router                                                                    
!                                                                              
boot-start-marker                                                              
boot-end-marker                                                                
!                                                                              
!                                                                              
no aaa new-model                                                                
!                                                                              
resource policy                                                                
!                                                                              
ip subnet-zero                                                                  
no ip dhcp use vrf connected                                                    
no ip dhcp conflict logging                                                    
ip dhcp excluded-address 192.168.0.1 192.168.0.99                              
ip dhcp excluded-address 192.168.0.200 192.168.0.255                            
!                                                                              
ip dhcp pool DHCPooL                                                            
   import all                                                                  
   network 192.168.0.0 255.255.255.0                                            
   default-router 192.168.0.1                                                  
   lease 365                                                                    
!                                                                              
!                                                                              
ip cef                                                                          
vpdn enable                                                                    
!                                                                              
!                                                                              
!                                                                              
!                                                                              
!                                                                              
!                                                                              
!                                                                              
!                                                                              
!                                                                              
interface FastEthernet0                                                        
!                                                                              
interface FastEthernet1                                                        
!                                                                              
interface FastEthernet2                                                        
!                                                                              
interface FastEthernet3                                                        
!                                                                              
interface FastEthernet4                                                        
no ip address                                                                  
no ip unreachables                                                            
ip nat outside                                                                
ip virtual-reassembly                                                          
speed auto                                                                    
full-duplex                                                                    
pppoe enable group global                                                      
pppoe-client dial-pool-number 10                                              
!                                                                              
interface Vlan1                                                                
ip address 192.168.0.1 255.255.255.0                                          
ip nat inside                                                                  
ip virtual-reassembly                                                          
!                                                                              
interface Dialer1                                                              
ip address negotiated                                                          
ip access-group 110 in                                                        
ip mtu 1492                                                                    
ip nat outside                                                                
ip virtual-reassembly                                                          
encapsulation ppp                                                              
dialer pool 10                                                                
dialer-group 10                                                                
ppp chap hostname ******                                                    
ppp chap password 7 ******                                            
ppp ipcp dns request                                                          
!                                                                              
ip classless                                                                    
ip route 0.0.0.0 0.0.0.0 Dialer1                                                
!                                                                              
no ip http server                                                              
no ip http secure-server                                                        
ip nat inside source list 100 interface Dialer1 overload                        
!                                                                              
access-list 100 permit ip 192.168.0.0 0.0.0.255 any                            
dialer-list 10 protocol ip permit                                              
!                                                                              
control-plane                                                                  
!                                                                              
!                                                                              
line con 0                                                                      
password 7 ******                                                    
login                                                                          
no modem enable                                                                
line aux 0                                                                      
password 7 ******                                                    
login                                                                          
line vty 0 4                                                                    
password 7 ******                                                    
login                                                                          
!                                                                              
scheduler max-task-time 5000                                                    
end
=====

  • DNS для LAN и DHCP, !*! CrAzOiD, 20:27 , 27-Сен-08 (1)
    >[оверквотинг удален]
    >Не так давно стал обладателем CISCO 851, настроил PPPoE, но есть вопросы:
    >
    >
    >1) Когда компьютер в ЛАНе соединяется по DHCP, ему присваиваются:
    >Шлюз: 192.168.0.1
    >ДНС1: 80.*.*.*
    >ДНС2: 80.*.*.*
    >Есть желание, чтобы при соединении в ЛАН, в качестве DNS сервера можно
    >было указывать тот же ИП-адрес, что и на Шлюзе (192.168.0.1)
    >Это связано с тем, что у провайдера могут меняться ИП-адреса ДНС-северов, а

    изменение - редкий случай
    но если все-же хотите, тогда:
    1.
    ip dhcp pool DHCPooL
       default-router 192.168.0.1
       dns-server 192.168.0.1

    2. настраивайте DNS Proxy (для вашей платфотма только 12.4T ADVANCED SECURITY релизы)

    ip dns server
    ip dns spoofing [xxx.xxx.xxx.xxx] где xxx.xxx.xxx.xxx можно указать IP провайдеркого DNS, а можно и не указывать и будет использоваться адрес DNS полученный от провайдера (если, конечно, такое событие имело место, вдруг у вас статика)

    >2) DHCP сервер на Сиске довольно долго раздает ИП-дареса (около минуты), как
    >можно ускорить этот процесс и увеличит ли это нагрузку на маршрутизатор?

    Это не DHCP долго отдает, это долго порты на свиче инициализируются
    Если нет других управляемых свичей в сети пропиши spanning-tree portfast на интерфейс[е|ах] свича





Партнёры:
PostgresPro
Inferno Solutions
Hosting by Hoster.ru
Хостинг:

Закладки на сайте
Проследить за страницей
Created 1996-2024 by Maxim Chirkov
Добавить, Поддержать, Вебмастеру