Chapter 3 Lab A - Securing Administrative Access Using AAA and ...
Chapter 3 Lab A - Securing Administrative Access Using AAA and ...
Chapter 3 Lab A - Securing Administrative Access Using AAA and ...
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
CCNPv6 TSHOOT*Mar 1 09:10:36.921: DHCPSNOOP(hlfm_set_if_input): Setting if_input to Po1 forpak. Was not set*Mar 1 09:10:36.921: DHCP_SNOOPING: received new DHCP packet from input interface (Port-channel1)*Mar 1 09:10:36.921: DHCP_SNOOPING: process new DHCP packet, message type: DHCPACK, input interface: Po1, MAC da: ffff.ffff.ffff, MAC sa: 0017.5a5b.b443, IP da: 255.255.255.255, IP sa: 10.1.10.252, DHCP ciaddr: 0.0.0.0, DHCP yiaddr: 10.1.10.1, DHCP siaddr: 0.0.0.0, DHCP giaddr: 0.0.0.0, DHCP chaddr:ALS1# 000b.db04.a5cd*Mar 1 09:10:36.921: DHCP_SNOOPING: binary dump of option 82, length: 20 data:0x52 0x12 0x1 0x6 0x0 0x4 0x0 0xA 0x1 0x12 0x2 0x8 0x0 0x6 0x0 0x1B 0xC 0x6D 0x8F 0x0*Mar 1 09:10:36.921: DHCP_SNOOPING: binary dump of extracted circuit id, length: 8 data:0x1 0x6 0x0 0x4 0x0 0xA 0x1 0x12*Mar 1 09:10:36.921: DHCP_SNOOPING: binary dump of extracted remote id, length:10 data:0x2 0x8 0x0 0x6 0x0 0x1B 0xC 0x6D 0x8F 0x0*Mar 1 09:10:36.921: DHCP_SNOOPING_SW: opt82 data indicates loALS1#cal packet*Mar 1 09:10:36.921: DHCP_SNOOPING_SW: opt82 data indicates local packet*Mar 1 09:10:36.921: DHCP_SNOOPING: remove relay information option.*Mar 1 09:10:36.921: DHCP_SNOOPING: direct forward dhcp reply to output port: FastEthernet0/18.ALS1#u allAll possible debugging has been turned offALS1#In the above example, the ip dhcp relay information trust-all comm<strong>and</strong> was issued on DLS1. TheDHCP DISCOVER message received on ALS1 interface Fa0/18 (from PC-B) <strong>and</strong> was forwarded to DLS1 tocomplete the DHCP exchange between PC-B <strong>and</strong> DLS1.DLS1#debug ip dhcp server packetDHCP server packet debugging is on.Dec 11 14:14:25.024: DHCPD: Reload workspace interface Vlan10 tableid 0.Dec 11 14:14:25.024: DHCPD: tableid for 10.1.10.252 on Vlan10 is 0Dec 11 14:14:25.024: DHCPD: client's VPN is .Dec 11 14:14:25.024: DHCPD: inconsistent relay information.Dec 11 14:14:25.024: DHCPD: relay information option exists, but giaddr is zeroIn the above example, with dhcp relay information from ALS1 <strong>and</strong> a GIADDR of 0.0.0.0, the relay information isinconsistent <strong>and</strong> DLS1 rejects the DHCP DISCOVER message from PC-B.DLS1#debug ip dhcp server packetDHCP server packet debugging is on.Dec 11 14:28:13.118: DHCPD: Reload workspace interface Vlan10 tableid 0.Dec 11 14:28:13.118: DHCPD: tableid for 10.1.10.252 on Vlan10 is 0Dec 11 14:28:13.118: DHCPD: client's VPN is .Dec 11 14:28:13.118: DHCPD: DHCPRELEASE message received from client 0100.0bdb.04a5.cd (10.1.10.1).Dec 11 14:28:15.542: DHCPD: Reload workspace interface Vlan10 tableid 0.Dec 11 14:28:15.542: DHCPD: tableid for 10.1.10.252 on Vlan10 is 0Dec 11 14:28:15.542: DHCPD: client's VPN is .Dec 11 14:28:15.542: DHCPD: using received relay info.Dec 11 14:28:15.542: DHCPD: DHCPDISCOVER received from client 0100.0bdb.04a5.cdon interface Vlan10.All contents are Copyright © 1992–2010 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 12 of 17