806 0963_05F9_c3 © 1999, Cisco Systems, Inc.

1

DNS, DHCP, and IP Address Management
Session 806

806 0963_05F9_c3 © 1999, Cisco Systems, Inc.

2

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

1

DNS and DHCP Challenges
Manual Processes

Public Domain Software

Policies Based on IP Addresses

Intelligent Network Users
User Provisioning Scalable Reliable DNS/DHCP Services
806 0963_05F9_c3 © 1999, Cisco Systems, Inc.

Applications

Automated Network Addressing

User-Based Policy Networking

3

Managing Names and Addresses

Edit by Hand

Spreadsheet

Custom Application

806 0963_05F9_c3 © 1999, Cisco Systems, Inc.

4

Copyright © 1998, Cisco Systems, Inc. All rights reserved. Printed in USA. Presentation_ID.scr

2

Cisco Systems. All rights reserved.scr 3 . Inc. Presentation_ID. Cisco Systems. 6 Copyright © 1998. Inc. Cisco Systems. Inc.Migrating to Directories Etc. Printed in USA. 1980’s 1970’s Few Users 5 Protocol Overview DNS and DHCP 806 0963_05F9_c3 © 1999. Firewall DNS DHCP PC Inventory PC Inventory Many Users DNS DNS Firewall Firewall 2000 Directory DHCP DHCP Policy Policy 1990’s Single Source of Data Multiple Sources of Data Dial-In E-Mail 806 0963_05F9_c3 © 1999.

name server (NS).44.10.How DNS Works DNS Namespace • Hierarchical name space • Each node in tree represents domain/subdomain • Some subdomains are defined as zones • Each zone has a “primary” name server responsible for all lower nodes • Resource records (RR) are defined for each node • Example RRs are: Address (A). Printed in USA. Inc.cisco.COM Name Server CISCO. Cisco Systems.com? 806 0963_05F9_c3 © 1999. Inc. mail exchange (MX). start of authority (SOA) 806 0963_05F9_c3 © 1999. What Is the IP Address for www.COM Name Server www. Cisco Systems. Presentation_ID.com 7 How DNS Works DNS Queries • Clients query local DNS server for IP addresses • Local server starts with the root name server and recursively queries DNS servers until it finds a server that has the answer • Local servers send answers back to the clients and cache the answers Local DNS Server Root Name Server .com zone (root) COM CISCO CISCO WWW WWW TIMSPC TIMSPC RTP RTP timspc.com A. pointer (PTR). All rights reserved. 161. Inc.cisco.9 Q. cisco.cisco. Cisco Systems. DNS Client Outside of Cisco Network 8 Copyright © 1998.scr 4 .

0 Default Routers: 192.204. Cisco Systems.18.1. Primary Sends the Entire 3.COM New Zone Transfer New Zone Transfer 1. Primary Only Sends the 3.204.18.204.9 WINS Server: 192. Cisco Systems.204. Secondary Checks the Serial Number of the Zone Number of the Zone 2. Presentation_ID. Primary Only Sends the Changes to Secondary Server Changes to Secondary Server 9 How DHCP Works Obtaining a Lease • Dynamically assigns configuration information • Creates IP address pools to conserve addresses and support mobile users • Clients broadcasts DHCP Discover packet on local subnet • Multiple servers can respond • Client chooses first or best response 806 0963_05F9_c3 © 1999. Primary DNS Server Sends a NOTIFY Message to Secondary NOTIFY Message to Secondary When the Zone Data Changes When the Zone Data Changes 2.18.18.255. If It Has Changed. Primary Sends the Entire Zone to Secondary Zone to Secondary 806 0963_05F9_c3 © 1999. Secondary Requests an 2.COM Secondary DNS Server for CISCO.18. Inc. All rights reserved. 192.255. If It Has Changed. Secondary Requests a Zone Transfer Requests a Zone Transfer 3.18.204. Cisco Systems. DHCP Server Send My Configuration Information DHCP Client Here is your configuration: IP Address: 192. Secondary Requests an Incremental Zone Transfer Incremental Zone Transfer 3. Primary DNS Server Sends a 1.COM Old Zone Transfer Old Zone Transfer DNS Client Secondary DNS Server for CISCO. 192. Inc.DNS Redundancy • Redundancy is built into DNS • Secondary servers automatically backup primary servers • Secondary servers check the primary for changes in the zone serial number • Updates controlled by the refresh rate in SOA record for zone • Use Notify and Incremental Zone Transfers to reduce propagation delay and bandwidth utilization • Spread secondary and caching DNS servers liberally throughout the network Primary Name Server for CISCO.9 Lease Time: 5 days 10 Copyright © 1998. 1.204.8. Secondary 2. Printed in USA.7 Subnet Mask: 255.3 DNS Servers: 192. Inc.scr 5 . Secondary Checks the Serial 1.

Presentation_ID. 12 Copyright © 1998. Cisco Systems. Inc. All rights reserved.How DHCP Works DHCP Discover Process Server 1 Client ca Server 2 DIS COV (Br ER oad cas t) • DHCP client broadcasts DHCP DISCOVER packet on local subnet • DHCP servers send OFFER packet with lease information • DHCP client selects lease and broadcasts DHCP REQUEST packet • Selected DHCP server sends DHCP ACK packet 806 0963_05F9_c3 © 1999.scr 6 . ER OV ISC D st) (Br oad (U OF FE nic R as t) ER OFF ( Un icas t) T UES REQ ast) (Bro adc (Br REQ UES T o adc ast ) ACK ( Un ica s t) 11 How DHCP Works DHCP Packet OP Code Hardware Type Hardware Length Flags HOPS Transaction ID (XID) Seconds Client IP Address (CIADDR) Your IP Address (YIADDR) Server IP Address (SIADDR) Gateway IP Address (GIADDR) Client Hardware Address (CHADDR)—16 bytes Server Name (SNAME)—64 bytes Filename—128 bytes DHCP Options 806 0963_05F9_c3 © 1999. Cisco Systems. Cisco Systems. Printed in USA. Inc. Inc.

Presentation_ID. 13 What’s New in DNS and DHCP • New DNS standards Dynamic DNS updates (RFC 2136) Incremental Zone Transfers (RFC 1995) Notify (RFC 1996) • New DHCP standards DHCP Safe Failover (Internet draft) 806 0963_05F9_c3 © 1999. All rights reserved. Cisco Systems. Inc.scr 7 . Printed in USA. Cisco Systems. Cisco Systems. Inc. 14 Copyright © 1998.How DHCP Works DHCP Options Common DHCP Options Option Lease Time Subnet Mask Default Routers DNS Servers Domain Name Host Name WINS Servers NetBIOS Node Type Client Identifier • Server passes configuration options to client • Over 100 options defined • Most DHCP clients support approximately 10 options • Custom and vendor options available Code 51 1 3 6 15 12 44 46 61 806 0963_05F9_c3 © 1999. Inc.

Inc.16. and Incremental Zone Transfers Cisco Network Registrar DHCP Server sbombaysbombaypc.18.16. Cisco Systems.scr 8 .cisco.191-200 • Servers synchronize when primary is up • IETF Internet Draft 806 0963_05F9_c3 © 1999.18.com IP: pc.Dynamic DNS Updates.74 Notify Notify Message Message Only changed information is sent Only changed information is sent sbombay-pc.16.18.16.18.com 172.74 WAN IXFR IXFR Request Request DHCP Client • Dramatically reduces propagation delay • Dramatically reduces WAN bandwidth utilization • Integrates DHCP and DNS 806 0963_05F9_c3 © 1999.16. Secondary DNS Server 15 DHCP Safe Failover Protocol • All DHCP requests are sent to both servers • Primary updates backup with lease information Backup DHCP Server Primary DHCP Server • Backup takes over when primary fails Primary Address Pool Primary Address Pool 172.16.74 Cisco Network Registrar Primary DNS Server Host: Host: sbombay-pc sbombay-pc IP Address: IP Address: 172.cisco.16.com IP: 172.18.16.cisco.74 172.16. Cisco Systems.16.com sbombay-pc. Notify.18. Presentation_ID.101-200 172.74 172.18. All rights reserved.18.18.cisco. Cisco Systems.18. Printed in USA.101-200 • Backup server uses dedicated pool of addresses allocated by the primary to prevent duplicate IP address Backup Address Pool Backup Address Pool 172.191-200 172. Inc.74 172. 16 Copyright © 1998. Inc.

cisco.com wwwin.cisco. mail.com Internal timspc.com Internal Network 806 0963_05F9_c3 © 1999.com ftp.cisco. Cisco Systems. Cisco Systems.com DNS mail.scr 9 .cisco.com www. 17 Split DNS • Two “primary” DNS servers for the domain • Hides the structure of the internal network • Internal clients point to internal DNS servers • External server publishes web.cisco.cisco.cisco.cisco.com DNS Server eng-web.cisco. Presentation_ID. 18 Copyright © 1998.com erpserver. ftp and other external servers • Internet DNS servers delegate to external primary DNS server Internet External www.cisco.cisco. Inc. Inc. Cisco Systems.DNS Issues 806 0963_05F9_c3 © 1999. All rights reserved.com callmanager.com mail. Printed in USA.com Server ftp. Inc.

Printed in USA. Cisco Systems.scr 10 .Selective Forwarders Root DNS Server External DNS Server Internet External DNS Server Big. Cisco Systems. 20 Copyright © 1998. Presentation_ID. erp.com Connect to erp. Inc.com Internal DNS Server 19 WINS • Windows Internet Names Service (WINS) NetBIOS Names Service (NBNS) Windows NT file and print services Flat name space • Coexists with DNS • Scaling problems in large networks • Going away with Windows 2000! 806 0963_05F9_c3 © 1999. Inc. Cisco Systems.com Internal DNS Server 806 0963_05F9_c3 © 1999.small. Inc. All rights reserved.small.com Small.

Windows 2000 and Active Directory • Coming soon! • DNS requirements Dynamic DNS updates (RFC 2136) SRV records • Active directory is dependent on DNS • WINS is phased out 806 0963_05F9_c3 © 1999. Inc. Cisco Systems. All rights reserved. 21 DHCP Issues 806 0963_05F9_c3 © 1999.scr 11 . Cisco Systems. 22 Copyright © 1998. Inc. Cisco Systems. Inc. Printed in USA. Presentation_ID.

44.1 Primary 192.8 DHCP Server 161.54.7 DHCP Packet GIADDR DHCP Server 161.204. Cisco Systems.44.18.18.204.44. Cisco Systems.19.21.1 Secondary 192.44.18.20. Cisco Systems.scr 12 .18. Printed in USA.54.204. Client will choose the “best” server DHCP servers use GIADDR field of DHCP Discover packet as an index in to the list of address pools 806 0963_05F9_c3 © 1999.54. Inc.7 ip helper 161.19.204. Inc. DHCP Packet GIADDR Router with DHCP Relay DHCP Server Catalyst® Switch 192.204.1 Secondary 192.0 192.21. This is also known as super scopes 806 0963_05F9_c3 © 1999.20.54.1 Secondary One Physical Network Four Logical Networks 192.0 Client 192.0 DHCP 192.8 • 161.204. Router with DHCP Relay interface se0 ip helper 161.204.0 DHCP Client 24 Copyright © 1998.44.DHCP in a Routed Network • • DHCP clients broadcasts a DHCP discover packet DHCP relay (ip helper address) on the router hears the DHCP Discover packet and forwards (unicast) the packet to the DHCP server DHCP relay fills in the GIADDR field with IP address of the primary interface of router DHCP relay can be configured to forward the packet to multiple DHCP servers.204. All rights reserved.0 DHCP Client • 23 DHCP in a Switched Network • Cisco IOS® allows multiple addresses on an interface which implies multiple logical networks on same physical network • DHCP relay inserts first IP address of interface in GIADDR field • Most DHCP servers can create an address pools with multiple logical networks.1 • Physical Network 161. Inc. Presentation_ID.44.

Printed in USA.scr 13 . 25 IP Address Management Issues 806 0963_05F9_c3 © 1999. Inc. 26 Copyright © 1998. Inc. Cisco Systems. Cisco Systems. Presentation_ID. Inc. Cisco Systems. All rights reserved.DHCP Security • DHCP lacks built in security Any client can get an address Any server can allocate an address • Client class in CNR Create list of authorized MAC addresses • IETF working on the problem • Generally not an issue on most nets 806 0963_05F9_c3 © 1999.

255 806 0963_05F9_c3 © 1999.0/8 Internet Private Network Numbers 10. Printed in USA.16.16.16.168. Mapping Permanent—1 to 1 Dynamic—1 to 1 Dynamic—Many to 1 How It Works Permanent Mappings between Internal Permanent Mappings between Internal Servers to external addresses Servers to external addresses Pool of External Addresses Dynamically Pool of External Addresses Dynamically Assigned to Internal Clients for Duration Assigned to Internal Clients for Duration of Session of Session Multiple Internal Clients Share Single Multiple Internal Clients Share Single External Address External Address 28 Copyright © 1998.0.0.168.17.0.255.0 .0.151 172.168/16 prefix) 27 NAT.16.0 .16.4. PAT.0.7 161. External Add. (10/8 prefix) (172.0.44.44.0.31. Translation 10.57 Internal Add.4. Inc.0.0/8 172.Private Network Numbers (RFC 1918) • Difficult to obtain new network numbers • Unlimited addresses with private network numbers • Allows for flexible addressing schemes • Requires NAT/PAT to access Internet Private Network 10. Presentation_ID.0.100.0 . Cisco Systems. Inc.105 Dynamic NAT VoIP Phone Calling on the Internet 161.0/12 10. Inc.16.0. Cisco Systems.16/12 prefix) (192.255.0.0. All rights reserved.255. Cisco Systems.57 Translation Static NAT Dynamic NAT PAT 806 0963_05F9_c3 © 1999.7 Internet Note Permanent Mapping for Mail Server 161.255 192.7 Static NAT 10.192.100.172.44.151 172.0.0.255.5 PAT Web client browsing Internet 10. and Dynamic NAT Private Network 10.0.255 172.scr 14 .10.

68.scr 15 .0.8 -> 171.8 DA: 161. Directory Services Standard Schemas • Directory Enabled Networks (DEN) Started by Cisco/Microsoft.5.10.5 DA: 161. 30 Copyright © 1998.0.10.5 Pool of NAT Addresses 171.8 10. now owned by DMTF • Schemas for DHCP being developed Proposals from Microsoft.5 Translation Easy Difficult Impossible Applications Telnet. Simple C/S Apps Multimedia. H. Novell. All rights reserved. DNS. Inc.8.9 10.8.8.9 NAT Mappings 10. Inc. Inc.5.0. NetBIOS.323.10.68. Presentation_ID.44.68.10. SQL*NET.5. FTP.0. and IETF 806 0963_05F9_c3 © 1999.9 Translated Packet SA: 171.8 171. Cisco Systems. Dual NAT.5.2-100 161.44. Cisco Systems.NAT in PIX.68.44. Printed in USA. Dynamic Port Negotiation SNMP PIX Yes Yes - Cisco IOS Yes Most 29 806 0963_05F9_c3 © 1999. and Cisco IOS Packet with Embedded IP Address SA: 10. HTTP. Cisco Systems.

Raid Disks. 512 MB RAM) Primary DNS Server (Mid-Range UNIX Server—Sun Ultra 250E. 256 MB RAM) Option 2: Two Servers Running DNS/DHCP (Mid-range NT Servers—Raid Disks. Etc. 10K. Raid Disks.512 MB RAM) Distribute Secondary and Caching DNS Servers Throughout Network RAM) Distribute Secondary and Caching DNS Servers Throughout Network Option 1: Two Servers Running DNS/DHCP (Low-end UNIX Servers—Raid Disks. 256 MB RAM) Option 2: Two Servers Running DNS/DHCP (Mid-range NT Servers—Raid Disks. 512 MB RAM) Raid Disks. 384 MB RAM) Option 1: Redundant DHCP Servers (Mid-Range UNIX Servers. DHCP Lease Time. Printed in USA. Raid Disks. Inc. Redundant DHCP Server (Mid-Range UNIX Servers—Sun Ultra 250E. 512 MB RAM)Distribute Secondary and Caching DNS Servers Throughout Network RAM)Distribute Secondary and Caching DNS Servers Throughout Network Option 1: Redundant DHCP Servers (Mid-Range UNIX Servers. Raid Disks. Cisco Systems. 2500. Number of Queries. 1K. Cisco Systems. 256 MB RAM) Option 1: Two Servers Running DNS/DHCP (Low-end UNIX Servers—Raid Disks. 384 MB RAM) Primary DNS Server (Mid-range UNIX Server—Sun Ultra 250E. Presentation_ID.scr 16 . All rights reserved. 3600. 3600. 512 MB Primary DNS Server (Mid-Range UNIX Server—Sun Ultra 250E. Cisco Systems.Server Sizing (100K.512 MB Primary DNS Server (Mid-range UNIX Server—Sun Ultra 250E. 2500. Raid Disks. Option 1: Cisco IOS DHCP Server on Any Platform 1600. 32 Copyright © 1998. 256 MB RAM) Distribute Secondary and Caching DNS Servers Throughout Network Distribute Secondary and Caching DNS Servers Throughout Network Option 1: Cisco IOS DHCP Server on Any Platform 1600. 384 MB RAM) Option 2: Redundant DHCP Servers (High-End NT Servers. 384 MB RAM) Option 2: Redundant DHCP Servers (High-End NT Servers. Etc. Inc. 31 Example Network Designs 806 0963_05F9_c3 © 1999. and Disk I/O Performance 806 0963_05F9_c3 © 1999. Provide DNS Service Remotely Across WAN Provide DNS Service Remotely Across WAN Option 2: CNR on a Small Windows NT System to Provide DNS & DHCP Option 2: CNR on a Small Windows NT System to Provide DNS & DHCP 10K 1K 100 Performance Factors Number of Nodes. 100 Clients) Nodes 100K Minimum Server Configuration Redundant DHCP Server (Mid-Range UNIX Servers—Sun Ultra 250E. Inc.

com 34 Copyright © 1998. Cisco Systems.000s of nodes The server functions need to be split across multiple servers in a cluster Build a cluster with at least three servers. Printed in USA.. Presentation_ID.S. Europe and Asia needs a cluster Corporate Data Center Primary DNS Server • • • DHCP Server 1 Secondary DNS Server DHCP Server 1 • 806 0963_05F9_c3 © 1999. Cisco Systems.com Zone: st1007.bigco. Typically 20-200 nodes/site At each of the remote sites. one primary DNS and two redundant DHCP servers. An additional DNS server can used to provide secondary DNS service DNS servers need high performance disk I/O (preferably a RAID system) to keep up with dynamic DNS updates Each major location around the world—U. Primary DNS Server for Company Zone Bigco.bigco.Com Secondary DNS Server Corporate Headquarters • • Corporate WAN DNS and DHCP Servers • DNS and DHCP Servers DNS and DHCP Servers Store Number: 1007 Store Number: 1007 Zone: st1007. redundant DNS and DHCP servers to support multiple 10. two for redundancy. All rights reserved. 33 Large Branch Offices • Organizations with a large number of remote branch offices with a UNIX or NT server at each remote site. This depends on the WAN bandwidth This configuration survives WAN outages 806 0963_05F9_c3 © 1999. The redundant DHCP server could be at HQ Each location could have a separate domain for the site and a primary DNS server at the location. Inc. Inc.Large Campus • Large campus networks require high-performance.scr 17 . an organization should deploy at least one DNS and DHCP server. Inc. Cisco Systems.

Remote sites should have dial-backup connections for redundancy.com Zone: st1007. Printed in USA. Cisco Systems.bigco.scr 18 . Corporate WAN Cisco Cisco IOS DHCP Serve Port Address Translation 36 Copyright © 1998. Cisco Systems. Cisco Systems. Primary DNS server for each remote site zone is in HQ. Presentation_ID.bigco. unregistered network number • Use Port Address Translation to converse IP addresses • Provide DNS services from the corporate network 806 0963_05F9_c3 © 1999. DSL or Frame Relay • Use the Cisco IOS DHCP server to provide addresses for devices in the SOHO. If available.Small Branch Offices • Organization has a large number of remote sites and less than 20 nodes per site.com 35 Small Office/Home Office • SOHO users can connect to the corporate network using ISDN. DHCP/Bootp relay is enabled on router Primary DNS Server for Store Zones Redundant DHCP Servers Corporate Headquarters • At HQ deploy cluster of redundant DNS and DHCP DHCP/Bootp Relay servers to provide service (aka IP Helper) to remote sites Each location could have a separate domain. Inc. Inc. Use a private. Store Number: 1007 Store Number: 1007 Zone: st1007. All rights reserved. run a secondary DNS server in the remote site for the remote site zone Secondary using IXFR and NOTIFY • Corporate WAN DNS and DHCP Servers DNS Server 806 0963_05F9_c3 © 1999. Inc.

100.44.53 Deployment of IP phones will require a large number of new IP addresses Private network numbers (RFC 1918) should be used for IP phones Cisco Network Registrar is able to distinguish between PCs and IP phones using a DHCP extension point script DHCP server distributes additional configuration information to IP phones 37 806 0963_05F9_c3 © 1999.0.X DHCP Extension Point Script Primary IP address = 161. Presentation_ID.15 10. 38 Copyright © 1998. Cisco Systems. Inc.0.0.12.0.12.44.scr 19 . Inc. All rights reserved.12.100.1 Secondary IP address = 10. Cisco Systems.12. Printed in USA. Inc.Provisioning IP Phones 10. device Activation Web Page Other BC Network Resources • Existing DB updated User name/MAC • Help desk load 60% fewer calls User DB 806 0963_05F9_c3 © 1999.44. Custom Application User Registration • Boston College (BC) EagleNet activation • Users must “activate” Minimal documentation Enter name and BC PIN • Four activated classes Student.100.45 • • • • 161.X Else IP Address = 161.100.44. Cisco Systems.21 CNR DHCP Server IF MAC Address = Phone Mac Address Then IP Address = 10.1 161. staff Guest.

Cisco IOS DHCP Server Configuration ! Start DHCP Server service dhcp ! ! Store DHCP Lease database on tftp server ip dhcp database tftp://tftp.0.1 10.5 address .0.0.10.0.0.0.0.0.scr 20 .0.16.5 from DHCP pool ip dhcp excluded-address 10. Cisco Systems.0.68. Cisco Systems. Inc.0 255.0.10.0.5 client-identifier 010a.1 ! ! Create static mapping for the 10.235. Inc.1211.0.0/28 network ip dhcp pool subnet-10 lease 3 0 0 <-.com/dhcp.e. Inc.68.235.5 806 0963_05F9_c3 © 1999.1 .0.2e3c. Printed in USA.1 .10.0.228 171.0.12 <-.68.70 171. BootP ip dhcp pool manual host 10.255. db ! ! ! Create DHCP address pool for the 10.0.14 dns-server 171.10.255.com netbios-name-server 171. Cisco Systems.68.Defines address pool with addresses 10.24.0. All rights reserved.0. 39 Product Update 806 0963_05F9_c3 © 1999.0.lease time of 3 days 0 hours 0 minutes network 10.229 netbios-node-type h-node option 150 ip 172. 40 Copyright © 1998.Defines custom option with IP address default-router 10.140 domain-name cisco.0.0.240 <-. Presentation_ID.i.cisco.4a ! ! Exclude 10.

IXFR and notify Multithreaded servers SNMP traps Web reporting tool Solaris. All rights reserved.0 • Reliable and scalable services DHCP Safe Failover DDNS. Cisco Systems. Presentation_ID. • • • • Redundant DHCP and DNS services Integration with Network Management Systems Web-based reporting tools High-performance. 41 Reliable and Scalable Services Secondary DNS Server WebBased Reports DHCP Server DHCP Server Primary DNS Server Network BootP Management Client DHCP Station Client WAN Secondary DNS Server 806 0963_05F9_c3 © 1999. Inc. Printed in USA. Inc. multithreaded servers 42 Copyright © 1998. Cisco Systems.scr 21 . Inc.Cisco Network Registrar 3. HP-UX and AIX • Flexible integration LDAP integration CLI and API • Policy networking Client class LDAP integration 806 0963_05F9_c3 © 1999. Cisco Systems. NT.

Inc. Presentation_ID. Inc. Printed in USA.Integrating CNR with Existing Management Applications LDAP Client DNS DNS Server Server CLI DHCP Extensions Custom Applications CNR GUI Internal DB • Build custom network management and provisioning applications using the CLI • Custom DHCP processing using the DHCP extension points • Build custom web UI using CLI and Perl 806 0963_05F9_c3 © 1999. RSVP Application Recognition Application Recognition Router Multilayer Multiservice Switch Switch Application Server Application Signaling 44 Copyright © 1998. Cisco Systems. Cisco Systems. Custom Extension 43 CiscoAssure Policy Networking • QoS and security policies enforced in the network • Polices based on applications • Policies based on users and groups • Integrated with directory services • Integrate third Client party applications 806 0963_05F9_c3 © 1999.scr 22 . All rights reserved. QPM Java Console Directory User Groups LDAP CORBA Address Ranges and Classes LDAP Network Registrar Distributed COPS Policy Servers Back End COPS SNMP CLI IP Precedence. Inc. Cisco Systems. RSVP IP Precedence.

0(1)T or greater • DHCP/Bootp server Intelligent DHCP relay Secondary addresses PING before lease and custom options • Caveats DHCP lease information stored on remote system using TFTP. 46 Copyright © 1998. FTP or RCP No dynamic DNS or DHCP Failover 806 0963_05F9_c3 © 1999.Directory-Based Management of Names and Addresses in Coming 000 rly CY 2 Ea IPAM Web App DNS DHCP DNS Server DHCP Server DNS DHCP Server DNS DHCP Server • Manage DNS names and IP addresses • Multiple. Cisco Systems. simultaneous administrators • Access control by zone and subnet 806 0963_05F9_c3 © 1999. Printed in USA. Inc. Presentation_ID. Inc. All rights reserved. 45 Cisco IOS DHCP Server • Available in Cisco IOS 12. Cisco Systems. Inc.scr 23 . Cisco Systems.

Inc. Presentation_ID. All rights reserved. Cisco Systems.scr 24 . Cisco Systems. 48 Copyright © 1998. Inc. • Large networks require reliable and sophisticated DNS and DHCP services • Cisco has software to meet the DNS/DHCP requirements for large networks • Cisco is developing directory-based tools for managing IP addresses and DNS/DHCP 47 Resources and References 806 0963_05F9_c3 © 1999.Summary Secondary DNS Server Custom Extension DHCP Server DHCP Server Primary DNS Server DHCP Client BootP IP Phone Client with DHCP Secondary DNS Server WAN 806 0963_05F9_c3 © 1999. Printed in USA. Inc. Cisco Systems.

Ph. Inc. All rights reserved.com/go/cnr 30-day evaluation software Data sheets. Cisco Systems. O’Reilly and Assoc.com/univercd/cc/td/doc/product/ software/ios120/120newft/120t/120t1/easyip2. design guides. Prentice Hall • LDAP. Inc. 49 Books • DNS and BIND. and Mark Smith. Cisco Systems.cisco. 3rd Edition By Cricket Liu and Paul Albitz.htm 806 0963_05F9_c3 © 1999. Printed in USA.Cisco Information • Cisco Network Registrar http://www. Presentation_ID.cisco. Cisco Systems. and documentation • Cisco IOS DHCP server documentation http://www.scr 25 . Programming Directory-Enabled Applications with Lightweight Directory Access Protocol By Timothy Howes.D. A Guide to Dynamic TCP/IP Network Configuration By Barry Kercheval. Macmillan 806 0963_05F9_c3 © 1999. • DHCP. 50 Copyright © 1998. Inc.

edu dhcp-v6@bucknell.edu DNS Mailing Lists namedroppers@internic. Inc.syr. Cisco Systems. send e-mail to: listserv@bucknell.edu/~jmwobus/comfaqs/dhcp.edu Mailing list archive at ftp.edu dhcp-serve@bucknell.dhcp.edu or majordomo@internic. 51 Mailing Lists DHCP Mailing Lists dhcp-v4@bucknell.edu dhcp-dns@bucknell.org Ralph is the Chair of the IETF DHCP WG • Internet Software Consortium http://www. 52 Copyright © 1998.net To subscribe to mailing lists. Inc.html 806 0963_05F9_c3 © 1999. Cisco Systems.net And put the following on the first line of your message subscribe <listname> Your Name subscribe dhcp-v4 Tim Sylvester 806 0963_05F9_c3 © 1999.Web Sites • Ralph Droms’ Web Site http://www.scr 26 . Presentation_ID. Inc.faq.org Home of BIND and ISC DHCP Server • John Wobus’ DHCP FAQ http://web. Printed in USA. All rights reserved.bucknell. Cisco Systems.isc.

All rights reserved. Cisco Systems. Inc. 54 Copyright © 1998.ARPA delegation (RFC 2317) • ID—Reserved Top Level DNS Names • ID—Extensions to DNS (EDNS1) • ID—Extension mechanisms for DNS (EDNS0) • ID—Deferred Dynamic Domain Name System (DNS) Delete Operations • ID—Simple Secure Domain Name System (DNS) Dynamic Update 806 0963_05F9_c3 © 1999.DHCP RFCs and Internet Drafts • • • • • • • • • • • • • RFC 1534—Interoperation Between DHCP and BOOTP RFC 1542—Clarifications and Extensions for the Bootstrap Protocol RFC 2131—Dynamic Host Configuration Protocol RFC 2132—DHCP Options and BOOTP Vendor Extensions RFC 2241—DHCP Options for Novell Directory Services RFC 2489—Procedure for Defining New DHCP Options ID—Dynamic Host Configuration Protocol for IPv6 (DHCPv6) ID—Interaction between DHCP and DNS ID—Authentication for DHCP Messages ID—Multicast Address Allocation Configuration Options ID—DHCP Failover Protocol ID—Security Requirements for the DHCP protocol ID—Dynamic Host Configuration Protocol (DHCP) Server MIB 806 0963_05F9_c3 © 1999. Cisco Systems. 53 DNS RFC and Internet Drafts • RFC1035—Domain Names—Implementation and Specification • RFC 1996—A Mechanism for Prompt Notification of Zone Changes (DNS NOTIFY) • RFC 1995—Incremental Zone Transfer in DNS • RFC 2136—Dynamic Updates in the Domain Name System (DNS UPDATE) • RFC 2181—Clarifications to the DNS Specification • RFC 2182—Selection and Operation of Secondary DNS Servers • RFC 2308—Negative Caching of DNS Queries (DNS NCACHE) • RFC 2317—Classless IN-ADDR.scr 27 . Cisco Systems. Printed in USA. Inc. Inc. Presentation_ID.

Cisco Systems. Inc. Inc. Windows NT version available on Windows NT Resource Kit • Perl modules for DNS Develop applications that talk to BIND http://www. Printed in USA. 55 Please Complete Your Evaluation Form Session 806 806 0963_05F9_c3 © 1999.cpan. Inc. Cisco Systems. Presentation_ID.org 806 0963_05F9_c3 © 1999. Cisco Systems.Utilities • NSLOOKUP Command line DNS client for querying DNS servers Available for UNIX and Windows NT • DIG Another command line DNS tool • WINIPCFG Admin UI for Windows 95/98 DHCP Client. 56 Copyright © 1998. All rights reserved.scr 28 .

scr 29 . Cisco Systems. All rights reserved.806 0963_05F9_c3 © 1999. Inc. Inc. Presentation_ID. Printed in USA. 57 Copyright © 1998. Cisco Systems.

Sign up to vote on this title
UsefulNot useful