IBM路由器動態IP位址的配置舉例

  在實際的網路環境中經常需要通過路由器撥號到isp，這時路由器的ip 地址有isp採用dhcp的方式給定。ibm路由器在mrs 3.3版本之後提供了對於動態ip地址的支持。
動態地址具有以下3個方面的作用：
 提供了路由器通過ipcp取得ppp連線埠ip地址的能力。
 如果ipcp同時提供 dns 的信息，dhcp客戶端也可以得到這些信息。
 動態更新ip 訪問控制，這樣定義的filter就可以用於nat/napt。
動態ip的功能使 ibm 路由器具備連線isp並從isp取得ip地址的能力，而不必事先知道ip地址

動態ip地址的設定
我們下面將通過一個例子來說明動態ip地址的具體配置。在這個例子中我們將同時配置 isp端和客戶端的路由器。動態 ip 將在客戶端的路由器上配置，客戶端路由器會從isp端的路由器取得公網的ip地址。並且客戶端路由器也激活了dhcp伺服器和nat功能。

網路拓撲圖如下：

isp 端路由器的配置
設定系統名為isp。
添加token ring 接口。

config (only)>set hostname isp
host name updated successfully
config (only)>add device tr-2
device slot #(1-4) [1]?
device port #(1-2) [1]?
adding 2-port ibm token ring device in slot 1 port 1 as interface #4
use "net 4" to configure 2-port ibm token ring parameters

設定 wan 口，使其支持遠程撥入。
在wan口上添加dial-in circuit。

config (only)>set data v34 2
config (only)>add device dial-in
enter the number of ppp dial-in circuit interfaces [1]?
adding device as interface 5
defaulting data-link protocol to ppp
base net for this circuit [0]? 2
enable as a multilink ppp link? [no]
disabled as a multilink ppp link.
add more dial circuit interface(s)?(yes or [no]):
use "set data-link" command to change the data-link protocol
use "net " command to configure dial circuit parameters

添加遠程撥入的ppp用戶 'aaa'。

onfig (only)>add ppp-user
enter name: []? aaa
password:
enter again to verify:
allow inbound access for user? (yes, no): [yes]
will user be tunneled? (yes, no): [no]
is this a 'dials' user? (yes, no): [yes]
type of route? (hostroute, netroute): [hostroute]
number of days before account expires [0-1000] [0]?
number of grace logins allowed after an expiration [0-100] [0]?
ip address: [0.0.0.0]?
enter hostname: []?
allow virtual connections? (yes, no): [no]
give user default time allotted ? (yes, no): [yes]
enable callback for user? (yes, no): [no]
will user be able to dial-out ? (yes, no): [no]
set ecp encryption key for this user? (yes, no): [no]
disable user ? (yes, no): [no]
ppp user name: aaa
user ip address: interface default
netroute mask: 255.255.255.255
hostname:
virtual conn: disabled
time alotted: box default
callback type: disabled
dial-out: disabled
status: enabled
account expiry:
password expiry:
is information correct? (yes, no, quit): [yes]
user 'aaa' has been added

設定 ipcp 使撥入連線埠向遠端客戶端傳送ip 地址。

config (only)>n 5
circuit configuration
isp dial-in circuit config: 5>enc
point-to-point user configuration
isp ppp 5 config>set ipcp
ip compression [no]:
request an ip address [no]:
send our ip address [no]: y
note: unnumbered interface addresses will not be sent.
interface remote ip address to offer if requested (0.0.0.0 for none)
[0.0.0.0]? 9.1.1.1
isp ppp 5 config>exit
isp dial-in circuit config: 5>exit

設定token ring 連線埠的ip地址
設定dial in circuit 連線埠的ip地址

config (only)>p ip
internet protocol user configuration
isp ip config>add add 4 192.1.1.254 255.255.255.0
isp ip config>add add 5 9.1.1.2 255.255.255.255
isp ip config>ena arp-subnet-routing
isp ip config>exit

設定發到客戶端的dns 的ip 地址。

config (only)>fea dials
dial-in access to lans global configuration
isp dials config>set enable dynamic
isp dials config>set dns primary
primary domain name server (dns) address [0.0.0.0]? 192.1.1.240
isp dials config>exit

客戶端路由器的配置：
設定系統名為client.
添加token ring 接口
設定wan 口並連線v34 modem.
在wan口上添加dial circuit

config (only)>set host client
config (only)>add device tr-2
device slot #(1-4) [1]?
device port #(1-2) [1]?
adding 2-port ibm token ring device in slot 1 port 1 as interface #4
use "net 4" to configure 2-port ibm token ring parameters
config (only)>set data v34
interface number [0]? 2
config (only)>add device dial
base net for the circuit(s) [0]? 2
enter the number of ppp dial circuit interfaces [1]?
adding device as interface 5
defaulting data-link protocol to ppp
add more dial circuit interface(s)?(yes or [no]):
use "set data-link" command to change the data-link protocol

在token ring 連線埠上添加 ip地址
在dial circuit 連線埠上添加 ip地址
添加通過 dial circuit 連線埠的預設路由。
在dial circuit 連線埠上激活動態 ip

config (only)>p ip
internet protocol user configuration
client ip config>add add 4 192.168.89.254 255.255.255.0
client ip config>add add 5 0.0.0.5 255.255.255.255
client ip config>add router 0.0.0.0 0.0.0.0 0.0.0.5
cost [1]?
client ip config>enable dynamic
interface address []? 0.0.0.5
client ip config>exit

激活 dhcp 伺服器功能
添加token ring 連線埠的ip子網掩碼。
添加源dns 的ip 地址。