3Com Router User Manual

							21
CONFIGURING IP APPLICATION
This chapter contains information on the following topics:
■Configure Address Resolution Protocol (ARP)
■Configure Domain Name Resolution (DNS)
■VLAN Configuration 
■DHCP Server Configuration
■Configure DHCP Relay 
■Configure Network Address Translation (NAT)
Configure Address 
Resolution Protocol 
(ARP)ARP is mainly used for resolution from IP address to Ethernet MAC address. 
Normally, dynamic ARP is used to resolve the mapping relation from the IP address 
to the Ethernet MAC address. The resolution is completed automatically. At 
present, the number of dynamic ARP mapping table items supported by the 3Com 
Router
 series is up to 2000.
To configure ARP, carry out the following steps:
1Manually add/delete static ARP mapping table item
In some special cases, for example, the LAN gateway is assigned with a fixed IP 
address and bound to a specific network adapter, so that packets to this IP address 
can only go out via this gateway. While filtering illegal IP addresses if they are 
bound to a non-existing MAC address, it is necessary for user to configure 
mapping items in the static ARP table manually.
In the system view, configure the following commands.
Ta b l e 357   Define a static ARP mapping
2Manually add/delete dynamic ARP mapping table item
In the system view, configure the following commands.
Ta b l e 358   Define a static ARP mapping
OperationCommand
Manually add static ARP mapping table itemarp static ip-address 
mac-address
Manually delete static ARP mapping table itemundo arp static ip-address  
OperationCommand
Manually add dynamic ARP mapping table itemarp dynamic ip-address 
mac-address
Manually delete dynamic ARP mapping table 
itemundo arp dynamic ip-address   
						

							328CHAPTER 21: CONFIGURING IP APPLICATION
By default, the system executes static ARP mapping.
Static ARP mapping items are valid as long as the router works normally, but 
dynamic ARP mapping items are valid for only 20 minutes.  
Display and Debug ARPTa b l e 359   Display and Debug ARP
Configure Domain 
Name Resolution 
(DNS)The TCP/IP Extranet not only provides an IP address to locate a device, but also 
designs a specific character-string host naming mechanism. This system uses a 
layered naming mode, designating a meaningful name for a device on the 
Internet. There is a domain name resolution server on the network to associate the 
domain name to the corresponding IP address. As a result, the user can use the 
easy-to-remember, meaningful domain name instead of the complex IP address.
Domain name resolution includes dynamic resolution and static resolution, which 
can supplement each other. In the resolution of a domain name, first use static 
resolution. If it fails, then use dynamic resolution. Some common domain names 
can be put into static domain name resolution table, which greatly increases the 
efficiency of domain name resolution.
s domain name resolution requests. The server firstly resolves the domain name 
inside its own database, and submits it to superior domain name resolution server 
if the domain name is not within local domain, till the resolution is completed. The 
result can either be an IP address, or a non-existing domain name, which will be 
fed back to the user.
Static resolution sets relationships between domain names and IP addresses 
manually. When a client requires an IP address corresponding to a domain name, it 
searches the static domain name resolution table for this designated domain name 
to get the corresponding IP address
Configure Static Domain 
Name ResolutionStatic domain name resolution is conducted through static domain name 
resolution table, similar to the host file under Windows 95/98 operating system. 
The router can obtain the IP addresses of common domain names by checking this 
table. Meanwhile, it is easier for the user to remember host names than the highly 
abstract IP address to access the corresponding device.
Domain name resolution configuration include:
■Add/delete static domain name resolution table item
1Add/delete static domain name resolution table item
Perform the following task in system view.
Ta b l e 360   Add/delete static domain name resolution table item
OperationCommand
Display ARP mapping tabledisplay arp [ verbose [ 
ip-address ] ]
Clear dynamic ARP informationreset arp-cache
Turn on ARP commission informationdebugging arp 
OperationCommand
Add static domain name resolution table itemip host domain-name ip-address     
						

							VLAN Configuration 329
By default, the system has no static domain name resolution mapping.
Pay attention that when adding a domain name mapping, if the same hostname 
has been input twice, the current configuration will overwrite the previous one. A 
static domain name resolution table can maintain a maximum of 50 mapping 
relationships between domain names and IP addresses. 
Display and Debug 
Domain Name 
Resolution Ta b l e 361   Display and Debug domain name resolution
VLAN Configuration To facilitate the mobility of computers in the network and save bandwidth, we can 
create VLAN in LAN Switch to meet various requirements. After creating VLAN in 
LAN Switch port, data communication can be easily implemented within the same 
VLAN. However, the different VLANs are isolated from each other, so it is necessary 
to transmit packet between different VLAN in the same way as transmitting it 
between different LAN segments. The forwarding function between VLANs on the 
3Com Router series is implemented by Ethernet interface and it supports IP and 
IPX packet. In order to save port resources, several subinterfaces can be 
encapsulated on one Ethernet interface and every subinterface acts as an 
independent Ethernet interface. Therefore, a physical Ethernet interface can 
implement data forwarding between several VLANs as shown in the figure below.
Figure 121   Networking diagram mode of VLAN
In accordance with the IEEE 802.1Q, to implement the VLAN functionality of the 
3Com Router series, a 4-byte VLAN tag is placed between the source/destination 
MAC address of the original Ethernet frame header and the Type field to mark the 
VLAN message. The format of VLAN tag is shown as below.
Delete static domain name resolution table itemundo ip host  domain-name 
ip-address    
OperationCommand
Display static domain name resolution table itemdisplay ip host
Router
Fast
Ethernet
Bridge/LAN Switch
File Server
WorkstationWorkstationFloor 3
(Accounting) Product 1 Product 3Product 2
Bridge/LAN SwitchFile Server
Workstation
Workstation
Floor 2
(Marketing)
Bridge/LAN Switch
File Server
Workstation
WorkstationFloor 1
(R&D)
VLAN 1 VLAN 3
VLAN 2 
						

							330CHAPTER 21: CONFIGURING IP APPLICATION
Figure 122   Format of VLAN tag
TPID (Tag Protocol Identifier) field has two bytes. When its value is 0X8100, it 
means the Ethernet frame header contains VLAN tag. The third and fourth byte 
are TCI (Tag Control Information) fields, with the higher three bits being user 
priority field, the fourth being the instruction of standard encapsulation format 
and the other 12 bits being VLAN IDs whose value ranges from 0 to 4094 (the 
value must begin with 1 on routers).
Configure VLANVLAN Configuration includes:
■Create Ethernet subinterface.
■Specify the VLAN to which Ethernet subinterface belongs.
■Configure IP address of Ethernet subinterface.
1Create Ethernet subinterface
Among the VLAN configuration tasks of the 3Com Router series, Ethernet 
subinterface should first be created and then other functions are to be configured. 
After deleting Ethernet subinterface, the original interface parameters will be 
invalidated. 
Please implement the following configuration under the system view.
Ta b l e 362   Create Ethernet subinterface
By default, Ethernet subinterface is not created.
2Specify the VLAN on which Ethernet subinterface is located
In order to enable a certain Ethernet subinterface to receive and transmit VLAN 
message, it is necessary to specify to which VLAN the subinterface belongs, i.e., to 
specify the ID number of the VLAN.
Please implement the following configuration under Ethernet subinterface view.
Ta b l e 363   Specify the VLAN on which Ethernet subinterface is located
By default, Ethernet subinterface does not specify VLAN ID.
It must be noted that if VLAN ID is not specified for the created Ethernet 
subinterface, the Ethernet subinterface can only carry IPX data, but cannot 
configure IP address to carry IP data.
3Configure IP address of Ethernet subinterface
TCI(Tag Control Information)
0Priority
*VLAN ID
Byte 1 Byte 2 Byte 3 Byte 4
1
75643
0 21 7 05 6 4321 TPID(Tag Protocol Identifier)
1 0 0 0000 0000000705 6 4321705 6 4321
OperationCommand
Create Ethernet subinterface and enter 
Ethernet subinterface viewinterface ethernet 
interface-number.subinterface-number
Delete specified Ethernet subinterfaceundo interface ethernet 
interface-number.subinterface-number
OperationCommand
Specify the VLAN on which Ethernet 
subinterface is locatedvlan-type dot1q vid vlan-id
Remove the specification for the 
belonging of the Ethernet subinterfaceundo vlan-type 
						

							VLAN Configuration 331
In as Ethernet interface is connected with a LAN Switch port. As the Ethernet 
subinterface of every specified VLAN ID can act as an independent gateway, this 
subinterface and other Ethernet subinterface in the same VLAN ID should belong 
to the same subnet segment.
Please implement the following configuration under Ethernet subinterface view.
Ta b l e 364   Configure IP address of Ethernet subinterface
By default, no IP address is defined.
Ethernet subinterface acts as a gateway in VLAN and so the subnet number of its 
IP address must be correct. The default gateway of LAN Switch ports that belong 
to the same VLAN should be set as the IP address of this subinterface. Besides, the 
IP address of Ethernet subinterface can be set only when this subinterface has 
finished the configuration of VLAN ID.
Display and Debug 
VLANTa b l e 365   Display and Debug VLAN
Typical VLAN 
Configuration ExampleI. Networking Requirements 
Two PCs respectively belongs to two VLANs and a router is used to implement 
data forwarding between two different VLANs.
II. Networking Diagram
Figure 123   Networking diagram for configuring VLAN forwarding
1)
III. Configuration Procedure
1Configure the 3Com Routers:
aCreate and enter the view of Ethernet subinterface Ethernet0.1 
OperationCommand
Configure IP address of Ethernet subinterfaceip address ip-address mask
Delete IP address of Ethernet subinterfaceundo ip address [ ip-address ]
OperationCommand
Display the relevant information of all the configured 
VLAN display vlan
Enable the debugging of the Ethernet debugging ethernet
PC 1PC 2Router
P1 P2 P3 P4P5 P6 P7 P8Console
LAN Switch
P1: Port 1 
						

							332CHAPTER 21: CONFIGURING IP APPLICATION
[Router] interface ethernet 0.1
bSpecify 3 as the ID number of the VLAN on which the subinterface is located.  
[Router-Ethernet0.1] vlan-type dot1q vid 3
cConfigure IP address for the subinterface.
[Router-Ethernet0.1] ip address 3.3.3.8 255.255.255.224
dCreate and enter the view of Ethernet subinterface Ethernet0.2.
[Router] interface ethernet 0.2
eSpecify 4 as the ID number of the VLAN on which the subinterface is located.
[Router-Ethernet0.2] vlan-type dot1q vid 4
fConfigure IP address for the subinterface.
[Router-Ethernet0.2] ip address 3.3.3.55 255.255.255.224
2Configure LAN Switch: 
aConfigure the port information of LAN Switch
Port :
Port1 :  default  Vlan id :  3    port type: untagged
Port2 :  default  Vlan id :  4    port type: untagged
Port3 :  default  Vlan id :  0    port type: tagged
bConfigure VLAN information of LAN Switch.
Vlan :
Unknown  Vlan :Discard
Vlan index :              0
Vlan id     :            003
Including ports:
Port 1 :  YES
Port 2 :  NO
Port 3 :  YES
Unknown  Vlan :Discard
Vlan index :              1
Vlan id     :            004
Including ports:
Port 1 :  NO
Port 2 :  YES
Port 3 :  YES
Fault Diagnosis and 
Troubleshooting of 
VLANFault: Ping the IP address of the Ethernet subinterface in the same VLAN 
from a PC, but fails. 
Troubleshooting: The steps below can be taken.
■Use display interface ethernet 0.1 command or display interface 
ethernet 0.2
 command to ensure that the physical interface of this 
subinterface and the protocol are both in state Up. If the configuration is 
correct, whereas the physical interface and the protocol are both in state of 
Down, pleased check whether the network cable is correctly connected or not..
■If the physical interface of this subinterface and the protocol are both in state 
of Up, and the Ping operation still fails, please check whether the LAN Switch 
configuration is correct. It must be ensured that the default VLAN id of ports 
connected with router Ethernet interface differs from that of ports connected 
with PC and the type of all ports must be tagged. However, the type of all ports  
						

							DHCP Server Configuration333
connected with PC must be set as “untagged” for the reason that PC cannot 
identify data packet marked with VLAN tag. 
Fault: Ping Two PCs, but fails to ping them through. 
Troubleshooting: The steps below can be taken.
■First, ping the IP address of Ethernet subinterface in the same VLAN from a PC. 
If the ping fails, solve the problem according to the method described in fault 
one.
■If one PC can ping through the IP address of Ethernet subinterface in the same 
VLAN, but fails to ping through another PC, please use the command 
route 
print
 in MS-DOS of the two PCs to see if the route to peer PC is available. If 
not, please add the relevant route.
DHCP Server 
ConfigurationBackground of the DHCP development
As the scale of networks grows and their complexities increase, network 
configurations become more and more complex. The original BOOTP protocol for 
static host configuration cannot satisfy the demands of users, especially on the 
occasions when computers are always on the move (e.g., using laptops or wireless 
network) and the number of actual computers exceeds that of the available IP 
addresses. To facilitate users to improve utilization ratio of resources and to 
support diskless networking mechanisms, the DHCP (Dynamic Host Configuration 
Protocol) based on BOOTP was developed. Similar to the BOOTP protocol, DHCP 
works in client-server mode. With this protocol, a DHCP client can dynamically 
request configuration information from a DHCP server, including important 
parameters such as assigned IP addresses, subnet masks and default gateways, 
etc. DHCP server can also conveniently configure this information dynamically for 
DHCP clients.
DHCP vs BOOTP
■Both BOOTP and DHCP adopt the client/server communication mode. A client 
applies to the server for configurations (including the configurations of 
important parameters such as allocated IP address, subnetmask, and the 
default gateway). Then, the server will return the corresponding configuration 
information according to the policies. Both types of packets are encapsulated 
with the UDP packets. Furthermore, their structures are almost the same.
■BOOTP is running in a relatively static (every host is connected by a permanent 
network) environment. Hence, administrators should configure special BOOTP 
parameter files for each host and then, these files will stay the same for a 
relatively long time.
■DHCP extends the BOOTP from two aspects: DHCP enables computers to 
obtain all the needed configuration information by using one message and it 
allows computers to rapidly and dynamically obtain IP addresses so to avoid 
statically specifying addresses for each host by BOOTP.
IP address allocation policy provided by DHCP
Different hosts have different application requirements. For example, some 
servers perhaps need to use the fixed IP addresses for a long time, some hosts 
need to use certain IP addresses dynamically allocated for a long period of time 
and some individuals can arbitrarily use the allocated temporary IP addresses. A  
						

							334CHAPTER 21: CONFIGURING IP APPLICATION
DHCP server can provide three types of IP address allocation policies according 
to the different requirements:
■Allocate addresses manually: Administrators configure special IP addresses for a 
small number of particular hosts such as the service server WWW.
■Allocate addresses automatically: Allocate permanent IP addresses for some 
hosts connected to the network for the first time and the addresses will be 
allocated to the hosts for a long period of time.
■Allocate addresses dynamically: Allocate some addresses to client hosts by 
means of “leasing”. In this case, the expiry date is limited and clients should 
re-apply for new addresses upon the expiry. Most of clients are offered such 
dynamic addresses.
Occasions in which DHCP server is applied
DHCP service is usually used to implement the allocation of IP addresses in the 
following occasions:
■Network scale is relatively large, manual configuration will consume an 
enormous working volume and at the same time, it is difficult to centralize the 
management of the overall network.
■Hosts on the network are more than the IP addresses supported by this 
network. That is, a fixed IP address cannot be allocated to each host. For 
example, Internet accessing operators are in this situation. Numerous users 
must dynamically obtain their own IP addresses through the DHCP service and 
the number of simultaneous users is limited to a certain degree.
■There are only a few hosts with their own fixed IP addresses on the network 
(for example, various server hosts need fixed IP addresses) while most hosts 
have no requirement for fixed IP addresses.
Fundamentals of DHCP 
ServerNormally, a typical DHCP application network comprises of a DHCP server and 
numerous client computers such as PCs and portable computers, as shown in the 
following figure:
Figure 124   Typical networking application of DHCP server
To obtain a legal dynamic IP address (the processes of obtaining an auto-allocated 
address and a manually allocated address are similar), a DHCP client should 
interact different information with the server in different stages. Normally, there 
are three types of modes:
LAN
DHCP clientsDHCP server 
						

							DHCP Server Configuration335
■DHCP client logins the network for the first time
If it is the first time for a DHCP client to login to the network, it will establish a 
connection with the DHCP server through four stages:
■Discovering stage. This is the stage when the DHCP client searches the 
DHCP servers. The DHCP client broadcasts a DHCP_Discover message to 
search the DHCP servers, and every host installed with the TCP/IP suite on 
the network will receive this type of broadcast message but only the DHCP 
servers respond to it.
■Offering stage. This is the stage when the DHCP servers offer IP addresses. 
Upon receiving the client DHCP_Discover message, the DHCP servers select 
an unallocated IP address from the IP address pools for the DHCP client, and 
send the DHCP_Offer message containing leased IP address and other 
settings to the DHCP client.
■Selecting stage. This is the stage when the DHCP client selects the IP 
address offered by a certain DHCP server. If multiple DHCP servers send the 
DHCP_Offer messages to it, the DHCP client will accept only the first 
received DHCP_Offer message. Then, it will respond with a DHCP_Request 
message by means of broadcasting. This message requests the selected 
DHCP server for an IP address.
■Acknowledgement stage. This is the stage when the DHCP server 
acknowledges the offered IP address. Upon receiving the DHCP_Request 
message from the DHCP client, the DHCP server sends back a DHCP_ACK 
message containing the offered IP address and other settings to the DHCP 
client, advising that the offered IP address can be used. Then, the DHCP 
client will bind its TCP/IP suite with the network card. Except the server 
selected by the DHCP client, other DHCP servers will use their unallocated IP 
addresses for the applications of other clients for IP addresses.
■DHCP client logs into the network again:
■Once the DHCP client logs into the network correctly, it merely needs to 
send the DHCP_Request message containing the IP address allocated 
previously (there is no need to send a DHCP_Discover message once again).
■Upon receiving the DHCP_Request message, the DHCP server will allow the 
DHCP client to continue to use the original IP address and will return the 
DHCP_ACK message.
■If the IP address can not be allocated to the DHCP client again (in this case, 
the IP address has been allocated to another DHCP client), the DHCP server 
will return a DHCP_NAK message. When the DHCP client receives the 
DHCP_NAK message, it needs to send a DHCP_Discover message to request 
a new IP address.
In addition, you can use the ipconfig /release_all command in the 
command line on the user PC (that is, the DHCP client) to release the IP 
address. In this case, the user PC sends a DHCP_Release message to the DHCP 
server. Then, you can use the
 ipconfig /renew_all command on the user PC 
to apply for a new IP address. In this case, the user PC sends a DHCP_Discover 
message to the DHCP server.
■DHCP client extends the valid period for leasing the IP address:
■The dynamic IP address of the DHCP client allocated by the DHCP server 
usually has a certain valid leasing period. Upon the expiry, the DHCP server  
						

							336CHAPTER 21: CONFIGURING IP APPLICATION
will take back the IP address. If the DHCP client wants to continue to use 
this address, it should renew the IP leasing contract such as extending the 
leasing contract of the IP address.
■In practice, the DHCP client will automatically send the message for 
renewing the IP leasing contract to the DHCP server when the DHCP client 
starts up or half of the valid period of the IP leasing contract has expired. To 
renew the IP leasing contract, the DHCP client will send a DHCP_Discover 
message to the DHCP server. If the IP address is valid, the DHCP server will 
send back a DHCP_ACK message to notify the DHCP client that it has 
obtained a new IP leasing contract. In addition, the 
ipconfig /renew 
command can be used on the user PC (that is, the DHCP client) to renew its 
IP leasing contract.
■Priority sequence in which the DHCP server allocates IP address to the client
The DHCP server will select an IP address for a client in the following order:
aIP address in the DHCP Server database, which is statically bound with the 
MAC address of the client.
bIP address that was used by the client.
cAddress in the requested IP address option contained in the DHCP_Discover 
message sent by the client.
dIP address that is first found when searching for the IP addresses available for 
allocation in the DHCP address pool in sequence.
eReport the error, if no IP address is available for allocation after going through 
the above steps.
■Applications of DHCP Server
In practice, to improve the serving efficiency of DHCP servers, a DHCP server 
will probably be used to serve the clients beyond the LAN. Normally, routers 
have been added with the function of DHCP relay proxy (that is, providing the 
across-segment transmission of DHCP packets). Clients in the LAN can 
communicate with the DHCP servers in other subnetworks through the DHCP 
relay proxy and finally obtain legal IP addresses.
Figure 125   Integrated networking application of DHCP server and DHCP relay
Normally, DHCP relay proxy can either be a host or a router as long as the 
service program of DHCP relay proxy is enabled.
DHCP Server 
ConfigurationDHCP server configuration includes:
■Enable/Disable the DHCP service
■Create a DHCP address pool
  LAN
RouterDHCP Server
  Client
Client
 Client
Client
InternetRouter DHCP Relay