⚙️ Juniper DHCP 錯誤排除與正確設定教學
在 Junos OS 上建立 DHCP 伺服器時,若輸入命令如
set access address-assignment pool ... 時出現持續錯誤訊息,
通常與 命令層級、介面綁定、或版本相容性 有關。
以下整理常見問題、原因與解決方法。
🚫 常見錯誤原因與解法
1️⃣ 命令未完整輸入
錯誤示例:
set access address-assignment pool LAN-POOL family inet dhcp-a
error: syntax error
🔍 原因:命令未輸入完整,應為 dhcp-attributes。
✅ 正確寫法:
set access address-assignment pool LAN-POOL family inet dhcp-attributes name-server 8.8.8.8 set access address-assignment pool LAN-POOL family inet dhcp-attributes name-server 8.8.4.4 set access address-assignment pool LAN-POOL family inet dhcp-attributes router 192.168.20.254
💡 建議:使用 Tab 鍵自動補全,或輸入 ? 查看可用參數。
2️⃣ DHCP 尚未綁定介面
若出現:
error: statement not found
error: configuration check-out failed
🔍 原因:未設定 DHCP local-server group。
✅ 修正:
set system services dhcp-local-server group DHCP-GRP interface em1.0 set access address-assignment pool LAN-POOL family inet network 192.168.20.0/24
3️⃣ Zone 未設定(SRX 防火牆)
若 DHCP 服務在 SRX 上執行,需將介面加入 trust zone。
✅ 修正:
set security zones security-zone trust interfaces em1.0 host-inbound-traffic system-services dhcp
4️⃣ 舊版 Junos 不支援 access framework
若設備版本過舊(例如 12.x 以下),需改用傳統 DHCP 語法。
✅ 改用:
set system services dhcp pool 192.168.20.0/24 address-range low 192.168.20.100 high 192.168.20.200 set system services dhcp pool 192.168.20.0/24 router 192.168.20.254 set system services dhcp pool 192.168.20.0/24 name-server 8.8.8.8
✅ 完整可用範例
delete chassis auto-image-upgrade set system root-authentication plain-text-password # (輸入兩次密碼) set interfaces em1 unit 0 family inet address 192.168.20.254/24 set access address-assignment pool LAN-POOL family inet network 192.168.20.0/24 set access address-assignment pool LAN-POOL family inet range DHCP-RANGE low 192.168.20.100 set access address-assignment pool LAN-POOL family inet range DHCP-RANGE high 192.168.20.200 set access address-assignment pool LAN-POOL family inet dhcp-attributes router 192.168.20.254 set access address-assignment pool LAN-POOL family inet dhcp-attributes name-server 8.8.8.8 set access address-assignment pool LAN-POOL family inet dhcp-attributes name-server 8.8.4.4 set system services dhcp-local-server group DHCP-GRP interface em1.0 commit
📊 錯誤與解決摘要
| 問題 | 原因 | 解決方式 |
|---|---|---|
| 命令錯誤 | 未完整輸入 dhcp-attributes |
重新輸入正確層級命令 |
| 介面未綁定 | 未建立 dhcp-local-server group | 設定 set system services dhcp-local-server group ... |
| Zone 未設定 | trust 區域未允許 DHCP | 新增 inbound-traffic system-services dhcp |
| 版本不支援 | 舊版 Junos 不支援 access 模式 | 改用傳統 DHCP 語法 |
📚 參考資料
- Juniper 官方文件:DHCP Server Configuration
- Juniper Example:Basic DHCP Server Configuration
- Juniper Documentation Portal
— WWFandy・網路設備設定筆記
沒有留言:
張貼留言