實驗:搭建DHCP服務
7的網段為(一個僅主機,一個自定義vmnet6),6的網段設為橋接(172網段),dhcp發送報文是基於廣播機制,所以vmnet6必須是交換機,而不是路由器,使用vmnet6自己的僅主機和教室的上網環境不會沖突,
1、[root@centos7 ~]# yum install dhcp
[root@centos7 ~]# rpm -ql dhcp
/etc/NetworkManager
/etc/NetworkManager/dispatcher.d
/etc/NetworkManager/dispatcher.d/12-dhcpd
/etc/dhcp/dhcpd.conf
/etc/dhcp/scripts
/etc/dhcp/scripts/README.scripts
/etc/openldap/schema/dhcp.schema
/etc/sysconfig/dhcpd
/usr/bin/omshell
/usr/lib/systemd/system/dhcpd.service
/usr/lib/systemd/system/dhcpd6.service
/usr/lib/systemd/system/dhcrelay.service
/usr/sbin/dhcpd
2、[root@centos7 ~]# vim /etc/dhcp/dhcpd.conf
dhcpd.conf
#
Sample configuration file for ISC dhcpd
#
option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;
If this DHCP server is the official DHCP server for the local
network, the authoritative directive should be uncommented.
#authoritative;
Use this to send dhcp log messages to a different log file (you also
have to hack syslog.conf to complete the redirection).
log-facility local7;
No service will be given on this subnet, but declaring it helps the
DHCP server to understand the network topology.
subnet 10.152.187.0 netmask 255.255.255.0 {
}
3、把7的ens37設置為:
[root@centos7 network-scripts]# vim ifcfg-ens37
DEVICE=ens37
NETMASK=255.255.255.0
IPADDR=10.0.0.200
GATEWAY=10.0.0.1
BOOTPROTO=static
DNS1=223.5.5.5
DNS2=223.6.6.6
[root@centos7 network-scripts]# systemctl restart network
4、[root@centos7 network-scripts]# vim /etc/dhcp/dhcpd.conf
內容會顯示參考/usr/share/doc/dhcp-4.2.5/dhcpd.conf.example
cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
因為:dhcp是分配地址,也分配dns地址和域名,比如:
[root@centos7 ~]# cd .ssh
[root@centos7 .ssh]# cat /etc/resolv.conf
Generated by NetworkManager
search localdomain
nameserver 223.5.5.5
nameserver 223.6.6.6
nameserver 114.114.114.114
其中的“ search localdomain ”可以自動補出域名,比如:
[root@centos7 .ssh]# ping www
系統會自動tab出所要搜索的域名。
接著編輯[root@centos7 network-scripts]# vim /etc/dhcp/dhcpd.conf
#
Sample configuration file for ISC dhcpd
#
option definitions common to all supported networks...
option domain-name "magedu.com";
option domain-name-servers 223.5.5.5,223.6.6.6;
default-lease-time 86400;
max-lease-time 172800;
Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;
If this DHCP server is the official DHCP server for the local
network, the authoritative directive should be uncommented.
#authoritative;
Use this to send dhcp log messages to a different log file (you also
have to hack syslog.conf to complete the redirection).
log-facility local7;
No service will be given on this subnet, but declaring it helps the
DHCP server to understand the network topology.
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.10 10.0.0.100;
option routers 10.0.0.1;
}
This is a very basic subnet declaration.
subnet 10.254.239.0 netmask 255.255.255.224 {
range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
我們需要添加修改的內容有:
option domain-name "magedu.com";
option domain-name-servers 223.5.5.5,223.6.6.6;
default-lease-time 86400;
max-lease-time 172800;
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.10 10.0.0.100;
option routers 10.0.0.1;
}
5、開啟dhcp服務,並查看狀態:
[root@centos7 network-scripts]# systemctl restart dhcpd
[root@centos7 network-scripts]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2019-02-03 09:09:46 CST; 21s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 21382 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1
CGroup: /system.slice/dhcpd.service
└─21382 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -gro...
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: Sending on LPF/ens37/00:0c...4
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: [10B blob data]
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: No subnet declaration for en....
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: * Ignoring requests on ens3...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: you want, please write a ...n
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: in your dhcpd.conf file f...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: to which interface ens33 ...
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: nt
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: Sending on Socket/fallback...t
Feb 03 09:09:46 centos7.localdomain systemd[1]: Started DHCPv4 Server Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
其中會有報錯:
No subnet declaration for en....
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: * Ignoring requests on ens3...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: you want, please write a ...n
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: in your dhcpd.conf file f...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: to which interface ens33 ...
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: nt
我們在用10網段,所以沒必要在意報錯信息。
至此,我們的配置文件已編輯成功,已經可以對外提供服務了。
6、接著,我們修改客戶端eth0的IP,
valid_lft forever preferred_lft forever
[root@kehuduan ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0
DEVICE="eth0"
BOOTPROTO="dhcp"
HWADDR="00:0C:29:D1:AC:34"
IPV6INIT="yes"
MTU="1500"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="a99c5d17-c58d-4a43-b9f3-17ce04dcb416"
BOOTPROTO=dhcp
IPADDR=1.1.1.1
PREFIX=24
7、為了方便在xshell上操作,我們另添加一塊網卡(僅主機模式),[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 1.1.1.1/24 brd 1.1.1.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
此時,inet 1.1.1.1/24 IP已被獲取,我們開啟專屬dhcp的[root@kehuduan ~]# dhclient 工具:
[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 1.1.1.1/24 brd 1.1.1.255 scope global eth0
inet 10.0.0.10/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
此時 inet 10.0.0.10/24已被獲取,
我們可以驗證此IP是否確實是本主機IP獲取到的,方法如下:
[root@kehuduan ~]# cd /var/lib/dhclient/
[root@kehuduan dhclient]# ls
dhclient-eth0.leases dhclient.leases
[root@kehuduan dhclient]# cat dhclient.leases
lease {
interface "eth0";
fixed-address 10.0.0.10;
option subnet-mask 255.255.255.0;
option routers 10.0.0.1;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 223.5.5.5,223.6.6.6;
option dhcp-server-identifier 10.0.0.200;
option domain-name "magedu.com";
renew 6 2019/02/02 11:33:15;
rebind 6 2019/02/02 21:06:05;
expire 0 2019/02/03 00:06:05;
}
以上內容清清楚楚的顯示出全部信息!!!
此時我們應該把centos6客戶端的eth0網卡設置為“ bootpreto=dhcp ”
[root@kehuduan dhclient]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]
Bringing up interface eth1: Determining if ip address 192.168.141.100 is already in use for device eth1...
[ OK ]
[root@kehuduan dhclient]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
系統會追求穩定,IP還是10.0.0.10/24,
此刻,我們的dhcp服務已經搭建完成,可以去查看一下,[root@kehuduan ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
[root@kehuduan ~]# cat /etc/re
readahead.conf redhat-release resolv.conf
[root@kehuduan ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search magedu.com
nameserver 223.5.5.5
nameserver 223.6.6.6
路由中有一個0.0.0.0的10.0.0.1的網關,search的是magedu.com 已成功!!
[root@centos7 ~]# cd /var/lib/dhcpd/
[root@centos7 dhcpd]# ls
dhcpd6.leases dhcpd.leases dhcpd.leases~
[root@centos7 dhcpd]# ll
total 8
-rw-r--r-- 1 dhcpd dhcpd 0 May 15 2018 dhcpd6.leases
-rw-r--r-- 1 dhcpd dhcpd 679 Feb 3 09:59 dhcpd.leases
-rw-r--r-- 1 dhcpd dhcpd 125 Feb 2 22:56 dhcpd.leases~
[root@centos7 dhcpd]# cat dhcpd.leases
The format of this file is documented in the dhcpd.leases(5) manual page.
This lease file was written by isc-dhcp-4.2.5
server-duid "\000\001\000\001#\350\373\332\000\014)\207s!";
lease 10.0.0.10 {
starts 0 2019/02/03 01:42:21;
ends 1 2019/02/04 01:42:21;
cltt 0 2019/02/03 01:42:21;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 00:0c:29:d1:ac:34;
}
這地方可以查看eth0 的MAC 地址:
如果我們想實現固定的地址,比如,若是張三來的請求,我們想給他一個固定的IP地址,我們需要把MAC地址和ip綁定在一起,
[root@centos7 dhcpd]# vim /etc/dhcp/dhcpd.conf
[root@centos7 dhcpd]# vim /etc/dhcp/dhcpd.conf
Fixed IP addresses can also be specified for hosts. These addresses
should not also be listed as being available for dynamic assignment.
Hosts for which fixed IP addresses have been specified can boot using
BOOTP or DHCP. Hosts for which no fixed address is specified can only
be booted with DHCP, unless there is an address range on the subnet
to which a BOOTP client is connected which has the dynamic-bootp flag
set.
host fantasia {
hardware ethernet 08:00:07:26:c0:a5;
fixed-address fantasia.fugue.com;
}
host centos6 {
hardware ethern[root@centos7 dhcpd]# vim /etc/dhcp/dhcpd.conf
Fixed IP addresses can also be specified for hosts. These addresses
should not also be listed as being available for dynamic assignment.
Hosts for which fixed IP addresses have been specified can boot using
BOOTP or DHCP. Hosts for which no fixed address is specified can only
be booted with DHCP, unless there is an address range on the subnet
to which a BOOTP client is connected which has the dynamic-bootp flag
set.
host fantasia {
hardware ethernet 08:00:07:26:c0:a5;
fixed-address fantasia.fugue.com;
}
host centos6 {
hardware ethernet 00:0c:29:d1:ac:34;
fixed-address 10.0.0.123;
}
You can declare a class of clients and then do address allocation
based on that. The example below shows a case where all clients
in a certain class get addresses on the 10.17.224/24 subnet, and all
other clients get addresses on the 10.0.29/24 subnet.
class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}
shared-network 224-29 {
subnet 10.17.224.0 netmask 255.255.255.0 {
option routers rtr-224.example.org;
"/etc/dhcp/dhcpd.conf" 110L, 3400C et 00:0c:29:d1:ac:34;
fixed-address 10.0.0.123;
}
You can declare a class of clients and then do address allocation
based on that. The example below shows a case where all clients
in a certain class get addresses on the 10.17.224/24 subnet, and all
other clients get addresses on the 10.0.29/24 subnet.
class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}
shared-network 224-29 {
subnet 10.17.224.0 netmask 255.255.255.0 {
option routers rtr-224.example.org;
"/etc/dhcp/dhcpd.conf" 110L, 3400C
我們將“ host centos6 {
hardware ethernet 00:0c:29:d1:ac:34;
fixed-address 10.0.0.123;
} ” 添加進來即可!!
[root@centos7 dhcpd]# systemctl restart dhcpd
此時,我們在客戶端查看:
[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:3e brd ff:ff:ff:ff:ff:ff
inet 192.168.141.100/24 brd 192.168.141.255 scope global eth1
inet6 fe80::20c:29ff:fed1:ac3e/64 scope link
valid_lft forever preferred_lft forever
[root@kehuduan ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]
Bringing up interface eth1: Determining if ip address 192.168.141.100 is already in use for device eth1...
[ OK ]
[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.123/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:3e brd ff:ff:ff:ff:ff:ff
inet 192.168.141.100/24 brd 192.168.141.255 scope global eth1
inet6 fe80::20c:29ff:fed1:ac3e/64 scope link
valid_lft forever preferred_lft forever
可以看到,之前的10.0.0.10/24 重啟網卡後變成了10.0.0.123/24,用此方法我們也可以變相的實現靜態地址的效果,到此我們的dhcp實驗圓滿結束!!
(dhcp server是利用udp協議的67端口實現的,dhcp client是利用udp協議的68端口實現的)我們來查看一下:
[root@kehuduan ~]# ss -nul
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 :68 :
UNCONN 0 0 :68 :
說明是客戶端!!
[root@centos7 ~]# ss -nul
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 :67 :
UNCONN 0 0 %virbr0:67 :
UNCONN 0 0 :111 :
UNCONN 0 0 :893 :
UNCONN 0 0 :::111 :::
UNCONN 0 0 :::893 :::
說明是服務器!!
註意:想要基於網絡實現操作系統的自動化安裝,還要配置tftp服務!!
實驗:搭建DHCP服務