实验:搭建DHCP服务

前期准备:centos7做服务器,centos6做客户端
7的网段为(一个仅主机,一个自定义vmnet6),6的网段设为桥接(172网段),dhcp发送报文是基于广播机制,所以vmnet6必须是交换机,而不是路由器,使用vmnet6自己的仅主机和教室的上网环境不会冲突,

1、[root@centos7 ~]# yum install dhcp
[root@centos7 ~]# rpm -ql dhcp
/etc/NetworkManager
/etc/NetworkManager/dispatcher.d
/etc/NetworkManager/dispatcher.d/12-dhcpd
/etc/dhcp/dhcpd.conf
/etc/dhcp/dhcpd6.conf
/etc/dhcp/scripts
/etc/dhcp/scripts/README.scripts
/etc/openldap/schema/dhcp.schema
/etc/sysconfig/dhcpd
/usr/bin/omshell
/usr/lib/systemd/system/dhcpd.service
/usr/lib/systemd/system/dhcpd6.service
/usr/lib/systemd/system/dhcrelay.service
/usr/sbin/dhcpd

2、[root@centos7 ~]# vim /etc/dhcp/dhcpd.conf

dhcpd.conf

#

Sample configuration file for ISC dhcpd

#

option definitions common to all supported networks...

option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;

default-lease-time 600;
max-lease-time 7200;

Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

If this DHCP server is the official DHCP server for the local

network, the authoritative directive should be uncommented.

#authoritative;

Use this to send dhcp log messages to a different log file (you also

have to hack syslog.conf to complete the redirection).

log-facility local7;

No service will be given on this subnet, but declaring it helps the

DHCP server to understand the network topology.

subnet 10.152.187.0 netmask 255.255.255.0 {
}

3、把7的ens37设置为:
[root@centos7 network-scripts]# vim ifcfg-ens37

DEVICE=ens37
NETMASK=255.255.255.0
IPADDR=10.0.0.200
GATEWAY=10.0.0.1
BOOTPROTO=static
DNS1=223.5.5.5
DNS2=223.6.6.6
[root@centos7 network-scripts]# systemctl restart network

4、[root@centos7 network-scripts]# vim /etc/dhcp/dhcpd.conf
内容会显示参考/usr/share/doc/dhcp-4.2.5/dhcpd.conf.example
cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
因为:dhcp是分配地址,也分配dns地址和域名,比如:
[root@centos7 ~]# cd .ssh
[root@centos7 .ssh]# cat /etc/resolv.conf

Generated by NetworkManager

search localdomain
nameserver 223.5.5.5
nameserver 223.6.6.6
nameserver 114.114.114.114
其中的“ search localdomain ”可以自动补出域名,比如:
[root@centos7 .ssh]# ping www
系统会自动tab出所要搜索的域名。
接着编辑[root@centos7 network-scripts]# vim /etc/dhcp/dhcpd.conf

#

Sample configuration file for ISC dhcpd

#

option definitions common to all supported networks...

option domain-name "magedu.com";
option domain-name-servers 223.5.5.5,223.6.6.6;

default-lease-time 86400;
max-lease-time 172800;

Use this to enble / disable dynamic dns updates globally.

#ddns-update-style none;

If this DHCP server is the official DHCP server for the local

network, the authoritative directive should be uncommented.

#authoritative;

Use this to send dhcp log messages to a different log file (you also

have to hack syslog.conf to complete the redirection).

log-facility local7;

No service will be given on this subnet, but declaring it helps the

DHCP server to understand the network topology.

subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.10 10.0.0.100;
option routers 10.0.0.1;
}

This is a very basic subnet declaration.

subnet 10.254.239.0 netmask 255.255.255.224 {
range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
我们需要添加修改的内容有:
option domain-name "magedu.com";
option domain-name-servers 223.5.5.5,223.6.6.6;

default-lease-time 86400;
max-lease-time 172800;

subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.10 10.0.0.100;
option routers 10.0.0.1;
}

5、开启dhcp服务,并查看状态:
[root@centos7 network-scripts]# systemctl restart dhcpd
[root@centos7 network-scripts]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
Active: active (running) since Sun 2019-02-03 09:09:46 CST; 21s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 21382 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1
CGroup: /system.slice/dhcpd.service
└─21382 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -gro...

Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: Sending on LPF/ens37/00:0c...4
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: [10B blob data]
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: No subnet declaration for en....
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: * Ignoring requests on ens3...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: you want, please write a ...n
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: in your dhcpd.conf file f...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: to which interface ens33 ...

Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: nt
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: Sending on Socket/fallback...t
Feb 03 09:09:46 centos7.localdomain systemd[1]: Started DHCPv4 Server Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
其中会有报错:
No subnet declaration for en....
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: * Ignoring requests on ens3...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: you want, please write a ...n
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: in your dhcpd.conf file f...t
Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: to which interface ens33 ...

Feb 03 09:09:46 centos7.localdomain dhcpd[21382]: nt
我们在用10网段,所以没必要在意报错信息。

至此,我们的配置文件已编辑成功,已经可以对外提供服务了。

6、接着,我们修改客户端eth0的IP,
valid_lft forever preferred_lft forever
[root@kehuduan ~]# vim /etc/sysconfig/network-scripts/ifcfg-eth0

DEVICE="eth0"
BOOTPROTO="dhcp"
HWADDR="00:0C:29:D1:AC:34"
IPV6INIT="yes"
MTU="1500"
NM_CONTROLLED="yes"
ONBOOT="yes"
TYPE="Ethernet"
UUID="a99c5d17-c58d-4a43-b9f3-17ce04dcb416"
BOOTPROTO=dhcp
IPADDR=1.1.1.1
PREFIX=24

7、为了方便在xshell上操作,我们另添加一块网卡(仅主机模式),[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 1.1.1.1/24 brd 1.1.1.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
此时,inet 1.1.1.1/24 IP已被获取,我们开启专属dhcp的[root@kehuduan ~]# dhclient 工具:
[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 1.1.1.1/24 brd 1.1.1.255 scope global eth0
inet 10.0.0.10/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
此时 inet 10.0.0.10/24已被获取,
我们可以验证此IP是否确实是本主机IP获取到的,方法如下:
[root@kehuduan ~]# cd /var/lib/dhclient/
[root@kehuduan dhclient]# ls
dhclient-eth0.leases dhclient.leases
[root@kehuduan dhclient]# cat dhclient.leases
lease {
interface "eth0";
fixed-address 10.0.0.10;
option subnet-mask 255.255.255.0;
option routers 10.0.0.1;
option dhcp-lease-time 86400;
option dhcp-message-type 5;
option domain-name-servers 223.5.5.5,223.6.6.6;
option dhcp-server-identifier 10.0.0.200;
option domain-name "magedu.com";
renew 6 2019/02/02 11:33:15;
rebind 6 2019/02/02 21:06:05;
expire 0 2019/02/03 00:06:05;
}
以上内容清清楚楚的显示出全部信息!!!

此时我们应该把centos6客户端的eth0网卡设置为“ bootpreto=dhcp ”
[root@kehuduan dhclient]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]
Bringing up interface eth1: Determining if ip address 192.168.141.100 is already in use for device eth1...
[ OK ]
[root@kehuduan dhclient]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
系统会追求稳定,IP还是10.0.0.10/24,

此刻,我们的dhcp服务已经搭建完成,可以去查看一下,

[root@kehuduan ~]# route -n
Kernel IP routing table
Destination Gateway Genmask Flags Metric Ref Use Iface
10.0.0.0 0.0.0.0 255.255.255.0 U 0 0 0 eth0
192.168.141.0 0.0.0.0 255.255.255.0 U 0 0 0 eth1
169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 eth0
169.254.0.0 0.0.0.0 255.255.0.0 U 1003 0 0 eth1
0.0.0.0 10.0.0.1 0.0.0.0 UG 0 0 0 eth0
[root@kehuduan ~]# cat /etc/re
readahead.conf redhat-release resolv.conf
[root@kehuduan ~]# cat /etc/resolv.conf
; generated by /sbin/dhclient-script
search magedu.com
nameserver 223.5.5.5
nameserver 223.6.6.6
路由中有一个0.0.0.0的10.0.0.1的网关,search的是magedu.com 已成功!!

[root@centos7 ~]# cd /var/lib/dhcpd/
[root@centos7 dhcpd]# ls
dhcpd6.leases dhcpd.leases dhcpd.leases~
[root@centos7 dhcpd]# ll
total 8
-rw-r--r-- 1 dhcpd dhcpd 0 May 15 2018 dhcpd6.leases
-rw-r--r-- 1 dhcpd dhcpd 679 Feb 3 09:59 dhcpd.leases
-rw-r--r-- 1 dhcpd dhcpd 125 Feb 2 22:56 dhcpd.leases~
[root@centos7 dhcpd]# cat dhcpd.leases

The format of this file is documented in the dhcpd.leases(5) manual page.

This lease file was written by isc-dhcp-4.2.5

server-duid "\000\001\000\001#\350\373\332\000\014)\207s!";

lease 10.0.0.10 {
starts 0 2019/02/03 01:42:21;
ends 1 2019/02/04 01:42:21;
cltt 0 2019/02/03 01:42:21;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 00:0c:29:d1:ac:34;
}
这地方可以查看eth0 的MAC 地址:

如果我们想实现固定的地址,比如,若是张三来的请求,我们想给他一个固定的IP地址,我们需要把MAC地址和ip绑定在一起,
[root@centos7 dhcpd]# vim /etc/dhcp/dhcpd.conf
[root@centos7 dhcpd]# vim /etc/dhcp/dhcpd.conf

Fixed IP addresses can also be specified for hosts. These addresses

should not also be listed as being available for dynamic assignment.

Hosts for which fixed IP addresses have been specified can boot using

BOOTP or DHCP. Hosts for which no fixed address is specified can only

be booted with DHCP, unless there is an address range on the subnet

to which a BOOTP client is connected which has the dynamic-bootp flag

set.

host fantasia {
hardware ethernet 08:00:07:26:c0:a5;
fixed-address fantasia.fugue.com;
}
host centos6 {
hardware ethern[root@centos7 dhcpd]# vim /etc/dhcp/dhcpd.conf

Fixed IP addresses can also be specified for hosts. These addresses

should not also be listed as being available for dynamic assignment.

Hosts for which fixed IP addresses have been specified can boot using

BOOTP or DHCP. Hosts for which no fixed address is specified can only

be booted with DHCP, unless there is an address range on the subnet

to which a BOOTP client is connected which has the dynamic-bootp flag

set.

host fantasia {
hardware ethernet 08:00:07:26:c0:a5;
fixed-address fantasia.fugue.com;
}
host centos6 {
hardware ethernet 00:0c:29:d1:ac:34;
fixed-address 10.0.0.123;
}

You can declare a class of clients and then do address allocation

based on that. The example below shows a case where all clients

in a certain class get addresses on the 10.17.224/24 subnet, and all

other clients get addresses on the 10.0.29/24 subnet.

class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}

shared-network 224-29 {
subnet 10.17.224.0 netmask 255.255.255.0 {
option routers rtr-224.example.org;
"/etc/dhcp/dhcpd.conf" 110L, 3400C et 00:0c:29:d1:ac:34;
fixed-address 10.0.0.123;
}

You can declare a class of clients and then do address allocation

based on that. The example below shows a case where all clients

in a certain class get addresses on the 10.17.224/24 subnet, and all

other clients get addresses on the 10.0.29/24 subnet.

class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}

shared-network 224-29 {
subnet 10.17.224.0 netmask 255.255.255.0 {
option routers rtr-224.example.org;
"/etc/dhcp/dhcpd.conf" 110L, 3400C
我们将“ host centos6 {
hardware ethernet 00:0c:29:d1:ac:34;
fixed-address 10.0.0.123;
} ” 添加进来即可!!
[root@centos7 dhcpd]# systemctl restart dhcpd

此时,我们在客户端查看:
[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.10/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:3e brd ff:ff:ff:ff:ff:ff
inet 192.168.141.100/24 brd 192.168.141.255 scope global eth1
inet6 fe80::20c:29ff:fed1:ac3e/64 scope link
valid_lft forever preferred_lft forever
[root@kehuduan ~]# service network restart
Shutting down interface eth0: [ OK ]
Shutting down interface eth1: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0:
Determining IP information for eth0... done.
[ OK ]
Bringing up interface eth1: Determining if ip address 192.168.141.100 is already in use for device eth1...
[ OK ]
[root@kehuduan ~]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:34 brd ff:ff:ff:ff:ff:ff
inet 10.0.0.123/24 brd 10.0.0.255 scope global eth0
inet6 fe80::20c:29ff:fed1:ac34/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000
link/ether 00:0c:29:d1:ac:3e brd ff:ff:ff:ff:ff:ff
inet 192.168.141.100/24 brd 192.168.141.255 scope global eth1
inet6 fe80::20c:29ff:fed1:ac3e/64 scope link
valid_lft forever preferred_lft forever
可以看到,之前的10.0.0.10/24 重启网卡后变成了10.0.0.123/24,用此方法我们也可以变相的实现静态地址的效果,到此我们的dhcp实验圆满结束!!

(dhcp server是利用udp协议的67端口实现的,dhcp client是利用udp协议的68端口实现的)我们来查看一下:

[root@kehuduan ~]# ss -nul
State Recv-Q Send-Q Local Address:Port Peer Address:Port
UNCONN 0 0 :68 :
UNCONN 0 0
:68 :
说明是客户端!!
[root@centos7 ~]# ss -nul
State Recv-Q Send-Q Local Address:Port Peer Address:Port

UNCONN 0 0 :67 :
UNCONN 0 0
%virbr0:67 :
UNCONN 0 0 :111 :
UNCONN 0 0
:893 :
UNCONN 0 0 :::111 :::
UNCONN 0 0 :::893 :::

说明是服务器!!

上一篇:DHCP三种配置


下一篇:DHCP与DHCP中继原理与配置!