(1).實驗環境
DHCP服務器:youxi1 192.168.1.6(外網)
測試主機:youxi2 192.168.1.7(外網)
DHCP是C/S模式,服務器端監聽端口67/UDP(bootps),客戶端默監聽認端口68/UDP(bootpc)
(2).實驗
1)在DHCP服務器上安裝dhcp服務
[root@youxi1 ~]# yum -y install dhcp
2)在DHCP服務器添加一塊網卡
使用命令ip a sh可以看到新加的網卡,但並沒有相關配置文件
[root@youxi1 ~]# ip a sh
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:72:1e:89 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.6/24 brd 192.168.1.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe72:1e89/64 scope link
valid_lft forever preferred_lft forever
3: ens38: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 00:0c:29:72:1e:93 brd ff:ff:ff:ff:ff:ff
[root@youxi1 ~]# ls /etc/sysconfig/network-scripts/
ifcfg-ens33 ifdown-ipv6 ifdown-Team ifup-eth ifup-post ifup-tunnel
ifcfg-lo ifdown-isdn ifdown-TeamPort ifup-ippp ifup-ppp ifup-wireless
ifdown ifdown-post ifdown-tunnel ifup-ipv6 ifup-routes init.ipv6-global
ifdown-bnep ifdown-ppp ifup ifup-isdn ifup-sit network-functions
ifdown-eth ifdown-routes ifup-aliases ifup-plip ifup-Team network-functions-ipv6
ifdown-ippp ifdown-sit ifup-bnep ifup-plusb ifup-TeamPort
這是直接拷貝ifcfg-ens33並重命名為ifcfg-ens38,並刪除不要的配置信息,修改部分配置
[root@youxi1 ~]# cd /etc/sysconfig/network-scripts/ [root@youxi1 network-scripts]# cp ifcfg-ens33 ifcfg-ens38 [root@youxi1 network-scripts]# cat ifcfg-ens38 TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="static" DEFROUTE="yes" IPV4_FAILURE_FATAL="yes" IPADDR="192.168.2.6" NETMASK="255.255.255.0" GATEWAY="192.168.2.1" DNS1="192.168.2.1" NAME="ens38" DEVICE="ens38" ONBOOT="yes" [root@youxi1 network-scripts]# ifup ens38 //啟用ens38網卡 [root@youxi1 network-scripts]# ip a sh dev ens38 3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:72:1e:93 brd ff:ff:ff:ff:ff:ff inet 192.168.2.6/24 brd 192.168.2.255 scope global ens38 valid_lft forever preferred_lft forever inet6 fe80::20c:29ff:fe72:1e93/64 scope link valid_lft forever preferred_lft forever
3)常用配置文件參數說明
subnet [網絡號] netmask [子網掩碼] {...}
作用:定義作用域,指定子網掩碼
range [起始IP地址] [結束IP地址]
作用:指定動態獲取IP地址范圍,可以聲明多個range但范圍不能重合。
option routers [IP地址]
作用:為客戶端指定默認網關,可以全局可以局部
option domain-name [域名]
作用:為客戶端指定默認的域,可以全局可以局部
option domain-name-servers [IP地址]
作用:為客戶端指定默認DNS服務器地址,可以全局可以局部
default-lease-time [數字]
作用:默認最小租約期限(單位秒),可以全局可以局部
max-lease-time [數字]
作用:最長租約期限(單位秒),可以全局可以局部
host [主機注釋名]{
hardware [硬件類型] [硬件地址]
fixed-address [IP地址]
}
作用:用於綁定IP地址,一般硬件類型是以太網(ethernet),硬件地址是MAC地址
log-facility [日志屬性]
作用:定義自身的日志屬性(在/etc/rsyslog.conf日志服務配置文件中定義相應的屬性會將日志存放到何處)
4)編輯DHCP配置文件
dhcp配置文件地址是/etc/dhcp/dhcpd.conf
[root@youxi1 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.100 192.168.2.254;
option domain-name-servers 192.168.2.1;
option domain-name "test.cn";
option routers 192.168.2.1;
option broadcast-address 192.168.2.255;
default-lease-time 600;
max-lease-time 7200;
}
啟動dhcpd,並開機自啟
[root@youxi1 network-scripts]# systemctl start dhcpd
[root@youxi1 network-scripts]# systemctl enable dhcpd
[root@youxi1 network-scripts]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: enabled)
Active: active (running) since 四 2019-05-16 23:06:15 CST; 11s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 8364 (dhcpd)
Status: "Dispatching packets..."
CGroup: /system.slice/dhcpd.service
└─8364 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
5月 16 23:06:15 youxi1 dhcpd[8364]: Sending on LPF/ens38/00:0c:29:72:1e:93/192.168.2.0/24
5月 16 23:06:15 youxi1 dhcpd[8364]: ved.
5月 16 23:06:15 youxi1 dhcpd[8364]: No subnet declaration for ens33 (192.168.1.6).
5月 16 23:06:15 youxi1 dhcpd[8364]: ** Ignoring requests on ens33. If this is not what
5月 16 23:06:15 youxi1 dhcpd[8364]: you want, please write a subnet declaration
5月 16 23:06:15 youxi1 dhcpd[8364]: in your dhcpd.conf file for the network segment
5月 16 23:06:15 youxi1 dhcpd[8364]: to which interface ens33 is attached. **
5月 16 23:06:15 youxi1 dhcpd[8364]: nt
5月 16 23:06:15 youxi1 dhcpd[8364]: Sending on Socket/fallback/fallback-net
5月 16 23:06:15 youxi1 systemd[1]: Started DHCPv4 Server Daemon.
5)添加測試主機網卡,一樣LAN1
編輯ens38網卡配置文件,並啟動
[root@youxi2 ~]# cd /etc/sysconfig/network-scripts/ [root@youxi2 network-scripts]# cp ifcfg-ens33 ifcfg-ens38 [root@youxi2 network-scripts]# cat ifcfg-ens38 TYPE="Ethernet" PROXY_METHOD="none" BROWSER_ONLY="no" BOOTPROTO="dhcp" DEFROUTE="yes" IPV4_FAILURE_FATAL="yes" NAME="ens38" DEVICE="ens38" ONBOOT="yes" [root@youxi2 network-scripts]# ifup ens38 正在確定 ens38 的 IP 信息... 完成。 [root@youxi2 network-scripts]# ip a sh dev ens38 3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 link/ether 00:0c:29:f2:7e:5c brd ff:ff:ff:ff:ff:ff inet 192.168.2.100/24 brd 192.168.2.255 scope global dynamic ens38 valid_lft 589sec preferred_lft 589sec inet6 fe80::20c:29ff:fef2:7e5c/64 scope link valid_lft forever preferred_lft forever
6)如果想要IP綁定MAC
修改DHCP服務器上的配置文件,重啟dhcp服務
[root@youxi1 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
#
subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.100 192.168.2.254;
option domain-name-servers 192.168.2.1;
option domain-name "test.cn";
option routers 192.168.2.1;
option broadcast-address 192.168.2.255;
default-lease-time 600;
max-lease-time 7200;
host youxi2{
hardware ethernet 00:0c:29:f2:7e:5c;
fixed-address 192.168.2.200;
}
}
[root@youxi1 ~]# systemctl restart dhcpd
重啟測試主機上的network服務
[root@youxi2 ~]# ip a sh dev ens38
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:f2:7e:5c brd ff:ff:ff:ff:ff:ff
inet 192.168.2.100/24 brd 192.168.2.255 scope global dynamic ens38
valid_lft 355sec preferred_lft 355sec
inet6 fe80::20c:29ff:fef2:7e5c/64 scope link
valid_lft forever preferred_lft forever
[root@youxi2 ~]# systemctl restart network
Job for network.service failed because the control process exited with error code. See "systemctl status network.service" and "journalctl -xe" for details.
[root@youxi2 ~]# ip a sh dev ens38
3: ens38: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 00:0c:29:f2:7e:5c brd ff:ff:ff:ff:ff:ff
inet 192.168.2.200/24 brd 192.168.2.255 scope global dynamic ens38
valid_lft 546sec preferred_lft 546sec
inet6 fe80::20c:29ff:fef2:7e5c/64 scope link
valid_lft forever preferred_lft forever
7)常看相關文件
DHCP服務器上的租約數據庫文件
[root@youxi1 ~]# cat /var/lib/dhcpd/dhcpd.leases
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.2.5
lease 192.168.2.100 {
starts 6 2019/05/18 06:56:08;
ends 6 2019/05/18 07:06:08;
tstp 6 2019/05/18 07:06:08;
cltt 6 2019/05/18 06:56:08;
binding state active;
next binding state free;
rewind binding state free;
hardware ethernet 00:0c:29:f2:7e:5c;
client-hostname "youxi2";
}
server-duid "\000\001\000\001$p8\347\000\014)r\036\223";
在測試主機上查看DNS
[root@youxi2 ~]# cat /etc/resolv.conf ; generated by /usr/sbin/dhclient-script search test.cn nameserver 192.168.1.1
查看網關
[root@youxi2 ~]# route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 ens33 169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 ens33 192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 ens38