相信大家在做dhcp试验的时候都比较简单吧,但是所有的原理你都明白么?下面让我带着你去走近dhcp,看看是不是和你想的一样简单哦。注:下文红色字体是我自己的理解,如有错误还希望大神们指出,在这里先谢过喽。
1.场景
某单位需要配置一台DHCP服务器给桌面PC机分配IP地址。这些PC机分配到三个VLAN中
网络 | Ip地址范围 | 网管 | 备注 | |||
VLAN1 |
|
| ||||
|
|
| ||||
|
|
|
DHCP服务器IP地址为192.168.101.11。
此单位的DNS服务器的地址为192.168.101.11、192.168.101.12
需要将192.168.101.111保留给无法配置静态IP地址的打印机,其MAC地址为:
00:40:95:30:43:B4
2. 实验环境
2.1.网络配置
为了避免实验用的DHCP服务器对现有网络的影响。在VMware Workstation环境中,可以将DHCP服务器及客户机的网络配置为仅主机(Host Only)模式。同时禁用此网络上的DHCP功能,具体操作如下:
进入虚拟网络编辑器。
在网络连接中选择VMnet1(仅主机模式),清除使用本地DHCP服务将IP地址分配给虚拟机复选框。
2.2.服务器安装
查看安装系统版本信息
# cat /etc/redhat-release
Red Hat Enterprise Linux Server release 6.4 (Santiago)
查看系统内核版本信息
# uname -a
Linux nan 2.6.32-358.el6.x86_64 #1 SMP Tue Jan 29 11:47:41 EST 2013 x86_64 x86_64 x86_64 GNU/Linux
2.3.服务器基本配置
查看网卡信息
# ifconfig (记着网卡名称)
eth2 Link encap:Ethernet HWaddr 00:0C:29:DE:D2:16
··· ········ ·············
··· ········ ·············
进入ip文件目录中
# cd /etc/sysconfig/network-scripts/
浏览network-scripts目录下文件
# ls
ifcfg-eth0 ifdown-isdn ifup-aliases ifup-plusb init.ipv6-global
ifcfg-lo ifdown-post ifup-bnep ifup-post net.hotplug
ifdown ifdown-ppp ifup-eth ifup-ppp network-functions
ifdown-bnep ifdown-routes ifup-ippp ifup-routes network-functions-ipv6
ifdown-eth ifdown-sit ifup-ipv6 ifup-sit
ifdown-ippp ifdown-tunnel ifup-isdn ifup-tunnel
ifdown-ipv6 ifup ifup-plip ifup-wireless
备份(养成备份的好习惯)
# cp ifcfg-eth0 nan
修改配置并保存IP文件
# vi ifcfg-eth0
DEVICE=eth2 (与之前查的网卡名称一致)
TYPE=Ethernet
ONBOOT=yes
NM_CONTROLLED=yes
BOOTPROTO=static
IPADDR=192.168.181.10
NETMASK=255.255.255.0
GATEWAY=192.168.181.1
:x (保存)
重启网络服务
# service network restart
Shutting down interface eth0: [ OK ]
Shutting down loopback interface: [ OK ]
Bringing up loopback interface: [ OK ]
Bringing up interface eth0: [ OK ]
为了方便试验建议,关闭防火墙和selinux
# service iptables stop
(停止防火墙 service iptables stop 启动防火墙 service iptables start 查看防火墙配置 iptables -L -n)
# chkconfig iptables off
(1) 重启后永久性生效:
开启:chkconfig iptables on
关闭:chkconfig iptables off
(2) 即时生效,重启后失效:
开启:service iptables start
关闭:service iptables stop
# vi /etc/sysconfig/selinux
SELINUX是美国国家安全局捐助给LINUX界的一个性能超强的安全软件,主要的作用是系统的进程做控制。关闭后一般不影响,在生产环境中一般都关闭。selinux不关很可能造成各种外部的连接不成功,比如ftp啊telnet啊,ssh啥的
翻译:
# This file controls the state of SELinux on the system. SELinux系统控制文件
# SELINUX= can take one of these three values: SELinux =可以采取这些三值:
# enforcing - SELinux security policy is enforced. 执行- SELinux安全政策的实施。
# permissive - SELinux prints warnings instead of enforcing.许可- SELinux打印警告而不是 强制执行。
# disabled - No SELinux policy is loaded. 禁用-没有SELinux策略加载。
SELINUX=enforcing 改为 disabled SELinux =执行 改为 禁用
# SELINUXTYPE= can take one of these two values: selinuxtype =可以把其中的一个值:
# targeted - Targeted processes are protected, 目标-定向过程受保护,
# mls - Multi Level Security protection. MLS -多层次的安全保护。
SELINUXTYPE=targeted selinuxtype =目标
重启以便生效
#reboot
3. DHCP服务器安装与配置
3.1.安装DHCP服务器组件
创建挂在目录并挂载(下面两个文件夹mnt、cdrom为习惯的写法)
# mkdir /mnt/cdrom
# mount /dev/cdrom /mnt/cdrom/
mount: block device /dev/sr0 is write-protected, mounting read-only
浏览DHCP组件
# cd /mnt/cdrom/Packages/
# ls dhcp*
dhcp-4.1.1-34.P1.el6.x86_64.rpm dhcp-common-4.1.1-34.P1.el6.x86_64.rpm
安装DHCP软件包
方法1:用rpm安装
# rpm -Uvh dhcp-4.1.1-34.P1.el6.x86_64.rpm
error: Failed dependencies:
portreserve is needed by dhcp-12:4.1.1-34.P1.el6.x86_64
解决包的依赖性
# rpm -Uvh dhcp-4.1.1-34.P1.el6.x86_64.rpm portreserve-0.0.4-9.el6.x86_64.rpm(依赖组件)
Preparing... ########################### [100%]
1:portreserve ########################### [ 50%]
2:dhcp ########################### [100%]
方法2:yum安装
# yum -y install dhcp
3.2.考察配置文件
查看配置文件
# rpm -qc dhcp (为主配置文件)
/etc/dhcp/dhcpd.conf
/etc/dhcp/dhcpd6.conf
/etc/openldap/schema/dhcp.schema
/etc/portreserve/dhcpd
/etc/sysconfig/dhcpd
/etc/sysconfig/dhcpd6
/etc/sysconfig/dhcrelay
/var/lib/dhcpd/dhcpd.leases
/var/lib/dhcpd/dhcpd6.leases
编辑配置文件
删除里面的内容配置如下内容
翻译:
option domain-name "abc.local"; 主机名
option domain-name-servers 192.168.101.11, 192.168.101.12; 主机dns
default-lease-time 600; 默认租约时间
max-lease-time 7200; 最大租约时间
subnet 192.168.101.0 netmask 255.255.255.0 { 子网和网络掩码
range dynamic-bootp 192.168.101.100 192.168.101.149;
range dynamic-bootp 192.168.101.160 192.168.101.253;
option routers 192.168.101.1; 网关
}
subnet 192.168.102.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.102.100 192.168.102.253;
option routers 192.168.102.1;
}
subnet 192.168.103.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.103.100 192.168.103.253;
option routers 192.168.103.1;
}
host printer1 { 打印机配置
hardware ethernet 00:40:95:30:43:B4; 指定LPAR的mac地址
fixed-address 192.168.188.111; 固定的ip地址
}
启动服务。
# service dhcpd start
Starting dhcpd: [ OK ]
查看日志,会看以下信息:
Internet Systems Consortium DHCP Server 4.1.1-P1
Copyright 2004-2010 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Wrote 0 leases to leases file.
Listening on LPF/eth0/00:50:56:b2:32:e5/192.168.101.0/24
Sending on LPF/eth0/00:50:56:b2:32:e5/192.168.101.0/24
Sending on Socket/fallback/fallback-net
配置服务自动启动。
# chkconfig dhcpd on
3.4.配置DHCP客户机
以XP为例,设置IP地址为自动获得
运行--cmd--ipconfig /release(ip释放)---ipconfig /renew(ip从新获取)
当此主机租用IP地址时,会看在日志中看到如下信息:
DHCPDISCOVER from 00:50:56:b2:a4:66 via eth0
DHCPOFFER on 192.168.101.100 to 00:50:56:b2:a4:66 (EDU-A8AB55B7C57) via eth0
Wrote 1 leases to leases file.
DHCPREQUEST for 192.168.101.100 (192.168.101.11) from 00:50:56:b2:a4:66 (EDU-A8AB55B7C57) via eth0
DHCPACK on 192.168.101.100 to 00:50:56:b2:a4:66 (EDU-A8AB55B7C57) via eth0
4.总结
(1)network服务起不来
原因是配置ifcfg-eth0有错误
(2)结果不成功
原因是前面使用DHCP服务没取消
(3)当出现错误的时候学会查看日志解决问题