CentOS7搭建DHCP服务器详解程序员

DHCP服务器：youxi1 192.168.1.6（外网）

测试主机：youxi2 192.168.1.7（外网）

DHCP是C/S模式，服务器端监听端口67/UDP（bootps），客户端默监听认端口68/UDP（bootpc）

(2).实验

1）在DHCP服务器上安装dhcp服务

[[email protected] ~]# yum -y install dhcp

2）在DHCP服务器添加一块网卡

使用命令ip a sh可以看到新加的网卡，但并没有相关配置文件

[[email protected] ~]# ip a sh 

1: lo: LOOPBACK,UP,LOWER_UP mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000 

 link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 

 inet 127.0.0.1/8 scope host lo 

 valid_lft forever preferred_lft forever 

 inet6 ::1/128 scope host 

 valid_lft forever preferred_lft forever 

2: ens33: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 

 link/ether 00:0c:29:72:1e:89 brd ff:ff:ff:ff:ff:ff 

 inet 192.168.1.6/24 brd 192.168.1.255 scope global ens33 

 valid_lft forever preferred_lft forever 

 inet6 fe80::20c:29ff:fe72:1e89/64 scope link 

 valid_lft forever preferred_lft forever 

3: ens38: BROADCAST,MULTICAST mtu 1500 qdisc noop state DOWN group default qlen 1000 

 link/ether 00:0c:29:72:1e:93 brd ff:ff:ff:ff:ff:ff 

[[email protected] ~]# ls /etc/sysconfig/network-scripts/ 

ifcfg-ens33 ifdown-ipv6 ifdown-Team ifup-eth ifup-post ifup-tunnel 

ifcfg-lo ifdown-isdn ifdown-TeamPort ifup-ippp ifup-ppp ifup-wireless 

ifdown ifdown-post ifdown-tunnel ifup-ipv6 ifup-routes init.ipv6-global 

ifdown-bnep ifdown-ppp ifup ifup-isdn ifup-sit network-functions 

ifdown-eth ifdown-routes ifup-aliases ifup-plip ifup-Team network-functions-ipv6 

ifdown-ippp ifdown-sit ifup-bnep ifup-plusb ifup-TeamPort 

这是直接拷贝ifcfg-ens33并重命名为ifcfg-ens38，并删除不要的配置信息，修改部分配置

[[email protected] ~]# cd /etc/sysconfig/network-scripts/ 

[[email protected] network-scripts]# cp ifcfg-ens33 ifcfg-ens38 

[[email protected] network-scripts]# cat ifcfg-ens38 

TYPE="Ethernet" 

PROXY_METHOD="none" 

BROWSER_ONLY="no" 

BOOTPROTO="static" 

DEFROUTE="yes" 

IPV4_FAILURE_FATAL="yes" 

IPADDR="192.168.2.6" 

NETMASK="255.255.255.0" 

GATEWAY="192.168.2.1" 

DNS1="192.168.2.1" 

NAME="ens38" 

DEVICE="ens38" 

ONBOOT="yes" 

[[email protected] network-scripts]# ifup ens38 //启用ens38网卡 

[[email protected] network-scripts]# ip a sh dev ens38 

3: ens38: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 

link/ether 00:0c:29:72:1e:93 brd ff:ff:ff:ff:ff:ff 

inet 192.168.2.6/24 brd 192.168.2.255 scope global ens38 

valid_lft forever preferred_lft forever 

inet6 fe80::20c:29ff:fe72:1e93/64 scope link 

valid_lft forever preferred_lft forever 

3）常用配置文件参数说明

subnet [网络号] netmask [子网掩码] { }

作用：定义作用域，指定子网掩码

range [起始IP地址] [结束IP地址]

作用：指定动态获取IP地址范围，可以声明多个range但范围不能重合。

option routers [IP地址]

作用：为客户端指定默认网关，可以全局可以局部

option domain-name [域名]

作用：为客户端指定默认的域，可以全局可以局部

option domain-name-servers [IP地址]

作用：为客户端指定默认DNS服务器地址，可以全局可以局部

default-lease-time [数字]

作用：默认最小租约期限（单位秒），可以全局可以局部

max-lease-time [数字]

作用：最长租约期限（单位秒），可以全局可以局部

host [主机注释名]{

hardware [硬件类型] [硬件地址]

fixed-address [IP地址]

}

作用：用于绑定IP地址，一般硬件类型是以太网（ethernet），硬件地址是MAC地址

log-facility [日志属性]

作用：定义自身的日志属性（在/etc/rsyslog.conf日志服务配置文件中定义相应的属性会将日志存放到何处）

4）编辑DHCP配置文件

dhcp配置文件地址是/etc/dhcp/dhcpd.conf

[[email protected] ~]# cat /etc/dhcp/dhcpd.conf 

# DHCP Server Configuration file. 

# see /usr/share/doc/dhcp*/dhcpd.conf.example 

# see dhcpd.conf(5) man page 

subnet 192.168.2.0 netmask 255.255.255.0 { 

 range 192.168.2.100 192.168.2.254; 

 option domain-name-servers 192.168.2.1; 

 option domain-name "test.cn"; 

 option routers 192.168.2.1; 

 option broadcast-address 192.168.2.255; 

 default-lease-time 600; 

 max-lease-time 7200; 

启动dhcpd，并开机自启

[[email protected] network-scripts]# systemctl start dhcpd 

[[email protected] network-scripts]# systemctl enable dhcpd 

[[email protected] network-scripts]# systemctl status dhcpd 

● dhcpd.service - DHCPv4 Server Daemon 

 Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: enabled) 

 Active: active (running) since 四 2019-05-16 23:06:15 CST; 11s ago 

 Docs: man:dhcpd(8) 

 man:dhcpd.conf(5) 

 Main PID: 8364 (dhcpd) 

 Status: "Dispatching packets..." 

 CGroup: /system.slice/dhcpd.service 

 └─8364 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid 

5月 16 23:06:15 youxi1 dhcpd[8364]: Sending on LPF/ens38/00:0c:29:72:1e:93/192.168.2.0/24 

5月 16 23:06:15 youxi1 dhcpd[8364]: ved. 

5月 16 23:06:15 youxi1 dhcpd[8364]: No subnet declaration for ens33 (192.168.1.6). 

5月 16 23:06:15 youxi1 dhcpd[8364]: ** Ignoring requests on ens33. If this is not what 

5月 16 23:06:15 youxi1 dhcpd[8364]: you want, please write a subnet declaration 

5月 16 23:06:15 youxi1 dhcpd[8364]: in your dhcpd.conf file for the network segment 

5月 16 23:06:15 youxi1 dhcpd[8364]: to which interface ens33 is attached. ** 

5月 16 23:06:15 youxi1 dhcpd[8364]: nt 

5月 16 23:06:15 youxi1 dhcpd[8364]: Sending on Socket/fallback/fallback-net 

5月 16 23:06:15 youxi1 systemd[1]: Started DHCPv4 Server Daemon.

5）添加测试主机网卡，一样LAN1

编辑ens38网卡配置文件，并启动

[[email protected] ~]# cd /etc/sysconfig/network-scripts/ 

[[email protected] network-scripts]# cp ifcfg-ens33 ifcfg-ens38 

[[email protected] network-scripts]# cat ifcfg-ens38 

TYPE="Ethernet" 

PROXY_METHOD="none" 

BROWSER_ONLY="no" 

BOOTPROTO="dhcp" 

DEFROUTE="yes" 

IPV4_FAILURE_FATAL="yes" 

NAME="ens38" 

DEVICE="ens38" 

ONBOOT="yes" 

[[email protected] network-scripts]# ifup ens38 

正在确定 ens38 的 IP 信息... 完成。 

[[email protected] network-scripts]# ip a sh dev ens38 

3: ens38: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 

link/ether 00:0c:29:f2:7e:5c brd ff:ff:ff:ff:ff:ff 

inet 192.168.2.100/24 brd 192.168.2.255 scope global dynamic ens38 

valid_lft 589sec preferred_lft 589sec 

inet6 fe80::20c:29ff:fef2:7e5c/64 scope link 

valid_lft forever preferred_lft forever 

6)如果想要IP绑定MAC

修改DHCP服务器上的配置文件，重启dhcp服务

[[email protected] ~]# cat /etc/dhcp/dhcpd.conf 

# DHCP Server Configuration file. 

# see /usr/share/doc/dhcp*/dhcpd.conf.example 

# see dhcpd.conf(5) man page 

subnet 192.168.2.0 netmask 255.255.255.0 { 

 range 192.168.2.100 192.168.2.254; 

 option domain-name-servers 192.168.2.1; 

 option domain-name "test.cn"; 

 option routers 192.168.2.1; 

 option broadcast-address 192.168.2.255; 

 default-lease-time 600; 

 max-lease-time 7200; 

 host youxi2{ 

 hardware ethernet 00:0c:29:f2:7e:5c; 

 fixed-address 192.168.2.200; 

}

[[email protected] ~]# systemctl restart dhcpd

重启测试主机上的network服务

[[email protected] ~]# ip a sh dev ens38 

3: ens38: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 

 link/ether 00:0c:29:f2:7e:5c brd ff:ff:ff:ff:ff:ff 

 inet 192.168.2.100/24 brd 192.168.2.255 scope global dynamic ens38 

 valid_lft 355sec preferred_lft 355sec 

 inet6 fe80::20c:29ff:fef2:7e5c/64 scope link 

 valid_lft forever preferred_lft forever 

[[email protected] ~]# systemctl restart network 

Job for network.service failed because the control process exited with error code. See "systemctl status network.service" and "journalctl -xe" for details. 

[[email protected] ~]# ip a sh dev ens38 

3: ens38: BROADCAST,MULTICAST,UP,LOWER_UP mtu 1500 qdisc pfifo_fast state UP group default qlen 1000 

 link/ether 00:0c:29:f2:7e:5c brd ff:ff:ff:ff:ff:ff 

 inet 192.168.2.200/24 brd 192.168.2.255 scope global dynamic ens38 

 valid_lft 546sec preferred_lft 546sec 

 inet6 fe80::20c:29ff:fef2:7e5c/64 scope link 

 valid_lft forever preferred_lft forever 

7）常看相关文件

DHCP服务器上的租约数据库文件

[[email protected] ~]# cat /var/lib/dhcpd/dhcpd.leases 

# The format of this file is documented in the dhcpd.leases(5) manual page. 

# This lease file was written by isc-dhcp-4.2.5 

lease 192.168.2.100 { 

 starts 6 2019/05/18 06:56:08; 

 ends 6 2019/05/18 07:06:08; 

 tstp 6 2019/05/18 07:06:08; 

 cltt 6 2019/05/18 06:56:08; 

 binding state active; 

 next binding state free; 

 rewind binding state free; 

 hardware ethernet 00:0c:29:f2:7e:5c; 

 client-hostname "youxi2"; 

server-duid "/000/001/000/001$p8/347/000/014)r/036/223"; 

在测试主机上查看DNS

[[email protected] ~]# cat /etc/resolv.conf 

; generated by /usr/sbin/dhclient-script 

search test.cn 

nameserver 192.168.1.1 

查看网关

[[email protected] ~]# route -n 

Kernel IP routing table 

Destination Gateway Genmask Flags Metric Ref Use Iface 

0.0.0.0 192.168.1.1 0.0.0.0 UG 0 0 0 ens33 

169.254.0.0 0.0.0.0 255.255.0.0 U 1002 0 0 ens33 

192.168.1.0 0.0.0.0 255.255.255.0 U 0 0 0 ens33 

192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 ens38 

原创文章，作者：ItWorker，如若转载，请注明出处：https://blog.ytso.com/2780.html