目录
DHCP服务简介
DHCP(Dynamic Host Configuration Protocol,动态主机配置协议)是一种帮助计算机从DHCP服务器获取配置信息的自举协议,工作在应用层
DHCP的主程序是dhcpd,该程序调用的配置文件有:位于/etc/dhcp/dhcpd.conf路径下的主配置文件,其默认配置只有注释语句;主配置文件的模板文件位于/usr/share/doc/dhcp-server/dhcpd.conf.example路径下
基本操作
[root@CentOS ~]# systemctl start dhcpd
启动
[root@CentOS ~]# systemctl status dhcpd
查询状态
[root@CentOS ~]# systemctl stop dhcpd
停止
[root@CentOS ~]# systemctl enable dhcpd
设置开机自启动
[root@CentOS ~]# systemctl disable dhcpd
禁止开机自启动
[root@CentOS ~]# systemctl restart dhcpd
重启
[root@CentOS ~]# rpm -qa | grep dhcp 查询rpm格式的dhcp安装包在安装后会释放什么文件
dhcp-common-4.3.6-44.0.1.el8.noarch
dhcp-libs-4.3.6-44.0.1.el8.x86_64
dhcp-server-4.3.6-44.0.1.el8.x86_64
dhcp-client-4.3.6-44.0.1.el8.x86_64
[root@CentOS ~]# ps -e | grep dhcp 查看dhcp服务使用的是哪个进程
30383 ? 00:00:00 dhcpd
[root@CentOS ~]# netstat -alnp | grep dhcp 查看dhcp服务启用了什么端口
udp 0 0 0.0.0.0:67 0.0.0.0:* 30383/dhcpd
udp 0 0 0.0.0.0:48981 0.0.0.0:* 30383/dhcpd
udp6 0 0 :::59638 :::* 30383/dhcpd
raw 0 0 0.0.0.0:1 0.0.0.0:* 7 30383/dhcpd
unix 2 [ ] STREAM CONNECTED 196375 30383/dhcpd
unix 3 [ ] STREAM CONNECTED 196367 30383/dhcpd
unix 2 [ ] DGRAM 196370 30383/dhcpd
DHCP主配置文件
位于/etc/dhcp/dhcpd.conf路径下,默认配置如下
[root@CentOS ~]# vim /etc/dhcp/dhcpd.conf
# DHCP服务的主配置文件默认情况下是空的,注释里提供了配置参考的模板文件和说明文件
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp-server/dhcpd.conf.example 查看该路径下的dhcpd.conf.example模板文件
# see dhcpd.conf(5) man page 查看使用手册下的说明
#
#复制模板文件覆盖主配置文件
[root@CentOS ~]# cp -a /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp:是否覆盖'/etc/dhcp/dhcpd.conf'? y
#再次查看主配置文件
[root@CentOS ~]# vim /etc/dhcp/dhcpd.conf
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
subnet 10.152.187.0 netmask 255.255.255.0 {
}
# This is a very basic subnet declaration.
subnet 10.254.239.0 netmask 255.255.255.224 {
range 10.254.239.10 10.254.239.20;
option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
}
# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.
subnet 10.254.239.32 netmask 255.255.255.224 {
range dynamic-bootp 10.254.239.40 10.254.239.60;
option broadcast-address 10.254.239.31;
option routers rtr-239-32-1.example.org;
}
# A slightly different configuration for an internal subnet.
subnet 10.5.5.0 netmask 255.255.255.224 {
range 10.5.5.26 10.5.5.30;
option domain-name-servers ns1.internal.example.org;
option domain-name "internal.example.org";
option routers 10.5.5.1;
option broadcast-address 10.5.5.31;
default-lease-time 600;
max-lease-time 7200;
}
# Hosts which require special configuration options can be listed in
# host statements. If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific
information
# will still come from the host declaration.
host passacaglia {
hardware ethernet 0:0:c0:5d:bd:95;
filename "vmunix.passacaglia";
server-name "toccata.example.com";
}
# Fixed IP addresses can also be specified for hosts. These
addresses
# should not also be listed as being available for dynamic
assignment.
# Hosts for which fixed IP addresses have been specified can boot
using
# BOOTP or DHCP. Hosts for which no fixed address is specified
can only
# be booted with DHCP, unless there is an address range on the
subnet
# to which a BOOTP client is connected which has the dynamic-
bootp flag
# set.
host fantasia {
hardware ethernet 08:00:07:26:c0:a5;
fixed-address fantasia.example.com;
}
# You can declare a class of clients and then do address allocation
# based on that. The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.
class "foo" {
match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
}
shared-network 224-29 {
subnet 10.17.224.0 netmask 255.255.255.0 {
option routers rtr-224.example.org;
}
subnet 10.0.29.0 netmask 255.255.255.0 {
option routers rtr-29.example.org;
}
pool {
allow members of "foo";
range 10.17.224.10 10.17.224.250;
}
pool {
deny members of "foo";
range 10.0.29.10 10.0.29.230;
}
}
配置参数
全局配置 | 参数 | 作用 |
ddns-update-style 类型; | 定义DNS服务动态更新的类型,类型包括none(不支持动态更新)、interim(互动更新)和ad-hoc(特殊更新) | |
allow/ignore client-updates; | 允许/忽略客户机更新DNS记录 | |
局部配置 | 参数 | 作用 |
subnet 子网 netmask 子网掩码 { | 定义作用域,一个子网网段指定一个作用域,DHCP不跨网段提供服务时,其IP地址应与其IP地址池属一个网段;跨网段提供服务时,其IP地址应与地址池中的一部分IP属一个网段 | |
server-name 主机名; | 定义呈现给该子网内客户机的DHCP服务器名称 | |
option routers IPv4地址; | 定义客户机的网关地址 | |
option subnet-mask 子网掩码; | 定义客户机的子网掩码 | |
option-domain-name "域名"; | 定义DNS域名 | |
option domain-name-servers IPv4地址; | 定义DNS服务器地址 | |
range 最低位IPv4地址 最高位IPv4地址; | 定义服务器的IPv4地址池 | |
broadcase-address IPv4地址; | 定义客户机的广播地址 | |
ntp-server IPv4地址; | 定义客户机的网络时间服务器的地址 | |
nis-servers IPv4地址; | 定义客户机的NIS域服务器的地址 | |
default-lease-time 时间; | 定义默认租约时间,单位:秒 | |
max-lease-time 时间; | 定义最大租约时间,单位:秒 | |
time-offset 偏移差; | 定义客户机与格林尼治时间的偏移差 | |
} | ||
group{ | 定义多个需要特殊设置的主机归结为一个组,便于集中设置共同项 | |
host 主机名 { | 定义特殊设置的客户机 | |
hardware 网卡接口类型 MAC地址; | 指定网卡接口的类型与MAC地址 | |
fixed-address IPv4地址; | 分配某个固定的IP地址给该客户机 | |
} | ||
} |
题一
单独子网
参数 | 值 |
---|---|
默认租约时间 | 86400秒(1天) |
最大租约时间 | 604800秒(7天) |
IP地址池 | 192.168.0.51~192.168.0.150 |
子网掩码 | 255.255.255.0 |
网关地址 | 192.168.0.1 |
DNS服务地址 | 114.114.114.114 |
搜索域 | demo.com |
DNS动态更新 | 支持 |
客户机更新DNS记录 | 忽略 |
保留IP地址 | MAC为00:50:56:C0:00:01的主机使用192.168.0.50 |
服务器配置
#依据模板文件的格式写入配置文件
[root@CentOS ~]# vim /etc/dhcp/dhcpd.conf
ddns-update-style interim;
ignore client-updates;
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.51 192.168.0.150;
option subnet-mask 255.255.255.0;
option routers 192.168.0.1;
option domain-name "demo.com";
option domain-name-servers 114.114.114.114;
default-lease-time 86400;
max-lease-time 604800;
}
host dxzweb {
hardware Ethernet 00:50:56:C0:00:01;
fixed-address 192.168.0.50;
}
#服务器网络配置,需要固定IP
[root@CentOS ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=none
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=ens33
UUID=9cd45edd-4ec3-42e8-ba24-116fe6b22e92
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.0.254
客户端配置
Linux客户端
#修改网络配置
#虚拟机网卡切换到与服务器同一张
[root@CentOS ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=dhcp
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
NAME=ens33
UUID=9cd45edd-4ec3-42e8-ba24-116fe6b22e92
DEVICE=ens33
ONBOOT=yes
Windows客户端
操作流程:在右下角右键Internet选项——>打开网络和共享中心——>更改适配器设置——>找到服务器使用的那张网卡,右键属性——>单击“Internet 协议版本 4 (TCP/IPv4)”一项——>单击属性——>选中自动获得IP地址,选中自动获得DNS服务器地址,确定,确定,然后进入DOS命令行查看IP
客户端验证
#linux客户端
#重载网卡配置并启动网卡
[root@CentOS ~]# nmcli connection reload
[root@CentOS ~]# nmcli connection up ens33
连接已成功激活(D-Bus 活动路径:/org/freedesktop/NetworkManager/ActiveConnection/11
#查看网卡配置
[root@CentOS ~]# ifconfig ens33
ens33: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 192.168.0.51 netmask 255.255.255.0 broadcast 192.168.0.255
inet6 fe80::20c:29ff:fe80:ab1a prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:80:ab:1a txqueuelen 1000 (Ethernet)
RX packets 4194 bytes 410949 (401.3 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 1969 bytes 187615 (183.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
以太网适配器 VMware Network Adapter VMnet10:
连接特定的 DNS 后缀 . . . . . . . : demo.com
本地链接 IPv6 地址. . . . . . . . : fe80::4113:41db:f7bd:a585%84
IPv4 地址 . . . . . . . . . . . . : 192.168.0.52
子网掩码 . . . . . . . . . . . . : 255.255.255.0
默认网关. . . . . . . . . . . . . : 192.168.0.1
易错点
- 未给DHCP服务器指定IP地址,使用虚拟网卡分配的IP地址,服务启动失败
- 未将DHCP服务器的IP地址指定网段与IP地址池一致,服务启动失败
- 客户端与服务器连接时未使用同一网段或同一网卡,导致租约确认失败,IP分配失败