DHCP服务
DHCP动态主机分配协议,它用于给某个网段上的主机进行动态分配IP地址和相关网络环境(网关和DNS服务信息)的配置工作,ADSL拨号就是应用了我们的DHCP协议。
DHCP的用途:
1.ip地址资源不能满足全部需求的子网。(IPS运行商)
2.ip地址经常变动的网络。(到处出差)
DHCP服务能够提供的配置信息:
1.网络接口的IP地址和子网掩码
2.网络接口IP地址对应的网络地址和广播地址
3.缺省的网关地址
4.DNS服务器地址
DHCP原理有四个阶段
1、DHCP DISCOVERY
2、DHCP OFFER
3、DHCP REQUEST
4、DHCP ACK
DHCP端口:
默认监听UDP端口67,68端口回应客户端 DHCPv6 client用于546号端口
DHCP其他概念:
dhcp客户端,dhcp服务器,dhcp中继代理(路由器),作用域(subnet),超级作用域,地址池,租约,选项类型,保留地址。
一、部署DHCP的服务器
1、下载DHCP服务
[root@stw2 ~]# yum -y install dhcp
2、更改DHCP配置文件
subnet:作用域(没有中继的时候,作用域就是自己)
range:地址池
routers:路由写网关
[root@stw2 ~]# vim /etc/dhcp/dhcpd.conf
[root@stw2 ~]# cp -p /usr/share/doc/dhcp-
dhcp-4.2.5/ dhcp-common-4.2.5/
[root@stw2 ~]# cp -p /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
[root@stw2 ~]# vim /etc/dhcp/dhcpd.conf
[root@stw2 ~]# systemctl restart dhcpd //防火墙已经关闭
[root@stw2 ~]# systemctl enable dhcpd
Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
客户端进行测试
[root@stw3 ~]# cd /etc/sysconfig/network-scripts/
[root@stw3 network-scripts]# vim ifcfg-ens33
[root@stw3 network-scripts]# systemctl restart network
查看IP地址是否获取
图形化查看
没有图形化用 cat /etc/resolv.conf 查看DNS
二、绑定MAC地址(网络设备,物理地址:唯一)
服务端更改配置文件
[root@stw2 ~]# vim /etc/dhcp/dhcpd.conf
[root@stw2 ~]# systemctl restart dhcpd
[root@stw2 ~]# systemctl enable dhcpd
客户端重启network服务
[root@stw3 ~]# systemctl restart network
查看DHCP获取到的IP地址是否是刚刚指定的地址
三、DHCP中继(获取不同网段的地址)
将主机3(中继)的网卡改回来(ens33的IP地址改为192.168.100.254,ens36的IP地址改为192.168.200.254)
[root@stw3 ~]# cd /etc/sysconfig/network-scripts/
[root@stw3 network-scripts]# vim ifcfg-ens33
[root@stw3 network-scripts]# systemctl restart network
添加一个网卡,配置网卡信息
[root@stw3 ~]# nmcli connection show
NAME UUID TYPE DEVICE
ens33 c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
virbr0 e30058e8-224c-4328-b4ef-20bedab3e93d bridge virbr0
Wired connection 1 80c4d30b-27a4-32a1-bb04-6c74d27f70ee ethernet ens36
[root@stw3 ~]# nmcli connection delete Wired\ connection\ 1
Connection 'Wired connection 1' (80c4d30b-27a4-32a1-bb04-6c74d27f70ee) successfully deleted.
[root@stw3 ~]# nmcli connection show
NAME UUID TYPE DEVICE
ens33 c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
virbr0 e30058e8-224c-4328-b4ef-20bedab3e93d bridge virbr0
[root@stw3 ~]# nmcli connection add con-name ens36 ifname ens36 type ethernet
Connection 'ens36' (6908bbb5-c858-400b-b2a0-1b5111a2f89b) successfully added.
[root@stw3 ~]# nmcli connection show
NAME UUID TYPE DEVICE
ens33 c96bc909-188e-ec64-3a96-6a90982b08ad ethernet ens33
ens36 6908bbb5-c858-400b-b2a0-1b5111a2f89b ethernet ens36
virbr0 e30058e8-224c-4328-b4ef-20bedab3e93d bridge virbr0
[root@stw3 ~]# nmcli connection modify ens36 ipv4.addresses 192.168.200.30/24 ipv4.gateway 192.168.200.254 ipv4.method manual connection.autoconnect yes
[root@stw3 ~]# nmcli connection up ens36
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/9)
[root@stw3 network-scripts]# vim ifcfg-ens36
[root@stw3 ~]# systemctl restart network
关闭防火墙,修改selinux
[root@stw3 ~]# systemctl stop firewalld.service
[root@stw3 ~]# systemctl disable firewalld.service
Removed symlink /etc/systemd/system/multi-user.target.wants/firewalld.service.
Removed symlink /etc/systemd/system/dbus-org.fedoraproject.FirewallD1.service.
[root@stw3 ~]# setenforce 0
[root@stw3 ~]# vim /etc/selinux/config
开启ipv4转发
[root@stw3 ~]# vim /etc/sysctl.conf
[root@stw3 ~]# sysctl -p
net.ipv4.ip_forward = 1
配置yum仓库,安装DHCP服务
[root@stw3 ~]# cd /etc/yum.repos.d/
[root@stw3 yum.repos.d]# ls
CentOS-Base.repo CentOS-Debuginfo.repo CentOS-Media.repo CentOS-Vault.repo
CentOS-CR.repo CentOS-fasttrack.repo CentOS-Sources.repo
[root@stw3 yum.repos.d]# rm -rf *
[root@stw3 yum.repos.d]# vim server.repo
[root@stw3 yum.repos.d]# mount /dev/cdrom /mnt
mount: /dev/sr0 is write-protected, mounting read-only
[root@stw3 yum.repos.d]# cat server.repo
[aa]
name=aa1
baseurl=file:///mnt
enabled=1
gpgcheck=0
[root@stw3 yum.repos.d]# yum -y install dhcp
服务器端更改配置文件
[root@stw2 ~]# vim /etc/dhcp/dhcpd.conf
在虚拟网络编辑器中先添加一个仅主机的网络
主机三(中继)的ens36改为自定义的自定义的VMnet3(仅主机模式)
[root@stw network-scripts]# systemctl restart network
客户端主机1中的ens33网卡也改为自定义的VMnet3(仅主机模式)
[root@stw3 ~]# systemctl restart network
主机3(中继)开启DHCP中继
[root@stw3 ~]# dhcrelay 192.168.100.20 //指向服务器端
Dropped all unnecessary capabilities.
Internet Systems Consortium DHCP Relay Agent 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/ens36/00:0c:29:3c:fd:da
Sending on LPF/ens36/00:0c:29:3c:fd:da
Listening on LPF/virbr0/52:54:00:07:f1:30
Sending on LPF/virbr0/52:54:00:07:f1:30
Listening on LPF/ens33/00:0c:29:3c:fd:d0
Sending on LPF/ens33/00:0c:29:3c:fd:d0
Sending on Socket/fallback
客户端主机1中开启DHCP服务
[root@stw network-scripts]# vim ifcfg-ens33
[root@stw network-scripts]# systemctl restart network
客户端(主机1)中查看是否获取到DHCP分配的IP地址
