基于centos7.x 配置dhcp高可用双机热备服务器
centos7.x 配置dhcp高可用双机热备服务器
欢迎加QQ群:1026880196 进行交流学习
准备2台服务器 主dhcp服务器:115.231.150.130 备dhcp服务器:115.231.150.131 #2台系统版本/内核/时间/dhcp版本一致 1. 两台dhcp服务器安装dhcp服务包 yum -y install dhcp 2. 两台dhcp服务器时间同步 ntpdate time.windows.com hwclock --systohc 3. 主dhcp服务器配置(Primary 服务器的配置) vi /etc/dhcp/dhcpd.conf 修改为 local-address 115.231.150.130; default-lease-time 691200; # 8 days max-lease-time 691200; option domain-name-servers 223.5.5.5, 8.8.8.8; option domain-name "test.local"; failover peer "dhcp-failover" { # 声明failover的名字 primary; # 指定本服务器为Master address 115.231.150.130; # 监听failover消息的ip地址 port 647; # 本地监听failover消息的TCP端口 peer address 115.231.150.131; # 指定Slave服务器的ip地址 peer port 647; # Slave服务器上的监听failover消息的TCP端口 max-response-delay 30; # 同步信息最大延迟时间 max-unacked-updates 10; # 在收到对端BNDACK 消息之前最大可发送BNDUPD 消息的数量 load balance max seconds 3; mclt 3600; # 节点在互相通知之前更新一个租约的时间,ISC建议是36000 split 128; # 两个节点各分担50%的负荷 } subnet 115.231.150.128 netmask 255.255.255.192 { option routers 115.231.150.129; option subnet-mask 255.255.255.192; pool { failover peer "dhcp-failover"; range 115.231.150.132 115.231.150.190; deny dynamic bootp clients; } } 4. 备dhcp服务器配置(Secondary 服务器的配置) vi /etc/dhcp/dhcpd.conf local-address 115.231.150.131; default-lease-time 691200; # 8 days max-lease-time 691200; option domain-name-servers 223.5.5.5, 8.8.8.8; option domain-name "test.local"; failover peer "dhcp-failover" { secondary; # declare this to be the secondary server address 115.231.150.131; port 647; peer address 115.231.150.130; peer port 647; max-response-delay 30; max-unacked-updates 10; load balance max seconds 3; } subnet 115.231.150.128 netmask 255.255.255.192 { option routers 115.231.150.129; option subnet-mask 255.255.255.192; pool { failover peer "dhcp-failover"; range 115.231.150.132 115.231.150.190; deny dynamic bootp clients; } } 5. 同时重新启动两台DHCP服务器 systemctl enable dhcpd systemctl restart dhcpd systemctl status dhcpd 6. 2台dhcp服务器防火墙设置 firewall-cmd --zone=public --add-port=56412/tcp --permanent firewall-cmd --zone=public --add-port=123/udp --permanent firewall-cmd --zone=public --add-port=67/udp --permanent firewall-cmd --zone=public --add-port=68/udp --permanent firewall-cmd --zone=public --add-port=647/tcp --permanent firewall-cmd --zone=public --add-port=647/udp --permanent firewall-cmd --reload