Centos-DHCPServer安装
1、查询dhcp有没有被安装,如下没有被安装
[zfp@localhost ~]$ rpm -q dhcp
package dhcp is not installed
[zfp@localhost ~]$
2、查询yum网络源中有关dhcp的rpm包
[root@localhost zfp]# yum list |grep dhcp
dhcp.x86_64 12:4.1.1-53.P1.el6.centos.1 updates
dhcp-common.x86_64 12:4.1.1-53.P1.el6.centos.1 updates
dhcp-devel.i686 12:4.1.1-53.P1.el6.centos.1 updates
dhcp-devel.x86_64 12:4.1.1-53.P1.el6.centos.1 updates
sblim-cmpi-dhcp.i686 1.0-1.el6 base
sblim-cmpi-dhcp.x86_64 1.0-1.el6 base
sblim-cmpi-dhcp-devel.i686 1.0-1.el6 base
sblim-cmpi-dhcp-devel.x86_64 1.0-1.el6 base
sblim-cmpi-dhcp-test.x86_64 1.0-1.el6 base
3、安装dhcp
[root@localhost zfp]# yum install dhcp -y
4、查询是否安装成功
[root@localhost zfp]# rpm -q dhcp
dhcp-4.1.1-53.P1.el6.centos.1.x86_64
[root@localhost zfp]#
查询安装的含有dhcp字符串包名的rpm包
[root@localhost zfp]# rpm -qa |grep dhcp
dhcp-common-4.1.1-53.P1.el6.centos.1.x86_64
dhcp-4.1.1-53.P1.el6.centos.1.x86_64
5、修改配置文件/etc/dhcp/dhcpd.conf
此文件中,配置了两个网段的地址分配10.10.10.0/24和30.30.30.0/24
[root@localhost zfp]#vi /etc/dhcp/dhcpd.conf
ddns-update-style interim; #表示dhcp服务器和dns服务器的动态信息更新模式
ignore client-updates; #忽略客户端更新
subnet 10.10.10.0 netmask 255.255.255.0 { #意思是我所分配的ip地址所在的网段为192.168.145.0 子网掩码为255.255.255.0
range 10.10.10.100 10.10.10.200; #租用IP地址的范围
option domain-name-servers 114.114.114.114,8.8.8.8;
option domain-name "example.org";
option routers 10.10.10.1; #路由器地址,这里是当前 dhcp 机器的IP地址
option subnet-mask 255.255.255.0; #子网掩码
default-lease-time 600; #默认租约时间
max-lease-time 7200; #最大租约时间
#host myhost { #设置主机声明
#hardware ethernet 08:00:27:2C:30:8C; #指定dhcp客户的mac地址
#fixed-address 192.168.145.155; #给指定的mac地址分配ip
# }
}
subnet 30.30.30.0 netmask 255.255.255.0 { #意思是我所分配的ip地址所在的网段为192.168.145.0 子网掩码为255.255.255.0
range 30.30.30.100 30.30.30.200; #租用IP地址的范围
option domain-name-servers 8.8.8.8,114.114.114.114;
option domain-name "example.org";
option routers 30.30.30.1; #路由器地址,这里是当前 dhcp 机器的IP地址
option subnet-mask 255.255.255.0; #子网掩码
default-lease-time 600; #默认租约时间
max-lease-time 7200; #最大租约时间
#host myhost { #设置主机声明
#hardware ethernet 08:00:27:2C:30:8C; #指定dhcp客户的mac地址
#fixed-address 192.168.145.155; #给指定的mac地址分配ip
# }
}
6、创建的VLAN接口如下:
modprobe 8021q
[root@localhost network-scripts]# lsmod | grep 8021q
8021q 33208 0
garp 14384 1 8021q
mrp 18542 1 8021q
cp ifcfg-ens33 ifcfg-ens33.46
cat ifcfg-ens33.46
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33.46
UUID=ccb48002-8ac9-44ac-9054-ec5547e561b0
DEVICE=ens33.46
ONBOOT=yes
PEERDNS=yes
PEERROUTES=yes
IPV6ADDR=2222:7:7:7::2222/64
IPV6FORWARDING=yes
IPADDR=10.10.10.1
NETMASK=255.255.255.0
VLAN=yes
[root@localhost network-scripts]# cat ifcfg-ens33.955
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=no
IPV6_DEFROUTE=yes
IPV6_PEERDNS=yes
IPV6_PEERROUTES=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33.955
UUID=ccb48002-8ac9-44ac-9054-ec5547e561b0
DEVICE=ens33.955
ONBOOT=yes
PEERDNS=yes
PEERROUTES=yes
IPV6ADDR=2222:6:6:6::2222/64
IPV6FORWARDING=yes
IPADDR=30.30.30.1
NETMASK=255.255.255.0
VLAN=yes
systemctl restart network
[root@localhost zfp]#vim /etc/sysconfig/dhcpd
#DHCPDARGS=ens33.46 #指定在ens33.46接口上提供dhcpserver服务,这里注释掉,就会在/etc/dhcp/dhcpd.conf中寻找子网,在子网对应的网段接口上进行对应的地址分配。
7、开启dhcp服务
root@localhost zfp]#service dhcpd start (或者/etc/init.d/dhcpd start)
[root@localhost zfp]# service dhcpd status
dhcpd (pid 4478) 正在运行...
[root@localhost zfp]#
设置开机启动dhcpd
chkconfig dhcpd on
如果有报错,查看dhcp服务开启的时候,报什么错误cat /var/log/messages |grep dhcpd 或者tail -f /var/log/messages &
如下是正常开启dhcp服务的log信息
Aug 25 00:41:58 localhost dhcpd: Internet Systems Consortium DHCP Server 4.2.5
Aug 25 00:41:58 localhost dhcpd: Copyright 2004-2013 Internet Systems Consortium.
Aug 25 00:41:58 localhost dhcpd: All rights reserved.
Aug 25 00:41:58 localhost dhcpd: For info, please visit https://www.isc.org/software/dhcp/
Aug 25 00:41:58 localhost dhcpd: Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Aug 25 00:41:58 localhost dhcpd: Wrote 3 leases to leases file.
Aug 25 00:41:58 localhost dhcpd: ved.
Aug 25 00:41:58 localhost dhcpd: No subnet declaration for ens34:2 (100.100.100.1).
Aug 25 00:41:58 localhost dhcpd: ** Ignoring requests on ens34:2. If this is not what
Aug 25 00:41:58 localhost dhcpd: you want, please write a subnet declaration
Aug 25 00:41:58 localhost dhcpd: in your dhcpd.conf file for the network segment
Aug 25 00:41:58 localhost dhcpd: to which interface ens34:2 is attached. **
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: No subnet declaration for ens34:1 (40.10.10.1).
Aug 25 00:41:58 localhost dhcpd: ** Ignoring requests on ens34:1. If this is not what
Aug 25 00:41:58 localhost dhcpd: you want, please write a subnet declaration
Aug 25 00:41:58 localhost dhcpd: in your dhcpd.conf file for the network segment
Aug 25 00:41:58 localhost dhcpd: to which interface ens34:1 is attached. **
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: Listening on LPF/ens33.955/00:0c:29:18:ac:7f/30.30.30.0/24
Aug 25 00:41:58 localhost dhcpd: Sending on LPF/ens33.955/00:0c:29:18:ac:7f/30.30.30.0/24
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: No subnet declaration for ens33 (97.97.97.97).
Aug 25 00:41:58 localhost dhcpd: ** Ignoring requests on ens33. If this is not what
Aug 25 00:41:58 localhost dhcpd: you want, please write a subnet declaration
Aug 25 00:41:58 localhost dhcpd: in your dhcpd.conf file for the network segment
Aug 25 00:41:58 localhost dhcpd: to which interface ens33 is attached. **
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: Listening on LPF/ens33.46/00:0c:29:18:ac:7f/10.10.10.0/24
Aug 25 00:41:58 localhost dhcpd: Sending on LPF/ens33.46/00:0c:29:18:ac:7f/10.10.10.0/24
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: No subnet declaration for ens34 (192.168.66.3).
Aug 25 00:41:58 localhost dhcpd: ** Ignoring requests on ens34. If this is not what
Aug 25 00:41:58 localhost dhcpd: you want, please write a subnet declaration
Aug 25 00:41:58 localhost dhcpd: in your dhcpd.conf file for the network segment
Aug 25 00:41:58 localhost dhcpd: to which interface ens34 is attached. **
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: nt
Aug 25 00:41:58 localhost dhcpd: No subnet declaration for ens33.350 (21.21.21.1).
Aug 25 00:41:58 localhost dhcpd: ** Ignoring requests on ens33.350. If this is not what
Aug 25 00:41:58 localhost dhcpd: you want, please write a subnet declaration
Aug 25 00:41:58 localhost dhcpd: in your dhcpd.conf file for the network segment
Aug 25 00:41:58 localhost dhcpd: to which interface ens33.350 is attached. **
Aug 25 00:41:58 localhost dhcpd: nt
[root@localhost network-scripts]# netstat -anulp | grep :67
udp 0 0 0.0.0.0:67 0.0.0.0:* 4591/dhcpd
[root@localhost network-scripts]#
如果启动的时候出现错误(Can't chown new lease file: Operation not permitted),需修改/etc/rc.d/init.d/dhcpd文件中的
user=dhcpd
group=dhcpd
为
user=root
group=root
再启动尝试
如下FORWARD链中REJECT的规则,阻止了数据报文的转发,进行删除iptables -D FORWARD 1,然后service iptables save保存到配置
iptables -nvL FORWARD
Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
389 23343 REJECT all -- * * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
End Of File