This article is first published in the dark world.
I have been planning to learn about the configuration of the DHCP server. I have finally made time to learn this knowledge point over the past few days.
DHCP: The Dynamic Host Configuration Protocol is not described here. For children's shoes that are unclear, you can go to Baidu.
OS: centos6.5 64bit
Dual NIC: eth0 is an Internet Nic, and eth1 is an intranet Nic
The eth0 Nic can connect to the Internet normally as follows:
650) This. width = 650; "Title =" clip_image001 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image001 "src =" http://img1.51cto.com/attachment/201408/26/526870_140901917844AE.png "width =" 467 "Height =" 264 "/>
To configure the DHCP service, we must first install the DHCP software package, as shown below:
Yum-y install DHCP
650) This. width = 650; "Title =" clip_image002 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image002 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019178sCDF.png "width =" 666 "Height =" 216 "/>
650) This. width = 650; "Title =" clip_image003 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image003 "src =" http://img1.51cto.com/attachment/201408/26/526870_14090191799PcK.png "width =" 521 "Height =" 256 "/>
Check the file generated by installing the DHCP software package. As follows:
Rpm-QL | DHCP
650) This. width = 650; "Title =" clip_image004 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image004 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019179Z5Rx.png "width =" 431 "Height =" 490 "/>
We can see the configuration file of the DHCP service and the Startup file of the DHCP service.
We can see that the DHCP configuration file is/etc/DHCP/DHCPD. conf. However, the content of this configuration file is empty by default. We can copy one from the DHCP installation directory to/etc/DHCP. As follows:
VI/etc/DHCP/DHCPD. conf
650) This. width = 650; "Title =" clip_image005 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image005 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019180uRM7.png "width =" 366 "Height =" 133 "/>
CP/usr/share/doc/dhcp-4.1.1/DHCPD. conf. Sample/etc/DHCP/DHCPD. conf
650) This. width = 650; "Title =" clip_image006 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image006 "src =" http://img1.51cto.com/attachment/201408/26/526870_14090191807QNX.png "width =" 641 "Height =" 119 "/>
650) This. width = 650; "Title =" clip_image007 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image007 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019180ERIP.png "width =" 525 "Height =" 483 "/>
The DHCPD. conf file contains two parts: global configuration and local configuration:
1. When global configuration conflicts with local configuration, local configuration has a higher priority.
2. Each line in the configuration file must end with a semicolon, because no error is reported when DHCPD is started. You can only check the log file/var/log/message to see if the configuration file is faulty.
3. Local configuration must be included in a pair of brackets.
● Common parameters:
● Ddns-Update-style (none | interim | ad-hoc): defines the supported DNS dynamic update types, this parameter is required and must be placed in the first line and can only be used in global configuration.
● Default-lease-time: the default lease time of the Client IP address, in seconds. This parameter can be used globally or locally.
● Max-lesase-time: Maximum Client IP lease time, in seconds. This parameter can be set globally or locally.
● Subnet network No. netmask subnet mask {.....} : Define the scope.
● Starting IP address of range ending IP Address: Dynamic IP address range.
● Option routes IP Address: Default Gateway. This option can be used in both global and local configurations.
● Option subnet-mask subnet mask: Default subnet mask. This option can be used in both global and local configurations.
● Option domain-name-servers: DNS server address. This option can be used in both global and local configurations.
● Option domain-name: DNS suffix. This option can be used in both global and local configurations.
● Host name {.....} Reserve IP addresses for special machines.
Related examples are described as follows:
Ddns-Update-style none;
Subnet 10.5.5.0 netmask has been deployed successfully {set subnet Declaration
Range 10.5.5.26 10.5.5.30; set the IP address pool of DHCP.
Option domain-name-servers ns1.internal.example.org; set the DNS server address
Option domain-name "internal.example.org"; set the DNS suffix for the client
Option routers 10.5.5.1; set the default gateway to 192.168.2.1
Option broadcast-address 10.5.5.31; set the DHCP broadcast address
Default-lease-time 600; set the Default Client address lease period
Max-lease-time 7200; sets the maximum client address lease period
}
Host Ubuntu {for MAC address 00: 0C: 29: EE: 38: 80
Hardware Ethernet 00: 0C: 29: EE: 38: 80;
Fixed-address 10.5.5.3;
}
The configuration of this experiment is as follows:
More/etc/DHCP/DHCPD. conf
650) This. width = 650; "Title =" clip_image008 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image008 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019181Jogv.png "width =" 419 "Height =" 336 "/>
Option domain-name "ilanni.com ";
Option domain-name-servers 192.168.1.1, 223.5.5.5;
Default-lease-time 600;
Max-lease-time 7200;
Ddns-Update-style none;
Subnet 10.5.5.0 netmask 255.255.255.0 {
Range 10.5.5.2 10.5.5.254;
Option domain-name-servers 192.168.1.1;
Option routers 10.5.5.1;
Default-lease-time 600;
Max-lease-time 7200;
}
Host Ubuntu {
Hardware Ethernet 00: 0C: 29: EE: 38: 80;
Fixed-address 10.5.5.3;
}
Pay attention to the scope configuration, which is in the template configuration file. There are several versions, as shown below:
650) This. width = 650; "Title =" clip_image009 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image009 "src =" http://img1.51cto.com/attachment/201408/26/526870_14090191811szg.png "width =" 494 "Height =" 509 "/>
The last configuration option we used. After the above configuration file is saved, we will now set the network configurations for the two NICs of the DHCP server.
Let's set the eth0 Internet Nic. The specific configuration is as follows:
More/etc/sysconfig/network-scripts/ifcfg-eth0
650) This. width = 650; "Title =" clip_image010 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image010 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019181v8dw.png "width =" 488 "Height =" 286 "/>
The specific configuration of the eth1 Intranet Nic is as follows:
More/etc/sysconfig/network-scripts/ifcfg-eth1
650) This. width = 650; "Title =" clip_image011 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image011 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019182PafL.png "width =" 508 "Height =" 188 "/>
At the same time, because the local machine is a multi-nic machine, we also need to configure the NIC for DHCP listening. As follows:
VI/etc/sysconfig/DHCPD
650) This. width = 650; "Title =" clip_image012 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image012 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019182Aa1A.png "width =" 409 "Height =" 136 "/>
We have mentioned the Intranet Nic for eth1 Nic before. Therefore, eth1is entered in the NIC for DHCP listening.
After the above configuration is complete, we will start the DHCP service as follows:
650) This. width = 650; "Title =" clip_image013 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image013 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019182AQXS.png "width =" 552 "Height =" 131 "/>
In the preceding configuration file, we specially reserve the IP address 10.5.5.3 for the MAC address 00: 0C: 29: EE: 38: 80, which is not set for other machines.
Let's look at other machines first, as shown below:
650) This. width = 650; "Title =" clip_image014 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image014 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019183tIur.png "width =" 793 "Height =" 535 "/>
We can see that the machine has obtained the IP address and related information normally.
Check the machine with the reserved IP address as follows:
650) This. width = 650; "Title =" clip_image015 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image015 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019184JhJ4.png "width =" 1123 "Height =" 537 "/>
We can see that the machine sets the IP address manually, and the IP address is reserved.
In principle, our DHCP server has been configured. However, we will find that machines with obtained IP addresses cannot access the Internet, as shown below:
650) This. width = 650; "Title =" clip_image016 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image016 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019185NueK.png "width =" 581 "Height =" 309 "/>
This has nothing to do with the DHCP service itself. Instead, we need to enable the NAT service on the server where DHCP is located.
For ease of operation, we will temporarily disable the firewall of the server where DHCP is located, as shown below:
/Etc/init. d/iptables stop
650) This. width = 650; "Title =" clip_image017 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image017 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019185qgOc.png "width =" 668 "Height =" 400 "/>
Enable the IP forwarding function as follows:
650) This. width = 650; "Title =" clip_image018 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image018 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019185KQfH.png "width =" 493 "Height =" 295 "/>
Then run the sysctl-p command:
650) This. width = 650; "Title =" clip_image019 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image019 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019186rjKv.png "width =" 467 "Height =" 247 "/>
Note the error message shown in the figure because the bridge module is not loaded. Now we can manually load the module as follows:
Modprobe Bridge
Lsmod | grep Bridge
650) This. width = 650; "Title =" clip_image020 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image020 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019186lS6q.png "width =" 363 "Height =" 131 "/>
Then run the sysctl-p command again, as shown below:
650) This. width = 650; "Title =" clip_image021 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image021 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019186kyqk.png "width =" 337 "Height =" 257 "/>
After completing the preceding operations, run the following iptables command to enable the NAT network address translation function of iptables. As follows:
Iptables-T Nat-A postrouting-O eth0-J Masquerade
650) This. width = 650; "Title =" clip_image022 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image022 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019187BjGE.png "width =" 526 "Height =" 106 "/>
Eth0 is the Internet Nic.
You can use this command to enable the NAT address translation function of iptables. This command means that when a packet is to be forwarded, iptables will convert the IP address to the IP address of the eth0 interface. The advantage of the above command is that it does not need to care about the IP address of the interface, and the conversion will automatically proceed.
Or run the following command:
Iptables -- table Nat -- append postrouting -- Out-interface eth0-J Masquerade
Iptables -- append forward -- In-interface eth1-J accept
Now let's take a look at whether the client can connect to the Internet normally. As follows:
650) This. width = 650; "Title =" clip_image023 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image023 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019187hn89.png "width =" 722 "Height =" 623 "/>
The above operations on the firewall are temporary. The next time you restart the DHCP server client, you still cannot connect to the internet normally.
You can save the rule by saving/etc/init. d/iptables. As follows:
/Etc/init. d/iptables save
More/etc/sysconfig/iptables
650) This. width = 650; "Title =" clip_image024 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; margin: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image024 "src =" http://img1.51cto.com/attachment/201408/26/526870_14090191887xEn.png "width =" 541 "Height =" 223 "/>
Finally, let's check the database file/var/lib/DHCPD. leases of the lease, as shown below:
650) This. width = 650; "Title =" clip_image025 "style =" border-right-width: 0px; Background-image: none; border-bottom-width: 0px; padding-top: 0px; padding-left: 0px; padding-Right: 0px; border-top-width: 0px; "Border =" 0 "alt =" clip_image025 "src =" http://img1.51cto.com/attachment/201408/26/526870_1409019188R0kx.png "width =" 300 "Height =" 316 "/>
At this point, we have completed all the configurations related to the DHCP server. There is still a part of the knowledge not introduced here, which is related to PXE. In this section, we will introduce the unattended installation of Linux in Kickstart.
This article from the "muddy world" blog, please be sure to keep this source http://ilanni.blog.51cto.com/526870/1545030
Rotten mud: install and configure the DHCP server in centos