1、DHCP服务用途
DHCP是Dynamic Host Configuration Protocol的简写,DHCP服务器最主要的工作就是自动地将网络参数分配给网络中的每台计算机,让客户端的计算机在开机的时候就立即自动配置好网络参数,这些网络参数主要包括IP,netmask,network,gateway,DNS的地址等。
2、DHCP的工作原理
DHCP是一个基于广播的协议,它的操作可以归结为四个阶段,这些阶段是IP租用请求、IP租用提供、IP租用选择、IP租用确认。
1)、IP租用请求:在任何时候,客户计算机如果设置为自动获取IP地址,那么在它开机时,就会检查自己当前是否租用了一个IP地址,如果没有,它就向DCHP请求一个租用,由于该客户计算机并不知道DHCP服务器的地址,所以会用255.255.255.255作为目标地址,源地址使用0.0.0.0,在网络上广播一个DHCPDISCOVER消息,消息包含客户计算机的媒体访问控制(MAC)地址(网卡上内建的硬件地址)以及它的NetBIOS名字。
2)、IP租用提供:当DHCP服务器接收到一个来自客户的IP租用请求时,它会根据自己的作用域地址池为该客户保留一个IP地址并且在网络上广播一个来实现,该消息包含客户的MAC地址、服务器所能提供的IP地址、子网掩码、租用期限,以及提供该租用的DHCP服务器本身的IP地址。
3)、IP租用选择:如果子网还存在其它DHCP服务器,那么客户机在接受了某个DHCP服务器的DHCPOFFER消息后,它会广播一条包含提供租用的服务器的IP地址的DHCPREQUEST消息,在该子网中通告所有其它DHCP服务器它已经接受了一个地址的提供,其他DHCP服务器在接收到这条消息后,就会撤销为该客户提供的租用。然后把为该客户分配的租用地址返回到地址池中,该地址将可以重新作为一个有效地址提供给别的计算机使用。
4)、IP租用确认: DHCP服务器接收到来自客户的DHCPREQUEST消息,它就开始配置过程的最后一个阶段,这个确认阶段由DHCP服务器发送一个DHCPACK包给客户,该包包括一个租用期限和客户所请求的所有其它配置信息,至此,完成TCP/IP配置。
3、Linux下DHCP服务器端的配置
操作环境:
[root@nms ~]# uname -a
Linux nms.linux.com 2.6.32-696.el6.i686 #1 SMP Tue Mar 21 18:53:30 UTC 2017 i686 i686 i386 GNU/Linux
[root@nms ~]# cat /etc/redhat-release
CentOS release 6.9 (Final)
[root@nms ~]#
3.1 安装dhcp服务器所需软件
[root@nms ~]# yum install dhcp
Loaded plugins: fastestmirror, security
Setting up Install Process
Loading mirror speeds from cached hostfile
* base: mirrors.163.com
* extras: mirrors.163.com
* updates: mirrors.163.com
Resolving Dependencies
--> Running transaction check
---> Package dhcp.i686 12:4.1.1-53.P1.el6.centos.1 will be installed
--> Processing Dependency: dhcp-common = 12:4.1.1-53.P1.el6.centos.1 for package: 12:dhcp-4.1.1-53.P1.el6.centos.1.i686
--> Processing Dependency: portreserve for package: 12:dhcp-4.1.1-53.P1.el6.centos.1.i686
--> Running transaction check
---> Package dhcp-common.i686 12:4.1.1-53.P1.el6.centos will be updated
--> Processing Dependency: dhcp-common = 12:4.1.1-53.P1.el6.centos for package: 12:dhclient-4.1.1-53.P1.el6.centos.i686
---> Package dhcp-common.i686 12:4.1.1-53.P1.el6.centos.1 will be an update
---> Package portreserve.i686 0:0.0.4-11.el6 will be installed
--> Running transaction check
---> Package dhclient.i686 12:4.1.1-53.P1.el6.centos will be updated
---> Package dhclient.i686 12:4.1.1-53.P1.el6.centos.1 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
=============================================================================================================
Package Arch Version Repository Size
=============================================================================================================
Installing:
dhcp i686 12:4.1.1-53.P1.el6.centos.1 updates 825 k
Installing for dependencies:
portreserve i686 0.0.4-11.el6 base 23 k
Updating for dependencies:
dhclient i686 12:4.1.1-53.P1.el6.centos.1 updates 320 k
dhcp-common i686 12:4.1.1-53.P1.el6.centos.1 updates 144 k
Transaction Summary
=============================================================================================================
Install 2 Package(s)
Upgrade 2 Package(s)
Total download size: 1.3 M
Is this ok [y/N]:
3.2、查询DHCP安装后所提供的文件
[root@nms ~]# rpm -ql dhcp
/etc/dhcp
/etc/dhcp/dhcpd.conf #主要配置文件
/etc/dhcp/dhcpd6.conf
/etc/openldap/schema/dhcp.schema
/etc/portreserve/dhcpd
/etc/rc.d/init.d/dhcpd
/etc/rc.d/init.d/dhcpd6
/etc/rc.d/init.d/dhcrelay
/etc/rc.d/init.d/dhcrelay6
/etc/sysconfig/dhcpd
/etc/sysconfig/dhcpd6
/etc/sysconfig/dhcrelay
/etc/sysconfig/dhcrelay6
/usr/bin/omshell
/usr/sbin/dhcpd
/usr/sbin/dhcrelay
/usr/share/doc/dhcp-4.1.1
/usr/share/doc/dhcp-4.1.1/3.0b1-lease-convert
/usr/share/doc/dhcp-4.1.1/IANA-arp-parameters
/usr/share/doc/dhcp-4.1.1/README.ldap
/usr/share/doc/dhcp-4.1.1/api+protocol
/usr/share/doc/dhcp-4.1.1/dhclient-tz-exithook.sh
/usr/share/doc/dhcp-4.1.1/dhcpd-conf-to-ldap
/usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample
/usr/share/doc/dhcp-4.1.1/dhcpd6.conf.sample #示例文件
/usr/share/doc/dhcp-4.1.1/draft-ietf-dhc-ldap-schema-01.txt
/usr/share/doc/dhcp-4.1.1/ms2isc
/usr/share/doc/dhcp-4.1.1/ms2isc/Registry.perlmodule
/usr/share/doc/dhcp-4.1.1/ms2isc/ms2isc.pl
/usr/share/doc/dhcp-4.1.1/ms2isc/readme.txt
/usr/share/doc/dhcp-4.1.1/sethostname.sh
/usr/share/doc/dhcp-4.1.1/solaris.init
/usr/share/man/man1/omshell.1.gz
/usr/share/man/man5/dhcpd.conf.5.gz
/usr/share/man/man5/dhcpd.leases.5.gz
/usr/share/man/man8/dhcpd.8.gz
/usr/share/man/man8/dhcrelay.8.gz
/var/lib/dhcpd
/var/lib/dhcpd/dhcpd.leases #DHCP服务器端与客户端租约建立的起始与到期日就是记录在这个文件当中的
/var/lib/dhcpd/dhcpd6.leases
3.3、主要配置文件/etc/dhcp/dhcpd.conf
初装DHCP后此配置文件内容为空,如下:
[root@nms ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
# see 'man 5 dhcpd.conf'
#
根据提示,将/usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample示例文件复制成为/etc/dhcp/dhcpd.conf后,再手动修改示例文件即可;
[root@nms ~]# cp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.conf
cp: overwrite `/etc/dhcp/dhcpd.conf'? y
查看示例文件内容:
[root@nms ~]# cat /etc/dhcp/dhcpd.conf -n
1 # dhcpd.conf
2 #
3 # Sample configuration file for ISC dhcpd
4 #
5
6 # option definitions common to all supported networks...
7 option domain-name "example.org";
8 option domain-name-servers ns1.example.org, ns2.example.org;
9
10 default-lease-time 600;
11 max-lease-time 7200;
12
13 # Use this to enble / disable dynamic dns updates globally.
14 #ddns-update-style none;
15
16 # If this DHCP server is the official DHCP server for the local
17 # network, the authoritative directive should be uncommented.
18 #authoritative;
19
20 # Use this to send dhcp log messages to a different log file (you also
21 # have to hack syslog.conf to complete the redirection).
22 log-facility local7;
23
24 # No service will be given on this subnet, but declaring it helps the
25 # DHCP server to understand the network topology.
26
27 subnet 10.152.187.0 netmask 255.255.255.0 {
28 }
29
30 # This is a very basic subnet declaration.
31
32 subnet 10.254.239.0 netmask 255.255.255.224 {
33 range 10.254.239.10 10.254.239.20;
34 option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
35 }
36
37 # This declaration allows BOOTP clients to get dynamic addresses,
38 # which we don't really recommend.
39
40 subnet 10.254.239.32 netmask 255.255.255.224 {
41 range dynamic-bootp 10.254.239.40 10.254.239.60;
42 option broadcast-address 10.254.239.31;
43 option routers rtr-239-32-1.example.org;
44 }
45
46 # A slightly different configuration for an internal subnet.
47 subnet 10.5.5.0 netmask 255.255.255.224 {
48 range 10.5.5.26 10.5.5.30;
49 option domain-name-servers ns1.internal.example.org;
50 option domain-name "internal.example.org";
51 option routers 10.5.5.1;
52 option broadcast-address 10.5.5.31;
53 default-lease-time 600;
54 max-lease-time 7200;
55 }
56
57 # Hosts which require special configuration options can be listed in
58 # host statements. If no address is specified, the address will be
59 # allocated dynamically (if possible), but the host-specific information
60 # will still come from the host declaration.
61
62 host passacaglia {
63 hardware ethernet 0:0:c0:5d:bd:95;
64 filename "vmunix.passacaglia";
65 server-name "toccata.fugue.com";
66 }
67
68 # Fixed IP addresses can also be specified for hosts. These addresses
69 # should not also be listed as being available for dynamic assignment.
70 # Hosts for which fixed IP addresses have been specified can boot using
71 # BOOTP or DHCP. Hosts for which no fixed address is specified can only
72 # be booted with DHCP, unless there is an address range on the subnet
73 # to which a BOOTP client is connected which has the dynamic-bootp flag
74 # set.
75 host fantasia {
76 hardware ethernet 08:00:07:26:c0:a5;
77 fixed-address fantasia.fugue.com;
78 }
79
80 # You can declare a class of clients and then do address allocation
81 # based on that. The example below shows a case where all clients
82 # in a certain class get addresses on the 10.17.224/24 subnet, and all
83 # other clients get addresses on the 10.0.29/24 subnet.
84
85 class "foo" {
86 match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
87 }
88
89 shared-network 224-29 {
90 subnet 10.17.224.0 netmask 255.255.255.0 {
91 option routers rtr-224.example.org;
92 }
93 subnet 10.0.29.0 netmask 255.255.255.0 {
94 option routers rtr-29.example.org;
95 }
96 pool {
97 allow members of "foo";
98 range 10.17.224.10 10.17.224.250;
99 }
100 pool {
101 deny members of "foo";
102 range 10.0.29.10 10.0.29.230;
103 }
104 }
那么编写这个配置文件时必须要注意下面的规范:
- “#”为注释符号。
- 除了右括号“)”后面之外,其他的每一行配置最后都要以“’;”作为结尾。这很重要。
- 配置项目的语法形式主要是: “<参数代号> <配置内容> ” ,例如: " default-lease-time 7200; "
- 某些配置项目必须以option来定义,基本形式为 “ option <参数代码> <配置内容> ” 例如:
option domain-name "your.domain.name" ;
dhcpd.conf中的配置主要分为两大项目,一个是服务器运行的全局设置(global),一个是IP分配设置(动态或固定);
全局设置
- default-lease-time 时间 :默认的租约时间,后面的时间参数默认单位为秒;
- max-lease-time 时间 :规范用户所能要求的最大租约时间。也就是说,用户要求的租约时间超过此设置值,则以此值为准;
- option domain-name "域名" :默认域名后缀
- option domain-name-servers IP1,IP2 :这个设置参数可以修改客户端的/etc/resolv.conf文件,将nameserver后面接的DNS IP改成我们要设置的IP,特别注意设置参数末尾为servers(有s);
- ddns-update-style 类型: 设置ddns类型,暂不用设为none
- option-routers 路由器的地址 : 设定路由器的IP地址,routers记得需要加s才对!
IP分配设置
由于dhcp主要是针对局域网来分配IP参数的,因此在设置IP地址前我们在指定一个局域网(即DHCP待分配地址的区域)才行,指定局域网的方式使用如下参数:
subnet NETWORK_IP netmask NETMASK_IP { ........................... }
上面设置值当中,subnet与netmask是关键词,而大写部分就填上局域网参数,那括号内还有什么参数需要设置的呢?主要来设置IP是动态还是固定的;
- range IP1 IP2 ip1,ip2指的是分配给客户端使用的IP地址范围
例如内部网段是192.168.100.0/24 ,要分配的IP只有192.168.100.100-192.168.100.199,其他IP则保留下来可以这样设置
subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.1100 192.168.100.199 ;
}
- host 主机名 { ........ }。
host就是指定固定IP对应对固定MAC的设置值,主机名可以自己给予,不对大括号内就需要指定MAC与固定的IP了
例如要设置一台主机其MAC是实际地址: 00-25-11-8D-7E-8A ,设置其主机名为winxp ,且IP为192.168.100.10,则host部分可以这样写;
host winxp {
hardware ethernet 00-25-11-8D-7E-8A;
fixed-address 192.168.100.10 ;
}
整合起来IP分配设置为
subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.1100 192.168.100.199 ;
host winxp {
hardware ethernet 00-25-11-8D-7E-8A;
fixed-address 192.168.100.10 ;
}
}