注册 登录  
 加关注
   显示下一条  |  关闭
温馨提示!由于新浪微博认证机制调整,您的新浪微博帐号绑定已过期,请重新绑定!立即重新绑定新浪微博》  |  关闭

无明

 
 
 

日志

 
 

多vlan dhcp server  

2013-01-09 15:51:05|  分类: 默认分类 |  标签: |举报 |字号 订阅

  下载LOFTER 我的照片书  |
安装  yum install dhcp 
 
占用的端口
dhcp服务器使用 UDP协议的 67 端口!
netstat -anulp | grep 67 
udp        0      0 0.0.0.0:67                  0.0.0.0:*                               11634/dhcpd 
 
配置文件
 cp /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample  /etc/dhcpd.conf
每个subnet对应一个vlan 一共10个subnet,192.168.50.1-192.168.59.1
# cat /etc/dhcpd.conf  
ddns-update-style interim; 
ignore client-updates; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.0.0 netmask 255.255.255.0 { 
 
# --- default gateway 
    range 192.168.0.10 192.168.0.126; 
    option routers          192.168.0.1; 
    option subnet-mask      255.255.255.0; 
 
    option nis-domain       "domain.org"; 
    option domain-name      "test"; 
    option domain-name-servers  202.106.46.151,202.106.0.20; 
 
    option time-offset      -18000; # Eastern Standard Time 
#   option ntp-servers      192.168.1.1; 
#   option netbios-name-servers 192.168.1.1; 
# --- Selects point-to-point node (default is hybrid). Don't change this unless 
# -- you understand Netbios very well 
#   option netbios-node-type 2; 
 
    #range dynamic-bootp 192.168.0.128 192.168.0.254; 
    default-lease-time 21600; 
    max-lease-time 43200; 
 
    # we want the nameserver to appear at a fixed address 
    host ns { 
        next-server marvin.redhat.com; 
        hardware ethernet 12:34:56:78:AB:CD; 
        fixed-address 207.175.42.254; 
    } 
 
subnet 192.168.51.0 netmask 255.255.255.0 { 
range 192.168.51.10 192.168.51.99; 
option routers   192.168.51.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-ser7ers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.52.0 netmask 255.255.255.0 { 
range 192.168.52.10 192.168.52.99; 
option routers   192.168.52.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.53.0 netmask 255.255.255.0 { 
range 192.168.53.10 192.168.53.99; 
option routers   192.168.53.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.54.0 netmask 255.255.255.0 { 
range 192.168.54.10 192.168.54.99; 
option routers   192.168.54.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.55.0 netmask 255.255.255.0 { 
range 192.168.55.10 192.168.55.99; 
option routers   192.168.55.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.56.0 netmask 255.255.255.0 { 
range 192.168.56.10 192.168.56.99; 
option routers   192.168.56.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.57.0 netmask 255.255.255.0 { 
range 192.168.57.10 192.168.57.99; 
option routers   192.168.57.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.58.0 netmask 255.255.255.0 { 
range 192.168.58.10 192.168.58.99; 
option routers   192.168.58.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.59.0 netmask 255.255.255.0 { 
range 192.168.59.10 192.168.59.99; 
option routers   192.168.59.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 
 
subnet 192.168.50.0 netmask 255.255.255.0 { 
range 192.168.50.10 192.168.50.99; 
option routers   192.168.50.1; 
option subnet-mask  255.255.255.0; 
option domain-name-servers      202.106.46.151,202.106.0.20; 
#option netbios-name-servers     192.168.6.10,10.20.6.10; 
option time-offset              -18000; 
default-lease-time 86400; 
max-lease-time 86400; 


参数详解
参考了这篇文章
ddns-update-style interim;      //配置使用过渡性DHCP-DNS互动更新模式 
 
ignore client-updates;       //忽略客户端更新 
 
subnet 192.168.0.0 netmask 255.255.255.0 {    //为192.168.0.0子网分配地址 
 
  option routers              192.168.0.1;   //为客户机指定默认网关 
 
  option subnet-mask         255.255.255.0;  //为客户机指定子网掩码 
 
  option nis-domain       "domain.org";//为客户机分配NIS域 
 
  option domain-name      "domain.org";//为客户机分配DNS域 
 
  option domain-name-servers   192.168.1.1;//分配的DNS地址 
 
  range dynamic-bootp 192.168.0.128 192.168.0.254; //地址池 
 
  default-lease-time   21600;          //默认租约时间(秒) 
 
  max-lease-time      43200;           //最大租约时间(秒) 
 
 
  
 
注:1)无论您创建一个还是多个作用域,其中必须要有一个作用域在subnet 之后的申明是该DHCP服务器的IP所在的子网地址,否则DHCP将无法启动,比如DHCP服务器的IP地址是192.168.1.1/24,那么必须有一个这样的作用域: 
 
    subnet 192.168.1.0 mask 255.255.255.0 { 
 
    } 
 
    2)若有多个DNS,需要用逗号分开,一一列出,如 
 
Option domain-name-servers   192.168.1.1,192.168.1.2;  
 
3)若为某一网段分配的地址并不是连续的,我们只需创建多条地址池记录,如: 
 
  Range dynamic-bootp 192.168.1.1 192.168.1.40;  
 
  Range dynamic-bootp 192.168.1.61 192.168.1.254; 
 
此时,便可分配192.168.1.0网段中的除去192.168.1.41-192.168.1.60范围的地址。 
 
  
 
(2)主机的绑定 
 
    对于有些客户机,我们总希望它们每次获取的IP都是固定的,这时可以进行主机绑定设置, 
 
 host  ns{ 
 
                next-server marvin.redhat.com; //设置用于定义服务器从引导文件中装入的主机名,用于无盘工作站 
 
                hardware ethernet 12:34:56:78:AB:CD; //要绑定的DHCP客户机的MAC地址 
 
                fixed-address 207.175.42.254; //要固定分配给DHCP客户机的IP地址 
 
        } 
 
  
 
(3)超级作用域 
超级作用域主要用在给不同网段的客户机分配地址的情况,配置时,只需要将多个作用域放在shared-network中即可,其形式如下: 
 
shared-network 名称{ 
 
subnet 子网地址 netmask 子网掩码 {}; 
 
subnet 子网地址 netmask 子网掩码 {}; 
 
...... 
 
 
  
 
(4)服务器选项 
如果dhcp中存在多个作用域,而且每个作用域均有一些相同的配置,这时我们可以减少配置工作量,将那些相同的配置统一放在超级作用域之外,如: 
 
shared-network 名称 {}; 
 
default-lease-time   21600;       
 
max-lease-time      43200;  
 
这样会为不同作用域的主机均设置相同的租约。 
 
  
 
(5)按照客户机的类别分配IP地址 
 
将客户机按照某种属性分类,根据不同的属性类分配不同范围的地址,如: 
 
subnet 192.168.10.0 network 255.255.255.0 { 
 
class  "vm" { 
 
match if substring (hardware,1,3)=00:0c:29 
 
}                         //根据MAC定义匹配虚拟机的类 
 
pool { 
 
allow members of "vm"; 
 
range 192.168.10.10 192.168.10.50; 
 
}                         //为匹配"vm"的客户机分配IP 
 
pool { 
 
deny members of "vm"; 
 
range 192.168.10.100 192.168.10.110; 
 
 
}                             //为不匹配"vm"的客户机分配IP 
 
  
 
4、语法检查 
#service dhcpd configtest 
 
5、启动DHCP服务 
#service dhcpd start 

 
dhcpd 日志
相关日志记录在 /var/log/messages,比如下面的!
tail /var/log/messages 
Sep 22 19:29:08 gw-new dhcpd: DHCPDISCOVER from 00:16:d3:46:0b:38 via 192.168.50.1 
Sep 22 19:29:09 gw-new dhcpd: DHCPOFFER on 192.168.50.99 to 00:16:d3:46:0b:38 (BJBXHH) via 192.168.50.1 
Sep 22 19:29:09 gw-new dhcpd: DHCPREQUEST for 192.168.50.99 (192.168.0.1) from 00:16:d3:46:0b:38 (BJBXHH) via 192.168.50.1 
Sep 22 19:29:09 gw-new dhcpd: DHCPACK on 192.168.50.99 to 00:16:d3:46:0b:38 (BJBXHH) via 192.168.50.1 
Sep 22 19:44:04 gw-new dhcpd: DHCPREQUEST for 192.168.0.125 from 00:22:68:1c:83:c3 (KevinChia) via 192.168.58.1: ignored (not authoritative). 


使用 dhcpd.log 记录日志
vim /etc/syslog.conf  
local0.*                        /var/log/dhcpd.log #添加此行 
 
vim /etc/dhcpd.conf  
log-facility local0;                               #添加此行 
 
touch /var/log/dhcpd.log                           #建立一个空文件 
 
/etc/init.d/syslog restart                         #重启syslog
Shutting down kernel logger:                               [  OK  ] 
Shutting down system logger:                               [  OK  ] 
Starting system logger:                                    [  OK  ] 
Starting kernel logger:                                    [  OK  ] 
/etc/init.d/dhcpd restart                          #重启dhcpd
Starting dhcpd:                                            [  OK  ] 
 
tail /var/log/dhcpd.log  
Sep 23 16:28:20 one dhcpd: Internet Systems Consortium DHCP Server V3.0.5-RedHat 
Sep 23 16:28:20 one dhcpd: Copyright 2004-2006 Internet Systems Consortium. 
Sep 23 16:28:20 one dhcpd: All rights reserved. 
Sep 23 16:28:20 one dhcpd: For info, please visit http://www.isc.org/sw/dhcp/ 
Sep 23 16:28:20 one dhcpd: Wrote 10 leases to leases file. 
Sep 23 16:28:20 one dhcpd: Listening on LPF/eth0/e2:ab:72:55:e2:e2/192.168.6/24 
Sep 23 16:28:20 one dhcpd: Sending on   LPF/eth0/e2:ab:72:55:e2:e2/192.168.6/24 
Sep 23 16:28:20 one dhcpd: Sending on   Socket/fallback/fallback-net

来源http://dngood.blog.51cto.com/446195/672222
  评论这张
 
阅读(596)| 评论(0)
推荐 转载

历史上的今天

评论

<#--最新日志,群博日志--> <#--推荐日志--> <#--引用记录--> <#--博主推荐--> <#--随机阅读--> <#--首页推荐--> <#--历史上的今天--> <#--被推荐日志--> <#--上一篇,下一篇--> <#-- 热度 --> <#-- 网易新闻广告 --> <#--右边模块结构--> <#--评论模块结构--> <#--引用模块结构--> <#--博主发起的投票-->
 
 
 
 
 
 
 
 
 
 
 
 
 
 

页脚

网易公司版权所有 ©1997-2018