Linux DHCP 中继
程序员文章站
2022-10-29 21:12:40
具体到一个公司的网络环境中,不可能只有一个 VLAN,更不可能对每个 VLAN 都架设一个 DHCP 服务器,这时就要做一个 DHCP 的中继,使得 DHCP 的广播可以通过 VLAN 。 ......
具体到一个公司的网络环境中,不可能只有一个vlan,更不可能对每个vlan都架设一个dhcp服务器,这时就要做一个dhcp的中继,使得dhcp的广播可以通过vlan。
实验拓扑
三层交换机下面连接一台二层交换机,二层交换机下面连接一台dhcp server、两台客户机win10和win7。地址规划如下:
| 名称 | ip地址 |
|---|---|
| dhcp server | 192.168.100.100/24 |
| win10 | dhcp(192.168.10.188/24) |
| win7 | dhcp(192.168.20.100/24) |
配置方法
网关上配置
ip helper-address。
sw1(config)#int vlan 10 sw1(config-if)#ip add 192.168.10.1 255.255.255.0 sw1(config-if)#ip helper-address 192.168.100.100 sw1(config-if)#no sh sw1(config-if)#ex
network 配置过程
sw2
- 添加
vlan10、vlan20、vlan100。
sw2#configure terminal enter configuration commands, one per line. end with cntl/z.
sw2(config)#vlan 10,20,100
sw2(config-vlan)#ex
sw2(config)#do show vlan-sw b
vlan name status ports
---- -------------------------------- --------- -------------------------------
1 default active fa1/0, fa1/1, fa1/2, fa1/3
fa1/4, fa1/5, fa1/6, fa1/7
fa1/8, fa1/9, fa1/10, fa1/11
fa1/12, fa1/13, fa1/14, fa1/15
10 vlan0010 active
20 vlan0020 active
100 vlan0100 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
- 端口添加到
vlan。
sw2(config)#int f1/1
sw2(config-if)#sw m a
sw2(config-if)#sw a vlan 10
sw2(config-if)#ex
sw2(config)#int f1/2
sw2(config-if)#sw m a
sw2(config-if)#sw a vlan 20
sw2(config-if)#ex
sw2(config)#int f1/3
sw2(config-if)#sw m a
sw2(config-if)#sw a vlan 100
sw2(config-if)#ex
sw2(config)#do show vlan-sw b
vlan name status ports
---- -------------------------------- --------- -------------------------------
1 default active fa1/0, fa1/4, fa1/5, fa1/6
fa1/7, fa1/8, fa1/9, fa1/10
fa1/11, fa1/12, fa1/13, fa1/14
fa1/15
10 vlan0010 active fa1/1
20 vlan0020 active fa1/2
100 vlan0100 active fa1/3
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
- 配置
trunk。
sw2(config)#int f1/0 sw2(config-if)#sw m t sw2(config-if)#sw t e d sw2(config-if)#ex sw2(config)#do show int f1/0 switchport name: fa1/0 switchport: enabled administrative mode: trunk operational mode: trunk administrative trunking encapsulation: dot1q operational trunking encapsulation: dot1q negotiation of trunking: disabled access mode vlan: 0 ((inactive)) trunking native mode vlan: 1 (default) trunking vlans enabled: all trunking vlans active: 1,10,20,100 protected: false priority for untagged frames: 0 override vlan tag priority: false voice vlan: none appliance trust: none
- 关闭路由功能。
sw2(config)#no ip routing
sw1
- 配置
trunk。
sw1#configure terminal enter configuration commands, one per line. end with cntl/z.
sw1(config)#int f1/0 sw1(config-if)#sw m t sw1(config-if)#sw t e d sw1(config-if)#ex sw1(config)#do show int f1/0 switchport name: fa1/0 switchport: enabled administrative mode: trunk operational mode: trunk administrative trunking encapsulation: dot1q operational trunking encapsulation: dot1q negotiation of trunking: disabled access mode vlan: 0 ((inactive)) trunking native mode vlan: 1 (default) trunking vlans enabled: all trunking vlans active: 1,10,20,100 protected: false priority for untagged frames: 0 override vlan tag priority: false voice vlan: none appliance trust: none
- 添加
vlan10、vlan20、vlan100。
sw1(config)#vlan 10,20,100
sw1(config-vlan)#ex
sw1(config)#do show vlan-sw b
vlan name status ports
---- -------------------------------- --------- -------------------------------
1 default active fa1/0, fa1/1, fa1/2, fa1/3
fa1/4, fa1/5, fa1/6, fa1/7
fa1/8, fa1/9, fa1/10, fa1/11
fa1/12, fa1/13, fa1/14, fa1/15
10 vlan0010 active
20 vlan0020 active
100 vlan0100 active
1002 fddi-default act/unsup
1003 token-ring-default act/unsup
1004 fddinet-default act/unsup
1005 trnet-default act/unsup
- 配置网关地址、
ip helper-address。
sw1(config)#int vlan 10 sw1(config-if)#ip add 192.168.10.1 255.255.255.0 sw1(config-if)#ip helper-address 192.168.100.100 sw1(config-if)#no sh sw1(config-if)#ex sw1(config)#int vlan 20 sw1(config-if)#ip add 192.168.20.1 255.255.255.0 sw1(config-if)#ip helper-address 192.168.100.100 sw1(config-if)#no sh sw1(config-if)#ex sw1(config)#int vlan 100 sw1(config-if)#ip add 192.168.100.1 255.255.255.0 sw1(config-if)#ip helper-address 192.168.100.100 sw1(config-if)#no sh sw1(config-if)#ex sw1(config)#do show ip int b interface ip-address ok? method status protocol fastethernet0/0 unassigned yes unset administratively down down fastethernet0/1 unassigned yes unset administratively down down fastethernet1/0 unassigned yes unset up up fastethernet1/1 unassigned yes unset up down fastethernet1/2 unassigned yes unset up down fastethernet1/3 unassigned yes unset up down fastethernet1/4 unassigned yes unset up down fastethernet1/5 unassigned yes unset up down fastethernet1/6 unassigned yes unset up down fastethernet1/7 unassigned yes unset up down fastethernet1/8 unassigned yes unset up down fastethernet1/9 unassigned yes unset up down fastethernet1/10 unassigned yes unset up down fastethernet1/11 unassigned yes unset up down fastethernet1/12 unassigned yes unset up down fastethernet1/13 unassigned yes unset up down fastethernet1/14 unassigned yes unset up down fastethernet1/15 unassigned yes unset up down vlan1 unassigned yes unset up up vlan10 192.168.10.1 yes manual up up vlan20 192.168.20.1 yes manual up up vlan100 192.168.100.1 yes manual up up
dhcp 配置过程
安装 dhcp 服务
[root@localhost ~]# yum install dhcp -y
配置网卡静态 ip
[root@localhost ~]# cat > /etc/sysconfig/network-scripts/ifcfg-ens33 << eof > type=ethernet > bootproto=static > device=ens33 > onboot=yes > ipaddr=192.168.100.100 > netmask=255.255.255.0 > gateway=192.168.100.1 > eof
[root@localhost ~]# service network restart restarting network (via systemctl): [ ok ]
[root@localhost ~]# ifconfig ens33
ens33: flags=4163<up,broadcast,running,multicast> mtu 1500
inet 192.168.100.100 netmask 255.255.255.0 broadcast 192.168.100.255
inet6 fe80::20c:29ff:febc:ab96 prefixlen 64 scopeid 0x20<link>
ether 00:0c:29:bc:ab:96 txqueuelen 1000 (ethernet)
rx packets 2142 bytes 1951874 (1.8 mib)
rx errors 0 dropped 0 overruns 0 frame 0
tx packets 691 bytes 64359 (62.8 kib)
tx errors 0 dropped 0 overruns 0 carrier 0 collisions 0
编辑 dhcp 配置文件
[root@localhost ~]# cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf cp: overwrite ‘/etc/dhcp/dhcpd.conf’? y
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf
- 在
7-8行可以配置dns服务器名称、地址。
option domain-name "example.org"; option domain-name-servers 8.8.8.8;
- 在
10-11行可以配置dhcp租约时间。
default-lease-time 600; max-lease-time 7200;
- 在
22行可以配置日志信息。
log-facility local7;
- 在
27-40行配置网段信息。
subnet 192.168.10.0 netmask 255.255.255.0 {
range 192.168.10.100 192.168.10.200;
option routers 192.168.10.1;
}
subnet 192.168.20.0 netmask 255.255.255.0 {
range 192.168.20.100 192.168.20.200;
option routers 192.168.20.1;
}
subnet 192.168.100.0 netmask 255.255.255.0 {
range 192.168.100.100 192.168.100.200;
option routers 192.168.100.1;
}
- 在
87-90配置指定ip地址分配。
host win10 {
hardware ethernet 00:0c:29:ed:26:f4;
fixed-address 192.168.10.188;
}
启动 dhcp 服务
[root@localhost ~]# systemctl start dhcpd [root@localhost ~]# systemctl enable dhcpd created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service. [root@localhost ~]# netstat -nuap | grep dhcpd udp 0 0 0.0.0.0:67 0.0.0.0:* 42901/dhcpd
- 关闭防火墙、
selinux。
[root@localhost ~]# systemctl stop firewalld [root@localhost ~]# setenforce 0