服务器维护,服务器代维,安全设置,漏洞扫描,入侵检测服务

dirtysea 发表于 2010-7-2 11:17:17

DHCP安装配置

Ubuntu下DHCP安装配置
<span class="Apple-style-span" style="color: rgb(51, 51, 51); font-family: Verdana, Arial, Tahoma; line-height: 25px; "><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">DHCP服务器提供以下两种配置方法:</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  地址池</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  这种方法指定了一个用来动态的提供给第一个访问网络的DHCP客户端的IP地址池(有时也称作区域或范围)。当DHCP客户端离开网络超过一定时间后,IP地址就会被回收到地址池以供其它DHCP客户端使用。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  MAC地址</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  这种方法强制使用DHCP来区别每一块连接上网络的网卡的硬件地址,之后这块网卡每次连上网络请求DHCP服务时都为它提供这个固定的IP地址。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><img src="http://img.fengfly.com/uploads/allimg/c090323/123N20b9140-15N9.jpg" alt="如何在Ubuntu服务器上安装和配置DHCP服务" style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; border-top-style: none; border-right-style: none; border-bottom-style: none; border-left-style: none; border-width: initial; border-color: initial; "></p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  在ubuntu中安装DHCP服务</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  sudo apt-get install dhcp3-server</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  这样就完成安装了。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  配置DHCP服务器</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  如果你的Ubuntu服务器上用友2块网卡,你需要选择哪一块网卡用来 监听DHCP服务。默认 监听的是eth0。可以通过编辑/etc/default/dhcp3-server这个文件来改变这个默认值。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  sudo vi /etc/default/dhcp3-server</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  找到这行,</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  INTERFACES=”eth0″</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  使用下面这行替代它</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  INTERFACES=”eth1″</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  保存并退出。这一步可选。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  接下来你需要为/etc/dhcp3/dhcpd.conf文件创建一个备份。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  cp /etc/dhcp3/dhcpd.conf /etc/dhcp3/dhcpd.conf.back</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  使用下面的命令编辑/etc/dhcp3/dhcpd.conf文件</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  sudo vi /etc/dhcp3/dhcpd.conf</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  使用地址池的方法</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  你需要修改/etc/dhcp3/dhcpd.conf这个配置文件的以下部分:</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><code style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">default-lease-time 600;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">max-lease-time 7200;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option subnet-mask 255.255.255.0;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option broadcast-address 192.168.1.255;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option routers 192.168.1.254;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option domain-name-servers 192.168.1.1, 192.168.1.2;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option domain-name “yourdomainname.com”;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">subnet 192.168.1.0 netmask 255.255.255.0 {<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">range 192.168.1.10 192.168.1.200;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">}</code></p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  保存并退出文件</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  这会导致DHCP服务器提供一个从192.168.1.10-192.168.1.200这个范围的IP地址给客户端。如果客户端没有请求一个租期的话,服务器会默认提供600秒的地址租期给客户端。最大的(允许的)地址租期是7200秒。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  使用MAC地址的方法</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  使用这种方法你可以保留一个固定地址给一些或者所有机器。在下面的示例中我给server1,server2,printer1和priner2保留了固定的IP地址。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><code style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">default-lease-time 600;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">max-lease-time 7200;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option subnet-mask 255.255.255.0;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option broadcast-address 192.168.1.255;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option routers 192.168.1.254;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option domain-name-servers 192.168.1.1, 192.168.1.2;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">option domain-name “yourdomainname.com”;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">subnet 192.168.1.0 netmask 255.255.255.0 {<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">range 192.168.1.10 192.168.1.200;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">}<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">host server1 {<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">hardware ethernet 00:1b:63:ef:db:54;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">fixed-address 192.168.1.20;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">}<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">host server2 {<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">hardware ethernet 00:0a:95:b4:d4:b0;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">fixed-address 192.168.1.21;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">}<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">host printer1 {<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">hardware ethernet 00:16:cb:aa:2a:cd;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">fixed-address 192.168.1.22;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">}<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">host printer2 {<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">hardware ethernet 00:0a:95:f5:8f:b3;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">fixed-address 192.168.1.23;<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">}</code></p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  现在你需要使用下面命令来重启dhcp服务器。</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  sudo /etc/init.d/dhcp3-server restart</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  配置Ubuntu的DHCP客户端</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  如果你想配置你的Ubuntu桌面为DHCP客户端,使用以下步骤。你需要打开/etc/network/interface文件</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  sudo vi /etc/network/interfaces</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  确保你的配置文件含有以下行(eth0只是一个示例)</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; "><code style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">auto lo eth0<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">iface eth0 inet dhcp<br style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">iface lo inet loopback</code></p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  保存并退出文件</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  你需要使用下面的命令重启网络服务</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  sudo /etc/init.d/networking restart</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  如何找到DHCP服务器的IP地址</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  你需要使用下面的命令</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  sudo dhclient</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  或者</p><p style="padding-top: 0px; padding-right: 0px; padding-bottom: 0px; padding-left: 0px; margin-top: 0px; margin-right: 0px; margin-bottom: 0px; margin-left: 0px; ">  tail -n 15 /var/lib/dhcp3/dhclient.*.leases</p></span>

dirtysea 发表于 2018-9-20 18:01:21

CentOS安装及配置DHCP服务器本次实验OS:centos6.5 64bit双网卡:eth0为外网网卡,eth1为内网网卡eth0网卡外网可以正常连接互联网,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image001_thumb14.png要想配置DHCP服务,我们要先来安装DHCP软件包,如下:yum -y install dhcphttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image002_thumb14.pnghttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image003_thumb13.png检查安装DHCP软件包,所生成的文件。如下:rpm -ql |dhcphttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image004_thumb13.png通过上图我们可以看到有DHCP服务的配置文件以及DHCP服务的启动文件。通过上图我们可以知道,DHCP的配置文件为/etc/dhcp/dhcpd.conf。但该配置文件内容默认是空的,我们可以从dhcp安装目录下复制一个到/etc/dhcp/下。如下:vi /etc/dhcp/dhcpd.confhttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image005_thumb12.pngcp /usr/share/doc/dhcp-4.1.1/dhcpd.conf.sample /etc/dhcp/dhcpd.confhttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image006_thumb12.pnghttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image007_thumb11.pngdhcpd.conf文件有两大部分,分别是全局配置和局部配置:1、当全局配置与局部配置发生冲突时,局部配置优先级更高。2、配置文件中每一行必须以分号结尾,因为在启动dhcpd时是不会报错的,只能通过查看日志文件/var/log/message得知配置文件是否有问题。3、局部配置必须包含在一对中括号之间。●常用参数:●ddns-update-style (none|interim|ad-hoc):定义所支持的DNS动态更新类型,该参数必选且必须放在第一行且只能在全局配置中使用。●default-lease-time:客户端IP默认租约时间,单位秒,该参数可以在全局配置、局部配置均可使用。●max-lesase-time:客户端IP租约时间的最大值,单位秒,该参数可以在全局配置、局部配置均可使用。●subnet 网络号 netmask 子网掩码 {…..}:定义作用域。●range 起始IP 结束IP:动态IP地址范围。●option routes IP地址:默认网关,该选项可以在全局配置、局部配置均可使用。●option subnet-mask 子网掩码:默认子网掩码,该选项可以在全局配置、局部配置均可使用。●option domain-name-servers:DNS服务器地址,该选项可以在全局配置、局部配置均可使用。●option domain-name:DNS后缀,该选项可以在全局配置、局部配置均可使用。●host 名称 {…..} 为特殊机器保留IP地址。相关的事例说明如下:ddns-update-style none;subnet 10.5.5.0 netmask 255.255.255.224 {设置子网声明range 10.5.5.26 10.5.5.30;设置DHCP的IP地址池option domain-name-servers ns1.internal.example.org;设置DNS服务器地址option domain-name “internal.example.org”;为客户端设置DNS后缀option routers 10.5.5.1;设置缺省网关为192.168.2.1option broadcast-address 10.5.5.31;设置DHCP的广播地址default-lease-time 600;设置客户端缺省的地址租期max-lease-time 7200;设置客户端最长的地址租期}host ubuntu {为MAC地址00:0c:29:ee:38:80的机器保留IP地址10.5.5.3hardware ethernet 00:0c:29:ee:38:80;fixed-address 10.5.5.3;}本次实验的配置如下:more /etc/dhcp/dhcpd.confhttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image008_thumb9.pngoption domain-name “ilanni.com”;option domain-name-servers 192.168.1.1,223.5.5.5;default-lease-time 600;max-lease-time 7200;ddns-update-style none;subnet 10.5.5.0 netmask 255.255.255.0 {range 10.5.5.2 10.5.5.254;option domain-name-servers 192.168.1.1;option routers 10.5.5.1;default-lease-time 600;max-lease-time 7200;}host ubuntu{hardware ethernet 00:0c:29:ee:38:80;fixed-address 10.5.5.3;}注意有关作用域的配置,其实模版配置文件中。是有几个版本的,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image009_thumb9.png我们使用的最后一个配置选项,以上配置文件保存后,我们现在来设置DHCP服务器两张网卡的网络配置。我们来设置eth0外网网卡,具体配置如下:more /etc/sysconfig/network-scripts/ifcfg-eth0http://www.ilanni.com/wp-content/uploads/2014/08/clip_image010_thumb9.pngeth1内网网卡,具体配置如下:more /etc/sysconfig/network-scripts/ifcfg-eth1http://www.ilanni.com/wp-content/uploads/2014/08/clip_image011_thumb8.png同时因为本机是多网卡机器,所以我们在此还要配置DHCP监听的网卡。如下:vi /etc/sysconfig/dhcpdhttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image012_thumb6.png我们再前边已经提到过eth1网卡时内网网卡,所以在DHCP监听的网卡中我们填写的是eth1.以上配置完毕后,我们现在来启动DHCP服务,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image013_thumb6.png上述配置文件中,我们特别为MAC地址00:0c:29:ee:38:80机器预留10.5.5.3这个IP地址,其他的机器我们没有做此设置。我们来先看其他机器,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image014_thumb6.png通过上图,我们可以看到此机器已经正常获取IP地址及相关的信息。再来查看那台我们做过保留的IP地址的机器,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image015_thumb6.png通过上图,我们可以看到该机器通过手工设置IP地址的,而且IP地址就是我们预留的。按道理说,到此我们的DHCP服务器已经配置完毕。但是我们会发现,已经获得IP地址的机器是不能上网的,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image016_thumb5.png这个已经和DHCP服务本身没有关系了,而是需要我们再DHCP所在的服务器开启NAT服务。为了操作方便,我们先暂时关闭DHCP所在服务器的防火墙,如下:/etc/init.d/iptables stophttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image017_thumb5.png开启IP转发功能,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image018_thumb4.png然后在执行sysctl –p命令:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image019_thumb4.png注意图中的报错信息,这个是因为没有加载bridge模块导致。现在我们来手工加载该模块,如下:modprobe bridgelsmod |grep bridgehttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image020_thumb4.png然后再次执行sysctl –p命令,如下:http://www.ilanni.com/wp-content/uploads/2014/08/clip_image021_thumb3.png以上操作完毕后,再执行如下iptables命令,开启iptables的NAT网络地址转换功能。如下:iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADEhttp://www.ilanni.com/wp-content/uploads/2014/08/clip_image022_thumb3.png其中eth0为外网网卡。通过这条命令就可以开启iptables的NAT地址转换的功能,这条命令的意思是当有数据包要转发出去时,iptables就会将IP地址转换为eth0接口的IP地址。上边这条命令的好处在于不必理会接口的IP地址是什么,转换会自动进行。或者以下命令:iptables –table nat –append POSTROUTING –out-interface eth0 -j MASQUERADEiptables –append FORWARD –in-interface eth1 -j ACCEPT

页: [1]
查看完整版本: DHCP安装配置