LINUX DHCP 實作 (二)

11:19:00 上午          By 洋蔥爸比 Tosian Yang
在將之前設定好的 DHCP server 設定好之後,這裡要實作將所要派發的 IP range 從 10.69.0.0/16 改成 172.16.16.0/20 (172.16.16.0 ~ 172.16.31.255),另外還要將 172.16.31.0/24 另外做成給一些測試機器作為派發固定 IP 使用。

首先,先作改 IP range 的部分,由於我需要將每個 Class-C 的最後 4 個 IP 保留做後用,另外 network 以及 broadcast 的兩個 IP 也要避開不作派發,另外,在第一個 Class-C 的前 30 個 IP 也要保留作以後測試使用,所以,目前的例子我需要將 IP Pool 改成:
172.16.16.31 ~ 172.16.16.250 + 172.16.17.1 ~ 172.16.17.250 + 172.16.18.1 ~ 172.16.18.250 + 172.16.19.1 ~ 172.16.19.250 + 172.16.20.1 ~ 172.16.20.250 + 172.16.21.1 ~ 172.16.21.250 + 172.16.22.1 ~ 172.16.22.250 + 172.16.23.1 ~ 172.16.23.250 + 172.16.24.1 ~ 172.16.24.250 + 172.16.25.1 ~ 172.16.25.250 + 172.16.26.1 ~ 172.16.26.250 + 172.16.27.1 ~ 172.16.27.250 + 172.16.28.1 ~ 172.16.28.250 + 172.16.29.1 ~ 172.16.29.250 + 172.16.30.1 ~ 172.16.30.250 (另外將 172.16.31.1 ~ 172.16.31.250 先 mark 起來當註解), 由於中間有保留的 IP,所以在設定檔裡自然不能直接用 range 172.16.16.31 172.16.30.250 的寫法,下面便是我的設定檔,其中每個 range 中間用 ; 隔開來,我先列出 DHCP1 MASTER server 的設定:
[root@KHXDHCPS1 ~]# cat /etc/dhcpd.conf
ddns-update-style none;
ignore client-updates;
#ignore unknown-clients;

authoritative;
failover peer "dhcp-failover" {
primary; # declare this to be the primary server
address 10.16.25.30;
port 690;
peer address 10.16.25.31;
peer port 691;
max-response-delay 30;
max-unacked-updates 10;
load balance max seconds 3;
mclt 1800;
split 128;
}

subnet 0.0.0.0 netmask 0.0.0.0 {
option routers 172.16.31.254;
option subnet-mask 255.255.240.0;
option mobile-ip-home-agent 10.16.25.35;
#option mobile-ip-home-agent 172.16.31.254;
option domain-name-servers 168.95.1.1;
default-lease-time 21600;
max-lease-time 43200;
pool {
failover peer "dhcp-failover";

range 172.16.16.31 172.16.16.250;
range 172.16.17.1 172.16.17.250;
range 172.16.18.1 172.16.18.250;
range 172.16.19.1 172.16.19.250;
range 172.16.20.1 172.16.20.250;
range 172.16.21.1 172.16.21.250;
range 172.16.22.1 172.16.22.250;
range 172.16.23.1 172.16.23.250;
range 172.16.24.1 172.16.24.250;
range 172.16.25.1 172.16.25.250;
range 172.16.26.1 172.16.26.250;
range 172.16.27.1 172.16.27.250;
range 172.16.28.1 172.16.28.250;
range 172.16.29.1 172.16.29.250;
range 172.16.30.1 172.16.30.250;
# range 172.16.31.1 172.16.31.250;
deny dynamic bootp clients;
}
}
[root@KHXDHCPS1 ~]#
接下來把兩台 DHCP server 的設定都更改一下,再把 dhcpd 的 service 重起一下:
[root@KHXDHCPS1 ~]# service dhcpd restart
Shutting down dhcpd: [ OK ]
Starting dhcpd: [ OK ]
記得看一下 log 檔,確認一下 dhcpd 的狀態喔:
[root@KHXDHCPS1 ~]# tail -f /var/log/messages
Aug 10 10:07:41 KHXDHCPS1 dhcpd: dhcpd startup succeeded
Aug 10 10:07:41 KHXDHCPS1 dhcpd: dhcpd startup succeeded
Aug 10 10:07:41 KHXDHCPS1 dhcpd: failover peer dhcp-failover: I move from startup to normal
Aug 10 10:07:41 KHXDHCPS1 dhcpd: failover peer dhcp-failover: peer moves from communications-interrupted to normal
Aug 10 10:07:41 KHXDHCPS1 dhcpd: pool 992c3a8 0/0 total 3720 free 2070 backup 1647 lts -211
Aug 10 10:07:48 KHXDHCPS1 dhcpd: peer dhcp-failover: disconnected
Aug 10 10:07:48 KHXDHCPS1 dhcpd: failover peer dhcp-failover: I move from normal to communications-interrupted
Aug 10 10:07:48 KHXDHCPS1 dhcpd: failover peer dhcp-failover: peer moves from normal to normal
Aug 10 10:07:48 KHXDHCPS1 dhcpd: failover peer dhcp-failover: I move from communications-interrupted to normal
Aug 10 10:07:48 KHXDHCPS1 dhcpd: pool 992c3a8 0/0 total 3720 free 2070 backup 1647 lts -211
接下找幾個機器去測試一下,的確可以派發到我所訂的 IP range 裡的 IP。

第二步就是將固定 IP 的部分加進設定檔,不過由於 怕有人在加新的固定 IP 的資料不小心誤改了 /etc/dhcpd.conf 的內容,所以,在這裡我們把固定 IP 的派發設定用另一檔來寫,然後包進 /etc/dhcpd.conf 來,首先我們將剛剛的設定檔在最後的 } 之前加上下面這一行:
include "/etc/dhcpd.static";
然後編輯一個新的檔案叫做 /etc/dhcpd.static 如下:
[root@KHXDHCPS1 ~]# cat /etc/dhcpd.static
host CPE1-static-for-test {
option host-name "CPE1staticTest.test.tw";
hardware ethernet 00:17:C4:12:77:7E;
fixed-address 172.16.30.200;
}
host CPE2-static-for-test {
hardware ethernet 00:17:C4:12:77:65;
fixed-address 172.16.30.150;
}
基本上只要給 MAC-address 跟你想派發的固定 IP 就可以了,以後要加新的機器就直接編輯這個檔就行了...

接下來把兩台 DHCP server 的設定都更改一下,再把 dhcpd 的 service 重起一下,一樣的記得看一下 log 檔,確認一下 dhcpd 的狀態喔。

再用自己的電腦測試一下,果然可以拿到 172.16.30.200 的 IP address。

附上 DHCP MASTER server 最後的 /etc/dhcpd.conf 的內容如下:
[root@KHXDHCPS1 ~]# cat /etc/dhcpd.conf
ddns-update-style none;
ignore client-updates;
#ignore unknown-clients;

authoritative;
failover peer "dhcp-failover" {
primary; # declare this to be the primary server
address 10.16.25.30;
port 690;
peer address 10.16.25.31;
peer port 691;
max-response-delay 30;
max-unacked-updates 10;
load balance max seconds 3;
mclt 1800;
split 128;
}

subnet 0.0.0.0 netmask 0.0.0.0 {
option routers 172.16.31.254;
option subnet-mask 255.255.240.0;
option mobile-ip-home-agent 10.16.25.35;
#option mobile-ip-home-agent 172.16.31.254;
option domain-name-servers 168.95.1.1;
default-lease-time 21600;
max-lease-time 43200;
pool {
failover peer "dhcp-failover";

range 172.16.16.31 172.16.16.250;
range 172.16.17.1 172.16.17.250;
range 172.16.18.1 172.16.18.250;
range 172.16.19.1 172.16.19.250;
range 172.16.20.1 172.16.20.250;
range 172.16.21.1 172.16.21.250;
range 172.16.22.1 172.16.22.250;
range 172.16.23.1 172.16.23.250;
range 172.16.24.1 172.16.24.250;
range 172.16.25.1 172.16.25.250;
range 172.16.26.1 172.16.26.250;
range 172.16.27.1 172.16.27.250;
range 172.16.28.1 172.16.28.250;
range 172.16.29.1 172.16.29.250;
range 172.16.30.1 172.16.30.250;
# range 172.16.31.1 172.16.31.250;

deny dynamic bootp clients;
}

include "/etc/dhcpd.static";

}


其他相關的設定部分可以參考:LINUX DHCP (Dynamic Host Configuration Protocol) Failover 實作
標籤:   0 意見
0 Responses

張貼留言

訂閱: 張貼留言 (Atom)