第二章、DHCP原理与配置

目录

• 一、了解DHCP服务
  • 1DHCP概述：
  • 2DHCP好处
  • 3DHCP的分配方式
• 二、DHCP工作过程
  • DHCP租约过程
• 三、使用 DHCP动态配置主机地址
  • 1DHCP服务优点
  • 2可分配的地址信息主要包括
• 实验
  • 自动分配地址
  • 手动分配固定地址
  • DHCP中继配置

一、了解DHCP服务

1DHCP概述：

DHCP （动态主机配置协议） 提供了即插即用的连网方式，用户不再需要手动配置 IP 地址等信息。

DHCP 配置的内容不仅是 IP 地址，还包括子网掩码、网关 IP 地址

专门用于为TCP/IP网络中的计算机分配TCP/IP参数的协议

2DHCP好处

1. 减少管理员的工作量
2. 避免输入错误的可能
3. 避免IP地址冲突
4. 当更改lP地址段时，不需要重新配置每个用户的IP地址
5. 提高了IP地址的利用率
6. 方便客户端的配置

3DHCP的分配方式

• 自动分配:分配到一个IP地址后永久使用
• 手动分配:由DHCP服务器管理员专门指定IP地址
• 动态分配:使用完后释放该IP，供其它客户机使用

二、DHCP工作过程

客户机从DHCP服务器获得IP地址的过程称为DHCP的租约过程分为四个步骤：

1.客户端发送 Discover 报文，该报文的目的地址为 255.255.255.255:67，源地址为 0.0.0.0:68，被放入 UDP 中，该报文被广播到同一个子网的所有主机上。如果客户端和 DHCP 服务器不在同一个子网，就需要使用中继代理。

2.DHCP 服务器收到 Discover 报文之后，发送 Offer 报文给客户端，该报文包含了客户端所需要的信息。因为客户端可能收到多个 DHCP 服务器提供的信息，因此客户端需要进行选择。

3.如果客户端选择了某个 DHCP 服务器提供的信息，那么就发送 Request 报文给该 DHCP 服务器。

4.DHCP 服务器发送 Ack 报文，表示客户端此时可以使用提供给它的信息。

DHCP租约过程

• 重新登陆：DHCP客户机每次重新登录网络时，不需要再发送DHCP Discover信息,而是直接发送包含前一次所分配的IP地址的DHCP Request请求信息

• 更新租约：

  ●当DHCP服务器向客户机出租的IP地址租期达到50%时，就需要更新租约； ●客户机直接向提供租约的服务器发送DHCP Request包，要求更新现有的地址租约。

三、使用 DHCP动态配置主机地址

1DHCP服务优点

●为大量客户机自动分配地址，提供集中管理

●减轻管理和维护成本、提高网络配置效率

2可分配的地址信息主要包括

●网卡的IP地址、子网掩码

●对应的网络地址、广播地址

●默认网关地址 ●DNS服务器地址

实验

DHCP一般用于局域网当中或公司的内网

自动分配地址

关闭防火墙和selinux

[root@localhost ~]# systemctl stop firewalld.service
[root@localhost ~]# setenforce 0

[root@localhost ~]# yum install dhcp -y #安装DHCP服务
#调整网卡仅主机模式
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens33
TYPE=Ethernet
PROXY_METHOD=none
BROWSER_ONLY=no
BOOTPROTO=static
DEFROUTE=yes
IPV4_FAILURE_FATAL=no
IPV6INIT=yes
IPV6_AUTOCONF=yes
IPV6_DEFROUTE=yes
IPV6_FAILURE_FATAL=no
IPV6_ADDR_GEN_MODE=stable-privacy
NAME=ens33
UUID=bc7b7720-ad1c-4c2e-b9c8-bff796f4ebf4
DEVICE=ens33
ONBOOT=yes
IPADDR=192.168.100.100      #修改IP地址和网关和DNS
NETMASK=255.255.255.0
GATEWAY=192.168.100.1
#DNS1=8.8.8.8

[root@localhost ~]# systemctl restart network
[root@localhost ~]# ping 192.168.100.1
重新连接xshell
[root@localhost ~]# rpm -q dhcp
dhcp-4.2.5-83.el7.centos.1.x86_64
[root@localhost ~]# rpm -qc dhcp
/etc/dhcp/dhcpd.conf
/etc/dhcp/dhcpd6.conf
/etc/openldap/schema/dhcp.schema
/etc/sysconfig/dhcpd
/var/lib/dhcpd/dhcpd.leases
/var/lib/dhcpd/dhcpd6.leases
[root@localhost ~]# cd /etc/dhcp/
[root@localhost dhcp]# ls
dhclient.d  dhclient-exit-hooks.d  dhcpd6.conf  dhcpd.conf  scripts
[root@localhost dhcp]# cat dhcpd.conf
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#
[root@localhost dhcp]# cp -f /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example  /etc/dhcp/dhcpd
[root@localhost dhcp]# cp -f /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example  /etc/dhcp/dhcpd.conf
cp：是否覆盖"/etc/dhcp/dhcpd.conf"？ y
[root@localhost dhcp]# cd /etc/dhcp/
[root@localhost dhcp]# ls
dhclient.d  dhclient-exit-hooks.d  dhcpd  dhcpd6.conf  dhcpd.conf  scripts
[root@localhost dhcp]# vim dhcpd.conf
option domain-name-servers 8.8.8.8;

# DHCP server to understand the network topology.

subnet 192.168.100.0 netmask 255.255.255.0 {     网段 子网掩码
  range 192.168.100.20  192.168.100.70;          要分配的地址范围
  option routers 192.168.91.1;                   网关地址
  option domain-name-servers 114.114.114.114dns  服务器

[root@localhost dhcp]# systemctl restart dhcpd  #重启服务
Failed to restart dhcp.service: Unit not found.
[root@localhost dhcp]# systemctl restart dhcpd
Job for dhcpd.service failed because the control process exited with error code. See "systemctl status dhcpd.service" and "journalctl -xe" for details.
[root@localhost dhcp]# vim dhcpd.conf
[root@localhost dhcp]# systemctl restart dhcpd  重新启动
[root@localhost dhcp]# systemctl start dhcpd    启动
[root@localhost dhcp]# systemctl status dhcpd   检查服务状态
● dhcpd.service - DHCPv4 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; disabled; vendor preset: disabled)
   Active: active (running) since 四 2022-03-17 02:56:44 CST; 2min 43s ago
     Docs: man:dhcpd(8)
           man:dhcpd.conf(5)
 Main PID: 7450 (dhcpd)
   Status: "Dispatching packets..."
   CGroup: /system.slice/dhcpd.service
           └─7450 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid

3月 17 02:56:44 localhost.localdomain dhcpd[7450]: No subnet declaration for virbr0 (192.168.122.1).
3月 17 02:56:44 localhost.localdomain dhcpd[7450]: ** Ignoring requests on virbr0.  If this is not what
3月 17 02:56:44 localhost.localdomain dhcpd[7450]:    you want, please write a subnet declaration
3月 17 02:56:44 localhost.localdomain dhcpd[7450]:    in your dhcpd.conf file for the network segment
3月 17 02:56:44 localhost.localdomain dhcpd[7450]:    to which interface virbr0 is attached. **
3月 17 02:56:44 localhost.localdomain dhcpd[7450]:
3月 17 02:56:44 localhost.localdomain dhcpd[7450]: Listening on LPF/ens33/00:0c:29:45:26:e0/192.168.100.0/24
3月 17 02:56:44 localhost.localdomain dhcpd[7450]: Sending on   LPF/ens33/00:0c:29:45:26:e0/192.168.100.0/24
3月 17 02:56:44 localhost.localdomain dhcpd[7450]: Sending on   Socket/fallback/fallback-net
3月 17 02:56:44 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon.

安装DHCP服务

修改IP地址和网关和DNS

修改VM1的地址

复制配置文件

修改配置文件

重新重启服务

ipconfig /release 释放地址

ipconfig /renew 重新获取地址

注意事项

#windows设置虚拟网卡为仅主机模式
#虚拟网络编辑器里也设置成仅主机模式，一定要把使用本地DHCP选项勾掉
#改一下windows虚拟机的网卡配置

#在windows系统的cmd里测试是否能ping通dhcp服务器，然后释放并重启一下网络
ping 192.168.100.100  ping 一下dhcp服务器，看是否可以ping通
ipconfig  查看网卡信息
ipconfig /release  释放地址
ipconfig /renew    重新获取地址
ipconfig /all  可以看到详情信息，

手动分配固定地址

[root@localhost dhcp]# vim dhcpd.conf
# Fixed IP addresses can also be specified for hosts.   These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
host fantasia {
  hardware ethernet 00:0C:29:B3:34:14; #物理地址
  fixed-address 192.168.100.222;  #设置的ip地址
[root@localhost dhcp]# systemctl restart dhcpd

DHCP中继配置

配置二层交换机SW2
[Huawei]vlan batch 10 20 100
[Huawei]display vlan
[Huawei]int e0/0/2
[Huawei-Ethernet0/0/2]port link-type access
[Huawei-Ethernet0/0/2]port default vlan 10

[Huawei-Ethernet0/0/2]int e0/0/3
[Huawei-Ethernet0/0/3]port link-type acces
[Huawei-Ethernet0/0/3]port default vlan 20
[Huawei-Ethernet0/0/3]display th

[Huawei-Ethernet0/0/3]int e0/0/4
[Huawei-Ethernet0/0/4]port link-type acces
[Huawei-Ethernet0/0/4]port default vlan 100

[Huawei-Ethernet0/0/4]int e0/0/1
[Huawei-Ethernet0/0/1]port link-type trunk
[Huawei-Ethernet0/0/1]port trunk allow-pass vlan all 

配置三层交换
[Huawei]vlan batch 10 20 100
[Huawei]dhcp enable    打开DHCP功能
[Huawei]int g0/0/1
[Huawei-GigabitEthernet0/0/1]port link-type trunk
[Huawei-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[Huawei-GigabitEthernet0/0/1]dis th

[Huawei-GigabitEthernet0/0/1]int vlan 10
[Huawei-Vlanif10]ip add 192.168.10.1 24
[Huawei-Vlanif10]dhcp select relay
[Huawei-Vlanif10]dhcp relay server-ip 192.168.100.100
[Huawei-Vlanif10]dis th

[Huawei-Vlanif10]int vlan 20
[Huawei-Vlanif20]ip add 192.168.20.1 24
[Huawei-Vlanif20]dhcp select relay
[Huawei-Vlanif20]dhcp relay server 192.168.100.100

[Huawei-Vlanif20]int vlan 100
[Huawei-Vlanif100]ip add 192.168.100.10 24
[Huawei-Vlanif100]dhcp select relay
[Huawei-Vlanif100]dhcp relay server-ip 192.168.100.100

[Huawei-Vlanif100]ping 192.168.20.1
  PING 192.168.20.1: 56  data bytes, press CTRL_C to break
    Reply from 192.168.20.1: bytes=56 Sequence=1 ttl=255 time=20 ms
[Huawei-Vlanif100]ping 192.168.10.1
  PING 192.168.10.1: 56  data bytes, press CTRL_C to break
    Reply from 192.168.10.1: bytes=56 Sequence=1 ttl=255 time=30 ms

#  vim dhcpd.conf 

# DHCP server to understand the network topology.

subnet 192.168.100.0 netmask 255.255.255.0 {
  range 192.168.100.20  192.168.100.70;
  option routers 192.168.100.10;
  option domain-name-servers 114.114.114.114;
}

subnet 192.168.10.0 netmask 255.255.255.0 {
  range 192.168.10.20  192.168.10.70;
  option routers 192.168.10.1;
  option domain-name-servers 114.114.114.114;
}

subnet 192.168.20.0 netmask 255.255.255.0 {
  range 192.168.20.20  192.168.20.70;
  option routers 192.168.20.1;
  option domain-name-servers 114.114.114.114;
}
[root@localhost dhcp]# systemctl restart dhcpd