4 实现DHCP服务

主机获取网络配置可以通过两种方式

  • 静态指定
  • 动态获取
    • bootp:boot protocol MAC与IP一一静态对应
    • dhcp:增强的bootp,支持静态绑定和动态分配

4.1 DHCP工作原理

DHCP:Dynamic Host Configuration Protocol,动态主机配置协议

UDP协议,C/S模式,dhcp server:67/udp,dhcpv4 client:68/udp,dhcpv6 client:546/udp

主要用途:

  • 用于内部网络和网络服务供应商自动分配IP地址给用户
  • 用于内部网络管理员作为对所有电脑作集中管理的手段
  • 自动化安装系统
  • 解决IPV4资源不足问题

DHCP共有八种报文

  • DHCP DISCOVER:客户端到服务器
  • DHCP OFFER:服务器到客户端
  • DHCP REQUEST:客户端到服务器
  • DHCP ACK:服务器到客户端
  • DHCP NAK:服务器到客户端,通知用户无法分配合适的IP地址
  • DHCP DECLINE:客户端到服务器,指示地址已被使用
  • DHCP RELEASE:客户端到服务器,放弃网络地址和取消剩余的租约时间
  • DHCP INFORM:客户端到服务器,客户端如果需要从DHCP服务器端获取更为详细的配置信息,则发送Inform报文向服务器进行请求,极少用到

DHCP服务续租

  • 50%:租赁时间达到50%时来续租,向DHCP服务器发起新的DHCP REQUEST请求。如果dhcp服务没有拒绝的理由,则回应DHCPACK信息。当DHCP客户端收到该应答信息后,就重新开始新的租用周期
  • 87.5%:如果之前DHCP Server没有回应续租请求,等到租约期的7/8时,主机会再发送一次广播请求

同网段多个DHCP服务

  • DHCP服务必须基于本地
  • 先到先得的原则

跨网段

  • RFC 1542 Compliant Routers
  • dhcp relay agent:中继代理

相关协议

  • arp
  • rarp

租期:

长租期:IP相对稳定,网络资源消耗较少,但是浪费IP资源
短租期:IP相对不稳定,网络资源消耗较多,但是IP资源可以充分利用,可以实现较少IP为较多的主机服务

4.2 DHCP实现

注意:实现DHCP服务前,先将网络已有DHCP服务,如:vmware中的DHCP服务关闭,防止冲突

DHCP服务的实现软件:

  • dhcp(Centos7之前版本)或dhcp-server(centos8中的包名)
  • dnsmasq:小型服务软件,可以提供dhcp和dns功能

4.2.1 DHCP相关文件组成

dhcp或dhcp-server包文件组成

/usr/sbin/dhcpd dhcp服务主程序

/etc/dhcp/dhcpd.conf dhcp服务配置文件

/usr/share/doc/dhcp-server/dhcpd.conf.example dhcp服务配置范例文件

/usr/lib/systemd/system/dhcpd.service shcp服务service文件

/var/lib/dhcpd/dhcpd.leases 地址分配记录文件

dhcp-client客户端包

/usr/sbin/dhclient 客户端程序

/var/lib/dhclient 自动获取的IP信息

windows工具

ipconfig /release 释放DHCP获取的IP,重新申请IP

ipconfig /renew 刷新租约,续约

4.2.2 DHCP服务配置文件

帮助参考:man 5 dhcpd.conf

/etc/dhcp/dhcpd.conf格式

全局配置
subnet{
...
}
host{

}

检查语法命令:service dhcpd configtest(centos6之前版本支持)

[root@centos8 ~]# grep -Ev "#|^$" /etc/dhcp/dhcpd.conf
option domain-name "waluna.top";
option domain-name-servers 114.114.114.114, 223.5.5.5;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 10.0.0.0 netmask 255.255.255.0 {
  range 10.0.0.10 10.0.0.100;
  range 10.0.0.110 10.0.0.200;
  option routers 10.0.0.2;
  next-server 10.0.0.8;
  filename "pxelinux.0";
}
host testclient{
  hardware ethernet 00:0c:29:65:86:54;
  fixed-address 10.0.0.107;
  option domain-name-servers 114.114.114.114,8.8.8.8;
  option domain-name "waluna.top";
  option routers 10.0.0.2;
  default-lease-time 86400;
  max-lease-time 864000;
}

DHCP配置文件其他配置选项

  • next-server:提供引导文件的服务器IP地址
  • filename:指明引导文件名称
subnet 10.0.0.0 netmask 255.255.255.0 {
  range 10.0.0.10 10.0.0.100;
  range 10.0.0.110 10.0.0.200;
  option routers 10.0.0.2;
  next-server 10.0.0.8;   # TFTP服务器地址
  filename "pxelinux.0";   # bootloader启动文件的名称
}

dhcp客户端申请地址的过程

[root@centos7 ~]# yum install dhclient -y
[root@centos7 ~]# dhclient -d
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0/00:0c:29:65:86:54
Sending on   LPF/eth0/00:0c:29:65:86:54
Sending on   Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 7 (xid=0x6bc04034)
DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x6bc04034)
DHCPOFFER from 10.0.0.254
DHCPACK from 10.0.0.254 (xid=0x6bc04034)
bound to 10.0.0.130 -- renewal in 764 seconds.

# DHCP客户端日志
[root@centos7 ~]# ls /var/lib/dhclient/
dhclient.leases
[root@centos7 ~]# cat /var/lib/dhclient/dhclient.leases
lease {
  interface "eth0";
  fixed-address 10.0.0.130;
  option subnet-mask 255.255.255.0;
  option routers 10.0.0.2;
  option dhcp-lease-time 1800;
  option dhcp-message-type 5;
  option domain-name-servers 10.0.0.2;
  option dhcp-server-identifier 10.0.0.254;
  option broadcast-address 10.0.0.255;
  option domain-name "localdomain";
  renew 5 2021/04/30 09:48:33;
  rebind 5 2021/04/30 10:02:02;
  expire 5 2021/04/30 10:05:47;
}

# DHCP服务器日志
[root@centos8 ~]# cat /var/lib/dhcpd/dhcpd.leases
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.3.6

# authoring-byte-order entry is generated, DO NOT DELETE
authoring-byte-order little-endian;

server-duid "\000\001\000\001(\036\2138\000\014)\357\332\244";

lease 10.0.0.130 {
  starts 5 2021/04/30 09:35:45;
  ends 5 2021/04/30 09:45:45;
  cltt 5 2021/04/30 09:35:45;
  binding state active;
  next binding state free;
  rewind binding state free;
  hardware ethernet 00:0c:29:65:86:54;
}

DHCP服务器给指定主机分配固定IP

[root@centos8 ~]# vim /etc/dhcp/dhcpd.conf
subnet 10.0.0.0 netmask 255.255.255.0 {
  range 10.0.0.10 10.0.0.100;
  range 10.0.0.110 10.0.0.200;
  option routers 10.0.0.2;
  next-server 10.0.0.8;
  filename "pxelinux.0";
}
host test{
  hardware ethernet 00:0c:29:65:86:54;
  fixed-address 10.0.0.107;
}
[root@centos7 ~]# dhclient -d
Internet Systems Consortium DHCP Client 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/

Listening on LPF/eth0/00:0c:29:65:86:54
Sending on   LPF/eth0/00:0c:29:65:86:54
Sending on   Socket/fallback
DHCPDISCOVER on eth0 to 255.255.255.255 port 67 interval 3 (xid=0x739650ae)
DHCPREQUEST on eth0 to 255.255.255.255 port 67 (xid=0x739650ae)
DHCPOFFER from 10.0.0.8
DHCPACK from 10.0.0.254 (xid=0x739650ae)
bound to 10.0.0.107 -- renewal in 896 seconds.