Experimental notes-Principle and configuration of DHCP server in Linux (detailed operation steps and illustrations)

DHCP working principle and overview

DHCP overview

• DHCP (Dynamic Host Configuration Protocol) Chinese: Dynamic Host Configuration Protocol
• Designed and developed by the Internet Task Force
• A protocol specifically used to automatically assign TCP/IP parameters to computers in a TCP/IP network
• Advantages of DHCP
  • Reduce the workload of administrators
  • Avoid the possibility of input errors
  • Avoid IP address conflicts
  • When changing the IP address segment, there is no need to reconfigure each user's IP address
  • Improved utilization of IP addresses
  • Convenient client configuration
• The address information that DHCP can assign mainly includes
  • The IP address and subnet mask of the network card
  • Corresponding network address, broadcast address
  • Default gateway address
  • DHS server address
• DHCP allocation method
  • Automatic allocation: permanent use after being allocated an IP address
  • Manual allocation: the IP address is specified by the DHCP server administrator
  • Dynamic allocation: release the IP after use, for other clients to use

How DHCP works

• 1. The client searches for the server in the network.
  The client sends a DHCP Discover message by broadcasting to find the server
• 2. The server responds with the service to the client.
  The server sends a DHCP Offer message through unicast to provide network information such as an IP address to the client, and selects an unallocated IP address from the IP address pool to assign the client
• 3. The client sends a service request to the server.
  If multiple DHCP servers send a DHCP-offer message to the client, the client only accepts the first received DHCP-offer message and extracts the IP address, and then the client broadcasts a DHCP Request message to inform the server Choose to use the IP address locally
• 4. The server provides services to the client.
  The server sends a DHCP Ack message through unicast to inform the client that the IP address is legal and usable, and adds the lease information of the IP address in the option field
• 5. Re-login to the
  DHCP client every time you re-login to the network, you do not need to send DHCP Discover information, but directly send the DHCP Request request information containing the IP address assigned the previous time.
• 6. Renew the lease
  When the lease of the IP address leased by the DHCP server to the client reaches 50%, the lease needs to be renewed. The client directly sends a DHCP Request packet to the server that provides the lease, requesting to renew the existing address lease

DHCP lease process

• DHCP lease process: the process in which the client obtains an IP address from the DHCP server
• There are four steps
  • 1. The client searches for the server in the network
  • 2. The server responds with the service to the client
  • 3. The client sends a service request to the target server
  • 4. The server provides services to the client

• The process of the client requesting an IP address
  • When a DHCP client is started, the client does not have an IP address, so the client must obtain a legal address through DHCP
  • At this time, the DHCP client broadcasts the DHCP Discover to send information to find the DHCP server

• Server response process
  • When the DHCP server receives the information from the client requesting the IP address, it searches its own IP address pool to find out whether there is a legal IP address provided to the client
  • If so, the DHCP server will mark the IP address, add it to the DHCP Office message, and then broadcast a DHCP Offer message

• Client chooses IP address process
  • The DHCP client extracts the IP address from the first DHCP Offer message it receives, and the DHCP server that issued the IP address reserves the address so that the address can no longer be assigned to another DHCP client.

• The server determines the lease
  • After receiving the DHCP Request message, the DHCP server broadcasts a successful confirmation to the client in the form of a DHCP ACK message, which contains a valid lease of the IP address and other configurable information
  • When the client receives the DHCP ACK message, configure the IP address and complete the initialization of TCP/IP

• re-register
  • Each time the DHCP client logs on to the network again, it does not need to send DHCP Discover information, but directly sends the DHCP Request request information containing the IP address assigned the previous time.

• Renew lease
  • When the lease period of the IP address leased by the DHCP server to the client reaches 50%, the lease must be renewed
  • The client directly sends a DHCP Request packet to the server that provides the lease, requesting to renew the existing address lease

DHCP server configuration

DHCP server software

• In the CentOS CD
  

• The main files of the DHCP software package

  • Main configuration file: /etc/dhcpd.conf
  • Execution program: /usr/sbin/dhcpd, /usr/sbin/dhcrelay

Detailed explanations and illustrations of DHCP operation steps

• DHCP server configuration

[root@localhost yum.repos.d]# yum install -y dhcp   （yum安装dhcp）

[root@localhost /]# cd /usr/share/doc/dhcp-4.2.5/

[root@localhost dhcp-4.2.5]# cp dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp：是否覆盖"/etc/dhcp/dhcpd.conf"？ yes

[root@localhost dhcp]# vim dhcpd.conf   （设置全局配置参数）

default-lease-time 600;                 （默认租约为10分钟，单位为秒）
max-lease-time 7200;                    （默认租约为120分钟，单位为秒）
option domain-name "qz.com";            （设置域名）
option domain-name-servers 8.8.8.8;     （指定DNS服务器地址）
#ddns-update-style none;                （禁用DNS动态更新，默认为禁用）


subnet网段声明（作用于整个子网段，部分配置参数优先级高于全局配置参数）

subnet 192.168.100.0 netmask 255.255.255.0 {
    
         （声明要分配的网段地址）
  range 192.168.100.10 192.168.100.20;           （设置地址池）
  option routers 192.168.100.254;                （指定默认网关地址）
}

subnet 192.168.1.0 netmask 255.255.255.0 {
    
    
  range 192.168.1.100 192.168.1.120;
  option routers 192.168.1.254;
}

subnet 192.168.2.0 netmask 255.255.255.0 {
    
    
  range 192.168.2.200 192.168.2.220;
  option routers 192.168.2.254;
}
# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.

subnet 10.254.239.32 netmask 255.255.255.224 {
    
    
  range dynamic-bootp 10.254.239.40 10.254.239.60;
  option broadcast-address 10.254.239.31;
  option routers rtr-239-32-1.example.org;
}


host主机声明（给指定主机分配固定的IP地址）
host hostname {
    
                                      （指定需要分配固定IP地址的客户机名称）
  hardware ethernet 54:89:98:6A:43:BF;           （指定该主机的MAC地址，这里用":"分隔）
  fixed-address 192.168.1.88;                    （指定保留给该主机的IP地址）
}
:wq
[root@localhost dhcp]# netstat -naup | grep ":67"
udp        0      0 0.0.0.0:67              0.0.0.0:*                           38790/dhcpd         
udp        0      0 0.0.0.0:67              0.0.0.0:*                           1200/dnsmasq 
[root@localhost dhcp]# tail -f /var/log/messages （如果DHCP服务启动失败，可以查看日志文件） 

• Linux client configuration that needs to use DHCP to dynamically obtain IP

[root@localhost ~]# vi /etc/sysconfig/network-scripts/ifcfg-ens33 
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO="dhcp"        （此处修改成dhcp）
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens33"
UUID="ba6fd265-7502-4eea-9c89-14a836b1ad94"
DEVICE="ens33"
ONBOOT="yes"
#IPADDR=192.168.131.12
#GATEWAY=192.168.131.2
#DNS1=192.168.131.2
#NETMASK=255.255.255.0
~                                                                               
~                                                                               
~                                                                               
~                                                                               
:wq
[root@localhost ~]# ifdown ens33
成功断开设备 'ens33'。
[root@localhost ~]# ifup ens33
连接已成功激活（D-Bus 活动路径：/org/freedesktop/NetworkManager/ActiveConnection/17）

• Configuration and diagram in eNSP (eNSP is used here to simulate Windows)

[SW2]vlan batch 10 20 100
[SW2-GigabitEthernet0/0/1]port link-type trunk 
[SW2-GigabitEthernet0/0/1]port trunk allow-pass vlan all
[SW2-GigabitEthernet0/0/1]q
[SW2]int Vlanif 10
[SW2-Vlanif10]ip address 192.168.1.254 24	
[SW2-Vlanif10]int Vlanif 20
[SW2-Vlanif20]ip address 192.168.2.254 24
[SW2-Vlanif20]int Vlanif 100
[SW2-Vlanif100]ip address 192.168.100.254 24
[SW2-Vlanif100]q
[SW2]dhcp enable 
[SW2]interface Vlanif 100
[SW2-Vlanif100]dhcp select relay 
[SW2-Vlanif100]dhcp relay server-ip 192.168.100.20
[SW2-Vlanif100]int vlanif 20
[SW2-Vlanif20]dhcp select relay
[SW2-Vlanif20]dhcp relay server-ip 192.168.100.20
[SW2-Vlanif20]int vlanif 10
[SW2-Vlanif10]dhcp select relay
[SW2-Vlanif10]dhcp relay server-ip 192.168.100.20
[SW2-Vlanif10]q








[SW1]vlan batch 10 20 100
Info: This operation may take a few seconds. Please wait for a moment...done.
[SW1]int e0/0/01
[SW1-Ethernet0/0/1]port link-type access 
[SW1-Ethernet0/0/1]port default vlan 10
[SW1-Ethernet0/0/1]int e0/0/02
[SW1-Ethernet0/0/2]port link-type access 
[SW1-Ethernet0/0/2]port default vlan 20
[SW1-Ethernet0/0/2]int e0/0/04
[SW1-Ethernet0/0/4]port link-type access 
[SW1-Ethernet0/0/4]port default vlan 100
[SW1-Ethernet0/0/4]int e0/0/03	
[SW1-Ethernet0/0/3]port link-type trunk 
[SW1-Ethernet0/0/3]port trunk allow-pass vlan all