Principles and DHCP configuration
Learn DHCP Service
- DHCP is a internet task team designed and developed specifically for the agreement to automatically assign TCP / IP parameters for the TCP / IP network computer
Benefits of using DHCP
- Reduce the workload of administrators
- Avoid IP address conflicts
- When the network to change IP addresses, you do not need to reconfigure IP addresses for each user
- Improve the utilization of IP addresses
- Easy to configure client
DHCP allocation method
-
automatic allocation
- After a permanent IP address assigned to
-
Manual assignment
- Specify the IP address from the DHCP server administrator specifically
-
Dynamic allocation
- After using the release to change the IP, for other clients to use
- Manual assignment
- Specify the IP address from the DHCP server administrator specifically
DHCP lease process
-
The client obtain an IP address from a DHCP server project called the DHCP lease process
-
Lease process is divided into four steps
1, the client requests an IP address Discover
- When a DHCP client starts, the client has no IP address, so the client wants to obtain a valid address via DHCP, this time the DHCP client sends a DHCP Discover broadcast message to find a DHCP server discovery
2, in response to service Offer
- When the DHCP server receives information from the client IP address request, it looks into its own IP address pool if there is a legitimate IP address to the client, if any. Message to this IP address to the DHCP server be marked to be added to the DHCP Offer, the DHCP server then broadcasts a DHCP Offer message
3, the client selects an IP address Request
- DHCP client IP address extracted from a received DHCP Offer message, issue the IP address of DHCP server addresses are reserved, so that the address can not be allocated to another DHCP client
4, the server determines ACK lease
- DHCP server receives the DHCP Request message, in the form of DHCP ACK message to the client to confirm the success of the broadcast, the message contains a valid IP address lease and other information can be configured
-
DHCP client log back into the network every time, no need to send a DHCP Discover message, but sends the IP address that contains a pre-assigned DHCP Request Direct request information
- Lease renewal
- When the DHCP server reaches 50% of the IP address lease rental is a client, you need to update the lease
- The client sends DHCP Request packet directly to the server lease request to update the existing address lease
Using DHCP Dynamic Host Configuration Address
-
DHCP Service
Large number of clients to automatically assign an address to provide centralized management
Reduce the management and maintenance costs and improve the efficiency of network configuration
-
Address information can be assigned include
IP address, subnet mask
Corresponding network address, broadcast address
Default gateway address
DNS server address
- Install the DHCP Server
[root@localhost ~]# yum install dhcp -y
-
The main configuration file
- /etc/dhcp/dhcpd.conf
- View lease file
- /var/lib/dhcpd/dhcpd.lease
Using DHCP client
-
Modify the network card configuration file
- BOOTPROTO=dhcp
- Use dhclient command
- dhclient [-d] [network interface name]
Set up DHCP relay service
lab environment:
- Use VMware 15
- c3725 routing image files
- Use GNS3 1.3.1 Use https://www.linuxidc.com/Linux/2019-10/160968.htm
- Mirror win 10
- win 7 Mirror
- 7 Mirror
Relevant information available to download from the following information:
If Unfollow Linux commune public number, even if attention once again, will not be able to provide this service!
Links: https://pan.baidu.com/s/1u6K8fhZgEkEJD1qyKctAaw Password: method of obtaining See above, please leave a message at the following address failure.
------------------------------------------split line------ ------------------------------------
Build a service
1, the topology GNS3 built in DHCP relay services to help us build a service when clear thinking. Here I use a win 10 virtual machines, one win 7 virtual machine, a CentOS 7 virtual machine, two c3725 routing equipment. Start by adding two devices, disk space and add convenience we create vlan, add Layer 2 switching interface, the routing device to help us make a Layer 3 switching device with a Layer 2 switching device on the routing device. Add three host hosts were renamed DHC, win 10, win 7, this time we also need to add two virtual NICs in VMware 15 devices in a virtual machine, set up to know only the host mode, this time in the back GNS3 link line will pick up the equipment, this experiment we will be divided three vlan, respectively 3 virtual machines into different vlan in (vlan address division: vlan10: 192.168.10.1/24,vlan20: 192.168.20.1/24, vlan100: 192.168.100.1/24, assign static IP addresses to the DHCP server 192.168.100.100 as shown below:
2, open the VMware 15, open win 10, win 7, CentOS 7 virtual machine, install the DHCP service on CentOS 7 virtual machine; the installation is complete, respectively, to win 10, win 7, CentOS 7 virtual machine network card binding, win 10 tie set VMnet2 card, win 7 binding VMnet3 card CentOS 7 binding VMnet1 card; then will return to the configuration CentOS 7 static routing, configure the DHCP service, after completion of open service, turn off the firewall, turn off enhanced security file.
[root @ localhost ~] # yum install dhcp -y // install the DHCP service is loaded plugins: fastestmirror, the Langpacks Base | 3.6 kB 00:00:00 Extras | 3.4 kB 00:00:00 the Updates | 3.4 kB 00:00: 00 (1/4): Base / 7 / x86_64 / group_gz | 166 kB 00:00:00 (2/4): Base / 7 / x86_64 / primary_db | 6.0 MB 00:00:01 ... // omitted part content...
[root @ localhost ~] # ifconfig // View card information ens33: flags = 4163 <UP, BROADCAST, RUNNING, MULTICAST> mtu 1500 // We can not get an IP address inet6 fe80 :: a85a: c203: e2e : 3f3c prefixlen 64 ScopeID 0x20 <Link> ether 00: 0c: 29: 5B: D3: A0 txqueuelen 1000 (Ethernet) the RX packets 47 bytes 30451 (29.7 KiB) the RX errors 0 Dropped 0 overruns 0 Frame 0 the TX packets 122 bytes 13596 (13.2 KiB) . ..// omitted part of ... [the root @ localhost ~] # Vim / etc / sysconfig / Network-scripts / ens33 // enter the ifcfg-profile card ens33 the TYPE = Ethernet PROXY_METHOD = none BROWSER_ONLY = NO BOOTPROTO = static / / dhcp configuration changes to a static IP address is static DEFROUTE = yes IPV4_FAILURE_FATAL = NO IPV6INIT = yes Yes = IPV6_AUTOCONF IPV6_DEFROUTE = Yes IPV6_FAILURE_FATAL = NO IPV6_ADDR_GEN_MODE = Privacy the stable- NAME = ens33 the UUID = 2ef6b862-5201-48c5-a450-23b3720ab3a0 the DEVICE = ens33 the ONBOOT Yes = the IPADDR // Configure IP address = 192.168.100.100 NETMASK = 255.255.255.0 / / configure the subnet mask gATEWAY = 192.168.100.1 // configure the gateway ~ ~ : // WQ save and exit [root @ localhost ~] # service network restart // restart network services Restarting network (via systemctl): [OK] [root @ localhost ~] # ifconfig // View card information ens33: flags = 4163 <UP, BROADCAST, RUNNING, MULTICAST> mtu 1500 // get an IP address inet Netmask 255.255.255.0 192.168.100.100 192.168.100.255 Broadcast inet6 FE80 :: a85a: C203: E2E: 64 3f3c the prefixlen ScopeID 0x20 < Link> ether 00: 0c: 29: 5B: D3: A0 txqueuelen 1000 (Ethernet) the RX packets 48 bytes 30694 (29.9 KiB) ... // ... omitted part
[root @ localhost ~] # vim /etc/dhcp/dhcpd.conf // dhcp service into the main configuration file # # the DHCP Server the Configuration File. # See /usr/share/doc/dhcp*/dhcpd.conf.example // dhcp profile template display position # See the dhcpd.conf (. 5) man Page # ~ ... // part omitted ... ~ : R & lt /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example // dhcpd configuration file template will be written to the primary configuration file // write the configuration file: # # the dhcpd.conf # # the configuration file for the Sample ISC dhcpd # # option definitions common to all supported networks... option domain-name "example.org"; option domain-name-servers ns1.example.org, ns2.example.org; default-lease-time 600; max-lease-time 7200; # Use this to enble / disable dynamic dns updates globally. #ddns-update-style none; # If this DHCP server is the official DHCP server for the local # network, the authoritative directive should be uncommented. #authoritative; # Use this to send dhcp log messages to a different log file (you also # have to hack syslog.conf to complete the redirection). log-facility local7; # No service will be given on this subnet, but declaring it helps the The DHCP Server to Understand at The # Network Topology. range 192.168.100.100 192.168.100.200; // you can be assigned IP address range {10.152.187.0 255.255.255.0 Netmask Subnet } // make major changes here # This IS A Very Basic Subnet Declaration. Subnet 10.254.239.0 Netmask 255.255.255.224 { Range 10.254.239.10 10.254.239.20; Option Routers RTR-239 -0-1.example.org, rtr-239-0-2.example.org; } after // change the profile information: ... // part omitted ... # No Service by Will BE GIVEN ON the this Subnet, But Declaring Helps at The . # the DHCP Server to Understand at The network Topology Subnet Netmask 192.168.100.0 255.255.255.0 {// change the IP network segment } // Note that the last of braces can not be deleted, otherwise the service could not be opened option routers 192.168.100.1; // gateway information (note to the end of each segment; end) Subnet Netmask 192.168.10.0 255.255.255.0 { Range 192.168.10.100 192.168.10.200; // add the network address allocated vlan 10 entry option routers 192.168.10.1; } Subnet Netmask 192.168.20.0 255.255.255.0 { Range 192.168.20.100 192.168.20.200; // add the network address allocated vlan 20 entries Option Routers 192.168.20.1; } # This iS a Very Basic Subnet Declaration. : wq // save and exit // here because we set up three vlan, the segment is not the same, so the three segments have to add [root @ localhost ~] # systemctl start dhcpd // open dhcp service [root @ localhost ~] # systemctl status dhcpd // Check whether the service is open dhcpd.service - DHCPv4 Server Daemon loaded: loaded (/ usr / lib /systemd/system/dhcpd.service; disabled; vendor preset: disabled ) Active: active (running) since 三 2019-09-04 22:56:05 CST; 14s ago //服务成功开启 Docs: man:dhcpd(8) man:dhcpd.conf(5) Main PID: 5343 (dhcpd) Status: "Dispatching packets..." CGroup: /system.slice/dhcpd.service └─5343 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhc... 9月 04 22:56:05 localhost.localdomain dhcpd[5343]: No subnet declaration for virbr.... ...//省略部分内容... 9月 04 22:56:05 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon. Hint: Some lines were ellipsized, use -l to show in full.
3, we returned to the DHCP service enabling GNS3, the opening 2 and Layer 3 switches the added layer switches, and double-click into the switching device 3 and the layer 2 switching device layer disposed vlan layer 2 switching device, and the access link each access channel corresponding vlan, the configuration f1 / 0 interface trunk link, also provided vlan layer 3 switching device, and then enter the IP address vlan configuration, and specify the IP address 192.168.100.100 via the vlan LAN communication, finally f1 / 0 interfaces configured similarly to trunk link.
sw2 # conf t // global pattern into the layer 2 switching device in the Enter Configuration Commands, per Line One. End with the CNTL / the Z. SW2 (config) #vlan 10,20,100 // configuration vlan10,20,100 SW2 (config- vlan) #ex // exit vlan interfaces sw2 (config) #do show vlan- sw b // see if the configuration is successful vlna VLAN the Name Status Ports ---- --------------- ----------------- --------- ------------------------ ------- . 1 FaI default Active / 0, FaI /. 1, FaI / 2, FaI /. 3 FaI /. 4, FaI /. 5, FaI /. 6, FaI /. 7 FaI /. 8, FaI /. 9, FaI / 10, FaI /. 11 FaI / 12 is, FaI / 13 is, FaI / 14, FaI / 15 Active VLAN0010 10 SW2 (config-IF) // exit #ex 20 VLAN0020 active // configured VLAN 100 VLAN0100 Active 1002 FDDI-default ACT / UNSUP 1003 Ring-default token-ACT / UNSUP 1004 fddinet default-ACT / UNSUP 1005 trnet default-ACT / UNSUP SW2 (config) #int F1 /. 1 // enter f1 / 1 Interface sw2 (config-if) #sw m acc // into the configuration of link sw2 (config-if) #sw acc vlan 100 // the link access VLANs 100 SW2 (config-IF) #ex // exit sw2 (config) #int f1 / 2 // enter f1 / 2 interfaces sw2 (config-if) #sw m acc // into the configuration of link sw2 (config-if) #sw acc vlan 10 // the chain Road access VLAN10 sw2 (config-if) #sw m acc // link into the configuration sw2 (config) #int f1 / 3 // enter f1 / 3 interfaces sw2 (config-if) #sw acc vlan 20 // the link access VLAN20 SW2 (config-IF) #ex // Exit sw2 (config) #do show vlan-sw b // View VLNA VLAN the Name Status Ports ---- ------------------------------- - ------------------------------- --------- . 1 FaI default Active / 0, FaI / . 4, FaI /. 5, FaI /. 6 FaI /. 7, FaI /. 8, FaI /. 9, FaI / 10 FaI /. 11, FaI / 12 is, FaI / 13 is, FaI / 14 FaI / 15 10 Active FaI VLAN0010 / 2 20 is VLAN0020 Active FaI / success. 3 // link access VLAN 100 VLAN0100 Active FaI /. 1 1002 FDDI-default ACT / UNSUP 1003 Ring-default token-ACT / UNSUP 1004 fddinet default-ACT / UNSUP 1005 trnet default-ACT / UNSUP SW2 (config) #int f1 / 0 // enter f1 / 0 Interface sw2 (config-if) #sw mt // configure the interface to trunk sw2 (config-IF) #sw T // EN do dot1q encapsulated in the trunk link protocol sw2 (config -if) #ex // exit sw2 (config) #do show int f1 / 0 switchport // check whether the interface is successfully configured the Name: Fa1 / 0 switchport: Enabled Administrative Mode: trunk // successfully configured trunk link Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Disabled Access Mode VLAN: 0 ((Inactive)) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Trunking VLANs Active: 1,10,20,100 Protected: false Priority for untagged frames: 0 Override vlan tag priority: FALSE Voice VLAN: none Appliance trust: none sw2(config)#no ip routing //关闭2层交换设备路由功能
sw3 (config) #vlan 10,20,100 // 3 layer disposed on the switching device vlan10,20,100 SW3 (config-VLAN) #ex // Exit sw3 (config) #do show vlan- sw b // Check VLAN the VLAN Status Ports the Name ---- --------- -------------------------------- - ----------------------------- . 1 FaI default Active / 0, FaI /. 1, FaI / 2, FaI /. 3 FaI /. 4 , FaI /. 5, FaI /. 6, FaI /. 7 FaI /. 8, FaI /. 9, FaI / 10, FaI /. 11 FaI / 12 is, FaI / 13 is, FaI / 14, FaI / 15 10 VLAN0010 Active 20 is VLAN0020 // Active successful configuration 100 Active VLAN0100 FDDI default ACT-1002 / UNSUP 1003 Ring-default token-ACT / UNSUP 1004 fddinet default-ACT / UNSUP 1005 trnet default-ACT / UNSUP SW3 (config) // 10 enters #int VLAN virtual interface VLAN10 SW3 (config-IF) #ip add 192.168.10.1 255.255.255.0 // add the IP address of the interface sw3 (config-if) #ip helper -address 192.168.100.100 // specified IP address 192.168.100.100 via an interface sw3 (config-if) #no shut // open configuration sw3 (config-if) #ex // exit sw3 (config) #int vlan 20 // enter vlan20 virtual interface // open configuration sw3 (config-if) #no shut SW3 (config-IF) #ip the Add 192.168.20.1 255.255.255.0 // add the IP address in the interface sw3 (config-if) #ip helper -address 192.168.100.100 // specify the IP address 192.168.100.100 via an interface * 00-Mar. 1: 22 is: 19.111: LINEPROTO-%. 5-the UPDOWN: Line Interface Protocol ON Vlan10, changed state to up sw3 (config-if) #ex // exit sw3 (config) #int vlan 100 // enter virtual interface vlan100 sw3 (config-IF) #ip the Add 192.168.100.1 255.255.255.0 // add the IP address in the interface sw3 ( config-if) #ip helper-address 192.168.100.100 // specified IP address 192.168.100.100 via an interface sw3 (config-if) #no shut // open configuration // exit SW3 (config-IF) #ex SW3 (config ) #int f1 / 0 // enter f1 / 0 Interface sw3 (config-if) #sw mt // configured trunk link * Mar 1 00: 22: 18.607 :% DTP-5-TRUNKPORTON: Port Fa1 / 0 has Become dot1q Trunk * Mar 1 00: 22: 19.119:% LINEPROTO-5-UPDOWN: Line Protocol ON Interface Vlan20, changed State to up * Mar 1 00: 22: 19.127:% LINEPROTO-5-UPDOWN: Line Protocol ON Interface Vlan100 , changed state to up sw3(config-if)#sw t en do //封装协议 sw3(config-if)#ex //突出 sw3(config)#do show int f1/0 switchport //查看trunk是否配置成功 Name: Fa1/0 Switchport: Enabled Administrative Mode: trunk //成功配置trunk链路 Operational Mode: trunk Administrative Trunking Encapsulation: dot1q Operational Trunking Encapsulation: dot1q Negotiation of Trunking: Disabled Access Mode VLAN: 0 ((Inactive)) Trunking Native Mode VLAN: 1 (default) Trunking VLANs Enabled: ALL Trunking VLANs Active: 1,10,20,100 Protected: false Priority for untagged frames: 0 Override vlan tag priority: FALSE Voice VLAN: none Appliance trust: none sw3(config)#do show ip int b //查看IP地址是否配入vlan,是否开启 Interface IP-Address OK? Method Status Protocol FastEthernet0/0 unassigned YES unset administratively down down FastEthernet0/1 unassigned YES unset administratively down down FastEthernet1/0 unassigned YES unset up up FastEthernet1/1 unassigned YES unset up down ...//省略部分内容... FastEthernet1/14 unassigned YES unset up down FastEthernet1/15 unassigned YES unset up down Vlan1 unassigned YES unset up up YES Manual up up 192.168.10.1 Vlan10 Vlan20 192.168.20.1 YES Manual up up Vlan100 192.168.100.1 up up YES Manual // successfully fit into, and turn
4. After configuring a virtual machine to see our clients win 10, win 7 whether to automatically obtain an IP address
5, here we come to win 10 clients specify a fixed IP address, first get the MAC address of the client win 10 win 10 card at the client, then the system will enter the CentOS 7 DHCP configuration file settings