Principles and DHCP configuration
Learn DHCP Service
- DHCP is a internet task team designed and developed specifically for the agreement to automatically assign TCP / IP parameters for the TCP / IP network computer
Benefits of using DHCP
- Reduce the workload of administrators
- Avoid IP address conflicts
- When the network to change IP addresses, you do not need to reconfigure IP addresses for each user
- Improve the utilization of IP addresses
- Easy to configure client
DHCP allocation method
-
automatic allocation
- After a permanent IP address assigned to
-
Manual assignment
- Specify the IP address from the DHCP server administrator specifically
-
Dynamic allocation
- After using the release to change the IP, for other clients to use
- Manual assignment
- Specify the IP address from the DHCP server administrator specifically
DHCP lease process
-
The client obtain an IP address from a DHCP server project called the DHCP lease process
-
Lease process is divided into four steps
1, the client requests an IP address Discover
- When a DHCP client starts, the client has no IP address, so the client wants to obtain a valid address via DHCP, this time the DHCP client sends a DHCP Discover broadcast message to find a DHCP server discovery
2, in response to service Offer
- When the DHCP server receives information from the client IP address request, it looks into its own IP address pool if there is a legitimate IP address to the client, if any. Message to this IP address to the DHCP server be marked to be added to the DHCP Offer, the DHCP server then broadcasts a DHCP Offer message
3, the client selects an IP address Request
- DHCP client IP address extracted from a received DHCP Offer message, issue the IP address of DHCP server addresses are reserved, so that the address can not be allocated to another DHCP client
4, the server determines ACK lease
- DHCP server receives the DHCP Request message, in the form of DHCP ACK message to the client to confirm the success of the broadcast, the message contains a valid IP address lease and other information can be configured
-
DHCP client log back into the network every time, no need to send a DHCP Discover message, but sends the IP address that contains a pre-assigned DHCP Request Direct request information
- Lease renewal
- When the DHCP server reaches 50% of the IP address lease rental is a client, you need to update the lease
- The client sends DHCP Request packet directly to the server lease request to update the existing address lease
Using DHCP Dynamic Host Configuration Address
-
DHCP Service
Large number of clients to automatically assign an address to provide centralized management
Reduce the management and maintenance costs and improve the efficiency of network configuration
-
Address information can be assigned include
IP address, subnet mask
Corresponding network address, broadcast address
Default gateway address
DNS server address
- Install the DHCP Server
[root@localhost ~]# yum install dhcp -y
-
The main configuration file
- /etc/dhcp/dhcpd.conf
- View lease file
- /var/lib/dhcpd/dhcpd.lease
Using DHCP client
-
Modify the network card configuration file
- BOOTPROTO=dhcp
- Use dhclient command
- dhclient [-d] [network interface name]
Set up DHCP relay service
lab environment:
- Use VMware 15
- c3725 routing image files
- Use GNS3 1.3.1 Use https://www.linuxidc.com/Linux/2019-10/160968.htm
- Mirror win 10
- win 7 Mirror
- 7 Mirror
Relevant information available to download from the following information:
If Unfollow Linux commune public number, even if attention once again, will not be able to provide this service!
Links: https://pan.baidu.com/s/1u6K8fhZgEkEJD1qyKctAaw Password: method of obtaining See above, please leave a message at the following address failure.
------------------------------------------split line------ ------------------------------------
Build a service
1, the topology GNS3 built in DHCP relay services to help us build a service when clear thinking. Here I use a win 10 virtual machines, one win 7 virtual machine, a CentOS 7 virtual machine, two c3725 routing equipment. Start by adding two devices, disk space and add convenience we create vlan, add Layer 2 switching interface, the routing device to help us make a Layer 3 switching device with a Layer 2 switching device on the routing device. Add three host hosts were renamed DHC, win 10, win 7, this time we also need to add two virtual NICs in VMware 15 devices in a virtual machine, set up to know only the host mode, this time in the back GNS3 link line will pick up the equipment, this experiment we will be divided three vlan, respectively 3 virtual machines into different vlan in (vlan address division: vlan10: 192.168.10.1/24,vlan20: 192.168.20.1/24, vlan100: 192.168.100.1/24, assign static IP addresses to the DHCP server 192.168.100.100 as shown below:
2, open the VMware 15, open win 10, win 7, CentOS 7 virtual machine, install the DHCP service on CentOS 7 virtual machine; the installation is complete, respectively, to win 10, win 7, CentOS 7 virtual machine network card binding, win 10 tie set VMnet2 card, win 7 binding VMnet3 card CentOS 7 binding VMnet1 card; then will return to the configuration CentOS 7 static routing, configure the DHCP service, after completion of open service, turn off the firewall, turn off enhanced security file.
[root @ localhost ~] # yum install dhcp -y // install the DHCP service is loaded plugins: fastestmirror, the Langpacks Base | 3.6 kB 00:00:00 Extras | 3.4 kB 00:00:00 the Updates | 3.4 kB 00:00: 00 (1/4): Base / 7 / x86_64 / group_gz | 166 kB 00:00:00 (2/4): Base / 7 / x86_64 / primary_db | 6.0 MB 00:00:01 ... // omitted part content...
[root @ localhost ~] # ifconfig // View card information
ens33: flags = 4163 <UP, BROADCAST, RUNNING, MULTICAST> mtu 1500 // We can not get an IP address
inet6 fe80 :: a85a: c203: e2e : 3f3c prefixlen 64 ScopeID 0x20 <Link>
ether 00: 0c: 29: 5B: D3: A0 txqueuelen 1000 (Ethernet)
the RX packets 47 bytes 30451 (29.7 KiB)
the RX errors 0 Dropped 0 overruns 0 Frame 0
the TX packets 122 bytes 13596 (13.2 KiB)
. ..// omitted part of ...
[the root @ localhost ~] # Vim / etc / sysconfig / Network-scripts / ens33 // enter the ifcfg-profile card ens33
the TYPE = Ethernet
PROXY_METHOD = none
BROWSER_ONLY = NO
BOOTPROTO = static / / dhcp configuration changes to a static IP address is static
DEFROUTE = yes
IPV4_FAILURE_FATAL = NO
IPV6INIT = yes
Yes = IPV6_AUTOCONF
IPV6_DEFROUTE = Yes
IPV6_FAILURE_FATAL = NO
IPV6_ADDR_GEN_MODE = Privacy the stable-
NAME = ens33
the UUID = 2ef6b862-5201-48c5-a450-23b3720ab3a0
the DEVICE = ens33
the ONBOOT Yes =
the IPADDR // Configure IP address = 192.168.100.100
NETMASK = 255.255.255.0 / / configure the subnet mask
gATEWAY = 192.168.100.1 // configure the gateway
~
~
: // WQ save and exit
[root @ localhost ~] # service network restart // restart network services
Restarting network (via systemctl): [OK]
[root @ localhost ~] # ifconfig // View card information
ens33: flags = 4163 <UP, BROADCAST, RUNNING, MULTICAST> mtu 1500 // get an IP address
inet Netmask 255.255.255.0 192.168.100.100 192.168.100.255 Broadcast
inet6 FE80 :: a85a: C203: E2E: 64 3f3c the prefixlen ScopeID 0x20 < Link>
ether 00: 0c: 29: 5B: D3: A0 txqueuelen 1000 (Ethernet)
the RX packets 48 bytes 30694 (29.9 KiB)
... // ... omitted part
[root @ localhost ~] # vim /etc/dhcp/dhcpd.conf // dhcp service into the main configuration file
#
# the DHCP Server the Configuration File.
# See /usr/share/doc/dhcp*/dhcpd.conf.example // dhcp profile template display position
# See the dhcpd.conf (. 5) man Page
#
~
... // part omitted ...
~
: R & lt /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example // dhcpd configuration file template will be written to the primary configuration file
// write the configuration file:
#
# the dhcpd.conf
#
# the configuration file for the Sample ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "example.org";
option domain-name-servers ns1.example.org, ns2.example.org;
default-lease-time 600;
max-lease-time 7200;
# Use this to enble / disable dynamic dns updates globally.
#ddns-update-style none;
# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# No service will be given on this subnet, but declaring it helps the
The DHCP Server to Understand at The # Network Topology.
range 192.168.100.100 192.168.100.200; // you can be assigned IP address range
{10.152.187.0 255.255.255.0 Netmask Subnet
} // make major changes here
# This IS A Very Basic Subnet Declaration.
Subnet 10.254.239.0 Netmask 255.255.255.224 {
Range 10.254.239.10 10.254.239.20;
Option Routers RTR-239 -0-1.example.org, rtr-239-0-2.example.org;
}
after // change the profile information:
... // part omitted ...
# No Service by Will BE GIVEN ON the this Subnet, But Declaring Helps at The
. # the DHCP Server to Understand at The network Topology
Subnet Netmask 192.168.100.0 255.255.255.0 {// change the IP network segment
} // Note that the last of braces can not be deleted, otherwise the service could not be opened
option routers 192.168.100.1; // gateway information (note to the end of each segment; end)
Subnet Netmask 192.168.10.0 255.255.255.0 {
Range 192.168.10.100 192.168.10.200; // add the network address allocated vlan 10 entry
option routers 192.168.10.1;
}
Subnet Netmask 192.168.20.0 255.255.255.0 {
Range 192.168.20.100 192.168.20.200; // add the network address allocated vlan 20 entries
Option Routers 192.168.20.1;
}
# This iS a Very Basic Subnet Declaration.
: wq // save and exit
// here because we set up three vlan, the segment is not the same, so the three segments have to add
[root @ localhost ~] # systemctl start dhcpd // open dhcp service
[root @ localhost ~] # systemctl status dhcpd // Check whether the service is open
dhcpd.service - DHCPv4 Server Daemon
loaded: loaded (/ usr / lib /systemd/system/dhcpd.service; disabled; vendor preset: disabled )
Active: active (running) since 三 2019-09-04 22:56:05 CST; 14s ago //服务成功开启
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 5343 (dhcpd)
Status: "Dispatching packets..."
CGroup: /system.slice/dhcpd.service
└─5343 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhc...
9月 04 22:56:05 localhost.localdomain dhcpd[5343]: No subnet declaration for virbr....
...//省略部分内容...
9月 04 22:56:05 localhost.localdomain systemd[1]: Started DHCPv4 Server Daemon.
Hint: Some lines were ellipsized, use -l to show in full.
3, we returned to the DHCP service enabling GNS3, the opening 2 and Layer 3 switches the added layer switches, and double-click into the switching device 3 and the layer 2 switching device layer disposed vlan layer 2 switching device, and the access link each access channel corresponding vlan, the configuration f1 / 0 interface trunk link, also provided vlan layer 3 switching device, and then enter the IP address vlan configuration, and specify the IP address 192.168.100.100 via the vlan LAN communication, finally f1 / 0 interfaces configured similarly to trunk link.
sw2 # conf t // global pattern into the layer 2 switching device in
the Enter Configuration Commands, per Line One. End with the CNTL / the Z.
SW2 (config) #vlan 10,20,100 // configuration vlan10,20,100
SW2 (config- vlan) #ex // exit vlan interfaces
sw2 (config) #do show vlan- sw b // see if the configuration is successful vlna
VLAN the Name Status Ports
---- --------------- ----------------- --------- ------------------------ -------
. 1 FaI default Active / 0, FaI /. 1, FaI / 2, FaI /. 3
FaI /. 4, FaI /. 5, FaI /. 6, FaI /. 7
FaI /. 8, FaI /. 9, FaI / 10, FaI /. 11
FaI / 12 is, FaI / 13 is, FaI / 14, FaI / 15
Active VLAN0010 10
SW2 (config-IF) // exit #ex
20 VLAN0020 active // configured VLAN
100 VLAN0100 Active
1002 FDDI-default ACT / UNSUP
1003 Ring-default token-ACT / UNSUP
1004 fddinet default-ACT / UNSUP
1005 trnet default-ACT / UNSUP
SW2 (config) #int F1 /. 1 // enter f1 / 1 Interface
sw2 (config-if) #sw m acc // into the configuration of link
sw2 (config-if) #sw acc vlan 100 // the link access VLANs 100
SW2 (config-IF) #ex // exit
sw2 (config) #int f1 / 2 // enter f1 / 2 interfaces
sw2 (config-if) #sw m acc // into the configuration of link
sw2 (config-if) #sw acc vlan 10 // the chain Road access VLAN10
sw2 (config-if) #sw m acc // link into the configuration
sw2 (config) #int f1 / 3 // enter f1 / 3 interfaces
sw2 (config-if) #sw acc vlan 20 // the link access VLAN20
SW2 (config-IF) #ex // Exit
sw2 (config) #do show vlan-sw b // View VLNA
VLAN the Name Status Ports
---- ------------------------------- - ------------------------------- ---------
. 1 FaI default Active / 0, FaI / . 4, FaI /. 5, FaI /. 6
FaI /. 7, FaI /. 8, FaI /. 9, FaI / 10
FaI /. 11, FaI / 12 is, FaI / 13 is, FaI / 14
FaI / 15
10 Active FaI VLAN0010 / 2
20 is VLAN0020 Active FaI / success. 3 // link access VLAN
100 VLAN0100 Active FaI /. 1
1002 FDDI-default ACT / UNSUP
1003 Ring-default token-ACT / UNSUP
1004 fddinet default-ACT / UNSUP
1005 trnet default-ACT / UNSUP
SW2 (config) #int f1 / 0 // enter f1 / 0 Interface
sw2 (config-if) #sw mt // configure the interface to trunk
sw2 (config-IF) #sw T // EN do dot1q encapsulated in the trunk link protocol
sw2 (config -if) #ex // exit
sw2 (config) #do show int f1 / 0 switchport // check whether the interface is successfully configured
the Name: Fa1 / 0
switchport: Enabled
Administrative Mode: trunk // successfully configured trunk link
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Disabled
Access Mode VLAN: 0 ((Inactive))
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 1,10,20,100
Protected: false
Priority for untagged frames: 0
Override vlan tag priority: FALSE
Voice VLAN: none
Appliance trust: none
sw2(config)#no ip routing //关闭2层交换设备路由功能
sw3 (config) #vlan 10,20,100 // 3 layer disposed on the switching device vlan10,20,100
SW3 (config-VLAN) #ex // Exit
sw3 (config) #do show vlan- sw b // Check VLAN
the VLAN Status Ports the Name
---- --------- -------------------------------- - -----------------------------
. 1 FaI default Active / 0, FaI /. 1, FaI / 2, FaI /. 3
FaI /. 4 , FaI /. 5, FaI /. 6, FaI /. 7
FaI /. 8, FaI /. 9, FaI / 10, FaI /. 11
FaI / 12 is, FaI / 13 is, FaI / 14, FaI / 15
10 VLAN0010 Active
20 is VLAN0020 // Active successful configuration
100 Active VLAN0100
FDDI default ACT-1002 / UNSUP
1003 Ring-default token-ACT / UNSUP
1004 fddinet default-ACT / UNSUP
1005 trnet default-ACT / UNSUP
SW3 (config) // 10 enters #int VLAN virtual interface VLAN10
SW3 (config-IF) #ip add 192.168.10.1 255.255.255.0 // add the IP address of the interface
sw3 (config-if) #ip helper -address 192.168.100.100 // specified IP address 192.168.100.100 via an interface
sw3 (config-if) #no shut // open configuration
sw3 (config-if) #ex // exit
sw3 (config) #int vlan 20 // enter vlan20 virtual interface
// open configuration sw3 (config-if) #no shut
SW3 (config-IF) #ip the Add 192.168.20.1 255.255.255.0 // add the IP address in the interface
sw3 (config-if) #ip helper -address 192.168.100.100 // specify the IP address 192.168.100.100 via an interface
* 00-Mar. 1: 22 is: 19.111: LINEPROTO-%. 5-the UPDOWN: Line Interface Protocol ON Vlan10, changed state to up
sw3 (config-if) #ex // exit
sw3 (config) #int vlan 100 // enter virtual interface vlan100
sw3 (config-IF) #ip the Add 192.168.100.1 255.255.255.0 // add the IP address in the interface
sw3 ( config-if) #ip helper-address 192.168.100.100 // specified IP address 192.168.100.100 via an interface
sw3 (config-if) #no shut // open configuration
// exit SW3 (config-IF) #ex
SW3 (config ) #int f1 / 0 // enter f1 / 0 Interface
sw3 (config-if) #sw mt // configured trunk link
* Mar 1 00: 22: 18.607 :% DTP-5-TRUNKPORTON: Port Fa1 / 0 has Become dot1q Trunk
* Mar 1 00: 22: 19.119:% LINEPROTO-5-UPDOWN: Line Protocol ON Interface Vlan20, changed State to up
* Mar 1 00: 22: 19.127:% LINEPROTO-5-UPDOWN: Line Protocol ON Interface Vlan100 , changed state to up
sw3(config-if)#sw t en do //封装协议
sw3(config-if)#ex //突出
sw3(config)#do show int f1/0 switchport //查看trunk是否配置成功
Name: Fa1/0
Switchport: Enabled
Administrative Mode: trunk //成功配置trunk链路
Operational Mode: trunk
Administrative Trunking Encapsulation: dot1q
Operational Trunking Encapsulation: dot1q
Negotiation of Trunking: Disabled
Access Mode VLAN: 0 ((Inactive))
Trunking Native Mode VLAN: 1 (default)
Trunking VLANs Enabled: ALL
Trunking VLANs Active: 1,10,20,100
Protected: false
Priority for untagged frames: 0
Override vlan tag priority: FALSE
Voice VLAN: none
Appliance trust: none
sw3(config)#do show ip int b //查看IP地址是否配入vlan,是否开启
Interface IP-Address OK? Method Status Protocol
FastEthernet0/0 unassigned YES unset administratively down down
FastEthernet0/1 unassigned YES unset administratively down down
FastEthernet1/0 unassigned YES unset up up
FastEthernet1/1 unassigned YES unset up down
...//省略部分内容...
FastEthernet1/14 unassigned YES unset up down
FastEthernet1/15 unassigned YES unset up down
Vlan1 unassigned YES unset up up
YES Manual up up 192.168.10.1 Vlan10
Vlan20 192.168.20.1 YES Manual up up
Vlan100 192.168.100.1 up up YES Manual
// successfully fit into, and turn
4. After configuring a virtual machine to see our clients win 10, win 7 whether to automatically obtain an IP address
5, here we come to win 10 clients specify a fixed IP address, first get the MAC address of the client win 10 win 10 card at the client, then the system will enter the CentOS 7 DHCP configuration file settings
