linux -DHCP
Linux 7 DHCP+NAT
※ 環境設置
1. 防火牆
2. 網卡資訊
ens192:external (host only or NAT config)
ens224:internal (internal config)
3. /etc/sysctl.conf
# sysctl settings are defined through files in
# /usr/lib/sysctl.d/, /run/sysctl.d/, and /etc/sysctl.d/.
#
# Vendors settings live in /usr/lib/sysctl.d/.
# To override a whole file, create a new file with the same in
# /etc/sysctl.d/ and put new settings there. To override
# only specific settings, add a file with a lexically later
# name in /etc/sysctl.d/ and put new settings there.
#
# For more information, see sysctl.conf(5) and sysctl.d(5).
net.ipv6.conf.all.disable_ipv6=1
net.ipv6.conf.default.disable_ipv6=1
net.ipv4.ip_forward=1 |
sysctl -p
1. 安裝 dhcp 套件
yum install dhcp
yum list *dhcp*
2. 設定 dhcp.conf
cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd.conf
vi / etc/dhcp/dhcpd.conf
# A slightly different configuration for an internal subnet.
subnet 10.5.5.0 netmask 255.255.255.224 {
range 10.5.5.26 10.5.5.30;
option domain-name-servers ns1.internal.example.org;
option domain-name "internal.example.org";
option routers 10.5.5.1;
option broadcast-address 10.5.5.31;
default-lease-time 600;
max-lease-time 7200;
} |
exam:
# A slightly different configuration for an internal subnet.
subnet 10.0.0.0 netmask 255.255.255.0 {
range 10.0.0.101 10.0.0.200;
option domain-name-servers 10.0.0.254, 168.95.1.1;
option domain-name "route";
option routers 10.0.0.254;
option broadcast-address 10.0.0.255;
default-lease-time 600;
max-lease-time 7200;
} |
ex:設定固定IP
host passacaglia { #passacaglia 為自定義名字可以改成hostname或 host IP
hardware ethernet 00:50:FC:8E:D2:3D; //指定分配給此 MAC Address 的 DHCP Client 固定 IP
fixed-address 192.168.1.78; //指定分配給上述 MAC Address 的 DHCP Client 固定 IP 位址
}
3. 重啟dhcp
systemctl enable dhcpd
systemctl restart dhcpd
systemctl status dhcpd
4. NAT設定
firewall-cmd --permanent --direct --add-rule ipv4 nat POSTROUTING 0 -o ens192 -j MASQUERADE #public network interface
firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i ens224 -o ens192 -j ACCEPT #dhcp ,private network interface
firewall-cmd --permanent --direct --add-rule ipv4 filter FORWARD 0 -i ens192 -o ens224 -m state --state RELATED,ESTABLISHED -j ACCEPT
firewall-cmd --reload
Client端以Window Server 2016測試
※ 網卡設定
※ 連線測試
