Инструменты пользователя

Инструменты сайта


сервис_dhcp

Сервис DHCP

Установка

Debian/Ubuntu

root@gate:~# apt install isc-dhcp-server

root@gate:~# cat /etc/default/isc-dhcp-server
INTERFACES="eth0"
root@gate:~# cd /etc/dhcp/

FreeBSD

[gate:~] # pkg install isc-dhcp43-server

[gate:~] # cat /etc/rc.conf
...
dhcpd_ifaces="em0"
dhcpd_enable=yes
[gate:~] # rehash

[gate:~] # cd /usr/local/etc/

CentOS

Настройка

Стандартная конфигурация

gate# cat dhcpd.conf
ddns-update-style none;
log-facility local7;

default-lease-time 600;
max-lease-time 7200;

option domain-name "corpX.un";
option domain-name-servers 192.168.X.10;

#### For provisioning ####
#option tftp-server-name code 66 = string; # RFC 2132
#option tftp-server-address code 150 = ip-address; # RFC 5859
#option tftp-server-name "server.corpX.un";
#option tftp-server-address 192.168.X.10;
  
shared-network LAN1 {
  subnet 192.168.X.0 netmask 255.255.255.0 {
    range 192.168.X.101 192.168.X.199;
    option routers 192.168.X.1;
  }
}

#### Digim D40 ####
#phone 407 {
#  hardware ethernet 00:0f:d3:06:11:d3; 
#  option tftp-server-name "http://server.corpX.un/";
#}

#### For client config by mac ####
#host client3 {
#  hardware ethernet 00:12:f0:79:3b:51;
#  fixed-address 192.168.100+X.200;
#}

Отказоустойчивая конфигурация

nodeN# cat dhcpd.general
ddns-update-style none;

log-facility local7;

subnet 192.168.X.0 netmask 255.255.255.0 {
  pool {
    failover peer "dhcp";
    range 192.168.X.128 192.168.X.228;
  }
  option routers 192.168.X.254;
  option domain-name "corpX.un";
  option domain-name-servers 192.168.X.1, 192.168.X.2;
  default-lease-time 600;
  max-lease-time 7200;
}
node1# cat dhcpd.conf
failover peer "dhcp" {
  primary;
  address 192.168.X.1;
  port 519;
  peer address 192.168.X.2;
  peer port 520;
  max-response-delay 60;
  max-unacked-updates 10;
  mclt 600;
  split 128;
  load balance max seconds 3;
}

### debian/ubuntu
include "/etc/dhcp/dhcpd.general";

### freebsd
#include "/usr/local/etc/dhcpd.general";
node2# cat dhcpd.conf
failover peer "dhcp" {
  secondary;
  address 192.168.X.2;
  port 520;
  peer address 192.168.X.1;
  peer port 519;
  max-response-delay 60;
  max-unacked-updates 10;
}

### debian/ubuntu
include "/etc/dhcp/dhcpd.general";

### freebsd
#include "/usr/local/etc/dhcpd.general";

Конфигурация с поддержкой динамических обновлений зон DNS

server# cat dhcpd.conf
ddns-update-style interim;
ddns-ttl 60;
...
subnet 192.168.X.0 netmask 255.255.255.0 {

### ubuntu
#include "/etc/dhcp/rndc.key";

### freebsd
#include "/usr/local/etc/rndc.key";

  zone corpX.un. {
    primary 192.168.X.10;
    key rndc-key;
  }
  zone X.168.192.in-addr.arpa. {
    primary 192.168.X.10;
    key rndc-key;
  }
...

Проверка конфигурации и запуск

FreeBSD

[gate:~] # dhcpd -t

[gate:~] # service isc-dhcpd start

Debian/Ubuntu

# dhcpd -t

# service isc-dhcp-server start

# service isc-dhcp-server status

Мониторинг выданных адресов

FreeBSD

[gate:~] # tail -f /var/db/dhcpd/dhcpd.leases

Debian/Ubuntu

root@gate:~# tail -f /var/lib/dhcp/dhcpd.leases

Статистика DHCP сервера

Debian/Ubuntu

# apt install dhcpd-pools

# dhcpd-pools -l /var/lib/dhcp/dhcpd.leases -c /etc/dhcp/dhcpd.conf

# cat /usr/local/bin/dhcp_stat.sh
#!/bin/sh

CMD='/usr/bin/dhcpd-pools -l /var/lib/dhcp/dhcpd.leases -c /etc/dhcp/dhcpd.conf -f c | grep 192.168.X'
MAX=`eval $CMD | cut -d'"' -f8`
CUR=`eval $CMD | cut -d'"' -f10`

eval RES=\$$1

echo $RES
# /usr/local/bin/dhcp_stat.sh MAX

# /usr/local/bin/dhcp_stat.sh CUR

FreeBSD

# pkg install dhcpd-pools

# dhcpd-pools -l /var/db/dhcpd/dhcpd.leases -c /usr/local/etc/dhcpd.conf

Поиск и подавление посторонних DHCP серверов

Debian/Ubuntu

# wget http://www.netpatch.ru/projects/dhcdrop/dhcdrop-lin-0.5.tar.bz2

# cd /usr/local/sbin/

# tar -xvf /root/dhcdrop-lin-0.5.tar.bz2 dhcdrop

FreeBSD

# pkg install dhcdrop

FreeBSD/Debian/Ubuntu

# /usr/local/sbin/dhcdrop -t -b -i <intface> -l <mac_address>

# /usr/local/sbin/dhcdrop -t -b -q -i <intface> -l <mac_address> > /tmp/dhcp.txt || (cat /tmp/dhcp.txt | mail -s 'Critical. Second DHCP.' root@corpX.un)
сервис_dhcp.txt · Последние изменения: 2019/06/04 10:00 — val