RHEL8.10上搭建dhcp-relay服务

news/2024/12/24 11:45:00/文章来源:https://www.cnblogs.com/liwei1987/p/18550181

日期:2024.11.17
目的:在rhel8上搭建dhcp-relay服务,让搭建在lan网段(10.31.0.0/24)中的DHCP服务器rocky9(10.31.0.1/24),可以给dmz网段(172.31.0.0/24)中的主机提供服务
参照:

  • 鸟哥Linux私房菜
    https://linux.vbird.org/linux_server/rocky9/0220dhcp_ntp.php#9.3
  • 3.13. 设置 DHCP 转发代理
    https://docs.redhat.com/zh_hans/documentation/red_hat_enterprise_linux/9/html/managing_networking_infrastructure_services/setting-up-a-dhcp-relay-agent_providing-dhcp-services
  • 3.9. 为没有直接连接到 DHCP 服务器的子网设置 DHCP 服务
    https://docs.redhat.com/zh_hans/documentation/red_hat_enterprise_linux/9/html/managing_networking_infrastructure_services/setting-up-the-dhcp-service-for-subnets-that-are-not-directly-connected-to-the-dhcp-server_providing-dhcp-services

在rhel8上安装dhcp-relay

[root@RHEL8 ~]# dnf info dhcp-relay
Updating Subscription Management repositories.
Last metadata expiration check: 1:10:16 ago on Sat 16 Nov 2024 11:42:54 PM CST.
Available Packages
Name         : dhcp-relay
Epoch        : 12
Version      : 4.3.6
Release      : 50.el8_10
Architecture : x86_64
Size         : 237 k
Source       : dhcp-4.3.6-50.el8_10.src.rpm
Repository   : rhel-8-for-x86_64-baseos-rpms
Summary      : Provides the ISC DHCP relay agent
URL          : http://isc.org/products/DHCP/
License      : ISC
Description  : DHCP (Dynamic Host Configuration Protocol) is a protocol which allows: individual devices on an IP network to get their own network: configuration information (IP address, subnetmask, broadcast address,: etc.) from a DHCP server. The overall purpose of DHCP is to make it: easier to administer a large network.: : This package provides the ISC DHCP relay agent.[root@RHEL8 ~]# rpm -q dhcp-relay || yum install -y dhcp-relay

查询相关文件

[root@RHEL8 ~]# rpm -ql dhcp-relay
/usr/lib/.build-id
/usr/lib/.build-id/50
/usr/lib/.build-id/50/104a15d354826167bfb890dccf00f8dcaf9e4a
/usr/lib/systemd/system/dhcrelay.service
/usr/sbin/dhcrelay
/usr/share/man/man8/dhcrelay.8.gz

查看man帮助

[root@RHEL8 ~]# man dhcrelay-i ifnameListen for DHCPv4/BOOTP traffic on interface ifname.  Multiple interfaces may be specified by using more  than  one-i  option.   If  no  interfaces  are specified on the command line, dhcrelay will identify all network interfaces,eliminating non-broadcast interfaces if possible, and attempt to listen on all of them.-iu ifnameSpecifies an upstream network interface: an interface from which replies from servers and other relay  agents  willbe accepted.  Multiple interfaces may be specified by using more than one -iu option.  This argument isintended to be used in conjunction with one or more -i or -id arguments.指定上行网络接口,接收dhcp服务器端的回复-id ifnameSpecifies a downstream network interface: an interface from which requests from clients and other relay agents willbe accepted.  Multiple interfaces may be specified by using more than one -id option.  This argument is intended tobe used in conjunction with one or more -i or -iu arguments.指定下行网络接口,接收dhcp客户端的请求

参照红帽官方文档安装流程:将 /lib/systemd/system/dhcrelay.service 文件复制到 /etc/systemd/system/ 目录中并编辑
按照man手册的写法指出上行和下行端口,参考鸟哥教程把日志独立出来方便调试

[root@RHEL8 ~]# cp /lib/systemd/system/dhcrelay.service /etc/systemd/system/
[root@RHEL8 ~]# vim /etc/systemd/system/dhcrelay.service
[root@RHEL8 ~]# cat /etc/systemd/system/dhcrelay.service
[Unit]
Description=DHCP Relay Agent Daemon
Documentation=man:dhcrelay(8)
Wants=network-online.target
After=network-online.target[Service]
Type=notify
ExecStart=/usr/sbin/dhcrelay -d --no-pid -id enp2s0 -iu enp3s0 10.31.0.1
StandardError=journal
StandardOutput=journal
SyslogFacility=local6[Install]
WantedBy=multi-user.target

配置syslog指定dhcp-relay日志文件的路径,启动服务,查看日志

[root@RHEL8 ~]# echo 'local6.*    /var/log/dhcprelay.log' > /etc/rsyslog.d/dhcprelay.conf
[root@RHEL8 ~]# cat /etc/rsyslog.d/dhcprelay.conf
local6.*    /var/log/dhcprelay.log
[root@RHEL8 ~]# systemctl restart rsyslog.service 
[root@RHEL8 ~]# systemctl daemon-reload 
[root@RHEL8 ~]# systemctl enable --now dhcrelay.service
Created symlink /etc/systemd/system/multi-user.target.wants/dhcrelay.service → /etc/systemd/system/dhcrelay.service.
[root@RHEL8 ~]# cat /var/log/dhcprelay.log
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Requesting: enp2s0 as upstream: N downstream: Y
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Requesting: enp3s0 as upstream: Y downstream: N
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Dropped all unnecessary capabilities.
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Internet Systems Consortium DHCP Relay Agent 4.3.6
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Copyright 2004-2017 Internet Systems Consortium.
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: All rights reserved.
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: For info, please visit https://www.isc.org/software/dhcp/
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Listening on LPF/enp3s0/52:54:00:00:31:10
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Sending on   LPF/enp3s0/52:54:00:00:31:10
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Listening on LPF/enp2s0/52:54:00:00:31:72
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Sending on   LPF/enp2s0/52:54:00:00:31:72
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Sending on   Socket/fallback
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Dropped all capabilities.

在rocky9上编辑DHCP配置文件,为172.31.0.0/24网段提供dhcp服务。
编辑完后,检测无语法错误,重启服务

[root@ROCKY9 ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp-server/dhcpd.conf.example
#   see dhcpd.conf(5) man page
#
log-facility local6;
default-lease-time 60000;
max-lease-time 600000;
option domain-name-servers 218.2.2.2, 218.4.4.4;shared-network dmz{subnet 172.31.0.0 netmask 255.255.255.0 {range 172.31.0.100 172.31.0.199;option routers 172.31.0.254;}
}subnet 10.31.0.0 netmask 255.255.255.0 {range 10.31.0.100 10.31.0.199;option routers 10.31.0.254;
}
[root@ROCKY9 ~]# dhcpd -t -cf /etc/dhcp/dhcpd.conf
Internet Systems Consortium DHCP Server 4.4.2b1
Copyright 2004-2019 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
ldap_gssapi_principal is not set,GSSAPI Authentication for LDAP will not be used
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Config file: /etc/dhcp/dhcpd.conf
Database file: /var/lib/dhcpd/dhcpd.leases
PID file: /var/run/dhcpd.pid
Source compiled to use binary-leases
[root@ROCKY9 ~]# systemctl restart dhcpd.service 

在dmz网段(172.31.0.0/24)中安装一台centos6,通过vnc登录后启动网卡,默认通过dhcp获取地址成功

rhel8上dhcp-relay的日志

[root@RHEL8 ~]# tail -f /var/log/dhcprelay.log
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Internet Systems Consortium DHCP Relay Agent 4.3.6
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Copyright 2004-2017 Internet Systems Consortium.
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: All rights reserved.
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: For info, please visit https://www.isc.org/software/dhcp/
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Listening on LPF/enp3s0/52:54:00:00:31:10
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Sending on   LPF/enp3s0/52:54:00:00:31:10
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Listening on LPF/enp2s0/52:54:00:00:31:72
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Sending on   LPF/enp2s0/52:54:00:00:31:72
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Sending on   Socket/fallback
Nov 19 00:30:18 RHEL8 dhcrelay[1513]: Dropped all capabilities.
Nov 19 00:46:00 RHEL8 dhcrelay[1513]: Forwarded BOOTREQUEST for 52:54:00:72:31:a0 to 10.31.0.1
Nov 19 00:46:01 RHEL8 dhcrelay[1513]: Forwarded BOOTREPLY for 52:54:00:72:31:a0 to 172.31.0.100
Nov 19 00:46:01 RHEL8 dhcrelay[1513]: Forwarded BOOTREQUEST for 52:54:00:72:31:a0 to 10.31.0.1
Nov 19 00:46:01 RHEL8 dhcrelay[1513]: Forwarded BOOTREPLY for 52:54:00:72:31:a0 to 172.31.0.100

rocky9上dhcp的日志

[root@ROCKY9 ~]# tail /var/log/dhcp.log -f
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Internet Systems Consortium DHCP Server 4.4.2b1
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Copyright 2004-2019 Internet Systems Consortium.
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: All rights reserved.
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: For info, please visit https://www.isc.org/software/dhcp/
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Source compiled to use binary-leases
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Wrote 0 leases to leases file.
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Listening on LPF/enp1s0/52:54:00:10:31:01/10.31.0.0/24
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Sending on   LPF/enp1s0/52:54:00:10:31:01/10.31.0.0/24
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Sending on   Socket/fallback/fallback-net
Nov 19 00:35:07 ROCKY9 dhcpd[1989]: Server starting service.
Nov 19 00:46:01 ROCKY9 dhcpd[1989]: DHCPDISCOVER from 52:54:00:72:31:a0 via 172.31.0.254
Nov 19 00:46:02 ROCKY9 dhcpd[1989]: DHCPOFFER on 172.31.0.100 to 52:54:00:72:31:a0 via 172.31.0.254
Nov 19 00:46:02 ROCKY9 dhcpd[1989]: DHCPREQUEST for 172.31.0.100 (10.31.0.1) from 52:54:00:72:31:a0 via 172.31.0.254
Nov 19 00:46:02 ROCKY9 dhcpd[1989]: DHCPACK on 172.31.0.100 to 52:54:00:72:31:a0 via 172.31.0.254

rocky9上udp67端口的监听结果

[root@ROCKY9 ~]# tcpdump -v udp port 67
dropped privs to tcpdump
tcpdump: listening on enp1s0, link-type EN10MB (Ethernet), snapshot length 262144 bytes
00:46:01.439322 IP (tos 0x0, ttl 64, id 438, offset 0, flags [DF], proto UDP (17), length 328)_gateway.bootps > ROCKY9.bootps: BOOTP/DHCP, Request from 52:54:00:72:31:a0 (oui Unknown), length 300, hops 1, xid 0xd6260e35, Flags [none]Gateway-IP 172.31.0.254Client-Ethernet-Address 52:54:00:72:31:a0 (oui Unknown)Vendor-rfc1048 ExtensionsMagic Cookie 0x63825363DHCP-Message (53), length 1: DiscoverParameter-Request (55), length 13: Subnet-Mask (1), BR (28), Time-Zone (2), Classless-Static-Route (121)Domain-Name (15), Domain-Name-Server (6), Hostname (12), YD (40)YS (41), NTP (42), MTU (26), Unknown (119)Default-Gateway (3)
00:46:02.440770 IP (tos 0x0, ttl 64, id 35258, offset 0, flags [DF], proto UDP (17), length 328)ROCKY9.bootps > 172.31.0.254.bootps: BOOTP/DHCP, Reply, length 300, hops 1, xid 0xd6260e35, Flags [none]Your-IP 172.31.0.100Gateway-IP 172.31.0.254Client-Ethernet-Address 52:54:00:72:31:a0 (oui Unknown)Vendor-rfc1048 ExtensionsMagic Cookie 0x63825363DHCP-Message (53), length 1: OfferServer-ID (54), length 4: ROCKY9Lease-Time (51), length 4: 60000Subnet-Mask (1), length 4: 255.255.255.0Domain-Name-Server (6), length 8: dns1.ctcdma.com,dns2.ctcdma.comDefault-Gateway (3), length 4: 172.31.0.254
00:46:02.441569 IP (tos 0x0, ttl 64, id 1154, offset 0, flags [DF], proto UDP (17), length 328)_gateway.bootps > ROCKY9.bootps: BOOTP/DHCP, Request from 52:54:00:72:31:a0 (oui Unknown), length 300, hops 1, xid 0xd6260e35, Flags [none]Gateway-IP 172.31.0.254Client-Ethernet-Address 52:54:00:72:31:a0 (oui Unknown)Vendor-rfc1048 ExtensionsMagic Cookie 0x63825363DHCP-Message (53), length 1: RequestServer-ID (54), length 4: ROCKY9Requested-IP (50), length 4: 172.31.0.100Parameter-Request (55), length 13: Subnet-Mask (1), BR (28), Time-Zone (2), Classless-Static-Route (121)Domain-Name (15), Domain-Name-Server (6), Hostname (12), YD (40)YS (41), NTP (42), MTU (26), Unknown (119)Default-Gateway (3)
00:46:02.444524 IP (tos 0x0, ttl 64, id 35260, offset 0, flags [DF], proto UDP (17), length 328)ROCKY9.bootps > 172.31.0.254.bootps: BOOTP/DHCP, Reply, length 300, hops 1, xid 0xd6260e35, Flags [none]Your-IP 172.31.0.100Gateway-IP 172.31.0.254Client-Ethernet-Address 52:54:00:72:31:a0 (oui Unknown)Vendor-rfc1048 ExtensionsMagic Cookie 0x63825363DHCP-Message (53), length 1: ACKServer-ID (54), length 4: ROCKY9Lease-Time (51), length 4: 60000Subnet-Mask (1), length 4: 255.255.255.0Domain-Name-Server (6), length 8: dns1.ctcdma.com,dns2.ctcdma.comDefault-Gateway (3), length 4: 172.31.0.254

rocky9上的dhcp租约文件

[root@ROCKY9 ~]# cat /var/lib/dhcpd/dhcpd.leases
# The format of this file is documented in the dhcpd.leases(5) manual page.
# This lease file was written by isc-dhcp-4.4.2b1# authoring-byte-order entry is generated, DO NOT DELETE
authoring-byte-order little-endian;server-duid "\000\001\000\001.\316/hRT\000\0201\001";lease 10.31.0.100 {starts 1 2024/11/18 17:04:26;ends 2 2024/11/19 09:44:26;cltt 1 2024/11/18 17:04:26;binding state active;next binding state free;rewind binding state free;hardware ethernet 52:54:00:10:31:a0;client-hostname "ubuntu16";
}
lease 172.31.0.100 {starts 1 2024/11/18 17:07:11;ends 2 2024/11/19 09:47:11;cltt 1 2024/11/18 17:07:11;binding state active;next binding state free;rewind binding state free;hardware ethernet 52:54:00:72:31:a0;
}
脚本自动化
[root@centos7 ~]# cat rhel8dhcprelay.sh 
#rhel8dhcprelay.sh
#Date: 2024-11-19
#!/bin/bash#安装dhcp-relay服务
rpm -q dhcp-relay || yum install -y dhcp-relay#复制进程配置文件至启动路径
cp /lib/systemd/system/dhcrelay.service /etc/systemd/system/#编辑dhcp-relay进程启动文件参数
#指定下行dhcp客户端网卡,上行dhcp服务器网卡,dhcp服务器地址
sed -Ei.bak 's/^(ExecStart=\/usr\/sbin\/dhcrelay -d --no-pid)$/\1 -id enp2s0 -iu enp3s0 10.31.0.1/' /etc/systemd/system/
#将错误输出和标准输出写入日志,日志使用local6保存
sed -Ei 's/^(StandardError=)null$/\1journal/' /etc/systemd/system/
sed -Ei '/^StandardError=[[:alpha:]]+$/aStandardOutput=journal\nSyslogFacility=local6' /etc/systemd/system/#指定日志文件路径
echo 'local6.*    /var/log/dhcprelay.log' > /etc/rsyslog.d/dhcprelay.conf#重启日志文件服务
systemctl restart rsyslog.service#启动dhcp-relay服务
systemctl daemon-reload
systemctl enable --now dhcrelay.service

本文来自互联网用户投稿,该文观点仅代表作者本人,不代表本站立场。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如若转载,请注明出处:http://www.hqwc.cn/news/836514.html

如若内容造成侵权/违法违规/事实不符,请联系编程知识网进行投诉反馈email:809451989@qq.com,一经查实,立即删除!

相关文章

ROCKY9.4上搭建DHCP服务

日期:2024.11.14 内容:在虚拟的LAN网络中(10.31.0.0/24)的ROCKY9.4(10.31.0.1/24)上搭建DHCP服务器,供LAN网络中其余主机自动获取IP地址 参照:鸟哥Linux私房菜 马哥教育王晓春老师课程安装DHCP服务 [root@ROCKY9 ~]# dnf info dhcp-server Last metadata expiration check:…

dyld: 神秘的 __dso_handle

dyld: 神秘的 __dso_handleiOS动态链接器dyld中有一个神秘的变量__dso_handle: // dyld/dyldMain.cpp static const MachOAnalyzer* getDyldMH() { #if __LP64__// 声明 __dso_handleextern const MachOAnalyzer __dso_handle;return &__dso_handle; #else... #endif // __…

攻防世界-转轮机加密

解法1:参考:https://blog.csdn.net/weixin_45556441/article/details/110851390解法2:book = ["NACZDTRXMJQOYHGVSFUWIKPBEL","FHTEQGYXPLOCKBDMAIZVRNSJUW","QGWTHSPYBXIZULVKMRAFDCEONJ","KCPMNZQWXYIHFRLABEUOTSGJVD","SXCD…

攻防世界-栅栏密码

原理加密分为经典型和W型题目解题 W型解密(多数默认)链接: https://www.a.tools/Tool.php?Id=264 https://ctf.bugku.com/tool/railfence

攻防世界-safer_than_rot13(替代密码)

题目解题解密链接:http://quipqiup.com/ 参考:https://blog.csdn.net/xiao__1bai/article/details/121692829

如何在notion中复制表格

Notion有个非常二货的地方: 不能直接复制表格,如果想把表格A中内容复制到表格B中,需要先把A中想复制的内容放到excel中,再从excel中放入B中,且需要在B中指定放置范围。 例如:表格A直接在notion中复制该表格A后,无法在下面的表格B中直接粘贴:表格B 如何才能将A中内容复制…

考研打卡(21)

开局(21) 开始时间 2024-11-18 20:08:09 结束时间 2024-11-19 01:07:55今天凌晨两点渴醒了,然后起床喝水,耍手机刷到两点多才睡着数据结构在一棵二叉树中有30个叶子结点,仅有一个孩子的结点有20个, 则该二叉树共有_____ 个结点(北京师范大学 2017年) A 79 B 76 C 56 D 81…

DQL(1)

多重条件查询 select*from 表名 where 列名 条件 (如like‘ ’) 连接词(and ,or等)条件排序查询 select * from 表名 order by 列名 asc|desc,列名 asc|desc;(正序|倒序)聚集函数(一般用作统计) count([distinct]*)统计所有的行数(distinct表示去重再统计) count (…

福气满满-冲刺日志(第六天)

这个作业属于哪个课程 https://edu.cnblogs.com/campus/fzu/SE2024作业要求 https://edu.cnblogs.com/campus/fzu/SE2024/homework/13305团队名称 福气满满团队成员学号-名字 052203132童潇剑,102201226陈潇健,102201235曾炜坤,102201234洪庆杨,102201224 陈博涵,18220031…