(1)yum -y install dhcp
[webadm@nat1 ~]$ su 密碼: [root@nat1 webadm]# yum -y install dhcp Loaded plugins: langpacks, presto, refresh-packagekit Resolving Dependencies --> Running transaction check ---> Package dhcp.i686 12:4.2.4-9.P1.fc17 will be installed --> Processing Dependency: dhcp-libs(x86-32) = 12:4.2.4-9.P1.fc17 for package: 12:dhcp-4.2.4-9.P1.fc17.i686 --> Processing Dependency: dhcp-common = 12:4.2.4-9.P1.fc17 for package: 12:dhcp-4.2.4-9.P1.fc17.i686 --> Running transaction check ---> Package dhcp-common.i686 12:4.2.4-0.4.rc1.fc17 will be updated --> Processing Dependency: dhcp-common = 12:4.2.4-0.4.rc1.fc17 for package: 12:dhclient-4.2.4-0.4.rc1.fc17.i686 ---> Package dhcp-common.i686 12:4.2.4-9.P1.fc17 will be an update ---> Package dhcp-libs.i686 12:4.2.4-0.4.rc1.fc17 will be updated ---> Package dhcp-libs.i686 12:4.2.4-9.P1.fc17 will be an update --> Running transaction check ---> Package dhclient.i686 12:4.2.4-0.4.rc1.fc17 will be updated ---> Package dhclient.i686 12:4.2.4-9.P1.fc17 will be an update --> Finished Dependency Resolution
Dependencies Resolved
================================================================================ Package Arch Version Repository Size ================================================================================ Installing: dhcp i686 12:4.2.4-9.P1.fc17 updates 490 k Updating for dependencies: dhclient i686 12:4.2.4-9.P1.fc17 updates 262 k dhcp-common i686 12:4.2.4-9.P1.fc17 updates 163 k dhcp-libs i686 12:4.2.4-9.P1.fc17 updates 130 k
Transaction Summary ================================================================================ Install 1 Package Upgrade ( 3 Dependent packages)
Total download size: 1.0 M Downloading Packages: Setting up and reading Presto delta metadata http://ftp.jaist.ac.jp/pub/Linux/Fedora/updates/17/i386/dhclient-4.2.4-9.P1.fc17.i686.rpm: [Errno 14] curl#6 - "Couldn't resolve host" Trying other mirror. (1/4): dhclient-4.2.4-9.P1.fc17.i686.rpm | 262 kB 00:30 警告:rpmts_HdrFromFdno: 表頭 V3 RSA/SHA256 Signature, key ID 1aca3465: NOKEY Public key for dhclient-4.2.4-9.P1.fc17.i686.rpm is not installed (2/4): dhcp-4.2.4-9.P1.fc17.i686.rpm | 490 kB 00:20 (3/4): dhcp-common-4.2.4-9.P1.fc17.i686.rpm | 163 kB 00:04 (4/4): dhcp-libs-4.2.4-9.P1.fc17.i686.rpm | 130 kB 00:28 -------------------------------------------------------------------------------- Total 10 kB/s | 1.0 MB 01:40 Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386 Importing GPG key 0x1ACA3465: Userid : "Fedora (17) <fedora@fedoraproject.org>" Fingerprint: cac4 3fb7 74a4 a673 d81c 5de7 50e9 4c99 1aca 3465 Package : fedora-release-17-1.noarch (@anaconda-0) From : /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386 Running Transaction Check Running Transaction Test Transaction Test Succeeded Running Transaction Updating : 12:dhcp-libs-4.2.4-9.P1.fc17.i686 1/7 Updating : 12:dhcp-common-4.2.4-9.P1.fc17.i686 2/7 Installing : 12:dhcp-4.2.4-9.P1.fc17.i686 3/7 Updating : 12:dhclient-4.2.4-9.P1.fc17.i686 4/7 Cleanup : 12:dhclient-4.2.4-0.4.rc1.fc17.i686 5/7 Cleanup : 12:dhcp-common-4.2.4-0.4.rc1.fc17.i686 6/7 Cleanup : 12:dhcp-libs-4.2.4-0.4.rc1.fc17.i686 7/7 Verifying : 12:dhcp-common-4.2.4-9.P1.fc17.i686 1/7 Verifying : 12:dhcp-4.2.4-9.P1.fc17.i686 2/7 Verifying : 12:dhclient-4.2.4-9.P1.fc17.i686 3/7 Verifying : 12:dhcp-libs-4.2.4-9.P1.fc17.i686 4/7 Verifying : 12:dhcp-libs-4.2.4-0.4.rc1.fc17.i686 5/7 Verifying : 12:dhclient-4.2.4-0.4.rc1.fc17.i686 6/7 Verifying : 12:dhcp-common-4.2.4-0.4.rc1.fc17.i686 7/7
Installed: dhcp.i686 12:4.2.4-9.P1.fc17
Dependency Updated: dhclient.i686 12:4.2.4-9.P1.fc17 dhcp-common.i686 12:4.2.4-9.P1.fc17 dhcp-libs.i686 12:4.2.4-9.P1.fc17
Complete! [root@nat1 webadm]#
(2)修改/etc/dhcp/dhcpd.conf [root@nat1 webadm]# vi /etc/dhcp/dhcpd.conf [root@nat1 webadm]# cat /etc/dhcp/dhcpd.conf # # DHCP Server Configuration file. # see /usr/share/doc/dhcp*/dhcpd.conf.sample # see dhcpd.conf(5) man page # option domain-name "kmvs.km.edu.tw";
option domain-name-servers dns.kmvs.km.edu.tw; default-lease-time 600; max-lease-time 7200;
authoritative;
subnet 10.1.1.0 netmask 255.255.255.0 { range dynamic-bootp 10.1.1.200 10.1.1.254; option broadcast-address 10.1.1.255; option routers 10.1.1.254; }
[root@nat1 webadm]#
(3)啟動dhcpd.service [root@nat1 webadm]# systemctl start dhcpd.service [root@nat1 webadm]# systemctl enable dhcpd.service ln -s '/usr/lib/systemd/system/dhcpd.service' '/etc/systemd/system/multi-user.target.wants/dhcpd.service' [root@nat1 webadm]# ps ax|grep dhcp 705 ? S 0:00 /sbin/dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/default.pid --conf-file= --except-interface lo --listen-address 192.168.122.1 --dhcp-range 192.168.122.2,192.168.122.254 --dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases --dhcp-lease-max=253 --dhcp-no-override 3290 ? Sl 0:05 gedit /home/webadm/20120830dhcpd_setup.txt 5048 pts/0 S+ 0:00 grep --color=auto dhcp [root@nat1 webadm]#
(4)察看
[root@nat1 webadm]# whereis dhcpd dhcpd: /sbin/dhcpd /usr/sbin/dhcpd /usr/share/man/man8/dhcpd.8.gz [root@nat1 webadm]# /sbin/dhcpd & [1] 5057 [root@nat1 webadm]# Internet Systems Consortium DHCP Server 4.2.4-P1 Copyright 2004-2012 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Wrote 0 leases to leases file.
No subnet declaration for virbr0 (192.168.122.1). ** Ignoring requests on virbr0. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface virbr0 is attached. **
No subnet declaration for eth1 (no IPv4 addresses). ** Ignoring requests on eth1. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth1 is attached. **
No subnet declaration for eth0 (163.25.20.37). ** Ignoring requests on eth0. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth0 is attached. **
Not configured to listen on any interfaces!
This version of ISC DHCP is based on the release available on ftp.isc.org. Features have been added and other changes have been made to the base software release in order to make it work better with this distribution.
Please report for this software via the Red Hat Bugzilla site: http://bugzilla.redhat.com
exiting.
[1]+ Exit 1 /sbin/dhcpd [root@nat1 webadm]#
(5)system-config-network-tui
[root@nat1 network-scripts]# system-config-network-tui [root@nat1 network-scripts]# system-config-network-tui [root@nat1 network-scripts]# /etc/rc.d/init.d/network start Starting network (via systemctl): [ 確定 ] [root@nat1 network-scripts]# ifconfig eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 163.25.20.37 netmask 255.255.255.0 broadcast 163.25.20.255 inet6 fe80::224:8cff:fec9:1327 prefixlen 64 scopeid 0x20<link> ether 00:24:8c:c9:13:27 txqueuelen 1000 (Ethernet) RX packets 128737 bytes 29111894 (27.7 MiB) RX errors 0 dropped 3204 overruns 0 frame 0 TX packets 15063 bytes 1124936 (1.0 MiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 43 base 0x6000
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500 inet 10.1.1.254 netmask 255.255.255.0 broadcast 10.1.1.255 inet6 fe80::223:f8ff:fe5f:4fa3 prefixlen 64 scopeid 0x20<link> ether 00:23:f8:5f:4f:a3 txqueuelen 1000 (Ethernet) RX packets 6 bytes 1770 (1.7 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 2279 bytes 481394 (470.1 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0 device interrupt 19 base 0x8c00
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 16436 inet 127.0.0.1 netmask 255.0.0.0 inet6 ::1 prefixlen 128 scopeid 0x10<host> loop txqueuelen 0 (Local Loopback) RX packets 108 bytes 8440 (8.2 KiB) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 108 bytes 8440 (8.2 KiB) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500 inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255 ether c2:c8:08:47:60:71 txqueuelen 0 (Ethernet) RX packets 0 bytes 0 (0.0 B) RX errors 0 dropped 0 overruns 0 frame 0 TX packets 0 bytes 0 (0.0 B) TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
(6)再啟動dhcpd
[root@nat1 network-scripts]# [root@nat1 network-scripts]# dhcpd Internet Systems Consortium DHCP Server 4.2.4-P1 Copyright 2004-2012 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Wrote 0 leases to leases file.
No subnet declaration for virbr0 (192.168.122.1). ** Ignoring requests on virbr0. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface virbr0 is attached. **
Listening on LPF/eth1/00:23:f8:5f:4f:a3/10.1.1.0/24 Sending on LPF/eth1/00:23:f8:5f:4f:a3/10.1.1.0/24
No subnet declaration for eth0 (163.25.20.37). ** Ignoring requests on eth0. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth0 is attached. **
Sending on Socket/fallback/fallback-net [root@nat1 network-scripts]#
(7)啟動iptables 的nat功能 [root@nat1 network-scripts]# iptables -F [root@nat1 network-scripts]# echo "1" /proc/sys/net/ipv4/ip_forward 1 /proc/sys/net/ipv4/ip_forward [root@nat1 network-scripts]# modprobe ip_nat_ftp [root@nat1 network-scripts]# modprobe ip_nat_irc [root@nat1 network-scripts]# iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -j MASQUERADE [root@nat1 network-scripts]#
(8)編寫 startnat 執行指令稿
[root@nat1 webadm]# cd ~root
[root@nat1 ~]# ps ax|grep dhcpd 1056 ? Ss 0:00 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid 1979 pts/0 S+ 0:00 grep --color=auto dhcpd
[root@nat1 ~]# vi startnat
[root@nat1 ~]# cat ./startnat iptables -F echo "1" /proc/sys/net/ipv4/ip_forward modprobe ip_nat_ftp modprobe ip_nat_irc modprobe ip_conntrack_ftp modprobe ip_conntrack_irc
iptables -t nat -A POSTROUTING -o eth0 -s 10.1.1.0/24 -j MASQUERADE
[root@nat1 ~]#
[root@nat1 ~]# cd ~root [root@nat1 ~]# ./startnat 1 /proc/sys/net/ipv4/ip_forward [root@nat1 ~]# iptables -t nat -L Chain PREROUTING (policy ACCEPT) target prot opt source destination
Chain INPUT (policy ACCEPT) target prot opt source destination
Chain OUTPUT (policy ACCEPT) target prot opt source destination
Chain POSTROUTING (policy ACCEPT) target prot opt source destination MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535 MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24 MASQUERADE all -- 10.1.1.0/24 anywhere
(9)編寫 crontab
[root@nat1 ~]# crontab -l 59 7 * * * ifup eth1 0 17 * * * ifdown eth1 [root@nat1 ~]#
[root@nat1 ~]# cat /etc/crontab SHELL=/bin/bash PATH=/sbin:/bin:/usr/sbin:/usr/bin MAILTO=root
# For details see man 4 crontabs
# Example of job definition: # .---------------- minute (0 - 59) # | .------------- hour (0 - 23) # | | .---------- day of month (1 - 31) # | | | .------- month (1 - 12) OR jan,feb,mar,apr ... # | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat # | | | | | # * * * * * user-name command to be executed 59 7 * * * root /sbin/ifup eth1 0 17 * * * root /sbin/ifdown eth1 55 17 * * * root /sbin/ifdown eth1 [root@nat1 ~]#
|