(1)yum -y install dhcp
[webadm@nat1 ~]$ su
密碼:
[root@nat1 webadm]# yum -y install dhcp
Loaded plugins: langpacks, presto, refresh-packagekit
Resolving Dependencies
--> Running transaction check
---> Package dhcp.i686 12:4.2.4-9.P1.fc17 will be installed
--> Processing Dependency: dhcp-libs(x86-32) = 12:4.2.4-9.P1.fc17 for package: 12:dhcp-4.2.4-9.P1.fc17.i686
--> Processing Dependency: dhcp-common = 12:4.2.4-9.P1.fc17 for package: 12:dhcp-4.2.4-9.P1.fc17.i686
--> Running transaction check
---> Package dhcp-common.i686 12:4.2.4-0.4.rc1.fc17 will be updated
--> Processing Dependency: dhcp-common = 12:4.2.4-0.4.rc1.fc17 for package: 12:dhclient-4.2.4-0.4.rc1.fc17.i686
---> Package dhcp-common.i686 12:4.2.4-9.P1.fc17 will be an update
---> Package dhcp-libs.i686 12:4.2.4-0.4.rc1.fc17 will be updated
---> Package dhcp-libs.i686 12:4.2.4-9.P1.fc17 will be an update
--> Running transaction check
---> Package dhclient.i686 12:4.2.4-0.4.rc1.fc17 will be updated
---> Package dhclient.i686 12:4.2.4-9.P1.fc17 will be an update
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
dhcp i686 12:4.2.4-9.P1.fc17 updates 490 k
Updating for dependencies:
dhclient i686 12:4.2.4-9.P1.fc17 updates 262 k
dhcp-common i686 12:4.2.4-9.P1.fc17 updates 163 k
dhcp-libs i686 12:4.2.4-9.P1.fc17 updates 130 k
Transaction Summary
================================================================================
Install 1 Package
Upgrade ( 3 Dependent packages)
Total download size: 1.0 M
Downloading Packages:
Setting up and reading Presto delta metadata
http://ftp.jaist.ac.jp/pub/Linux/Fedora/updates/17/i386/dhclient-4.2.4-9.P1.fc17.i686.rpm: [Errno 14] curl#6 - "Couldn't resolve host"
Trying other mirror.
(1/4): dhclient-4.2.4-9.P1.fc17.i686.rpm | 262 kB 00:30
警告:rpmts_HdrFromFdno: 表頭 V3 RSA/SHA256 Signature, key ID 1aca3465: NOKEY
Public key for dhclient-4.2.4-9.P1.fc17.i686.rpm is not installed
(2/4): dhcp-4.2.4-9.P1.fc17.i686.rpm | 490 kB 00:20
(3/4): dhcp-common-4.2.4-9.P1.fc17.i686.rpm | 163 kB 00:04
(4/4): dhcp-libs-4.2.4-9.P1.fc17.i686.rpm | 130 kB 00:28
--------------------------------------------------------------------------------
Total 10 kB/s | 1.0 MB 01:40
Retrieving key from file:///etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386
Importing GPG key 0x1ACA3465:
Userid : "Fedora (17) <fedora@fedoraproject.org>"
Fingerprint: cac4 3fb7 74a4 a673 d81c 5de7 50e9 4c99 1aca 3465
Package : fedora-release-17-1.noarch (@anaconda-0)
From : /etc/pki/rpm-gpg/RPM-GPG-KEY-fedora-i386
Running Transaction Check
Running Transaction Test
Transaction Test Succeeded
Running Transaction
Updating : 12:dhcp-libs-4.2.4-9.P1.fc17.i686 1/7
Updating : 12:dhcp-common-4.2.4-9.P1.fc17.i686 2/7
Installing : 12:dhcp-4.2.4-9.P1.fc17.i686 3/7
Updating : 12:dhclient-4.2.4-9.P1.fc17.i686 4/7
Cleanup : 12:dhclient-4.2.4-0.4.rc1.fc17.i686 5/7
Cleanup : 12:dhcp-common-4.2.4-0.4.rc1.fc17.i686 6/7
Cleanup : 12:dhcp-libs-4.2.4-0.4.rc1.fc17.i686 7/7
Verifying : 12:dhcp-common-4.2.4-9.P1.fc17.i686 1/7
Verifying : 12:dhcp-4.2.4-9.P1.fc17.i686 2/7
Verifying : 12:dhclient-4.2.4-9.P1.fc17.i686 3/7
Verifying : 12:dhcp-libs-4.2.4-9.P1.fc17.i686 4/7
Verifying : 12:dhcp-libs-4.2.4-0.4.rc1.fc17.i686 5/7
Verifying : 12:dhclient-4.2.4-0.4.rc1.fc17.i686 6/7
Verifying : 12:dhcp-common-4.2.4-0.4.rc1.fc17.i686 7/7
Installed:
dhcp.i686 12:4.2.4-9.P1.fc17
Dependency Updated:
dhclient.i686 12:4.2.4-9.P1.fc17 dhcp-common.i686 12:4.2.4-9.P1.fc17
dhcp-libs.i686 12:4.2.4-9.P1.fc17
Complete!
[root@nat1 webadm]#
(2)修改/etc/dhcp/dhcpd.conf
[root@nat1 webadm]# vi /etc/dhcp/dhcpd.conf
[root@nat1 webadm]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.sample
# see dhcpd.conf(5) man page
#
option domain-name "kmvs.km.edu.tw";
option domain-name-servers dns.kmvs.km.edu.tw;
default-lease-time 600;
max-lease-time 7200;
authoritative;
subnet 10.1.1.0 netmask 255.255.255.0 {
range dynamic-bootp 10.1.1.200 10.1.1.254;
option broadcast-address 10.1.1.255;
option routers 10.1.1.254;
}
[root@nat1 webadm]#
(3)啟動dhcpd.service
[root@nat1 webadm]# systemctl start dhcpd.service
[root@nat1 webadm]# systemctl enable dhcpd.service
ln -s '/usr/lib/systemd/system/dhcpd.service' '/etc/systemd/system/multi-user.target.wants/dhcpd.service'
[root@nat1 webadm]# ps ax|grep dhcp
705 ? S 0:00 /sbin/dnsmasq --strict-order --bind-interfaces --pid-file=/var/run/libvirt/network/default.pid --conf-file= --except-interface lo --listen-address 192.168.122.1 --dhcp-range 192.168.122.2,192.168.122.254 --dhcp-leasefile=/var/lib/libvirt/dnsmasq/default.leases --dhcp-lease-max=253 --dhcp-no-override
3290 ? Sl 0:05 gedit /home/webadm/20120830dhcpd_setup.txt
5048 pts/0 S+ 0:00 grep --color=auto dhcp
[root@nat1 webadm]#
(4)察看
[root@nat1 webadm]# whereis dhcpd
dhcpd: /sbin/dhcpd /usr/sbin/dhcpd /usr/share/man/man8/dhcpd.8.gz
[root@nat1 webadm]# /sbin/dhcpd &
[1] 5057
[root@nat1 webadm]# Internet Systems Consortium DHCP Server 4.2.4-P1
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Wrote 0 leases to leases file.
No subnet declaration for virbr0 (192.168.122.1).
** Ignoring requests on virbr0. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface virbr0 is attached. **
No subnet declaration for eth1 (no IPv4 addresses).
** Ignoring requests on eth1. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface eth1 is attached. **
No subnet declaration for eth0 (163.25.20.37).
** Ignoring requests on eth0. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface eth0 is attached. **
Not configured to listen on any interfaces!
This version of ISC DHCP is based on the release available
on ftp.isc.org. Features have been added and other changes
have been made to the base software release in order to make
it work better with this distribution.
Please report for this software via the Red Hat Bugzilla site:
http://bugzilla.redhat.com
exiting.
[1]+ Exit 1 /sbin/dhcpd
[root@nat1 webadm]#
(5)system-config-network-tui
[root@nat1 network-scripts]# system-config-network-tui
[root@nat1 network-scripts]# system-config-network-tui
[root@nat1 network-scripts]# /etc/rc.d/init.d/network start
Starting network (via systemctl): [ 確定 ]
[root@nat1 network-scripts]# ifconfig
eth0: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 163.25.20.37 netmask 255.255.255.0 broadcast 163.25.20.255
inet6 fe80::224:8cff:fec9:1327 prefixlen 64 scopeid 0x20<link>
ether 00:24:8c:c9:13:27 txqueuelen 1000 (Ethernet)
RX packets 128737 bytes 29111894 (27.7 MiB)
RX errors 0 dropped 3204 overruns 0 frame 0
TX packets 15063 bytes 1124936 (1.0 MiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 43 base 0x6000
eth1: flags=4163<UP,BROADCAST,RUNNING,MULTICAST> mtu 1500
inet 10.1.1.254 netmask 255.255.255.0 broadcast 10.1.1.255
inet6 fe80::223:f8ff:fe5f:4fa3 prefixlen 64 scopeid 0x20<link>
ether 00:23:f8:5f:4f:a3 txqueuelen 1000 (Ethernet)
RX packets 6 bytes 1770 (1.7 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 2279 bytes 481394 (470.1 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
device interrupt 19 base 0x8c00
lo: flags=73<UP,LOOPBACK,RUNNING> mtu 16436
inet 127.0.0.1 netmask 255.0.0.0
inet6 ::1 prefixlen 128 scopeid 0x10<host>
loop txqueuelen 0 (Local Loopback)
RX packets 108 bytes 8440 (8.2 KiB)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 108 bytes 8440 (8.2 KiB)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
virbr0: flags=4099<UP,BROADCAST,MULTICAST> mtu 1500
inet 192.168.122.1 netmask 255.255.255.0 broadcast 192.168.122.255
ether c2:c8:08:47:60:71 txqueuelen 0 (Ethernet)
RX packets 0 bytes 0 (0.0 B)
RX errors 0 dropped 0 overruns 0 frame 0
TX packets 0 bytes 0 (0.0 B)
TX errors 0 dropped 0 overruns 0 carrier 0 collisions 0
(6)再啟動dhcpd
[root@nat1 network-scripts]#
[root@nat1 network-scripts]# dhcpd
Internet Systems Consortium DHCP Server 4.2.4-P1
Copyright 2004-2012 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file
Wrote 0 leases to leases file.
No subnet declaration for virbr0 (192.168.122.1).
** Ignoring requests on virbr0. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface virbr0 is attached. **
Listening on LPF/eth1/00:23:f8:5f:4f:a3/10.1.1.0/24
Sending on LPF/eth1/00:23:f8:5f:4f:a3/10.1.1.0/24
No subnet declaration for eth0 (163.25.20.37).
** Ignoring requests on eth0. If this is not what
you want, please write a subnet declaration
in your dhcpd.conf file for the network segment
to which interface eth0 is attached. **
Sending on Socket/fallback/fallback-net
[root@nat1 network-scripts]#
(7)啟動iptables 的nat功能
[root@nat1 network-scripts]# iptables -F
[root@nat1 network-scripts]# echo "1" /proc/sys/net/ipv4/ip_forward
1 /proc/sys/net/ipv4/ip_forward
[root@nat1 network-scripts]# modprobe ip_nat_ftp
[root@nat1 network-scripts]# modprobe ip_nat_irc
[root@nat1 network-scripts]# iptables -t nat -A POSTROUTING -s 10.1.1.0/24 -j MASQUERADE
[root@nat1 network-scripts]#
(8)編寫 startnat 執行指令稿
[root@nat1 webadm]# cd ~root
[root@nat1 ~]# ps ax|grep dhcpd
1056 ? Ss 0:00 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid
1979 pts/0 S+ 0:00 grep --color=auto dhcpd
[root@nat1 ~]# vi startnat
[root@nat1 ~]# cat ./startnat
iptables -F
echo "1" /proc/sys/net/ipv4/ip_forward
modprobe ip_nat_ftp
modprobe ip_nat_irc
modprobe ip_conntrack_ftp
modprobe ip_conntrack_irc
iptables -t nat -A POSTROUTING -o eth0 -s 10.1.1.0/24 -j MASQUERADE
[root@nat1 ~]#
[root@nat1 ~]# cd ~root
[root@nat1 ~]# ./startnat
1 /proc/sys/net/ipv4/ip_forward
[root@nat1 ~]# iptables -t nat -L
Chain PREROUTING (policy ACCEPT)
target prot opt source destination
Chain INPUT (policy ACCEPT)
target prot opt source destination
Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Chain POSTROUTING (policy ACCEPT)
target prot opt source destination
MASQUERADE tcp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE udp -- 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
MASQUERADE all -- 192.168.122.0/24 !192.168.122.0/24
MASQUERADE all -- 10.1.1.0/24 anywhere
(9)編寫 crontab
[root@nat1 ~]# crontab -l
59 7 * * * ifup eth1
0 17 * * * ifdown eth1
[root@nat1 ~]#
[root@nat1 ~]# cat /etc/crontab
SHELL=/bin/bash
PATH=/sbin:/bin:/usr/sbin:/usr/bin
MAILTO=root
# For details see man 4 crontabs
# Example of job definition:
# .---------------- minute (0 - 59)
# | .------------- hour (0 - 23)
# | | .---------- day of month (1 - 31)
# | | | .------- month (1 - 12) OR jan,feb,mar,apr ...
# | | | | .---- day of week (0 - 6) (Sunday=0 or 7) OR sun,mon,tue,wed,thu,fri,sat
# | | | | |
# * * * * * user-name command to be executed
59 7 * * * root /sbin/ifup eth1
0 17 * * * root /sbin/ifdown eth1
55 17 * * * root /sbin/ifdown eth1
[root@nat1 ~]#
|