1 基础知识
1.1 DHCP的概念
DHCP是一种可以通过自动或动态分配的方式管理入网设备的IP地址(UDP/IP设置)的协议
1.2 DHCP的作用
– 可配置客户端的默认网关
– 可配置客户端的域名
– 可配置客户端的名称服务器
– 可配置客户端的其他选项(不能一一列举)
1.3 DHCP协议的架构
client-server,即客户端-服务器模型
1.4 DHCP的工作原理
– 设备连接到网络中(入网)
– 设备的DHCP客户端通过发送DHCP广播查询请求DHCP服务
– 网络中的任何DHCP服务器均可回应请求
以上工作过程被分为四个阶段,
– 发现,即服务器发现
– 提供,即IP租约提供
– 请求,即IP租用请求
– 确认,即IP租约确认
1.4.1 DHCP的发现
– DHCP客户端在网络上广播DHCPDISCOVER消息(数据包)
– 广播方式有,包含目标地址的255.255.255.255(有限广播)或特定子网广播地址(定向广播)
另外,如果你需要了解详细的DHCPDISCOVER数据包格式,请参阅下表,
|
Ethernet: source=sender’s MAC; destination=FF:FF:FF:FF:FF:FF |
|||
|
IP: source=0.0.0.0; destination=255.255.255.255 |
|||
| Octet 0 | Octet 1 | Octet 2 | Octet 3 |
|---|---|---|---|
| OP | HTYPE | HLEN | HOPS |
| 0x01 | 0x01 | 0x06 | 0x00 |
| XID | |||
| 0x3903F326 | |||
| SECS | FLAGS | ||
| 0x0000 | 0x0000 | ||
| CIADDR (Client IP address) | |||
| 0x00000000 | |||
| YIADDR (Your IP address) | |||
| 0x00000000 | |||
| SIADDR (Server IP address) | |||
| 0x00000000 | |||
| GIADDR (Gateway IP address) | |||
| 0x00000000 | |||
| CHADDR (Client hardware address) | |||
| 0x00053C04 | |||
| 0x8D590000 | |||
| 0x00000000 | |||
| 0x00000000 | |||
| 192 octets of 0s, or overflow space for additional options; BOOTP legacy. | |||
| Magic cookie | |||
| 0x63825363 | |||
| DHCP options | |||
| 0x350101 53: 1 (DHCP Discover) | |||
| 0x3204c0a80164 50: 192.168.1.100 requested | |||
0x370401030f06 55 (Parameter Request List):
|
|||
| 0xff 255 (Endmark) | |||
1.4.2 DHCP的提供
– DHCP服务器从客户端接收到DHCPDISCOVER消息(IP地址租约请求)
– DHCP服务器为客户端保留IP地址
– DHCP服务器通过向客户端发送DHCPOFFER消息提供租约
另外,此消息包含客户端的以下信息,
– 客户端ID(MAC地址)
– 服务器提供的IP地址
– 服务器提供的子网掩码
– 租约持续时间
– 提供DHCP服务的服务器IP地址
另外,如果你需要了解详细的DHCPOFFER数据包格式,请参阅下表,
|
Ethernet: source=sender’s MAC; destination=client mac address |
||||
|
IP: source=192.168.1.1; destination=255.255.255.255 |
||||
| Octet 0 | Octet 1 | Octet 2 | Octet 3 | |
|---|---|---|---|---|
| OP | HTYPE | HLEN | HOPS | |
| 0x02 | 0x01 | 0x06 | 0x00 | |
| XID | ||||
| 0x3903F326 | ||||
| SECS | FLAGS | |||
| 0x0000 | 0x0000 | |||
| CIADDR (Client IP address) | ||||
| 0x00000000 | ||||
| YIADDR (Your IP address) | ||||
| 0xC0A80164 (192.168.1.100) | ||||
| SIADDR (Server IP address) | ||||
| 0xC0A80101 (192.168.1.1) | ||||
| GIADDR (Gateway IP address) | ||||
| 0x00000000 | ||||
| CHADDR (Client hardware address) | ||||
| 0x00053C04 | ||||
| 0x8D590000 | ||||
| 0x00000000 | ||||
| 0x00000000 | ||||
| 192 octets of 0s; BOOTP legacy. | ||||
| Magic cookie | ||||
| 0x63825363 | ||||
| DHCP options | ||||
| 53: 2 (DHCP Offer) | ||||
| 1 (subnet mask): 255.255.255.0 | ||||
| 3 (Router): 192.168.1.1 | ||||
| 51 (IP address lease time): 86400s (1 day) | ||||
| 54 (DHCP server): 192.168.1.1 | ||||
6 (DNS servers):
|
||||
1.4.3 DHCP的请求
– DHCP客户端收到服务器的DHCPOFFER消息
– DHCP客户端回复DHCPREQUEST消息,向服务器广播、请求提供地址
注:DHCP客户端可从多个DHCP服务器接收DHCPOFFER,但只会接收其中一个DHCPOFFER
另外,如果你需要了解详细的DHCPREQUEST数据包格式,请参阅下表,
|
Ethernet: source=sender’s MAC; destination=FF:FF:FF:FF:FF:FF |
||||
|
IP: source=0.0.0.0; destination=255.255.255.255; |
||||
| Octet 0 | Octet 1 | Octet 2 | Octet 3 | |
|---|---|---|---|---|
| OP | HTYPE | HLEN | HOPS | |
| 0x01 | 0x01 | 0x06 | 0x00 | |
| XID | ||||
| 0x3903F326 | ||||
| SECS | FLAGS | |||
| 0x0000 | 0x0000 | |||
| CIADDR (Client IP address) | ||||
| 0x00000000 | ||||
| YIADDR (Your IP address) | ||||
| 0x00000000 | ||||
| SIADDR (Server IP address) | ||||
| 0xC0A80101 (192.168.1.1) | ||||
| GIADDR (Gateway IP address) | ||||
| 0x00000000 | ||||
| CHADDR (Client hardware address) | ||||
| 0x00053C04 | ||||
| 0x8D590000 | ||||
| 0x00000000 | ||||
| 0x00000000 | ||||
| 192 octets of 0s; BOOTP legacy. | ||||
| Magic cookie | ||||
| 0x63825363 | ||||
| DHCP options | ||||
| 53: 3 (DHCP Request) | ||||
| 50: 192.168.1.100 requested | ||||
| 54 (DHCP server): 192.168.1.1 | ||||
1.4.4 DHCP确认
– DHCP服务器从DHCP客户端接收到DHCPREQUEST消息
– DHCP服务器向DHCP客户端发送DHCPACK消息
另外,此消息包含如下内容,
– 租约的期限
– 客户端请求的其他配置信息
另外,如果你需要了解详细的DHCPACK数据包格式,请参阅下表,
|
Ethernet: source=sender’s MAC; destination=client’s MAC |
|||
|
IP: source=192.168.1.1; destination=192.168.1.100 |
|||
| Octet 0 | Octet 1 | Octet 2 | Octet 3 |
|---|---|---|---|
| OP | HTYPE | HLEN | HOPS |
| 0x02 | 0x01 | 0x06 | 0x00 |
| XID | |||
| 0x3903F326 | |||
| SECS | FLAGS | ||
| 0x0000 | 0x0000 | ||
| CIADDR (Client IP address) | |||
| 0x00000000 | |||
| YIADDR (Your IP address) | |||
| 0xC0A80164 (192.168.1.100) | |||
| SIADDR (Server IP address) | |||
| 0xC0A80101 (192.168.1.1) | |||
| GIADDR (Gateway IP address switched by relay) | |||
| 0x00000000 | |||
| CHADDR (Client hardware address) | |||
| 0x00053C04 | |||
| 0x8D590000 | |||
| 0x00000000
|
|||
| 0x00000000 | |||
| 192 octets of 0s. BOOTP legacy | |||
| Magic cookie | |||
| 0x63825363 | |||
| DHCP options | |||
| 53: 5 (DHCP ACK) or 6 (DHCP NAK) | |||
| 1 (subnet mask): 255.255.255.0 | |||
| 3 (Router): 192.168.1.1 | |||
| 51 (IP address lease time): 86400s (1 day) | |||
| 54 (DHCP server): 192.168.1.1 | |||
6 (DNS servers):
|
|||
1.5 DHCP的地址分配的方法
– 动态分配,即将可分配范围内的IP地址动态地分配给客户端,续租的IP地址随机分配
– 自动分配,即将可分配范围内的IP地址自动地分配给客户端,续租的IP地址保持不变
– 手动分配,即手动指定某个客户机可以得到某个IP地址
1.6 DHCP的跨网络实现
– 跨网络指的是跨路由的网络
– 跨路由使用DHCP需要使用DHCP中继代理
1.7 DHCP的适用协议
– Internet Protocol version 4 (IPv4)
– Internet Protocol version 6 (IPv6)
1.8 DHCP的通讯端口
– 67/udp,服务器的目标端口
– 68/udp,客户端的通讯端口
2 最佳实践
2.1 系统环境配置
2.1.1 基本的配置信息
hostname = router.cmdschool.org
interface_1 = eth0(WLAN)
ipaddress_1 = 192.168.0.250
interface_2 = eth1(LAN)
ipaddress_2 = 10.168.0.1/24
2.1.2 防火墙配置
2.2 软件环境配置
2.2.1 安装DHCP软件包
yum install -y dhcp
2.2.2 安装常用的工具(可选)
yum install -y vim
2.3 DHCP服务配置
2.3.1 定义DHCP服务配置文件
cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.default vim /etc/dhcp/dhcpd.conf
加入如下配置:
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#
# option definitions common to all supported networks...
option domain-name "cmdschool.org";
option domain-name-servers ns1.cmdschool.org, ns2.cmdschool.org;
default-lease-time 600;
max-lease-time 7200;
# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;
# Configuration for an internal subnet.
subnet 10.168.0.0 netmask 255.255.255.0 {
range 10.168.0.50 10.168.0.199;
option domain-name-servers 202.96.128.86,202.96.128.166;
option domain-name "cmdschool.org";
option routers 10.168.0.1;
option broadcast-address 10.168.0.255;
default-lease-time 600;
max-lease-time 7200;
}
另外,建议你使用如下命令检查配置的语法,
dhcpd -t
2.3.2 定义DHCP广播的网卡
vim /etc/sysconfig/dhcpd
修改如下配置:
DHCPDARGS=eth1
2.3.3 启动服务并配置自启动
/etc/init.d/dhcpd start chkconfig dhcpd on
2.4 DHCP服务排错
2.4.1 查看倾听的服务端口
netstat -andp | grep dhcp
2.4.2 查看服务的日志
tail -f /var/log/messages
参考资料:
==================
https://en.wikipedia.org/wiki/Dynamic_Host_Configuration_Protocol
没有评论