private:poznamky:linux:dhcp
Obsah
ISC DHCP Server
ISC DHCP failover konfigurace
Konfigurace primárního serveru
#
# /etc/dhcpd.conf for primary DHCP server
#
server-identifier firmadhcp.firma.cz;
authoritative;
option domain-name "firma.cz";
option domain-search "firma.cz";
option netbios-node-type 8;
option time-offset 1;
log-facility local0;
option rfc3442-classless-static-routes code 121 = array of integer 8;
option ms-classless-static-routes code 249 = array of integer 8;
ddns-update-style none;
failover peer "dhcp-failover" {
primary; # declare this to be the primary server
address 192.168.10.115;
port 647;
peer address 192.168.10.97;
peer port 647;
max-response-delay 1440;
max-unacked-updates 10;
load balance max seconds 3;
mclt 86400;
split 128;
}
#### Sit firma
host bubenec01 {
hardware ethernet 00:15:17:8A:0A:E4;
fixed-address 192.168.10.118;
}
group {
subnet 192.168.10.0 netmask 255.255.255.0 {
option routers 192.168.10.1;
option domain-name-servers 192.168.10.20, 192.168.10.118, 192.168.10.1;
default-lease-time 604800;
max-lease-time 259200;
# Nastaveni route - Prcice
option rfc3442-classless-static-routes 32, 10, 0, 0, 23, 192, 168, 10, 11, 0, 192, 168, 10, 1;
option ms-classless-static-routes 32, 10, 0, 0, 23, 192, 168, 10, 11, 0, 192, 168, 10, 1;
pool {
failover peer "dhcp-failover";
max-lease-time 86400; # 30 minutes
range 192.168.10.101 192.168.10.220;
}
}
}
Konfigurace sekundárního serveru
#
# /etc/dhcpd.conf for secondary DHCP server
#
server-identifier firmadhcp.firma.cz;
authoritative;
option domain-name "firma.cz";
option domain-search "firma.cz";
option netbios-node-type 8;
option time-offset 1;
log-facility local0;
option rfc3442-classless-static-routes code 121 = array of integer 8;
option ms-classless-static-routes code 249 = array of integer 8;
ddns-update-style none;
failover peer "dhcp-failover" {
secondary; # declare this to be the secondary server
address 192.168.10.97;
port 647;
peer address 192.168.10.115;
peer port 647;
max-response-delay 1440;
max-unacked-updates 10;
load balance max seconds 3;
}
#### Sit firma
host bubenec01 {
hardware ethernet 00:15:17:8A:0A:E4;
fixed-address 192.168.10.118;
}
group {
subnet 192.168.10.0 netmask 255.255.255.0 {
option routers 192.168.10.1;
option domain-name-servers 192.168.10.20, 192.168.10.118, 192.168.10.1;
default-lease-time 604800;
max-lease-time 259200;
# Nastaveni route - Prcice
option rfc3442-classless-static-routes 32, 10, 0, 0, 23, 192, 168, 10, 11, 0, 192, 168, 10, 1;
option ms-classless-static-routes 32, 10, 0, 0, 23, 192, 168, 10, 11, 0, 192, 168, 10, 1;
pool {
failover peer "dhcp-failover";
max-lease-time 86400; # 30 minutes
range 192.168.10.101 192.168.10.220;
}
}
}
Jedna IP adresa pro drátové i bezdrátové připojení
V konfiguraci se musí lišit položka host
# NB002
host nb002_wireless {
hardware ethernet 40:f0:2f:67:4d:42;
fixed-address 10.0.3.171;
}
host nb002_wired {
hardware ethernet a4:5d:36:9c:f1:0a;
fixed-address 10.0.3.171;
}
Problém s přidělením IP adresy ve Windows
Ve Windows 7 a novějších verzích OS nelze získat adresu z DHCP serveru. Vypadá to, že problém je v parametru server-identifier, pro který není odpovídající záznam v DNS.
Po adstranění parametru lze získat adresu bez problému.
#server-identifier fw.props.local;
authoritative;
option domain-name "props.local";
option netbios-node-type 8;
option time-offset 1;
log-facility local0;
ddns-update-style none;
include "/etc/dhcp/hosts.cfg";
subnet 192.168.15.0 netmask 255.255.255.0 {
#filename "pxelinux.0";
#next-server 192.168.15.10;
range 192.168.15.150 192.168.15.200;
option routers 192.168.15.10;
option domain-name-servers 192.168.15.10;
option broadcast-address 192.168.15.255;
default-lease-time 604800;
max-lease-time 259201;
}
Logging
http://serverfault.com/questions/37451/dhcp-logging-host-declarations-in-log-file
Doplnit změnu v rsyslog.conf(použito ve škole)
if known {
log (info, concat ("HOSTNAME: ", host-decl-name, " on ",binary-to-ascii (10, 8, ".", leased-address)," at ", binary-to-ascii (16, 8, ":", substring (hardware, 1, 6))));
}
Synchonizace host souborů mezi primárním a sekundárním serverem
- ssh/config
host hplx05.grupteam.local hostname hplx05.grupteam.local user novak identityfile /root/.ssh/id_rsa compression yes protocol 2
- dhcprsync
#! /bin/bash -l FILE=$HOSTNAME"_dhcpcfg_"$(date +%d%m%Y_%H-%M-%S) tar -czf /tmp/$FILE.tgz /etc/dhcp/dhcpd.conf /etc/dhcp/hosts.cfg mv /tmp/$FILE.tgz /etc/dhcp/ rsync -avzh novak@hplx05.grupteam.local:/etc/dhcp/hosts.cfg /etc/dhcp/hplx05_bck rsync -avzh novak@hplx05.grupteam.local:/etc/dhcp/dhcpd.conf /etc/dhcp/hplx05_bck rsync -avzh /etc/dhcp/$FILE.tgz novak@hplx05.grupteam.local:/etc/dhcp/ rsync -avzh /etc/dhcp/hosts.cfg novak@hplx05.grupteam.local:/etc/dhcp/hosts.cfg /etc/init.d/isc-dhcp-server restart ssh novak@hplx05.grupteam.local 'sudo /etc/init.d/isc-dhcp-server restart'
- sudoers
novak ALL=(ALL) NOPASSWD: /etc/init.d/isc-dhcp-server restart
private/poznamky/linux/dhcp.txt · Poslední úprava: autor: snemec