Сервис DHCP
Установка
Debian/Ubuntu
root@gate:~# apt install isc-dhcp-server
root@gate:~# cat /etc/default/isc-dhcp-server
INTERFACESv4="eth0"
#INTERFACESv4="vlan2"
#INTERFACESv4="eth0 eth2"
CentOS
Настройка
Стандартная конфигурация
gate# cat /etc/dhcp/dhcpd.conf
ddns-update-style none;
log-facility local7;
default-lease-time 600;
max-lease-time 7200;
option domain-name "corpX.un";
option domain-name-servers 192.168.X.10;
#option domain-name-servers 192.168.X.12;
#### For phone provisioning ####
#option file-server-name code 66 = string; # RFC 2132
#option file-server-address code 150 = ip-address; # RFC 5859 (Cisco)
#option file-server-name "server.corpX.un";
#option file-server-address 192.168.X.10;
#### For PXE ####
#allow booting;
#allow bootp;
#next-server 192.168.X.10;
#filename "pxelinux.0";
shared-network LAN1 {
subnet 192.168.X.0 netmask 255.255.255.0 {
range 192.168.X.101 192.168.X.109;
option routers 192.168.X.1;
}
}
#shared-network LAN2 {
# subnet 192.168.113.0 netmask 255.255.255.0 {
# range 192.168.113.101 192.168.113.109;
# option routers 192.168.113.1;
# next-server 192.168.X.10;
# filename "pxe_lan2/pxelinux.0";
# }
#}
#### For ip by mac ####
#host kube1 {hardware ethernet 08:00:27:12:34:51;fixed-address 192.168.X.221;}
#host kube2 {hardware ethernet 08:00:27:12:34:52;fixed-address 192.168.X.222;}
#host kube3 {hardware ethernet 08:00:27:12:34:53;fixed-address 192.168.X.223;}
#host kube4 {hardware ethernet 08:00:27:12:34:54;fixed-address 192.168.X.224;}
#### Digim D40 ####
#phone 407 {
# hardware ethernet 00:0f:d3:06:11:d3;
# option file-server-name "http://server.corpX.un/";
#}
Отказоустойчивая конфигурация
nodeN# cat /etc/dhcp/dhcpd.general
ddns-update-style none;
log-facility local7;
subnet 192.168.X.0 netmask 255.255.255.0 {
pool {
failover peer "dhcp";
range 192.168.X.128 192.168.X.228;
}
option routers 192.168.X.254;
option domain-name "corpX.un";
option domain-name-servers 192.168.X.1, 192.168.X.2;
default-lease-time 600;
max-lease-time 7200;
}
node1# cat /etc/dhcp/dhcpd.conf
failover peer "dhcp" {
primary;
address 192.168.X.1;
port 519;
peer address 192.168.X.2;
peer port 520;
max-response-delay 60;
max-unacked-updates 10;
mclt 600;
split 128;
load balance max seconds 3;
}
include "/etc/dhcp/dhcpd.general";
node2# cat /etc/dhcp/dhcpd.conf
failover peer "dhcp" {
secondary;
address 192.168.X.2;
port 520;
peer address 192.168.X.1;
peer port 519;
max-response-delay 60;
max-unacked-updates 10;
load balance max seconds 3;
}
include "/etc/dhcp/dhcpd.general";
Конфигурация с поддержкой динамических обновлений зон DNS
server# cat dhcpd.conf
ddns-update-style interim;
ddns-ttl 60;
...
subnet 192.168.X.0 netmask 255.255.255.0 {
### ubuntu
#include "/etc/dhcp/rndc.key";
### freebsd
#include "/usr/local/etc/rndc.key";
zone corpX.un. {
primary 192.168.X.10;
key rndc-key;
}
zone X.168.192.in-addr.arpa. {
primary 192.168.X.10;
key rndc-key;
}
...
Проверка конфигурации и запуск
Debian/Ubuntu
# dhcpd -t
# service isc-dhcp-server restart
# service isc-dhcp-server status
Мониторинг выданных адресов
Debian/Ubuntu
root@gate:~# dhcp-lease-list
root@gate:~# less /var/lib/dhcp/dhcpd.leases
root@gate:~# grep dhcp /var/log/syslog
Статистика DHCP сервера
Debian/Ubuntu
# apt install dhcpd-pools
# dhcpd-pools
# dhcpd-pools -l /var/lib/dhcp/dhcpd.leases -c /etc/dhcp/dhcpd.conf
# cat /usr/local/bin/dhcp_stat.sh
#!/bin/sh
CMD='/usr/bin/dhcpd-pools -l /var/lib/dhcp/dhcpd.leases -c /etc/dhcp/dhcpd.conf -f c | grep 192.168.'
MAX=`eval $CMD | cut -d'"' -f8`
CUR=`eval $CMD | cut -d'"' -f10`
eval RES=\$$1
echo $RES
# /usr/local/bin/dhcp_stat.sh MAX
# /usr/local/bin/dhcp_stat.sh CUR
FreeBSD
# pkg install dhcpd-pools
# dhcpd-pools -l /var/db/dhcpd/dhcpd.leases -c /usr/local/etc/dhcpd.conf
Поиск посторонних DHCP серверов
Debian/Ubuntu
# wget http://www.netpatch.ru/projects/dhcdrop/dhcdrop-lin-0.5.tar.bz2
# tar -xvf /root/dhcdrop-lin-0.5.tar.bz2 -C /usr/local/sbin/ dhcdrop
FreeBSD
FreeBSD/Debian/Ubuntu
# /usr/local/sbin/dhcdrop -b -i eth0 -c 2 -y
# /usr/local/sbin/dhcdrop -t -b -q -i <intface> -l <mac_address> > /tmp/dhcp.txt || (cat /tmp/dhcp.txt | mail -s 'Critical. Second DHCP.' root@corpX.un)