Debian
DHCP:一個網卡和多個子網
我正在設置一個 Debian 作為小型辦公網路的網關。我需要為公司內的不同區域建立三個子網,我將根據 MAC 地址定義哪些 PC 將獲得哪些 IP。
我的問題是:是否可以使用單個 NIC 處理 3 個子網的 DHCP?如何?
我嘗試為每個網路設置虛擬介面,如下所示:
# ip addr show dev eth2 4: eth2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 6c:f0:49:a4:47:38 brd ff:ff:ff:ff:ff:ff inet 192.168.1.10/24 brd 192.168.1.255 scope global eth2 inet 10.1.2.1/24 brd 10.1.2.255 scope global eth2:1 inet 10.1.3.1/24 brd 10.1.3.255 scope global eth2:2 inet 10.1.1.1/24 brd 10.1.1.255 scope global eth2:0 inet6 fe80::6ef0:49ff:fea4:4738/64 scope link valid_lft forever preferred_lft forever注意: eth2 使用的是 192.168.1.10,因為盒子目前不是網路網關。這只是暫時的。
然後我像這樣設置我的 dhcpd.conf:
ddns-update-style interim; option domain-name "mydomain.com"; option domain-name-servers ns1.mydomain.com; default-lease-time 86400; max-lease-time 86400; authoritative; log-facility local7; subnet 10.1.1.0 netmask 255.255.255.0 { range 10.1.1.100 10.1.1.254; default-lease-time 86400; max-lease-time 86400; option routers 10.1.1.1; option ip-forwarding off; option broadcast-address 10.1.1.255; option subnet-mask 255.255.255.0; option ntp-servers 10.1.1.1; option domain-name-servers 10.1.1.1; } subnet 10.1.2.0 netmask 255.255.255.0 { range 10.1.2.100 10.1.2.254; default-lease-time 86400; max-lease-time 86400; option routers 10.1.2.1; option ip-forwarding off; option broadcast-address 10.1.2.255; option subnet-mask 255.255.255.0; option ntp-servers 10.1.2.1; option domain-name-servers 10.1.2.1; } subnet 10.1.3.0 netmask 255.255.255.0 { range 10.1.3.100 10.1.3.254; default-lease-time 86400; max-lease-time 86400; option routers 10.1.3.1; option ip-forwarding off; option broadcast-address 10.1.3.255; option subnet-mask 255.255.255.0; option ntp-servers 10.1.3.1; option domain-name-servers 10.1.3.1; }但是當我嘗試啟動 dhcpd 時,我得到了這個:
# dhcpd -4 eth2:0 eth2:1 eth2:2 Internet Systems Consortium DHCP Server 4.1.1-P1 Copyright 2004-2010 Internet Systems Consortium. All rights reserved. For info, please visit https://www.isc.org/software/dhcp/ Wrote 0 leases to leases file. No subnet declaration for eth2:2 (no IPv4 addresses). ** Ignoring requests on eth2:2. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth2:2 is attached. ** No subnet declaration for eth2:1 (no IPv4 addresses). ** Ignoring requests on eth2:1. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth2:1 is attached. ** No subnet declaration for eth2:0 (no IPv4 addresses). ** Ignoring requests on eth2:0. If this is not what you want, please write a subnet declaration in your dhcpd.conf file for the network segment to which interface eth2:0 is attached. ** Not configured to listen on any interfaces!我對 DHCP 真的很陌生,所以我可能遺漏了一些明顯的東西。我已經在Google上搜尋了一段時間,但我找不到我需要的答案,或者我沒有正確搜尋。
由於三個子網共享相同的介質(eth2),它們應該在相同的內部聲明
shared-network:shared-network my-net { subnet 10.1.1.0 netmask 255.255.255.0 { ... } subnet 10.1.2.0 netmask 255.255.255.0 { ... } subnet 10.1.3.0 netmask 255.255.255.0 { ... } }
實際上只有兩種方法可以做到這一點;
- 將您的 DHCP 伺服器的 IP 設置為 L3 交換機上每個 VLAN 的“DHCP 助手地址”,然後為伺服器上的那些定義範圍。
- 將交換機上的 DHCP 伺服器的 NIC 埠設置為攜帶所有適當 VLAN 的 .1q 中繼,然後在伺服器上設置單獨的 vNIC,並為每個 VLAN 設置適當的 IP,然後從那裡開始。
無論哪種方式,都盡量不要只使用一個 NIC,你應該有兩個用於彈性,然後將它們綁定。