第一步:创建
VLAN
Switch>Vlan Database
Switch(Vlan)>Vlan 2 Name server
Switch(Vlan)>Vlan 3 Name work01
Switch(vlan)>Vlan 4 Name work02
第二步:启用DHCP中继代理:
关键一步,缺少以下两条命令,VLAN中使用“IP HELPER
-ADDRESS DHCP
Switch>Enable
Switch#Config t
Switch(Config)Service Dhcp
Switch(Config)Ip Dhcp Relay Information Option
第三步:设置
VLAN IP
地址:
Switch(Config)>Int Vlan 2
Switch(Config-vlan)Ip Address 192.168.2.1 255.255.255.0
Switch(Config-vlan)No Shut
Switch(Config-vlan)>Int Vlan 3
Switch(Config-vlan)Ip Address 192.168.3.1 255.255.255.0
Switch(Config-vlan)No Shut
Switch(Config-vlan)>Int Vlan 4
Switch(Config-vlan)Ip Address 192.168.4.1 255.255.255.0
Switch(Config-vlan)No Shut
Switch(Config-vlan)Exit
注意:由于此时没有将端口分配置到VLAN2,3,4,所以各VLAN会DOWN掉,待将端口分配到各VLAN后,VLAN会起来
第四步:设置端口全局参数
Switch(Config)Interface Range Fa 0/1 - 24
Switch(Config-if-range)Switchport Mode Access
Switch(Config-if-range)Spanning-tree Portfast
第五步:将端口添加到VLAN2,3,4中 /*将端口1-8添加到VLAN 2*/
Switch(Config)Interface Range Fa 0/1 - 8
Switch(Config-if-range)Switchport Access Vlan 2 *
将端口9-16
添加到VLAN 3*/ Switch(Config)Interface Range Fa 0/9 - 16
Switch(Config-if-range)Switchport Access Vlan 3 *
将端口17-24添加到VLAN 4*/
Switch(Config)Interface Range Fa 0/17 - 24
Switch(Config-if-range)Switchport Access Vlan 4
Switch(Config-if-range)Exit /*经过这一步后,各VLAN会起来
第六步:在VLAN3和4中设定DHCP服务器地址
VLAN 2中不须指定DHCP服务器地址
Switch(Config)Int Vlan 3
Switch(Config-vlan)Ip Helper-address 192.168.2.10
Switch(Config)Int Vlan 4
Switch(Config-vlan)Ip Helper-address 192.168.2.10
第七步启用路由
路由启用后各VLAN间主机可互相访问,若需进一步控制访问权限,则需应用到访问控制列表
Switch(Config)Ip Routing
第八步:结束并保存配置
Switch(Config-vlan)End
Switch#Copy Run Start
DHCP多作用域设置DHCP服务器使用单一的作用域,大部分时间能够满足网络的需求,但是有些特殊情况下,按照网络规划我们需要配置多作用域。
网络中如果计算机和其他设备数量增加,IP地址需要进行扩容才能满足需求。小型网络可以对所有设备重新分配IP地址,其网络内部客户机和服务器数量较少,实现起来比较简单。但如果是一个大型网络,重新配置整个网络的IP地址是不明智的,如果操作不当,可能会造成通信暂时中断以及其他网络故障。我们可以通过多作用域的设置,即DHCP服务器发布多个作用域实现IP地址增容的目的。
公司IP地址规划为192.168.2.0/24网段,可以容纳254台设备,使用DHCP服务器建立一个192.168.2.0网段的作用域,动态管理网络IP地址,但网络规模扩大到500台机器,显然一个C类网的地址无法满足要求了。这时,可以再为DHCP服务器添加一个新作用域,管理分配192.168.3.0/24网段的IP地址,为网络增加254个新的IP地址,这样既可以保持原有IP地址的规划,又可以扩容现有的网络IP地址。
(1)简单实现DHCP多作用域
对于多作用域的配置,必须保证DHCP服务器能够侦听所有子网客户机的请求信息,下面将讲解配置多作用域的基本方法,为DHCP添加多个网卡连接每个子网,并发布多个作用域的声明。
注意:划分子网时,如果选择直接配置多作用域实现动态IP分配的任务,则必须要为DHCP服务器添加多块网卡,并配置多个IP地址,否则DHCP服务器只能分配与其现有网卡IP地址对应网段的作用域。
采用双网卡实现两个作用域
1)网卡配置IP地址
DHCP服务器有多块网卡时,需要使用ifconfig命令为每块网卡配置独立的IP地址,但要注意,IP地址配置的网段要与DHCP服务器发布的作用域对应哈~
ifconfig eth0 192.168.2.1 netmask 255.255.255.0
ifconfig eth1 192.168.3.1 netmask 255.255.255.0
2)编辑dhcpd.conf主配置文件
当DHCP服务器网络环境搭建完毕后,我们可以编辑dhcpd.conf主配置文件完成多作用域的设置。
ddns-update-style none
ignore client-updates
subnet 192.168.2.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.2.1
option subnet-mask 255.255.255.0
option nis-domain "domain.org"
option domain-name "domain.org"
option domain-name-servers 192.168.2.2
option time-offset -18000# Eastern Standard Time
# option ntp-servers 192.168.1.1
# option netbios-name-servers 192.168.1.1
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2
range dynamic-bootp 192.168.2.50 192.168.2.250
default-lease-time 21600
max-lease-time 43200
# we want the nameserver to appear at a fixed address
host ns {
next-server marvin.redhat.com
hardware ethernet 12:34:56:78:AB:CD
fixed-address 207.175.42.254
}
}
subnet 192.168.3.0 netmask 255.255.255.0 {
# --- default gateway
option routers 192.168.3.1
option subnet-mask 255.255.255.0
option nis-domain "domain.org"
option domain-name "domain.org"
option domain-name-servers 192.168.2.2
option time-offset -18000# Eastern Standard Time
# option ntp-servers 192.168.1.1
# option netbios-name-servers 192.168.1.1
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
# option netbios-node-type 2
range dynamic-bootp 192.168.3.50 192.168.3.250
default-lease-time 21600
max-lease-time 43200
max-lease-time 43200
}
保存退出哈~
3)测试验证
重启DHCP服务后检查系统日志,检测配置是否成功,使用tail命令动态显示日志信息。
tail -F /etc/log/messages
经过设置,对于DHCP服务器将通过eth0和eth1两块网卡侦听客户机的请求,并发送相应的回应。
Jan 19 16:02:51 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da via eth1
Jan 19 16:02:51 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da via eth0
Jan 19 16:02:52 rhel5 dhcpd: DHCPOFFER . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:52 rhel5 dhcpd: DHCPOFFER . 192.168.2.250 to 00:19:21:bd:a3:da (mis) via eth0
Jan 19 16:02:52 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:52 rhel5 dhcpd: DHCPACK . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:52 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth0: ignored (not authoritative).
Jan 19 16:02:53 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:53 rhel5 dhcpd: DHCPOFFER . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:53 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da (mis) via eth0
Jan 19 16:02:53 rhel5 dhcpd: DHCPOFFER . 192.168.2.250 to 00:19:21:bd:a3:da (mis) via eth0
Jan 19 16:02:53 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:53 rhel5 dhcpd: DHCPACK . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:53 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth0: ignored (not authoritative).
Jan 19 16:02:54 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:54 rhel5 dhcpd: DHCPOFFER . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:54 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da (mis) via eth0
Jan 19 16:02:54 rhel5 dhcpd: DHCPOFFER . 192.168.2.250 to 00:19:21:bd:a3:da (mis) via eth0
Jan 19 16:02:54 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:54 rhel5 dhcpd: DHCPACK . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:54 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth0: ignored (not authoritative).
Jan 19 16:02:55 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:55 rhel5 dhcpd: DHCPOFFER . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:55 rhel5 dhcpd: DHCPDISCOVER from 00:19:21:bd:a3:da (mis) via eth0
Jan 19 16:02:55 rhel5 dhcpd: DHCPOFFER . 192.168.2.250 to 00:19:21:bd:a3:da (mis) via eth0
Jan 19 16:02:55 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:55 rhel5 dhcpd: DHCPACK . 192.168.3.250 to 00:19:21:bd:a3:da (mis) via eth1
Jan 19 16:02:55 rhel5 dhcpd: DHCPREQUEST for 192.168.3.250 (192.168.3.1) from 00:19:21:bd:a3:da (mis) via eth0: ignored (not authoritative).
欢迎分享,转载请注明来源:夏雨云
微信扫一扫
支付宝扫一扫
评论列表(0条)