centos7 关闭防火墙
systemctl stop firewalld
systemctl disable firewalld
centos6 关闭防火墙
service iptables stop
chkconfig iptables off
关闭selinux安全机制
sed -i '7 s/enforcing/disabled' /etc/selinux/config
setenforce 0
iptables -F
DHCP服务器
安装DHCP服务
[root@localhost ~]# yum -y install dhcp
[root@localhost ~]# cat /etc/dhcp/dhcpd.conf
#
# DHCP Server Configuration file.
# see /usr/share/doc/dhcp*/dhcpd.conf.example
# see dhcpd.conf(5) man page
[root@localhost ~]# cat /usr/share/doc/dhcp*/dhcpd.conf.example >> /etc/dhcp/dhcpd.conf
[root@localhost ~]# vim /etc/dhcp/dhcpd.conf
option domain-name "123.com";
option domain-name-servers 202.168.0.20,8.8.8.8;
default-lease-time 600;
max-lease-time 7200;
subnet 192.168.12.0 netmask 255.255.255.0 {
range 192.168.12.100 192.168.12.150;
option routers 192.168.12.2;
}
subnet 192.168.13.0 netmask 255.255.255.0 {
range 192.168.13.160 192.168.13.200;
option routers 192.168.13.2;
}
[root@localhost ~]# systemctl start dhcpd
[root@localhost ~]# systemctl enable dhcpd
Created symlink from /etc/systemd/system/multi-user.target.wants/dhcpd.service to /usr/lib/systemd/system/dhcpd.service.
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO=static
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens32"
DEVICE="ens32"
ONBOOT="yes"
IPADDR=192.168.12.12
NETMASK=255.255.255.0
GATEWAY=192.168.12.13 //网关指向中继器ip
DNS1=202.106.0.20
[root@localhost ~]# systemctl restart network
DHCP中继器
加第二块网卡
安装DHCP
[root@localhost yum.repos.d]# yum -y install dhcp
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens32
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO=static
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens32"
DEVICE="ens32"
ONBOOT="yes"
IPADDR=192.168.12.13 服务器网关
NETMASK=255.255.255.0
GATEWAY=192.168.12.2
DNS1=202.106.0.20
[root@localhost ~]# vim /etc/sysconfig/network-scripts/ifcfg-ens34
TYPE="Ethernet"
PROXY_METHOD="none"
BROWSER_ONLY="no"
BOOTPROTO=static
DEFROUTE="yes"
IPV4_FAILURE_FATAL="no"
IPV6INIT="yes"
IPV6_AUTOCONF="yes"
IPV6_DEFROUTE="yes"
IPV6_FAILURE_FATAL="no"
IPV6_ADDR_GEN_MODE="stable-privacy"
NAME="ens34"
DEVICE="ens34"
ONBOOT="yes"
IPADDR=192.168.13.12 与DHCP分配的第二个ip范围在一个网段
NETMASK=255.255.255.0
[root@localhost ~]# systemctl restart network
开启路由功能
[root@localhost ~]# vim /etc/sysctl.conf
末行添加 net.ipv4.ip_forward=1
[root@localhost ~]# sysctl -p
net.ipv4.ip_forward = 1
开启中继功能
[root@localhost ~]# dhcrelay 192.168.12.12 指向DHCP 服务器ip
Dropped all unnecessary capabilities.
Internet Systems Consortium DHCP Relay Agent 4.2.5
Copyright 2004-2013 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
Listening on LPF/virbr0/52:54:00:36:a5:a3
Sending on LPF/virbr0/52:54:00:36:a5:a3
Listening on LPF/ens34/00:0c:29:c0:ac:0a
Sending on LPF/ens34/00:0c:29:c0:ac:0a
Listening on LPF/ens32/00:0c:29:c0:ac:00
Sending on LPF/ens32/00:0c:29:c0:ac:00
Sending on Socket/fallback
客户机测试