一、DHCP主备部署
1.准备事项
(1)2台物理服务器(做主备的原则是两台系统从根上彻底分开才能达到其中一个故障而影响另一个)
(2)操作系统CentOS6.5/6.7
(3)需安装DHCP和DNS服务
(4)2台DHCP服务同属一个网段
(5)两个系统时间必须同步
2.安装
(1)yum -y install dhcp.x86_64 bind bind-chroot bind-utils 两台分别都安装
(2)
<1>
vim /etc/dhcp/dhcpd.conf #编辑dhcp配置文件,如下
ddns-update-style none;
option domain-name "jyd.com";
option domain-name-servers 192.168.20.250,192.168.20.240,219.141.140.10,218.30.26.70;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
authoritative;
failover peer "jyd" {
primary; #设定为主DHCP服务器
address 192.168.20.250; 本机IP
port 647;
peer address 192.168.20.240; 备DHCP服务器IP
peer port 647;
max-response-delay 30;
max-unacked-updates 10;
load balance max seconds 3;
mclt 1800;
split 128;
load balance max seconds 3;
}
subnet 192.168.20.0 netmask 255.255.255.0 {
} #DHCP所在网段也需声明
subnet 192.168.3.0 netmask 255.255.255.0 {
option routers 192.168.3.1;
pool {
failover peer "jyd";
range 192.168.3.51 192.168.3.150;
}
host yangxiaohui {
hardware ethernet 50:46:5D:71:D7:26;
fixed-address 192.168.3.81;
}
}
颜色含义:
红色->定义网段
绿色->定义本网段网关
土黄->定义IP地址池,即分配IP的范围
蓝色->定义按终端MAC地址分配固定IP
网络中有几个网段就按上面subnet部分的格式追加就可以了
<2>vim /etc/dhcp/dhcpd.conf #编辑另一台dhcp配置文件,如下
ddns-update-style none;
option domain-name "jyd.com";
option domain-name-servers 192.168.20.240,192.168.20.250,219.141.140.10,218.30.26.70;
default-lease-time 200;
max-lease-time 400;
log-facility local7;
authoritative;
failover peer "jyd" {
secondary;
address 192.168.20.240;
port 647;
peer address 192.168.20.250;
peer port 647;
max-response-delay 30;
max-unacked-updates 10;
load balance max seconds 3;
}
subnet 192.168.20.0 netmask 255.255.255.0 {
}
subnet 192.168.3.0 netmask 255.255.255.0 {
option routers 192.168.3.1;
pool {
failover peer "jyd";
range 192.168.3.51 192.168.3.150;
}
host yangxiaohui {
hardware ethernet 50:46:5D:71:D7:26;
fixed-address 192.168.3.81;
}
}
二、配置缓存DNS
1.编辑vim /etc/named.conf
options {
listen-on port 53 { any; };
#listen-on-v6 port 53 { ::1; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
forwarders { 219.141.140.10;218.30.26.70; }; #指向公网主域名服务器地址,可以写多个
allow-query { any; };
recursion yes; #将递归的解析数据缓到本服务器,yes为缓存,no为不缓存
dnssec-enable yes;
dnssec-validation yes;
/* Path to ISC DLV key */
bindkeys-file "/etc/named.iscdlv.key";
managed-keys-directory "/var/named/dynamic";
};
logging {
channel default_debug {
file "data/named.run";
severity dynamic;
};
};
zone "." IN {
type hint;
file "named.ca";
};
include "/etc/named.rfc1912.zones";
include "/etc/named.root.key";
:wq 保存
启动DNS服务 service named start 没有报错则成功,否则重新检查或查看日志寻找原因
三、网络配置(这里是三层交换设备开启DHCP中继功能)
(1)进入所配置的vlan
Cisco3750X-24(config)#interface vlan ?
Cisco3750X-24(config-if)#ip helper-address 192.168.20.250 <-此处为指向主DHCP所在服务器地址
Cisco3750X-24(config-if)#ip helper-address 192.168.20.240 <-此处为指向备DHCP所在服务器地址
Cisco3750X-24(config-if)#no ip helper-address ...<-此命令为删除原有的DHCP所指向服务器IP