部署dhcp服务器

主机发送Discover报文

目标为广播地址

同一网段的dhcp收到报文后,dhcp响应一个offer报文

offer报文:dhcp自己的ip地址。和客户端ip以及使用周期,和客户端ip网络参数

最后主机单独发一个request报文 给那个选择的dhcp服务器 (解决多个dhcp在同一网段都提供offer的问题,主要是先到先得)

dhcp最后发送一个ack确认报文给主机

dhcp和主机不在同一网段得配置dhcp中继

客户端无法指定我可以单独使用哪个dhcp

实践

1>安装包
[root@servera ~]# yum install -y dhcp-server 2> 准本配置文件
[root@servera ~]# cp /usr/share/doc/dhcp-server/dhcpd.conf.example /etc/dhcp/dhcpd.conf
cp: overwrite '/etc/dhcp/dhcpd.conf'? y 这个模板十分好用
[root@servera ~]# default-lease-time 600;
max-lease-time 7200;
log-facility local7;配置了日志设备,那么你就需要在rsyslog中,定义发送到这个local7的日志要转存在哪个日志文件内 vim /etc/dhcp/dhcpd.conf
authoritative;
log-facility local7; subnet 192.168.0.0 netmask 255.255.255.0 { 定义子网
range 192.168.0.200 192.168.0.254; 分配IP地址的范围
default-lease-time 600; 定义默认租期
max-lease-time 7200;
#option routers 192.168.0.1; 定义网关的
option domain-search "example.com"; 定义域名
option domain-name-servers 172.25.254.254; DNS服务器
option broadcast-address 192.168.0.255; 广播地址 #可以忽略
# option next-server 指定tftp服务器的IP PXE
# filename ""引导文件在哪里 PXE
} dhcpd -t #这个命令可以验证配置文件
3> 启动DHCP服务器
[root@servera ~]# systemctl enable --now dhcpd
[root@servera ~]# firewall-cmd --permanent --add-service=dhcp
success
[root@servera ~]# firewall-cmd --reload
success 4> 客户端怎么操作
[root@serverb ~]# nmcli connection add type ethernet con-name eth1 ifname eth1 ipv4.method auto 就只需要把地址的方式改成auto
Connection 'eth1' (d008c5e7-6868-448a-8a16-133502072777) successfully added.
[root@serverb ~]# nmcli connection up eth1 5> 固定IP地址。给一个MAC地址,分配一个特定的地址 host serverc {
hardware ethernet 52:54:00:01:fa:0c; MAC
fixed-address 192.168.0.150; 固定的IP地址
}
[root@serverc ~]# nmcli connection add type ethernet con-name eth1 ifname eth1 ipv4.method auto
Connection 'eth1' (4dc7753b-fe97-4bc8-97f3-316b373c29c1) successfully added.
[root@serverc ~]# nmcli connection up eth1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/40)
[root@serverc ~]# [root@servera dhcp-server]# systemctl status dhcpd
● dhcpd.service - DHCPv4 Server Daemon
Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-09-05 18:40:00 CST; 3min 54s ago
Docs: man:dhcpd(8)
man:dhcpd.conf(5)
Main PID: 24264 (dhcpd)
Status: "Dispatching packets..."
Tasks: 1 (limit: 11250)
Memory: 4.9M
CGroup: /system.slice/dhcpd.service
└─24264 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPOFFER on 192.168.0.201 to 52:54:00:02:fa:0c (serverc) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPREQUEST for 192.168.0.201 (192.168.0.10) from 52:54:00:02:fa:0c (serverc) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPACK on 192.168.0.201 to 52:54:00:02:fa:0c (serverc) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPOFFER on 192.168.0.202 to 52:54:00:02:fa:0d (serverd) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPREQUEST for 192.168.0.202 (192.168.0.10) from 52:54:00:02:fa:0d (serverd) via eth1
Sep 05 18:40:06 servera.lab.example.com dhcpd[24264]: DHCPACK on 192.168.0.202 to 52:54:00:02:fa:0d (serverd) via eth1
Sep 05 18:42:37 servera.lab.example.com dhcpd[24264]: DHCPDISCOVER from 52:54:00:01:fa:0b via eth1
Sep 05 18:42:38 servera.lab.example.com dhcpd[24264]: DHCPOFFER on 192.168.0.203 to 52:54:00:01:fa:0b (serverb) via eth1
Sep 05 18:42:38 servera.lab.example.com dhcpd[24264]: DHCPREQUEST for 192.168.0.203 (192.168.0.10) from 52:54:00:01:fa:0b (serverb) via eth1
Sep 05 18:42:38 servera.lab.example.com dhcpd[24264]: DHCPACK on 192.168.0.203 to 52:54:00:01:fa:0b (serverb) via eth1
从dhcpd[24264]可以看到 dhcp的工作过程,与理论一致

dhcp6

ipv6得结合网络设备来分配网关

ipv6得与网络设备结合得到完整的功能,所以会很麻烦

无线状态地址自动配置slaac 方法依赖于路由器为客户端提系统提供网络配置

radvump查看公告信息

也可以通过linux模拟路由器 以提供slaac功能

slaac可也提供网关 ipv6前缀 dns服务器 dns搜索列表功能

实践

[root@workstation ~]# lab dhcp-automation start
[root@serverd ~]# systemctl status radvd.service
● radvd.service - Router advertisement daemon for IPv6
Loaded: loaded (/usr/lib/systemd/system/radvd.service; enabled; vendor preset: disabled)
Active: active (running) since Mon 2022-09-05 19:27:45 CST; 56s ago
Process: 8169 ExecStart=/usr/sbin/radvd $OPTIONS (code=exited, status=0/SUCCESS)
Main PID: 8171 (radvd)
Tasks: 2 (limit: 11250)
Memory: 864.0K
CGroup: /system.slice/radvd.service
├─8171 /usr/sbin/radvd -u radvd
└─8172 /usr/sbin/radvd -u radvd Sep 05 19:27:45 serverd.lab.example.com systemd[1]: Starting Router advertisement daemon for IPv6...
Sep 05 19:27:45 serverd.lab.example.com radvd[8169]: version 2.17 started
Sep 05 19:27:45 serverd.lab.example.com systemd[1]: Started Router advertisement daemon for IPv6.
[root@serverd ~]#
配置ipv6
1>serverd 模拟路由器配置SLAAC功能。需要这个东西提供网关
[root@serverd ~]# cat /etc/radvd.conf
interface eth1
{
AdvSendAdvert on;
AdvManagedFlag on;
AdvOtherConfigFlag on;
MaxRtrAdvInterval 60;
}; 2> radvd 软件包提供了一个工具radvdump 用来获取路由公告信息(路由器来提供的,)
# based on Router Advertisement from fe80::5a83:c374:2215:148f IPV6的网关
# received by interface eth1
# interface eth1
{
AdvSendAdvert on;
# Note: {Min,Max}RtrAdvInterval cannot be obtained with radvdump
AdvManagedFlag on; 通过DHCP6来获取IP地址
AdvOtherConfigFlag on; IPv6 路由器指⽰客⼾端查询 DHCPv6 服务器,
AdvReachableTime 0;
AdvRetransTimer 0;
AdvCurHopLimit 64;
AdvDefaultLifetime 180;
AdvHomeAgentFlag off;
AdvDefaultPreference medium;
AdvSourceLLAddress on;
}; # End of interface definition 2>DHCPV6功能: 比如网络信息,IP,DNS等都是有他来提供的 3> 部署安装包
[root@servera ~]# yum install -y dhcp-server 4> 修改配置文件
[root@servera ~]# cp /usr/share/doc/dhcp-server/dhcpd6.conf.example /etc/dhcp/dhcpd6.conf
cp: overwrite '/etc/dhcp/dhcpd6.conf'? y
[root@servera ~]#cat /etc/dhcp/dhcpd6.conf 唯一的不同时不能设置网关 authoritative;
subnet6 fde2:6494:1e09:2::/64 {
range6 fde2:6494:1e09:2::20 fde2:6494:1e09:2::60;
option dhcp6.name-servers fde2:6494:1e09:2::d;
option dhcp6.domain-search "backend.lab.example.com";
default-lease-time 600; max-lease-time 7200;
}
[root@servera ~]# nmcli connection add type ethernet con-name eth1 ifname eth1 ipv6.addresses fde2:6494:1e09:2::a/64 ipv6.method manual
Connection 'eth1' (eb7dc998-d861-435c-8abd-2b7f061f8957) successfully added.
[root@servera ~]# nmcli connection up eth1
[root@servera ~]# systemctl enable --now dhcpd6.service
Created symlink /etc/systemd/system/multi-user.target.wants/dhcpd6.service → /usr/lib/systemd/system/dhcpd6.service.
[root@servera ~]# firewall-cmd --add-service=dhcpv6 --permanent
success
[root@servera ~]# firewall-cmd --reload
success
[root@servera ~]# [root@serverc ~]# nmcli connection add type ethernet ifname eth1 con-name eth1 ipv6.method auto
Connection 'eth1' (95356996-edb3-4750-8170-e341cb604c57) successfully added.
[root@serverc ~]# nmcli connection up eth1
Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/3)
[root@serverc ~]# 5> 默认网关
[root@serverc ~]# ip -6 route
::1 dev lo proto kernel metric 256 pref medium
fde2:6494:1e09:2::60 dev eth1 proto kernel metric 100 pref medium
fe80::/64 dev eth1 proto kernel metric 100 pref medium
fe80::/64 dev eth0 proto kernel metric 106 pref medium
default via fe80::5a83:c374:2215:148f dev eth1 proto ra metric 100 pref medium 这个网关来自于发布公告的本地链路服务器,可也发现与默认网关一样
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 52:54:00:01:fa:0d brd ff:ff:ff:ff:ff:ff
inet 192.168.0.220/24 brd 192.168.0.255 scope global dynamic noprefixroute eth1
valid_lft 101sec preferred_lft 101sec
inet6 fde2:6494:1e09:2::d/64 scope global noprefixroute
valid_lft forever preferred_lft forever
inet6 fe80::5a83:c374:2215:148f/64 scope link noprefixroute 不使用fe80
开启转发
[root@serverd ~]# sysctl -a | grep forward | grep ipv6
net.ipv6.conf.all.forwarding = 1
改变ipv6地址
fe80::5a83:c374:2215:148f/64

ansible 自动化

流程
一:安装包
二:配置文件,notify: jinjia2 纯粹的文件
三: 如果有数据,传数据: web服务:
四: 服务和防火墙
五: handlers : 通过handlers来触发重新启动服务 [student@workstation ~]$ lab dhcp-automation start
获取配置文件与清单文件 - name: Deployment DHCP
hosts: all
become: true
vars:
network_connections:
- name: eth1
state: up
type: ethernet
mac: 52:54:00:01:fa:0a
ip:
address:
- 192.168.0.10/24
- fde2:6494:1e09:2::a/64
tasks:
- name: config ip address on dhcpservers
include_role:
name: rhel-system-roles.network
when: inventory_hostname == "servera.lab.example.com" - name: install dhcpd package
yum:
name: dhcp-server
state: present
when: inventory_hostname == "servera.lab.example.com" - name: prepate dhcp config file
copy:
src: files/dhcpd.conf
dest: /etc/dhcp/dhcpd.conf
notify: restart dhcp4
when: inventory_hostname == "servera.lab.example.com" - name: prepate dhcp6 config file
copy:
src: files/dhcpd6.conf
dest: /etc/dhcp/dhcpd6.conf
notify: restart dhcp6
when: inventory_hostname == "servera.lab.example.com" - name: start dhcpd service
service:
name: "{{ item }}"
state: started
enabled: yes
loop:
- dhcpd
- dhcpd6
when: inventory_hostname == "servera.lab.example.com" - name: config firewarrd
firewalld:
service: "{{ item }}"
state: enabled
immediate: yes
permanent: yes
loop:
- dhcp
- dhcpv6
when: inventory_hostname == "servera.lab.example.com" handlers:
- name: restart dhcp
service:
name: dhcpd
state: started
when: inventory_hostname == "servera.lab.example.com"
- name: restart dhcp6
service:
name: dhcpd6
state: started
when: inventory_hostname == "servera.lab.example.com" clients:
[student@workstation dhcp-automation]$ cat client.yml
---
- name: Deployment DHCP
hosts: clients
become: true
vars:
network_connections:
- name: eth1
state: up
type: ethernet
interface_name: eth1
ip:
dhcp4: yes
auto6: yes
tasks:
- name: config ip address on dhcpservers
include_role:
name: rhel-system-roles.network

打印机

5.1.1 描述 CUPS 打印架构
打印机由 CUPS 在红帽企业 Linux 中进⾏管理,这是⼀种开源的模块化软件套件,最初由 Easy Software
Products 开发,⽬前由 Apple 领导。 CUPS 可以使⽤多个协议与打印机和打印服务器通信。在⼤多数情况下, Internet 打印协议 (IPP)是使⽤
CUPS 与打印机通信的⾸选机制。此协议是对 HTTP/1.1 的修改,它受到⼤多数现代⽹络和 USB 打印机
的本地⽀持,通常使⽤ TCP 端⼝ 631。CUPS 可以⽀持直接连接的打印机(例如,使⽤ 并⾏、串⾏或 USB
通信),并且可以使⽤ LPD 等较旧的⽹络协议。 CUPS 提供了⼀组命令⾏⼯具和⼀个 web 界⾯,⽤于管理 CUPS 和提交打印作业。它还提供了⼀个守
护进程 (cupsd),⽤于管理每个已配置打印机的作业队列。打印机的每个队列都与 PostScript 打 印机描
述 (PPD) ⽂件关联,该⽂件描述了打印机功能以及 CUPS 应如何为作业做好在该打印机上打印的准备。 1> 在使用打印机之前,首先要发现并设置打印机
[root@workstation ~]# lab printing-automation start
模拟打印机 [root@servera ~]# yum install -y avahi cups-ipptool [root@servera ~]# firewall-cmd --permanent --add-service=mdns
success
[root@servera ~]# firewall-cmd --reload
[root@servera ~]# ippfind -T 30 发现打印机
ipp://serverc.local:631/printers/rht-printer
serverc.local:发现打印机的时候,这个名称client是访问不到的 [root@serverc ~]# dig @224.0.0.251 -p 5353 serverc.local#没办法跑到打印机上执行这个命令。
找到地址:172.25.250.12 在client反解:[root@servera ~]# dig -x 172.25.250.12
ipp://serverc.local:631/printers/rht-printer替换
ipp://serverc.lab.example.com:631/printers/rht-printer 2> 设置打印队列
[root@servera ~]# yum install -y cups
Last metadata expiration check: 0:50:17 ago on Sun 04 Sep 2022 06:39:46 PM CST.
Package cups-1:2.2.6-28.el8.x86_64 is already installed.
Dependencies resolved.
Nothing to do.
Complete!
[root@servera ~]# systemctl enable --now cups [root@servera ~]# lpadmin -p kevin -v ipp://serverc.lab.example.com:631/printers/rht-printer -m everywhere -E -p: 队列的名字
-v: 打印机的URI
-m: 使用everywhere 这个模块
-E: 可立即启动打印机
[root@servera ~]# lpstat -v查看
device for kevin: ipp://serverc.lab.example.com:631/printers/rht-printer
[root@servera ~]#
-x 删除
[root@servera ~]# lpadmin -d kevin -d 设置默认的队列 3> 管理作业
[root@servera ~]# lp /root/anaconda-ks.cfg 默认的队列打印文件 [root@servera ~]# lp -d kevin /etc/fstab 通过-d指定打印队列
request id is kevin-8 (1 file(s)) [root@servera ~]# cancel kevin-8 4>队列管理 [root@servera ~]# cupsdisable -r "No paper" kevin 暂停,你把作业放到已经暂停打印队列中,他是不会打印的 [root@servera ~]# cupsenable kevin [root@servera ~]# cupsreject -r "No Papare" kevin [root@servera ~]# lp /etc/fstab
lp: Destination "kevin" is not accepting jobs.
[root@servera ~]#
[root@servera ~]# cupsaccept kevin ansible来管理打印机:问题在于:所有的操作都需要用到command模块来完成: 1> 通过ansible来实现的话打印机的URI是事先知道的。 [student@workstation printing-auto]$ cat playbook.yml
---
- name: config prineter
hosts: clients
become: true
tasks:
- name: install
yum:
name:
- cups-ipptool
- cups
- avahi
state: present
- name: start service
service:
name: "{{ item }}"
state: started
enabled: yes
loop:
- cups
- avahi-daemon - name: firewrmd
firewalld:
service: mdns
permanent: yes
state: enabled
immediate: yes - name: find printer URi
command: ippfind -T 3
register: p_uri - name: set que
command: lpadmin -p "kevin-{{ index }}" -v "{{ item }}" -m everywhere -E
loop: "{{ p_uri['stdout_lines'] | replace('.local','') }}"
loop_control:
index_var: index - name: check default que is exit
command: lpstat -d
register: p_default - name: set default que
command: lpadmin -d kevin-0
when: "'kevin-0' not in p_default['stdout']" [student@workstation printing-auto]$ cat printer-accept.yml
---
- name: Configure a print queue to accept jobs
hosts: clients
gather_facts: no
become: yes
tasks:
- name: Confirm the print queue exists
command: lpstat -p kevin-0
register: cmdout
ignore_errors: true
changed_when: false - name: Tune the print queue to accept jobs
command: cupsenable kevin-0
when: cmdout.rc == 0

了解一下Linux的管理打印机

你买打印机肯定,会有说明书的(笑)

rh358 005 dhcp dhcp6 打印机 ansible配置dhcp和打印机的更多相关文章

  1. rh358 002 fact变量获取 ansible配置网络 service_facts

    通过ansible 获取网络信息 1.如何获取fact事实变量 方式1: ansible servera -m servera 方式2: 剧本 [root@workstation ansible]# ...

  2. 配置DHCP服务

    配置DHCP服务 一.DHCP的简介 1.DHCP是Dynamic Host Configuration Protocol(动态主机配置协议)的缩写: 2.DHCP是从BOOTP(Bootstrap ...

  3. 7、二种 为二个不同的子网配置DHCP服务器(中继代理服务器)

    环境如下:        (参考之前,保证二个子网可以互相ping通) 虚拟机vm1        192.168.170.3                    VMnet8 (NAT模式) 虚拟 ...

  4. 思科交换机配置DHCP的四个方面

    这里我们主要讲解了思科交换机配置DHCP的相关内容.我们对网络拓扑先进行一下了解,然后对于其在进行一下说明,之后对于配置的代码和命令再进行一下解析. 思科交换机配置DHCP一.网络拓扑 思科交换机配置 ...

  5. 配置 DHCP 服务 - 每天5分钟玩转 OpenStack(89)

    前面章节我们看到 instance 在启动过程中能够从 Neutron 的 DHCP 服务获得 IP,本节将详细讨论其内部实现机制. Neutron 提供 DHCP 服务的组件是 DHCP agent ...

  6. 烂泥:centos安装及配置DHCP服务器

    本文由秀依林枫提供友情赞助,首发于烂泥行天下. 有关DHCP服务器的配置一直打算学习,这几天终于抽出时间来专门学习这个知识点. DHCP:动态主机配置协议,在此就不多做介绍.不清楚的童鞋,可以去百度下 ...

  7. 【转载】茶叶蛋干货!《超容易的Linux系统管理入门书》(连载十)进行动态主机配置DHCP

    使用动态主机配置协议DHCP(Dynamic Host Configuration Protocol)则可以避免网络参数变化后一些繁琐的配置,客户端可以从DHCP服务端检索相关信息并完成相关网络配置, ...

  8. centos7配置dhcp

    用su 获取root权限 用yum -y install dhcp命令安装dhcp服务(yum是基于RPM包管 理,自动下载RPM包并且安装) 查看安装后生成的配置文件 rpm -qc dhcp 编辑 ...

  9. Kali Linux常用服务配置教程安装及配置DHCP服务

    Kali Linux常用服务配置教程安装及配置DHCP服务 在Kali Linux中,默认没有安装DHCP服务.下面将介绍安装并配置DHCP服务的方法. 1.安装DHCP服务 在Kali Linux中 ...

随机推荐

  1. 如何用python做出老师看了都给满分的GUI学生管理系统毕设

    序 言 哈喽大家好鸭!我是小熊猫 最近有什么有趣的事情发生吗?快来说给我听听( •̀ ω •́ )✧表弟大学快毕业了,学了一个学期Python居然还不会写学生管理系统,真的给我丢脸啊,教他又不肯学,还 ...

  2. 零基础学Python:元组(Tuple)详细教程

    Python的元组与列表类似,不同之处在于元组的元素不能修改,元组使用小括号,列表使用方括号,元组创建很简单,只需要在括号中添加元素,并使用逗号隔开即可https://jq.qq.com/?_wv=1 ...

  3. vim插件的社区活跃度怎么样

    www.vim.org -> Scripts -> Browse all可以看到有5051个插件.搜索Nerd可以看到NerdTree插件,它的评分是Rating 7882/2514, D ...

  4. CentOS6安装使用ntp同步时间

    [root@server yum.repos.d]# yum install ntp已加载插件:fastestmirror, priorities, refresh-packagekit, secur ...

  5. springboot修改文件上传大小

    servlet配置文件上传限制 spring: servlet: multipart: max-file-size: 1000MB max-request-size: 1000MB mysql设置re ...

  6. 服务器宕机了,Kafka 消息会丢失吗?

    大家好,我是树哥. 消息队列可谓是高并发下的必备中间件了,而 Kafka 作为其中的佼佼者,经常被我们使用到各种各样的场景下.随着 Kafka 而来得,还有三个问题:消息丢失.消息重复.消息顺序.今天 ...

  7. 集合-List接口常用实现类的对比

    1.collection接口:单列集合,用来存储一个一个的对象 2. list接口:存储有序的.可重复的数据. --->"动态数组",替换原有的数组 (1) Arraylis ...

  8. git无法使用Tab提示

    1.过去git版本: git version 2.获取git-completion.bash脚本,注意将下方链接的版本号改为和git版本一致. https://raw.githubuserconten ...

  9. ajax02_封装自己的jQuery库和ajax请求

    封装自己的ajax类库 首先封装自己的 jQuery库 启发:css的元素选择器思想 简单的代码实现 function jQuery(selector){ if(typeof selector == ...

  10. 带你熟悉云网络的“电话簿”:DNS

    摘要:无论你域名怎么解析,最终我还是要用IP和别人通信的.域名只是你的皮囊,IP才是你的灵魂. 本文分享自华为云社区<<跟唐老师学习云网络> - DNS电话簿>,作者: tsj ...