Howto dhcp server: Difference between revisions
Mandulete1 (talk | contribs) No edit summary |
Mandulete1 (talk | contribs) |
||
(12 intermediate revisions by the same user not shown) | |||
Line 1: | Line 1: | ||
first we need to configure our network interfaces for the server: | |||
* '''eth0''' interface connected to the internet | |||
* '''eth1''' interface connected to lan | |||
make sure you have network-manager installed: | |||
yum install networkmanager -y | |||
start and enable networkmanager: | |||
systemctl start NetworkManager | |||
systemctl enable NetworkManager | |||
erase default network profiles: | |||
nmcli con del eth0 | |||
nmcli con del eth1 | |||
nmcli con del Wired\ connection\ 1 | |||
nmcli con del Wired\ connection\ 2 | |||
configure network interfaces nmcli: | |||
nmcli con add con-name eth0 ipv4.method manual type ethernet ifname eth0 ipv4.addresses 192.168.75.254/24 ipv4.gateway 192.168.75.1 ipv4.dns 4.2.2.1,4.2.2.2 autoconnect yes | |||
nmcli con add con-name eth1 ipv4.method manual type ethernet ifname eth1 ipv4.addresses 192.168.33.1/24 autoconnect yes | |||
= configuring dhcp service = | |||
first we install the required package: | first we install the required package: | ||
yum install dhcp -y | yum install dhcp -y | ||
Line 11: | Line 28: | ||
option broadcast-address '''192.168.33.255'''; | option broadcast-address '''192.168.33.255'''; | ||
option routers '''192.168.33.1'''; | option routers '''192.168.33.1'''; | ||
option domain-name "''' | option domain-name "'''example.com'''"; | ||
option domain-name-servers '''192.168.33.1'''; | option domain-name-servers '''192.168.33.1'''; | ||
default-lease-time 600; | default-lease-time 600; | ||
Line 17: | Line 34: | ||
} | } | ||
} | } | ||
if you want to assign specific ip address to a client add the following: | |||
host linuxwebserver { | |||
hardware ethernet 00:40:F4:A8:60:5E; | |||
fixed-address 192.168.3.3; | |||
} | |||
copy and modify dhcpd.service to specify dhcp server network interface: | |||
cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/ | |||
edit ExecStart command on /etc/systemd/system/dhcpd.service and add your network interface: | |||
ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid eth1 | |||
then reload systemd and start the service: | |||
systemctl --system daemon-reload | |||
systemctl restart dhcpd.service | |||
make sure to add dhcpd service to start at boot: | |||
systemctl enable dhcpd | |||
= firewalld rules = | |||
enable ip forwarding: | |||
nano /etc/sysctl.d/99-sysctl.conf | |||
add the following line at the end of this file: | |||
net.ipv4.ip_forward = 1 | |||
apply changes: | |||
sysctl -p /etc/sysctl.d/99-sysctl.conf | |||
please install the following package: | |||
yum -y install iptables-services | |||
flush any iptables rule on system: | |||
iptables -F -v | |||
iptables -F -v -t nat | |||
network interfaces configuration: | |||
* '''eth0''' interface connected to the internet | * '''eth0''' interface connected to the internet | ||
* '''eth1''' interface connected to lan | * '''eth1''' interface connected to lan | ||
add the following rules to forward the traffic from internet to lan and masquerade out going traffic: | |||
iptables -t nat -A POSTROUTING -o '''eth0''' -j MASQUERADE | |||
iptables -A FORWARD -i '''eth1''' -j ACCEPT | |||
safe this rules and configure iptables to start at boot: | |||
service iptables save | |||
systemctl enable iptables | |||
iptables - | |||
iptables - | |||
Latest revision as of 17:50, 2 August 2020
first we need to configure our network interfaces for the server:
- eth0 interface connected to the internet
- eth1 interface connected to lan
make sure you have network-manager installed:
yum install networkmanager -y
start and enable networkmanager:
systemctl start NetworkManager systemctl enable NetworkManager
erase default network profiles:
nmcli con del eth0 nmcli con del eth1 nmcli con del Wired\ connection\ 1 nmcli con del Wired\ connection\ 2
configure network interfaces nmcli:
nmcli con add con-name eth0 ipv4.method manual type ethernet ifname eth0 ipv4.addresses 192.168.75.254/24 ipv4.gateway 192.168.75.1 ipv4.dns 4.2.2.1,4.2.2.2 autoconnect yes nmcli con add con-name eth1 ipv4.method manual type ethernet ifname eth1 ipv4.addresses 192.168.33.1/24 autoconnect yes
configuring dhcp service
first we install the required package:
yum install dhcp -y
edit the dhcp server configuration file at /etc/dhcp/dhcpd.conf:
server-identifier server; ddns-update-style ad-hoc; shared-network DHCP { option subnet-mask 255.255.255.0; subnet 192.168.33.0 netmask 255.255.255.0 { range 192.168.33.100 192.168.33.150; option broadcast-address 192.168.33.255; option routers 192.168.33.1; option domain-name "example.com"; option domain-name-servers 192.168.33.1; default-lease-time 600; max-lease-time 7200; } }
if you want to assign specific ip address to a client add the following:
host linuxwebserver { hardware ethernet 00:40:F4:A8:60:5E; fixed-address 192.168.3.3; }
copy and modify dhcpd.service to specify dhcp server network interface:
cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
edit ExecStart command on /etc/systemd/system/dhcpd.service and add your network interface:
ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid eth1
then reload systemd and start the service:
systemctl --system daemon-reload systemctl restart dhcpd.service
make sure to add dhcpd service to start at boot:
systemctl enable dhcpd
firewalld rules
enable ip forwarding:
nano /etc/sysctl.d/99-sysctl.conf
add the following line at the end of this file:
net.ipv4.ip_forward = 1
apply changes:
sysctl -p /etc/sysctl.d/99-sysctl.conf
please install the following package:
yum -y install iptables-services
flush any iptables rule on system:
iptables -F -v iptables -F -v -t nat
network interfaces configuration:
- eth0 interface connected to the internet
- eth1 interface connected to lan
add the following rules to forward the traffic from internet to lan and masquerade out going traffic:
iptables -t nat -A POSTROUTING -o eth0 -j MASQUERADE iptables -A FORWARD -i eth1 -j ACCEPT
safe this rules and configure iptables to start at boot:
service iptables save systemctl enable iptables