DHCPサーバ(Debian 10)

2020/8/8

ポリシー

1. MACアドレスとIPアドレスは一対一に対応させる。
2. MACアドレスを登録したマシンにはいろいろと便宜を図る。
3. MACアドレスを登録していないマシンには適当なIPアドレスを割り振る。実験室内での接続は可能にする。実験室外に接続できない。

インストール

apt-get install isc-dhcp-server -y

設定

1. /etc/default/isc-dhcp-server　　設定ファイルとインタフェースを指定
2. /etc/dhcp/dhcpd.conf　　設定ファイル(各ファイルをインクルードする)
3. /etc/dhcp/dhcp.xxxx　 　用途ごとに分割したファイル

# Defaults for isc-dhcp-server (sourced by /etc/init.d/isc-dhcp-server)

# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
DHCPDv4_CONF=/etc/dhcp/dhcpd.conf   -----先頭の#を削除
#DHCPDv6_CONF=/etc/dhcp/dhcpd6.conf

# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
DHCPDv4_PID=/var/run/dhcpd.pid   -----先頭の#を削除
#DHCPDv6_PID=/var/run/dhcpd6.pid

# Additional options to start dhcpd with.
#	Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""

# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
#	Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACESv4="enp1s0"   -----インタフェース名を追記
#INTERFACESv6=""        -----先頭に#を追記

webmaster@He:/etc$ cat /etc/dhcp/dhcpd.conf 
#
# Sample configuration file for ISC dhcpd for Debian
#
#

# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;

# option definitions common to all supported networks...
 option domain-name "takahashi.lab";	#修正
 option domain-name-servers 192.168.xx.2;	#修正

#default-lease-time 600;	コメントアウト
#max-lease-time 7200;	コメントアウト

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;	先頭の#を外す

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

# ignore client-updates;
#以下の記述を追記 
 subnet 192.168.xx.0 netmask 255.255.255.0 {
 
 # --- default gateway
 option routers 192.168.xx.2;
 option subnet-mask 255.255.255.0;

# option time-offset -18000; # Eastern Standard Time
 option time-offset 32400; # Japan Standard Time
 option ntp-servers 192.168.xx.2;
 
# 2013/4/27 expansion for DHCP client and VMware Virtual Machine
 range 192.168.xx.21 192.168.xx.239;

 default-lease-time 43200; # 43200 sec = 12h 00m 00sec (2010/7/30-)
 max-lease-time 86400; # 86400sec = 24h 00m 00sec
 

  include "/etc/dhcp/dhcp.server";
  include "/etc/dhcp/dhcp.nt";
  include "/etc/dhcp/dhcp.pc";
  include "/etc/dhcp/dhcp.kvm";
  include "/etc/dhcp/dhcp.h8";
 	
  include "/etc/dhcp/dhcp.mobile"; 	#2014/2/26 Mobile Terminals for students
 }

 
root@Pm:/etc/default# 
root@Pm:/etc/default# 
root@Pm:/etc/default# 
root@Pm:/etc/default# 
root@Pm:/etc/default# cat /etc/dhcp/dhcpd.conf 
# dhcpd.conf
#
# Sample configuration file for ISC dhcpd
#

# option definitions common to all supported networks...
option domain-name "takahashi.lab";　　　#修正
option domain-name-servers 192.168.70.2;　	#修正

#default-lease-time 600;　#コメントアウト
#max-lease-time 7200;　　　#コメントアウト

# The ddns-updates-style parameter controls whether or not the server will
# attempt to do a DNS update when a lease is confirmed. We default to the
# behavior of the version 2 packages ('none', since DHCP v2 didn't
# have support for DDNS.)
ddns-update-style none;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
authoritative;   #-----先頭の#を削除

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
#log-facility local7;

# No service will be given on this subnet, but declaring it helps the 
# DHCP server to understand the network topology.

#subnet 10.152.187.0 netmask 255.255.255.0 {
#}

# This is a very basic subnet declaration.

#subnet 10.254.239.0 netmask 255.255.255.224 {
#  range 10.254.239.10 10.254.239.20;
#  option routers rtr-239-0-1.example.org, rtr-239-0-2.example.org;
#}

# This declaration allows BOOTP clients to get dynamic addresses,
# which we don't really recommend.

#subnet 10.254.239.32 netmask 255.255.255.224 {
#  range dynamic-bootp 10.254.239.40 10.254.239.60;
#  option broadcast-address 10.254.239.31;
#  option routers rtr-239-32-1.example.org;
#}

# A slightly different configuration for an internal subnet.
#subnet 10.5.5.0 netmask 255.255.255.224 {
#  range 10.5.5.26 10.5.5.30;
#  option domain-name-servers ns1.internal.example.org;
#  option domain-name "internal.example.org";
#  option routers 10.5.5.1;
#  option broadcast-address 10.5.5.31;
#  default-lease-time 600;
#  max-lease-time 7200;
#}

# Hosts which require special configuration options can be listed in
# host statements.   If no address is specified, the address will be
# allocated dynamically (if possible), but the host-specific information
# will still come from the host declaration.

#host passacaglia {
#  hardware ethernet 0:0:c0:5d:bd:95;
#  filename "vmunix.passacaglia";
#  server-name "toccata.example.com";
#}

# Fixed IP addresses can also be specified for hosts.   These addresses
# should not also be listed as being available for dynamic assignment.
# Hosts for which fixed IP addresses have been specified can boot using
# BOOTP or DHCP.   Hosts for which no fixed address is specified can only
# be booted with DHCP, unless there is an address range on the subnet
# to which a BOOTP client is connected which has the dynamic-bootp flag
# set.
#host fantasia {
#  hardware ethernet 08:00:07:26:c0:a5;
#  fixed-address fantasia.example.com;
#}

# You can declare a class of clients and then do address allocation
# based on that.   The example below shows a case where all clients
# in a certain class get addresses on the 10.17.224/24 subnet, and all
# other clients get addresses on the 10.0.29/24 subnet.

#class "foo" {
#  match if substring (option vendor-class-identifier, 0, 4) = "SUNW";
#}

#shared-network 224-29 {
#  subnet 10.17.224.0 netmask 255.255.255.0 {
#    option routers rtr-224.example.org;
#  }
#  subnet 10.0.29.0 netmask 255.255.255.0 {
#    option routers rtr-29.example.org;
#  }
#  pool {
#    allow members of "foo";
#    range 10.17.224.10 10.17.224.250;
#  }
#  pool {
#    deny members of "foo";
#    range 10.0.29.10 10.0.29.230;
#  }
#}


#以下の記述を追記 
 subnet 192.168.xx.0 netmask 255.255.255.0 {
 
 # --- default gateway
 option routers 192.168.xx.2;
 option subnet-mask 255.255.255.0;

 option time-offset 32400; # Japan Standard Time
 option ntp-servers 192.168.xx.2;
 
# 2013/4/27 expansion for DHCP client and VMware Virtual Machine
 range 192.168.xx.21 192.168.xx.239;

 default-lease-time 43200; # 43200 sec = 12h 00m 00sec (2010/7/30-)
 max-lease-time 86400; # 86400sec = 24h 00m 00sec
 

  include "/etc/dhcp/dhcp.server";
  include "/etc/dhcp/dhcp.nt";
  include "/etc/dhcp/dhcp.pc";
  include "/etc/dhcp/dhcp.kvm";
  include "/etc/dhcp/dhcp.h8";
 	
  include "/etc/dhcp/dhcp.mobile"; 	#2014/2/26 Mobile Terminals for students
 }
root@Pm:/etc/default# 

#------------------------------------------
#    note PC, desktop PC

  host Cs {
        # NOTE 01 PC-koubou LESANCE CL401SN-M/340+256+40G
          hardware ethernet 00:90:f5:34:0f:39;
          fixed-address 192.168.xx.55;
          option routers 192.168.xx.3;
	}
#以下省略

確認

systemctl restart isc-dhcp-server
systemctl enable isc-dhcp-server  
systemctl status isc-dhcp-server  

再起動時の動作

echo "systemctl restart isc-dhcp-server">/etc/rc.local
echo "exit 0" >>/etc/rc.local
chmod u+x /etc/rc.local