1, DHCP service
1. DHCP (Dynamic Host Configuration Protocol)
(1) Designed and developed by Internet task force
(2) It is specially used for self allocation of computers in TCP/IP networks ТСР/ Protocol of IP parameters
2. Benefits of using DHCP
(1) Reduce administrator workload
(2) Avoid the possibility of input errors
(3) Avoid IP address conflicts
(4) When changing the IP address segment, there is no need to reconfigure the IP address of each user
(5) Improved IP address utilization
(6) Convenient client configuration
2, DHCP lease process
1. The process by which a client obtains an IP address from a DHCP server is called the DHCP lease process
2. There are four steps
1. The client searches the network for servers
When a DHCP client starts, the client does not have an IP address, so the client needs to obtain a legal address through DHCP.
At this time, the DHCP client sends DHCP Discover discovery information by broadcasting to find the DHCP server
2. The server responds to the client service
When the DHCP server receives the information from the client requesting the IP address, it will find out whether there is a legal IP address provided to the client in its own IP address pool.
If yes, the DHCP server marks this IP address, adds it to the DHCP Offer message, and then broadcasts a DHCP Offer message
3. Client select IP address
The DHCP client extracts the IP address from the first DHCP Offer message received, and the DHCP server that sends the IP address reserves the address, so that the address can no longer be assigned to another DHCP client
4. The server determines the lease
After receiving the DHCP Request message, the DHCP server broadcasts a successful confirmation to the client in the form of DHCP ACK message, which contains the valid lease of IP address and other configurable information
When the client receives the DHCP ACK message, configure the IP address and complete the initialization of TCP/IP
5. Login again
Each time the DHCP client logs in to the network again, it does not need to send the DHCP Discover information, but directly send the DHCP Request information containing the last assigned IP address
6. Renewal lease
When the lease term of the IP address leased by the DHCP server to the client reaches 50%, the lease needs to be updated
The client sends a DHCP Request packet directly to the server providing the lease, requesting to update the existing address lease
3, Dynamically configure host addresses using DHCP
1. DHCP service
(1) Automatically assign addresses to a large number of clients and provide centralized management
(2) Reduce management and maintenance costs and improve network configuration efficiency
2. The assignable address information mainly includes
(1) IP address and subnet mask of network card
(2) Corresponding network address and broadcast address
(3) Default gateway address
(4) DNS server address
4, Install DHCP server
1. DHCP server software
(1) Dhcp-4.2.5-47 in CentOS CD el7. centos. x86_ 64.rpm
(2) Main files of DHCP package
Main configuration file: /etc/dhcpd conf
Executor: / usr/sbin/dhcpd, / usr / SBIN / dhcrawley
2. Main configuration file: dhcpd Content composition of conf
ddns-update-style interim; #Global configuration parameters ...... subnet 192.168.0.0 netmask 255.255.255.0 { #Segment declaration option routers 192.168.0.1; #configuration option ...... default-lease-time 21600; #configuration parameter host ns { ...... fixed-address 207.175.42.254; #Host declaration } }
3. Master profile: global settings that apply to the entire DHCP server
ddns-update-style none; default-lease-time 21600; max-lease-time 43200; option domain-name "domain.org"; option domain-name-servers 202.106.0.20;
5, To configure a DHCP server
stay ensp Medium configuration DHCP relay------- dhcp enable #Enable DHCP function # interface vlanif10 ip address 192.168.1.254 255.255.255.0 dhcp select relay #Enable DHCP relay function dhcp relay server-ip 192.168.80.10 #Address to DHCP server # interface vlanif20 ip address 192.168.2.254 255.255.255.0 dhcp select relay dhcp relay server-ip 192.168.80.10 # interface Vlanif100 ip address 192.168.80.254 255.255.255.0 dhcp select relay dhcp relay server-ip 192.168.80.10
----stay centos Configuration in virtual machine----- yum install -y dhcp cd /etc/dhcp/ ls less dhcpd.conf cd /usr/share/doc/dhcp-4.2.5/ ls less dhcpd. conf.example cp /usr/share/doc/dhcp-4.2.5/dhcpd.conf.example /etc/dhcp/dhcpd. conf
vim /etc/dhcp/dhcpd. conf ------Set global configuration parameters------ default-lease-time 21600; # The default lease is 6 hours in seconds max-lease-time 43200; #The maximum lease is 12 hours in seconds option domain-name "xxxx.com"; #Specify default domain name option domain-name-servers 202.106.0.20, 202.106.148.1; #Specify DNS server address ddns-update-style none; #Disable DNS dynamic updates
----subnet Segment declaration(Applies to the whole subnet segment, and some configuration parameters have priority over the global configuration parameters) subnet 192.168.80.0 netmask 255.255.255.0 { #Declare the network segment address to be assigned range 192.168.80.100 192.168.80.200; #Set address pool option routers 192.168.80.254; #Specify the default gateway address } subnet 192.168.1.0 netmask 255.255.255.0 { range 192.168.1.100 192.168.1.200; option routers 192.168.1.254; } subnet 192.168.2.0 netmask 255.255.255.0 { range 192.168.2.100 192.168.2.200; option routers 192.168.2.254; }
-------host Host declaration(Assign fixed to stand-alone IP address)------ host hostname { #Specify the name of the client that needs to be assigned a fixed IP address hardware ethernet 00:c0:c3:22:46:81; #Specify the MAC address of the host fixed-address 192.168.80.100; #Specify the IP address reserved for this host } ---------Turn the firewall service on and off------------ systemctl start dhcp systemctl stop firewalld setenforce 0
netstat -anpu | grep ":67"
-----If DHCP Service startup failed,You can view the log file to troubleshoot errors------ tail -f /var/log/messages
6, FTP file transfer
FTP service ---- the protocol used to transfer files
By default, the FTP server uses ports 20 and 21 of TCP protocol to communicate with the client
Port 20 is used to establish data connection and transfer file data
Port 21 is used to establish a control connection and transmit FTP control commands
FTP data connection is divided into active mode and passive mode
Active mode: the server initiates data connection actively
Passive mode: the server passively waits for the data connection
yum install -y vsftpd cd /etc/vsftpd/ cp vsftpd.conf vsftpd.conf.bak Set the for anonymous user access FTP service(Maximum permission) ----Modify profile---- vim /etc/vsftpd/vsftpd.conf anonymous enable=YES #Enable anonymous user access. It is enabled by default write_enable=YES #Open the write permission of the server (to upload, it must be enabled). It is enabled by default anon_umask=022 #Set the permission mask (unmask) of the data uploaded by anonymous users. It is enabled by default anon_upload_enable=YES #Allow anonymous users to upload files. It is annotated by default and needs to be uncommented anon_mkdir_write_enable=YES #Allow anonymous users to create (upload) directories. It is annotated by default and needs to be uncommented anon_other_write_enable=YES #Delete, rename, overwrite and other operations are allowed. Need to add ----For anonymous access ftp Under the root directory of pub Set maximum permissions for subdirectories,For anonymous users to upload data----- chmod 777 /var/ftp/pub/ ----Open service,Turn off firewalls and enhanced security----- systemctl start vsftpd systemctl stop firewalld setenforce 0
----Anonymous access test---- stay windows System on "start" menu,input cmd Command opens the command prompt ----establish ftp connect------ ftp 192.168.80.10 ----Anonymous access with user name ftp,If the password is blank, enter directly to complete the login ftp> pwd #The root directory of anonymous FTP access is / var/ftp / directory of Linux system ftp> ls #View current directory ftp> cd pub #Switch to the pub directory ftp> get file name #Download the file to the Current windows local directory ftp> put file name #Upload files to ftp directory ftp> quit #sign out
Set up local user authentication access ftp,And prohibit switching to ftp Directory other than (the default login root directory is the home directory of the local user) ----Modify profile----- vim /etc/vsftpd/vsftpd.conf local_enable=Yes #Enable local users anonymous_enable=NO #Turn off anonymous user access write_enable=YES #Open the write permission of the server (to upload, it must be enabled) anon_umask=077 #You can set that only the host user has the permission of the uploaded file (unmask) chroot_local_user=YES #Imprison access in the user's Host Directory allow_writeable_chroot=YES #Allow restricted user home directory to have write permission ---Restart service----- systemctl restart vsftpd ----Modify the default root directory of anonymous users and local users------ anon_root=/var/www/html #anon_root for anonymous users local_root=/var/www/html #local_root for system users