我在 Debian 服务器 (Proxmox) 上设置了 DHCP 服务器,以便我可以自动为服务器上的 KVM 来宾提供 IP。由于某种原因,DHCP 服务器 (isc-dhcp-server) 未响应 IP 请求。 DHCP 服务器设置为侦听我创建的名为 vmbr1 的桥接接口,并且我知道请求正在从 KVM 来宾发送到主机,因为我已经对其进行了测试dhcpdump -i vmbr1
。
我显然在某个地方犯了错误,有人能发现吗?我在下面包含了我的配置文件。
dhcp.conf 文件:
ddns-update-style none;
deny declines;
deny bootp;
default-lease-time 600;
max-lease-time 7200;
log-facility local7;
subnet 192.168.0.0 netmask 255.255.255.224 {
interface vmbr1;
option routers 192.168.0.5;
option broadcast-address 192.168.0.31;
option ntp-servers 192.168.0.101;
option domain-name-servers 192.168.0.101;
option netbios-name-servers 192.168.0.101;
option netbios-node-type 2;
default-lease-time 86400;
max-lease-time 86400;
#vmbr1ipv4
host 104 {hardware ethernet 1A:27:59:82:39:8E;fixed-address 95.141.36.124;}
}
isc-dhcp-服务器文件:
# Defaults for isc-dhcp-server initscript
# sourced by /etc/init.d/isc-dhcp-server
# installed at /etc/default/isc-dhcp-server by the maintainer scripts
#
# This is a POSIX shell fragment
#
# Path to dhcpd's config file (default: /etc/dhcp/dhcpd.conf).
#DHCPD_CONF=/etc/dhcp/dhcpd.conf
# Path to dhcpd's PID file (default: /var/run/dhcpd.pid).
#DHCPD_PID=/var/run/dhcpd.pid
# Additional options to start dhcpd with.
# Don't use options -cf or -pf here; use DHCPD_CONF/ DHCPD_PID instead
#OPTIONS=""
# On what interfaces should the DHCP server (dhcpd) serve DHCP requests?
# Separate multiple interfaces with spaces, e.g. "eth0 eth1".
INTERFACES="vmbr1"
主机上的接口文件:
# network interface settings
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet manual
auto vmbr0
iface vmbr0 inet static
address 95.141.36.188
netmask 255.255.255.0
gateway 95.141.36.1
broadcast 95.141.36.255
bridge_ports eth0
bridge_stp off
bridge_fd 0
network 95.141.36.0
bridge_maxwait 0
auto vmbr1
iface vmbr1 inet static
address 192.168.0.5
netmask 255.255.255.224
bridge_ports none
bridge_stp off
bridge_fd 0
使用以下命令通过 vmbr1 从 KVM 来宾向主机服务器发出示例请求dhcpdump -i vmbr1
:
TIME: 2014-05-28 21:40:14.232
IP: 0.0.0.0 (1a:27:59:82:39:8e) > 255.255.255.255 (ff:ff:ff:ff:ff:ff)
OP: 1 (BOOTPREQUEST)
HTYPE: 1 (Ethernet)
HLEN: 6
HOPS: 0
XID: 599fa654
SECS: 0
FLAGS: 0
CIADDR: 0.0.0.0
YIADDR: 0.0.0.0
SIADDR: 0.0.0.0
GIADDR: 0.0.0.0
CHADDR: 1a:27:59:82:39:8e:00:00:00:00:00:00:00:00:00:00
SNAME: .
FNAME: .
OPTION: 53 ( 1) DHCP message type 1 (DHCPDISCOVER)
OPTION: 55 ( 8) Parameter Request List 1 (Subnet mask)
28 (Broadcast address)
2 (Time offset)
3 (Routers)
15 (Domainname)
6 (DNS server)
12 (Host name)
42 (NTP servers)
OPTION: 60 ( 3) Vendor class identifier d-i
---------------------------------------------------------------------------
输出来自dhcpd
Internet Systems Consortium DHCP Server 4.2.2
Copyright 2004-2011 Internet Systems Consortium.
All rights reserved.
For info, please visit https://www.isc.org/software/dhcp/
WARNING: Host declarations are global. They are not limited to the scope you declared them in.
Wrote 0 deleted host decls to leases file.
Wrote 0 new dynamic host decls to leases file.
Wrote 0 leases to leases file.
Listening on LPF/vmbr1/fa:98:02:e0:1c:28/192.168.0.0/27
Sending on LPF/vmbr1/fa:98:02:e0:1c:28/192.168.0.0/27
Sending on Socket/fallback/fallback-net
There's already a DHCP server running.
希望我已经提供了足够的信息来帮助解决问题。非常感谢!
答案1
subnet 192.168.0.0 netmask 255.255.255.224 {
....
host 104 {hardware ethernet 1A:27:59:82:39:8E;fixed-address 95.141.36.124;}
}
您想要关联到该 MAC 地址的 IP 地址 (95.141.36.124) 超出了您定义的范围(192.168.0.1 到 192.168.0.30)
如果我在家中设置了类似的配置(固定地址超出范围),则来自关联 MAC 地址的请求将被忽略。
尝试完全删除该条目,然后您的主机 104 应该从 192.168.0.0/27 范围获得动态地址
答案2
您是否尝试过关闭防火墙/iptables?我遇到的大多数网络服务问题都是由于防火墙配置不正确造成的。作为快速健全性检查,我会尝试“service iptables stop”并查看是否有效。如果他们这样做,您可以重新启动它并尝试使用一些特定的规则来正确配置它。如果您正在运行firewalld,您也应该尝试“servicefirewalldstop”(如果您有systemd,则可以尝试systemctlstopfirewalld.service)。
答案3
我之前曾尝试在 OpenVZ 实例(ProxMox 的开源版本)内运行我的 DHCP 服务器,但也从未使其正常工作。我最终将该服务移至 OpenVZ 主机,而不是其中一位来宾。 OpenVZ 项目中的此页面可能有助于您了解 DHCP 服务器的情况。
这些是显示设置桥接口+来宾虚拟机的步骤,我确认您的设置具有类似的设置:
$ vzctl create 144 --ostemplate centos-4-i386-minimal
$ vzctl start 144
$ vzyum 144 install dhcp
$ vzctl set 144 --netif_add eth0 --save
$ brctl show
$ brctl addif vzbr0 veth144.0
$ ifconfig vzbr0
$ cat /proc/sys/net/ipv4/conf/vzbr0/forwarding
$ cat /proc/sys/net/ipv4/conf/vzbr0/proxy_arp
$ echo 1 > /proc/sys/net/ipv4/conf/vzbr0/forwarding
$ echo 1 > /proc/sys/net/ipv4/conf/vzbr0/proxy_arp
此外,您可能想尝试通过运行来调试 DHCP 服务器的交互tcpdump
。这些咒语可能有助于确定正在发生的事情。
例子
$ tcpdump -n -i br0 broadcast
-或者-
$ tcpdump -A -p -n -i br0
-或者-
$ tcpdump -i br0 host <ip of client> -l