我的网络是 10.10.0.0/16。我想将其分成 /24 个。
我的环境:我在一台拥有两块网卡的 Ubuntu 14.04 服务器(网关、路由器)上使用 /etc/hosts 和 dnsmasq 进行 DNS 和 isc-dhcp-server 进行 DHCP。eth0 连接到 ISP 交换机,eth1(10.10.0.1/16)连接到 LAN 交换机。所有客户端都连接到 LAN 交换机。
10.10.0.1上的配置:
TCP 转发已启用:
:~$ sudo sysctl -p
net.ipv4.ip_forward = 1
在 /etc/网络/接口:
auto lo
iface lo inet loopback
auto eth0
iface eth0 inet dhcp
auto eth1
iface eth1 inet static
address 10.10.0.1
netmask 255.255.0.0
/etc/dhcp/dhcpd.conf:
# general options
authoritative;
ddns-update-style none;
log-facility local7;
deny declines;
default-lease-time 3600;
option routers 10.10.0.1;
option domain-name-servers 10.10.0.1;
option domain-name "lab.info";
subnet 10.10.0.0 netmask 255.255.0.0 {
}
subnet 10.10.1.0 netmask 255.255.255.0 { range 10.10.1.1 10.10.1.254; deny unknown-clients;
host host1 { hardware ethernet c8:33:eb:6e:df:3e; fixed-address host1; }
}
# Unknown clients
subnet 10.10.255.0 netmask 255.255.255.0 { range 10.10.255.1 10.10.255.254; allow unknown-clients; }
在 /etc/hosts 中:
127.0.0.1 localhost
10.10.1.1 host1
host1 能够从 10.10.0.1 接收正确的租约,但无法 ping 通其子网 (10.10.1.0/24) 之外的任何内容。据我所知,我需要路由器上的静态路由。我尝试过但没有成功:
sudo route add -net 10.10.1.0/24 gw 10.10.0.1
我究竟做错了什么?
答案1
它不能按预期工作,原因是 DHCP 将查看接口并尝试找到一个最匹配的网络
您需要 2 个具有不同网络大小的接口(或一个接口上的 2 个 IP)。
但你应该避免网络重叠
正确的配置应该有 2 个不重叠的网络,并且每个 DHCP 配置都有自己的option routers
。例如:
RESCUE-CORE (VLAN1001)
subnet 10.0.0.128 netmask 255.255.255.224 {
authoritative;
# allow unknown-clients;
range 10.0.0.148 10.0.0.158;
option subnet-mask 255.255.255.224;
option routers 10.0.0.129;
option domain-name-servers 10.100.101.10;
option time-servers 10.100.101.5;
default-lease-time 3600;
max-lease-time 3600;
next-server 10.100.101.5;
}
# RESCUE-ROUTERS (VLAN1002)
subnet 10.0.0.160 netmask 255.255.255.224 {
authoritative;
# allow unknown-clients;
range 172.16.254.180 172.16.254.190;
option subnet-mask 255.255.255.224;
option routers 172.16.254.161;
option domain-name-servers 10.100.101.10;
option time-servers 10.100.101.5;
default-lease-time 3600;
max-lease-time 3600;
next-server 10.100.101.5;
}
答案2
尝试这些声明:
shared-network "mynet" {
# No subnet 10.10.0.0 netmask 255.255.0.0
# since it would overlap with other subnets
subnet 10.10.10.0 netmask 255.255.255.0 {
option routers 10.10.0.1;
}
subnet 10.10.1.0 netmask 255.255.255.0 {
option routers 10.10.1.1;
# the range should not overlap with the router
range 10.10.1.10 10.10.1.254;
deny unknown-clients;
}
}
host host1 {
hardware ethernet c8:33:eb:6e:df:3e;
fixed-address 10.10.1.5;
}