- 我有 2 张网卡,
enp0s3分别用于 WAN 和enp0s8LAN。 - WAN 具有动态 IP 地址(从 ISP 接收)。
- LAN 具有用于我的本地网络的 C 类静态 IP 地址
- 我有 isc-dhcp-server,其配置如下:
nano /etc/dhcp/dhcpd.conf
# ISC-DHCP-Server Configuration
authoritative;
option wpad code 252 = text;
server-identifier 192.168.0.10;
deny duplicates;
one-lease-per-client true;
deny declines;
deny client-updates;
ping-check true;
log-facility local7;
ddns-update-style none;
host user3 {
hardware ethernet 40:e2:30:f4:00:04;
fixed-address 192.168.0.90;
}
host user1 {
hardware ethernet 40:e2:30:f4:00:02;
fixed-address 192.168.0.50;
}
class "blockdhcp" {
match pick-first-value (option dhcp-client-identifier, hardware);
}
subclass "blockdhcp" 1:90:68:c3:00:00:00;
subnet 192.168.0.0 netmask 255.255.255.0 {
option routers 192.168.0.10;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
#option domain-name "example.org";
option domain-name-servers 8.8.8.8,8.8.4.4;
min-lease-time 2592000; # 30 days
default-lease-time 2592000; # 30 days
max-lease-time 2592000; # 30 days
pool {
min-lease-time 60;
default-lease-time 60;
max-lease-time 60;
deny members of "blockdhcp";
range 192.168.0.100 192.168.0.250;
}
}
问题是 isc-dhcp-server 显示错误消息enp0s3(10.0.2.15)没有子网声明因为它要求我为 WAN 分配一个范围,但这是不可能的,因为它是动态的,ISP 提供商最终可以更改 IP
sudo systemctl status isc-dhcp-server
● isc-dhcp-server.service - ISC DHCP IPv4 server
Loaded: loaded (/lib/systemd/system/isc-dhcp-server.service; enabled; vendor preset: enabled)
Active: active (running) since Wed 2023-01-18 18:29:32 -05; 7min ago
Docs: man:dhcpd(8)
Main PID: 17055 (dhcpd)
Tasks: 4 (limit: 19112)
Memory: 4.9M
CPU: 24ms
CGroup: /system.slice/isc-dhcp-server.service
└─17055 dhcpd -user dhcpd -group dhcpd -f -4 -pf /run/dhcp-server/dhcpd.pid -cf /etc/dhcp/dhcpd.conf
ene 18 18:29:32 uservm dhcpd[17055]: Sending on LPF/enp0s8/08:00:27:8d:e7:c9/192.168.0.0/24
ene 18 18:29:32 uservm dhcpd[17055]:
ene 18 18:29:32 uservm dhcpd[17055]: No subnet declaration for enp0s3 (10.0.2.15).
ene 18 18:29:32 uservm dhcpd[17055]: ** Ignoring requests on enp0s3. If this is not what
ene 18 18:29:32 uservm dhcpd[17055]: you want, please write a subnet declaration
ene 18 18:29:32 uservm dhcpd[17055]: in your dhcpd.conf file for the network segment
ene 18 18:29:32 uservm dhcpd[17055]: to which interface enp0s3 is attached. **
ene 18 18:29:32 uservm dhcpd[17055]:
ene 18 18:29:32 uservm dhcpd[17055]: Sending on Socket/fallback/fallback-net
ene 18 18:29:32 uservm dhcpd[17055]: Server starting service.
我该如何避免这种情况,以便不再出现这些充斥日志的错误消息?提前致谢
答案1
虽然另一个答案是正确的,因为忽略此警告是安全的,但有些人更喜欢“零警告策略”,通过提前配置系统,使其不会针对已知情况发出警告。这样,系统仍然生成的任何警告都是有意义的,您不会在“已知和预期警告”流中意外错过它们。
您可以将 dhcpd 配置为仅监听您希望它提供服务的接口,其配置如下/etc/default/isc-dhcp-server:
INTERFACES="enp0s8"
(默认情况下,它会监听所有地方)。在较新的系统上,您可能需要按如下方式进行设置:
INTERFACESv4="enp0s8"
INTERFACESv6=""
抑制警告的另一种方法是让它知道接口/子网存在,但不为其提供任何服务。这里有一个如何做到这一点的示例在股票中dhcpd.conf文件(可能不是 Ubuntu 或 Debian 在 /etc 中安装的文件):
# No service will be given on this subnet, but declaring it helps the
# DHCP server to understand the network topology.
subnet 10.152.187.0 netmask 255.255.255.0 {
}
(将其替换为您在 WAN NIC 上的网络)。这正是警告本身所建议的。
答案2
ene 18 18:29:32 uservm dhcpd[17055]: No subnet declaration for enp0s3 (10.0.2.15).
ene 18 18:29:32 uservm dhcpd[17055]: ** Ignoring requests on enp0s3. If this is not what
ene 18 18:29:32 uservm dhcpd[17055]: you want, please write a subnet declaration
ene 18 18:29:32 uservm dhcpd[17055]: in your dhcpd.conf file for the network segment
ene 18 18:29:32 uservm dhcpd[17055]: to which interface enp0s3 is attached. **
意思是“我对该接口和它所连接的子网一无所知,因此我将忽略来自它的任何 DHCP 请求”。这完全没问题,因为您实际上并不想在 WAN 接口上提供 DHCP 服务。
只需忽略警告并继续。