PowerEdge: Red Hat Linux Sistemi'ne Ağ Hizmeti Dağıtma

Adımların Kısa Özeti

1. Hizmeti arama ve yükleme (yum/rpm) 
2. Hizmeti başlatma ve etkinleştirme (systemctl) 
3. Güvenlik duvarı izin hizmeti (güvenlik duvarı-cmd) 
4. Varsayılan yapılandırma dosyalarını (*.conf, *.cnf, *.cfg vb.) ilk kez yedekledikten sonra servis yapılandırma dosyalarını arayın ve değiştirin. Yardım ve örnekleri bulmak için "man" komutunu kullanın. Yapılandırma dosyalarını düzenlemek için "vim" komutunu kullanın. Söz dizimi kontrol edin.
5. Dosya iznini ve güvenlik politikasını gözden geçir ve ayarla (chmod/chown/setfacl/selinux) 
6. Hizmeti yeniden başlatın ve sorun giderme işlemi gerçekleştirin (hizmet yeniden başlatılana kadar başarısız olursa) 
7. Servis durumunu test edin ve doğrulayın (sonucun beklenenden emin olma) 

DHCP hizmetindeki Belirli Komutlara Sahip Özet Adımlar

1. DHCP hizmetini arama ve yükleme

[root@servera ~]# yum search dhcp*
Last metadata expiration check: 0:13:07 ago on Thu 18 May 2023 06:54:40 AM GMT.
============================================================== Name Matched: dhcp* ===============================================================

dhcp-libs.x86_64 : Shared libraries used by ISC dhcp client and server
dhcp-libs.i686 : Shared libraries used by ISC dhcp client and server
dhcp-libs.x86_64 : Shared libraries used by ISC dhcp client and server
dhcp-relay.x86_64 : Provides the ISC DHCP relay agent
dhcp-client.x86_64 : Provides the ISC DHCP client daemon and dhclient-script
dhcp-common.noarch : Common files used by ISC dhcp client, server and relay agent
dhcp-client.x86_64 : Provides the ISC DHCP client daemon and dhclient-script
dhcp-common.noarch : Common files used by ISC dhcp client, server and relay agent
dhcp-server.x86_64 : Provides the ISC DHCP server      -- this is the dhcp service installation package 
[root@servera ~]#

[root@servera ~]# yum list dhcp-server
Last metadata expiration check: 0:15:12 ago on Thu 18 May 2023 06:54:40 AM GMT.
Available Packages      
dhcp-server.x86_64                 12:4.3.6-34.el8                 rhel-8.1-for-x86_64-baseos-rpms
[root@servera ~]#

[root@servera ~]# yum provides dhcp-server
Last metadata expiration check: 0:17:31 ago on Thu 18 May 2023 06:54:40 AM GMT.
dhcp-server-12:4.3.6-34.el8.x86_64 : Provides the ISC DHCP server
Repo        : rhel-8.1-for-x86_64-baseos-rpms      
Matched from:
Provide    : dhcp-server = 12:4.3.6-34.el8
[root@servera ~]#

[root@servera ~]# yum -y install dhcp-server
Last metadata expiration check: 0:20:30 ago on Thu 18 May 2023 06:54:40 AM GMT.
Dependencies resolved.
==============================================================================
 Package                       Architecture             Version                           Repository                                         Size
==============================================================================
Installing:
 dhcp-server                   x86_64                   12:4.3.6-34.el8                   rhel-8.1-for-x86_64-baseos-rpms                   530 k
Transaction Summary
==============================================================================
Install  1 Package
Total download size: 530 k
Installed size: 1.3 M
Downloading Packages:
dhcp-server-4.3.6-34.el8.x86_64.rpm                                                                               5.6 MB/s | 530 kB     00:00    
-----------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                             5.3 MB/s | 530 kB     00:00     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                          1/1 
  Running scriptlet: dhcp-server-12:4.3.6-34.el8.x86_64                                                                                       1/1 
  Installing       : dhcp-server-12:4.3.6-34.el8.x86_64                                                                                       1/1 
  Running scriptlet: dhcp-server-12:4.3.6-34.el8.x86_64                                                                                       1/1 
  Verifying        : dhcp-server-12:4.3.6-34.el8.x86_64                                                                                       1/1 
Installed:
  dhcp-server-12:4.3.6-34.el8.x86_64                                                                                                              
Complete!
[root@servera ~]#

2. DHCP hizmetini başlatma ve etkinleştirme

[root@servera ~]# rpm -ql dhcp-server | grep .service
/usr/lib/systemd/system/dhcpd.service      
/usr/lib/systemd/system/dhcpd6.service
[root@servera ~]#

[root@servera ~]# systemctl list-unit-files | grep dhcp
dhcpd.service                              disabled      
dhcpd6.service                             disabled       
[root@servera ~]#

[root@servera ~]# systemctl enable --now dhcpd      
Created symlink /etc/systemd/system/multi-user.target.wants/dhcpd.service → /usr/lib/systemd/system/dhcpd.service.
Job for dhcpd.service failed because the control process exited with error code.
See "systemctl status dhcpd.service" and "journalctl -xe" for details.
[root@servera ~]#

[root@servera ~]# systemctl status dhcpd        ● dhcpd.service - DHCPv4 Server Daemon    Loaded: loaded (/usr/lib/systemd/system/dhcpd.service; enabled; vendor preset: disabled)        Active: failed (Result: exit-code) since Thu 2023-05-18 07:24:16 GMT; 56s ago       Docs: man:dhcpd(8)                  man:dhcpd.conf(5)   Process: 3963 ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid $DHCPDARGS (code=exited, status=1/FAILURE)     Main PID: 3963 (code=exited, status=1/FAILURE) May 18 07:24:16 servera dhcpd[3963]: have been made to the base software release in order to make May 18 07:24:16 servera dhcpd[3963]: it work better with this distribution. May 18 07:24:16 servera dhcpd[3963]:  May 18 07:24:16 servera dhcpd[3963]: Please report issues with this software via: May 18 07:24:16 servera dhcpd[3963]: bugzilla-redhat-com May 18 07:24:16 servera dhcpd[3963]:  May 18 07:24:16 servera dhcpd[3963]: exiting. May 18 07:24:16 servera systemd[1]: dhcpd.service: Main process exited, code=exited, status=1/FAILURE May 18 07:24:16 servera systemd[1]: dhcpd.service: Failed with result 'exit-code'. May 18 07:24:16 servera systemd[1]: Failed to start DHCPv4 Server Daemon. [root@servera ~]#

3. Güvenlik duvarı izin hizmeti

 [root@servera ~]# firewall-cmd --permanent --add-service=dhcp success [root@servera ~]#  [root@servera ~]# firewall-cmd --reload  success [root@servera ~]#  [root@servera ~]# firewall-cmd --list-all public (active)   target: default   icmp-block-inversion: no   interfaces: eth0 eth1   sources:    services: cockpit dhcp dhcpv6-client ssh   ports:    protocols:    masquerade: no   forward-ports:    source-ports:    icmp-blocks:    rich rules:  [root@servera ~]#

4. Servis yapılandırma dosyalarında arama ve değiştirme

 [root@servera ~]# rpm -qc dhcp-server /etc/dhcp/dhcpd.conf       /etc/dhcp/dhcpd6.conf /etc/openldap/schema/dhcp.schema /etc/sysconfig/dhcpd       /var/lib/dhcpd/dhcpd.leases /var/lib/dhcpd/dhcpd6.leases [root@servera ~]# [root@servera ~]# cat /etc/dhcp/dhcpd.conf # # DHCP Server Configuration file. #   see /usr/share/doc/dhcp-server/dhcpd.conf.example    #   see dhcpd.conf(5) man page # [root@servera ~]# [root@servera ~]# cp /etc/dhcp/dhcpd.conf /etc/dhcp/dhcpd.conf.bak    [root@servera ~]#  [root@servera ~]# vim /etc/dhcp/dhcpd.conf        :r /usr/share/doc/dhcp-server/dhcpd.conf.example    Then make changes, get following result finally :  # # dhcpd.conf # option domain-name "example-net"; option domain-name-servers 172.25.254.254; default-lease-time 800; max-lease-time 7200; authoritative; log-facility local7; subnet 192.168.0.0 netmask 255.255.255.0 {   range 192.168.0.200 192.168.0.254;   option domain-name-servers 172.25.254.254;   option domain-name "example-net";   option routers 192.168.0.1;   option broadcast-address 192.168.0.255;   default-lease-time 800;   max-lease-time 7200; } # assign one specific ip address to host serverb host serverb {   hardware ethernet 52:54:00:01:fa:0b;   fixed-address 192.168.0.102; } [root@servera ~]# cat /etc/sysconfig/dhcpd # WARNING: This file is NOT used anymore. # If you are here to restrict what interfaces should dhcpd listen on, # be aware that dhcpd listens *only* on interfaces for which it finds subnet # declaration in dhcpd.conf. It means that explicitly enumerating interfaces # also on command line should not be required in most cases. # If you still insist on adding some command line options, # copy dhcpd.service from /lib/systemd/system to /etc/systemd/system and modify # it there. # example:       # $ cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/ # $ vi /etc/systemd/system/dhcpd.service # $ ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid # $ systemctl --system daemon-reload # $ systemctl restart dhcpd.service [root@servera ~]# [root@servera ~]# vi /etc/systemd/system/dhcpd.service ... [Service] ... ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid eth1       ... [root@servera ~]# dhcpd -t       Internet Systems Consortium DHCP Server 4.3.6 Copyright 2004-2017 Internet Systems Consortium. All rights reserved. For info, please visit www-isc-org/software/dhcp/ ldap_gssapi_principal is not set,GSSAPI Authentication for LDAP will not be used Not searching LDAP since ldap-server, ldap-port and ldap-base-dn were not specified in the config file Config file: /etc/dhcp/dhcpd.conf Database file: /var/lib/dhcpd/dhcpd.leases PID file: /var/run/dhcpd.pid Source compiled to use binary-leases [root@servera ~]#  [root@servera ~]# echo $? 0       [root@servera ~]#

5. Dosya iznini ve güvenlik politikasını gözden geçirme ve ayarlama

6. Hizmeti yeniden başlatın

 [root@servera ~]# systemctl --system daemon-reload [root@servera ~]#  [root@servera ~]# systemctl restart dhcpd.service [root@servera ~]#  [root@servera ~]# systemctl status dhcpd ● dhcpd.service - DHCPv4 Server Daemon    Loaded: loaded (/etc/systemd/system/dhcpd.service; enabled; vendor preset: disabled)    Active: active (running) since Thu 2023-05-18 08:00:00 GMT; 16s ago            Docs: man:dhcpd(8)            man:dhcpd.conf(5)  Main PID: 4514 (dhcpd)    Status: "Dispatching packets..."     Tasks: 1 (limit: 11251)    Memory: 5.2M    CGroup: /system.slice/dhcpd.service            └─4514 /usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid eth1 May 18 08:00:00 servera systemd[1]: Started DHCPv4 Server Daemon. May 18 08:00:12 servera dhcpd[4514]: DHCPDISCOVER from 52:54:00:01:fa:0d via eth1 May 18 08:00:12 servera dhcpd[4514]: DHCPDISCOVER from 52:54:00:02:fa:0d via eth1 May 18 08:00:13 servera dhcpd[4514]: DHCPOFFER on 192.168.0.200 to 52:54:00:01:fa:0d (serverd) via eth1 May 18 08:00:13 servera dhcpd[4514]: DHCPREQUEST for 192.168.0.200 (192.168.0.10) from 52:54:00:01:fa:0d (serverd) via eth1 May 18 08:00:13 servera dhcpd[4514]: DHCPACK on 192.168.0.200 to 52:54:00:01:fa:0d (serverd) via eth1 May 18 08:00:13 servera dhcpd[4514]: ICMP Echo Reply for 192.168.0.200 late or spurious. May 18 08:00:13 servera dhcpd[4514]: DHCPOFFER on 192.168.0.201 to 52:54:00:02:fa:0d (serverd) via eth1 May 18 08:00:13 servera dhcpd[4514]: DHCPREQUEST for 192.168.0.201 (192.168.0.10) from 52:54:00:02:fa:0d (serverd) via eth1 May 18 08:00:13 servera dhcpd[4514]: DHCPACK on 192.168.0.201 to 52:54:00:02:fa:0d (serverd) via eth1 [root@servera ~]# Notes:  If service fails to restart, you should do further trouble-shooting to resolve it.  From the below logs, you may find some valuable clues.  [root@server ~]# tail /var/log/messages [root@server ~]# journalctl -u [service unit name]

7. Servis durumunu test edin ve doğrulayın

 From another host serverb to check if dhcp service working fine.  [root@serverb ~]# nmcli connection show | grep eth1 Wired connection 2  706e063c-ee02-349e-8311-2c9837611ec4  ethernet  eth1    [root@serverb ~]# [root@serverb ~]# nmcli connection modify Wired\ connection\ 2 ipv4.method auto connection.autoconnect yes [root@serverb ~]#  [root@serverb ~]# nmcli connection up Wired\ connection\ 2 Connection successfully activated (D-Bus active path: /org/freedesktop/NetworkManager/ActiveConnection/260) [root@serverb ~]#  [root@serverb ~]# ip address show eth1 3: eth1: mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 52:54:00:01:fa:0b brd ff:ff:ff:ff:ff:ff     inet 192.168.0.102/24 brd 192.168.0.255 scope global dynamic noprefixroute eth1        valid_lft 777sec preferred_lft 777sec     inet6 fe80::dead:38b9:8837:8c6e/64 scope link noprefixroute         valid_lft forever preferred_lft forever [root@serverb ~]# [root@serverb ~]# ping 192.168.0.10       PING 192.168.0.10 (192.168.0.10) 56(84) bytes of data. 64 bytes from 192.168.0.10: icmp_seq=1 ttl=64 time=3.21 ms 64 bytes from 192.168.0.10: icmp_seq=2 ttl=64 time=1.64 ms 64 bytes from 192.168.0.10: icmp_seq=3 ttl=64 time=1.19 ms ^C --- 192.168.0.10 ping statistics --- 3 packets transmitted, 3 received, 0% packet loss, time 10ms rtt min/avg/max/mdev = 1.189/2.013/3.210/0.867 ms [root@serverb ~]# [root@servera ~]# ip address show eth1 3: eth1: mtu 1500 qdisc fq_codel state UP group default qlen 1000     link/ether 52:54:00:01:fa:0a brd ff:ff:ff:ff:ff:ff     inet 192.168.0.10/24 brd 192.168.0.255 scope global noprefixroute eth1        valid_lft forever preferred_lft forever     inet6 fe80::8779:8d69:d3cf:3fab/64 scope link noprefixroute         valid_lft forever preferred_lft forever [root@servera ~]# 

İyi bilinen servis adı tablosu listesi aşağıda verilmiştir: