867 瀏覽數

限制 DHCP 傾聽的網路埠

通常在多網路埠的系統啟動 DHCP 會去設定 /etc/sysconfig/dhcpd 來限制 DHCP 傾聽的網路裝置(預設 DHCP 使用第一個埠),但在 CentOS / RHEL (RedHat) 7 設定不一樣了.

測試環境為 CentOS7 x86_64

步驟就寫在 /etc/sysconfig/dhcpd 檔案裡面,透過 CentOS7 的 systemd 啟動 DHCP 服務時同時限制要傾聽的網路裝置.

[root@localhost ~]$ vi /etc/sysconfig/dhcpd

# WARNING: This file is NOT used anymore.

# If you are here to restrict what interfaces should dhcpd listen on,
# be aware that dhcpd listens *only* on interfaces for which it finds subnet
# declaration in dhcpd.conf. It means that explicitly enumerating interfaces
# also on command line should not be required in most cases.

# If you still insist on adding some command line options,
# copy dhcpd.service from /lib/systemd/system to /etc/systemd/system and modify
# it there.
# https://fedoraproject.org/wiki/Systemd#How_do_I_customize_a_unit_file.2F_add_a_custom_unit_file.3F

# example:
# $ cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
# $ vi /etc/systemd/system/dhcpd.service
# $ ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid <your_interface_name(s)>
# $ systemctl --system daemon-reload
# $ systemctl restart dhcpd.service
[root@localhost ~]$ cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
[root@localhost ~]$ vi /etc/systemd/system/dhcpd.service
[Unit]
Description=DHCPv4 Server Daemon
Documentation=man:dhcpd(8) man:dhcpd.conf(5)
Wants=network-online.target
After=network-online.target
After=time-sync.target

[Service]
Type=notify
ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid ens33

[Install]
WantedBy=multi-user.target

主要的修改是在 ExecStart 最後面加入要限制傾聽的網路裝置

[root@localhost ~]$ systemctl --system daemon-reload
[root@localhost ~]$ systemctl restart dhcpd.service

發表迴響