Linux – 限制 DHCP 傾聽的網路埠


通常在多網路埠的系統啟動 DHCP 會去設定 /etc/sysconfig/dhcpd 來限制 DHCP 傾聽的網路裝置埠 (預設 DHCP 使用第一個埠).

[root@localhost ~]$ cat /etc/sysconfig/dhcpd
# Command line options here

但在 CentOS / RHEL (RedHat) 7 設定不一樣了.

測試環境為 CentOS7 x86_64

步驟就寫在 /etc/sysconfig/dhcpd 檔案裡面,透過 CentOS7 的 systemd 啟動 DHCP 服務時同時限制要傾聽的網路裝置.

[root@localhost ~]$ vi /etc/sysconfig/dhcpd

# WARNING: This file is NOT used anymore.

# If you are here to restrict what interfaces should dhcpd listen on,
# be aware that dhcpd listens *only* on interfaces for which it finds subnet
# declaration in dhcpd.conf. It means that explicitly enumerating interfaces
# also on command line should not be required in most cases.

# If you still insist on adding some command line options,
# copy dhcpd.service from /lib/systemd/system to /etc/systemd/system and modify
# it there.

# example:
# $ cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
# $ vi /etc/systemd/system/dhcpd.service
# $ ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid <your_interface_name(s)>
# $ systemctl --system daemon-reload
# $ systemctl restart dhcpd.service

dhcpd.service 適用於 IPv4 , IPv6 使用 dhcpd6.service
主要的修改是在 ExecStart 最後面加入要限制傾聽的網路裝置.

[root@localhost ~]$ cp /usr/lib/systemd/system/dhcpd.service /etc/systemd/system/
[root@localhost ~]$ vi /etc/systemd/system/dhcpd.service
Description=DHCPv4 Server Daemon
Documentation=man:dhcpd(8) man:dhcpd.conf(5)

ExecStart=/usr/sbin/dhcpd -f -cf /etc/dhcp/dhcpd.conf -user dhcpd -group dhcpd --no-pid ens33


重啟服務,如果是 ipv6 服務名稱則改為 dhcpd6.service

[root@localhost ~]$ systemctl --system daemon-reload
[root@localhost ~]$ systemctl restart dhcpd.service


IPv6 DHCP 服務會自行停掉,訊息如下.設定前面限制 DHCP 傾聽的網路埠就解決了.

[root@localhost ~]$ journal -u dhcpd6
dhcpd6.service: main process exited, code=killed , status=6/abrt 
dhcp6.service: Failed with result 'signal'


發佈留言必須填寫的電子郵件地址不會公開。 必填欄位標示為 *

這個網站採用 Akismet 服務減少垃圾留言。進一步了解 Akismet 如何處理網站訪客的留言資料