Linux with Operating System Concepts

Download 5,65 Mb.

Pdf ko'rish

bet	189/254
Sana	22.07.2022
Hajmi	5,65 Mb.
	#840170

1 ... 185 186 187 188 189 190 191 192 ... 254

Bog'liq
Linux-with-Operating-System-Concepts-Fox-Richard-CRC-Press-2014

Directive
Meaning
subnet
DHCP’s network (or subnet) address
netmask
DHCP’s local network (or subnet) netmask
range
Range of IP addresses available to assign to clients, ranges are indicated
by separating IP addresses with a space as in 10.11.12.1 10.11.12.20
routers
IP address (or alias) of router(s) that DHCP server will respond to
domain-name
the organization (or subnet) domain name
domain-name-servers
IP addresses (or aliases) of domain DNS servers
default-lease-time
value
value
is the amount of time (in seconds) that an IP address can be made
available to a client; once exceeded, the IP address expires and the client
must renew or request a new one
max-lease-time
value
value
is the maximum amount of time IP address is leased
authoritative
If listed, means this DHCP is the official server for network
log-facility
level
Use level listed for syslogd logging (e.g., local7)
group
Specify parameters that apply to a group of subnets

Network Configuration
◾
507
Since both subnets are part of the same organization’s network, they share the same
domain-name and domain-name-servers, defined in a global section.
This example does not illustrate the use of
leases
. A lease means that the IP address,
when issued to a client, is of limited duration and once it expires, the IP address is returned
to the DHCP server’s pool of addresses. A client with an expired IP address must ask for
a new one. This might be set up whereby the client is able to reattain the same IP address
(renew the lease) or it might be set up where the client loses that address and upon receiv-
ing a new IP address, it can very well differ.
We can also establish one or more entries for pools. A pool contains a set of IP addresses
that are available to computers that are not covered by one of the subnet entries. This allows
you to not only offer addresses outside the given subnets, but to also establish different
options such as less or more restrictive leases, or access outside a firewall to one set of
addresses while those in the pool are restricted from Internet communication.
With your configuration file now available, you must perform two or three more tasks.
First, you must restart the service. Second, you must permit DHCP requests to come in
through your firewall. Typically, DHCP requests come over port 67 under the UDP proto-
col. You could add a rule to your firewall (see Section 12.6) to permit protocol UDP port 67.
Third, if necessary, you must modify your local routers to know where the DHCP server is
located (the machine’s IP address).
The DHCP software comes with IPv6 components (e.g.,
/etc/sysconfig/dhcpd6
and
/etc/dhcp/dhcpd6.conf
). Additionally, dhcpd stores lease information under
/var/lib/dhcpd/dhcpd.leases
and
/var/lib/dhcpd/dhcpd6.leases
.
12.5 NETWORK PROGRAMS
The primary duties of the system administrator with respect to the network are to ensure
that the network is accessible and that access to the network is secure. We consider security
in Section 12.6. Here, we examine some of the available Linux programs that let the system
administrator (or the user in many cases) query network status.
12.5.1 The ip Program
There have been a whole host of programs available for querying network information.
Most of these are now obsolete with the same functionality woven into the program
ip
. It
makes ip an umbrella program. It can be used to show routing tables, show device informa-
tion, set routing information, set device information, or provide network tunnels.
*
As ip
can do so many things, there are different specific commands available. The basic syntax
for ip is
ip [options]

Download 5,65 Mb.

Do'stlaringiz bilan baham:

1 ... 185 186 187 188 189 190 191 192 ... 254