我的networking是10.10.0.0/16。 我想打破这个/ 24s。
我的环境:在具有两个NIC的Ubuntu 14.04服务器(网关,路由器)上,我使用/ etc / hosts中的dnsmasq用于DNS,而isc-dhcp-server用于DHCP。 eth0连接到ISP交换机,eth1(10.10.0.1/16)连接到LAN交换机。 所有客户端连接到LAN交换机。
configuration10.10.0.1:
TCP转发已启用:
:~$ sudo sysctl -p net.ipv4.ip_forward = 1 的/ etc /networking/接口:
auto lo iface lo inet loopback auto eth0 iface eth0 inet dhcp auto eth1 iface eth1 inet static address 10.10.0.1 netmask 255.255.0.0
/etc/dhcp/dhcpd.conf文件:
# general options authoritative; ddns-update-style none; log-facility local7; deny declines; default-lease-time 3600; option routers 10.10.0.1; option domain-name-servers 10.10.0.1; option domain-name "lab.info"; subnet 10.10.0.0 netmask 255.255.0.0 { } subnet 10.10.1.0 netmask 255.255.255.0 { range 10.10.1.1 10.10.1.254; deny unknown-clients; host host1 { hardware ethernet c8:33:eb:6e:df:3e; fixed-address host1; } } # Unknown clients subnet 10.10.255.0 netmask 255.255.255.0 { range 10.10.255.1 10.10.255.254; allow unknown-clients; }
/ etc / hosts中:
127.0.0.1 localhost 10.10.1.1 host1
host1能够从10.10.0.1接收正确的租约,但不能ping任何子网外的任何东西(10.10.1.0/24)。 据我所知,我需要路由器上的静态路由。 我试过没有成功:
sudo route add -net 10.10.1.0/24 gw 10.10.0.1
我究竟做错了什么?
它不按预期工作的原因是DHCP将查看接口,并尝试find一个最匹配的networking
您需要两个接口(或一个接口上的两个IP),具有不同的networking大小。
但是你应该避免重叠的networking
正确的configuration将有2个不重叠的networking,每个DHCPconfiguration有它自己的option routers 。 例:
RESCUE-CORE (VLAN1001) subnet 10.0.0.128 netmask 255.255.255.224 { authoritative; # allow unknown-clients; range 10.0.0.148 10.0.0.158; option subnet-mask 255.255.255.224; option routers 10.0.0.129; option domain-name-servers 10.100.101.10; option time-servers 10.100.101.5; default-lease-time 3600; max-lease-time 3600; next-server 10.100.101.5; } # RESCUE-ROUTERS (VLAN1002) subnet 10.0.0.160 netmask 255.255.255.224 { authoritative; # allow unknown-clients; range 172.16.254.180 172.16.254.190; option subnet-mask 255.255.255.224; option routers 172.16.254.161; option domain-name-servers 10.100.101.10; option time-servers 10.100.101.5; default-lease-time 3600; max-lease-time 3600; next-server 10.100.101.5; }
试试这些声明:
shared-network "mynet" { # No subnet 10.10.0.0 netmask 255.255.0.0 # since it would overlap with other subnets subnet 10.10.10.0 netmask 255.255.255.0 { option routers 10.10.0.1; } subnet 10.10.1.0 netmask 255.255.255.0 { option routers 10.10.1.1; # the range should not overlap with the router range 10.10.1.10 10.10.1.254; deny unknown-clients; } } host host1 { hardware ethernet c8:33:eb:6e:df:3e; fixed-address 10.10.1.5; }