千家信息网

请输入关键字词

热门搜索排行

最新搜索排行

导航: 首页 > 网络安全 >

Centos 7下IPV6 有状态DHCPV6配置

发表于:2025-12-03 作者:千家信息网编辑
千家信息网最后更新 2025年12月03日,yum源安装keayum install epel-releaseyum install keaDEMONps aux| grep kearpm -qa kea查看dhcpv6默认配置cat /etc
千家信息网最后更新 2025年12月03日Centos 7下IPV6 有状态DHCPV6配置

yum源安装kea

yum install epel-release

yum install kea



DEMON

ps aux| grep kea

rpm -qa kea


查看dhcpv6默认配置

cat /etc/kea/kea.conf


启动kea-dhcpv6并查看kea启动过程

systemctl start kea-dhcp6

systemctl status kea-dhcp6

systemctl -l status kea-dhcp6


通过tcpdump查看服务器数据包交互过程

tcpdump -i eth0 -w dhcp6.pcap




关闭防火墙

systemctl stop firewalld.service

注意:必须要关闭防火墙否则造成dhcpv6分配地址无法下发。


用到的文件:

/var/lib/kea/kea-leases6.csv 默认情况下存放ipv6地址以及终端的设备信息,可查看到域账号mac地址等信息。

/var/log/kea-dhcp6.log 我开的debug模式。可查看dhcp6运行状态的日志。



Centos 7 修改dns

修改/etc/NetworkManager/NetworkManager.conf

[main]

plugins=ifcfg-rh

dns=none

手工修改 /etc/resolv.conf

nameserver 114.114.114.114

nameserver 8.8.8.8


服务器网卡静态ipv6配置:


[root@localhost kea]# vi /etc/sysconfig/network-scripts/ifcfg-eno16777736

TYPE=Ethernet

BOOTPROTO=static

DEFROUTE=yes

PEERDNS=yes

PEERROUTES=yes

IPV4_FAILURE_FATAL=no

IPV6INIT=yes

IPV6_AUTOCONF=no

IPV6_DEFROUTE=yes

IPV6_PEERDNS=yes

IPV6_PEERROUTES=yes

IPV6_FAILURE_FATAL=no

NAME=eno16777736

UUID=03b35ca7-4678-48ca-ab46-5782367cd56a

DEVICE=eno16777736

ONBOOT=yes

IPADDR=X.X.X.X

GATEWAY=X.X.X.X

NETMASK=X.X.X.X

IPVADDR=2001:da8:XXXX:XXXX:24::125

IPV6_DEFAULTGW=2001:da8:XXXX:XXXX:24::1

IPV6ADDR=2001:da8:XXXX:XXXX:24::125/80




kea-dhcpv6 配置:


{


"Dhcp6":

{

# Add names of interfaces to listen on.

"interfaces-config": {

"interfaces": ["eno16777736/2001:da8:XXXX:XXXX:24:aefd:ddb0:7d02"]

},


"option-data": [{"name": "unicast","data": "2001:da8:XXXX:XXXX:24:aefd:ddb0:7d02"} ],

# Use Memfile lease database backend to store leases in a CSV file.


# Setup reclamation of the expired leases and leases affinity.

# Expired leases will be reclaimed every 10 seconds. Every 25

# seconds reclaimed leases, which have expired more than 3600

# seconds ago, will be removed. The limits for leases reclamation

# are 100 leases or 250 ms for a single cycle. A warning message

# will be logged if there are still expired leases in the

# database after 5 consecutive reclamation cycles.

# "expired-leases-processing": {

# "reclaim-timer-wait-time": 10,

# "flush-reclaimed-timer-wait-time": 25,

# "hold-reclaimed-time": 3600,

# "max-reclaim-leases": 100,

# "max-reclaim-time": 250,

# "unwarned-reclaim-cycles": 5

# },


# Addresses will be assigned with preferred and valid lifetimes

# being 3000 and 4000, respectively. Client is told to start

# renewing after 1000 seconds. If the server does not respond

# after 2000 seconds since the lease was granted, client is supposed

# to start REBIND procedure (emergency renewal that allows switching

# to a different server).

"preferred-lifetime": 3000,

"valid-lifetime": 4000,

"renew-timer": 1000,

"rebind-timer": 2000,


# The following list defines subnets. Uncomment to enable them.

"subnet6": [

{ "subnet": "2001:da8:XXXX:XXXX:25::/80",

"pools": [ { "pool": "2001:da8:XXXX:XXXX:25::/80" } ],

"interface-id":"vlan25"


},


{ "subnet": "2001:da8:XXXX:XXXX:26::/80",

"pools": [ { "pool": "2001:da8:XXXX:XXXX:26::/80" } ],

"interface-id":"vlan26"


},

# { "subnet": "2001:db8:3::/64",

# "pools": [ { "pool": "2001:db8:3::/80" } ] },

# { "subnet": "2001:db8:4::/64",

# "pools": [ { "pool": "2001:db8:4::/80" } ] }

]

},


# DHCP DDNS configuration starts here.


# Logging configuration starts here. It tells Kea servers to store

# all log messages (on severity INFO or more) in a file.

# debuglevel variable is used on DEBUG level only.

"Logging":

{

"loggers": [

{

"name": "kea-dhcp4",

"output_options": [

{

"output": "/var/log/kea-dhcp4.log"

}

],

"severity": "INFO",

"debuglevel": 0

},

{

"name": "kea-dhcp6",

"output_options": [

{

"output": "/var/log/kea-dhcp6.log"

}

],

"severity": "DEBUG", /日志开启到debug级别,可以查看分配的地址信息。

"debuglevel": 99

},

{

"name": "kea-dhcp-ddns",

"output_options": [

{

"output": "/var/log/kea-ddns.log"

}

],

"severity": "INFO",

"debuglevel": 0

}

]

}


}



如果自己网段内需要dhcpv6服务 需开通以下:




[root@localhost kea]# cat /etc/kea/kea.conf

# This is a basic configuration for the Kea DHCPv4 and DHCPv6 servers.

# Subnet declarations are commented out and no interfaces are listed.

# Therefore, the servers will not listen or respond to any queries.

# The basic configuration must be extended to specify interfaces on

# which the servers should listen. Also, subnets and options must be

# declared.

{


# DHCPv4 configuration starts here.

#"Dhcp4":

#{

# Add names of interfaces to listen on.

# "interfaces-config": {

# "interfaces": [ ]

# },


# Use Memfile lease database backend to store leases in a CSV file.

# "lease-database": {

# "type": "memfile"

# },


# Setup reclamation of the expired leases and leases affinity.

# Expired leases will be reclaimed every 10 seconds. Every 25

# seconds reclaimed leases, which have expired more than 3600

# seconds ago, will be removed. The limits for leases reclamation

# are 100 leases or 250 ms for a single cycle. A warning message

# will be logged if there are still expired leases in the

# database after 5 consecutive reclamation cycles.

# "expired-leases-processing": {

# "reclaim-timer-wait-time": 10,

# "flush-reclaimed-timer-wait-time": 25,

# "hold-reclaimed-time": 3600,

# "max-reclaim-leases": 100,

# "max-reclaim-time": 250,

# "unwarned-reclaim-cycles": 5

# },


# Global (inherited by all subnets) lease lifetime is mandatory parameter.

# "valid-lifetime": 4000,


# Below an example of the simple subnet declaration. Uncomment to

# enable it. This is a list, denoted with [ ], of structure, denoted

# with { }. Each structure describes a single subnet and may have

# several parameters. One of those parameters is "pools" that is

# also a list of structures.

# "subnet4": [

# { "subnet": "192.0.2.0/24",

# "pools": [ { "pool": "192.0.2.1 - 192.0.2.200" } ] }

# ]

#},


# DHCPv6 configuration starts here.

"Dhcp6":

{

# Add names of interfaces to listen on.

"interfaces-config": {

"interfaces": ["eno16777736/2001:da8:XXXX:XXXX:24::125"]

},


"option-data": [{"name": "unicast","data": "2001:da8:XXXX:XXXX:24::125"} ],

# Use Memfile lease database backend to store leases in a CSV file.


# Setup reclamation of the expired leases and leases affinity.

# Expired leases will be reclaimed every 10 seconds. Every 25

# seconds reclaimed leases, which have expired more than 3600

# seconds ago, will be removed. The limits for leases reclamation

# are 100 leases or 250 ms for a single cycle. A warning message

# will be logged if there are still expired leases in the

# database after 5 consecutive reclamation cycles.

# "expired-leases-processing": {

# "reclaim-timer-wait-time": 10,

# "flush-reclaimed-timer-wait-time": 25,

# "hold-reclaimed-time": 3600,

# "max-reclaim-leases": 100,

# "max-reclaim-time": 250,

# "unwarned-reclaim-cycles": 5

# },


# Addresses will be assigned with preferred and valid lifetimes

# being 3000 and 4000, respectively. Client is told to start

# renewing after 1000 seconds. If the server does not respond

# after 2000 seconds since the lease was granted, client is supposed

# to start REBIND procedure (emergency renewal that allows switching

# to a different server).

"preferred-lifetime": 3000,

"valid-lifetime": 4000,

"renew-timer": 1000,

"rebind-timer": 2000,


# The following list defines subnets. Uncomment to enable them.

"subnet6": [

{ "subnet": "2001:da8:XXXX:XXXX:25::/80",

"pools": [ { "pool": "2001:da8:XXXX:XXXX:25::/80" } ],

"interface-id":"vlan25"


},


{ "subnet": "2001:da8:XXXX:XXXX:24::/80",

"pools": [ { "pool": "2001:da8:XXXX:XXXX:24::/80" } ],

"interface":"eno16777736"


},

{ "subnet": "2001:da8:XXXX:XXXX:26::/80",

"pools": [ { "pool": "2001:da8:XXXX:XXXX:26::/80" } ],

"interface-id":"vlan26"


},

# { "subnet": "2001:db8:3::/64",

# "pools": [ { "pool": "2001:db8:3::/80" } ] },

# { "subnet": "2001:db8:4::/64",

# "pools": [ { "pool": "2001:db8:4::/80" } ] }

]

},


# DHCP DDNS configuration starts here.


# Logging configuration starts here. It tells Kea servers to store

# all log messages (on severity INFO or more) in a file.

# debuglevel variable is used on DEBUG level only.

"Logging":

{

"loggers": [

{

"name": "kea-dhcp4",

"output_options": [

{

"output": "/var/log/kea-dhcp4.log"

}

],

"severity": "INFO",

"debuglevel": 0

},

{

"name": "kea-dhcp6",

"output_options": [

{

"output": "/var/log/kea-dhcp6.log"

}

],

"severity": "DEBUG",

"debuglevel": 99

},

{

"name": "kea-dhcp-ddns",

"output_options": [

{

"output": "/var/log/kea-ddns.log"

}

],

"severity": "INFO",

"debuglevel": 0

}

]

}


}


很赞哦!
地址 配置 信息 服务 日志 服务器 过程 防火墙 分配 防火 状态 内需 情况 手工 数据 文件 模式 级别 终端 网卡 数据库的安全要保护哪些东西 数据库安全各自的含义是什么 生产安全数据库录入 数据库的安全性及管理 数据库安全策略包含哪些 海淀数据库安全审计系统 建立农村房屋安全信息数据库 易用的数据库客户端支持安全管理 连接数据库失败ssl安全错误 数据库的锁怎样保障安全 JAVA数据库编程入门实验 服务器维修管理 qq好友恢复一直显示服务器繁忙 2021青岛网络安全竞赛 学网络安全好还是软件工程师好 成华区本泰新软件开发工作室 如何查询数据库服务器时间 软件开发人天单价是怎么算的 数据库备份文件备份应用备份 arcgis链接到数据库 合肥软件开发要多少钱 宣传网络安全的想法 互联网科技人才大赛 无线网络安全的重要性 数据库设模式 蓝条服务器连接不上怎么办 暴雪我们从服务器检索里 计算机网络技术专业题目 清除数据库表中数据的命令 云南省网络安全保护技术大会 济南软件开发企业地址 西安全球网络安全大会 初中网络技术就业前景 杭州网络安全培训价格 凤凰网的服务器在哪里 如何查询数据库服务器时间 山东办公系统oa软件开发 服务器可以运行几个jvm 宝安服务器机箱机柜 成都信息工程学院网络安全

相关文章

0