最近有个有关DHCP Failover的问题需要协助其它团建进行TroubleShooting,发现虽然DHCP是个众所周知且应用广泛的服务,但从未搭建过基于Windows Server的DHCP服务和故障转移集群,因此查了众多文档和博客后,记录在此,以防“书到用时方恨少”。
DHCP服务
DHCP服务,在当下IT应用中使用广泛,其为客户端自动分配IP地址并为其提供诸如DNS 服务器地址、网关、DomainName;;DHCP服务可部署在网络设备、windows服务器以及linux服务器上,也可作为附加功能附加在其他应用程序中。
本文将介绍Windows DHCP服务搭建(基于Powershell),由于缺少测试环境,因此相关图片来源于网络,仅用于参考。
本文提到的相关IP地址
假设有3个网段,192.168.1.0/24 用于本地网络的管理网段,使用静态地址。
网关IP: 192.168.1.1
DC IP: 192.168.1.11
DHCP Server IP:192.168.1.15
管理网络段:192.168.1.0/24
有线网络地址段:192.168.2.0/24
无线网络地址段:192.168.3.0/24
废话不多讲,下面详述安装配置过程
- 在windows服务器上安装
DHCP功能组件
PS C:\Windows\system32> Get-WindowsFeature -Name *DHCP*
Display Name Name Install State
------------ ---- -------------
[ ] DHCP Server DHCP Available
[ ] DHCP Server Tools RSAT-DHCP Available
# Install DHCP Server with -IncludeManagmentTools, which implies to also install DHCP Server Tools (RSAT-DHCP)
PS C:\Windows\system32> Install-WindowsFeature -Name DHCP -IncludeManagementTools
Success Restart Needed Exit Code Feature Result
------- -------------- --------- --------------
True No Success {DHCP Server, Remote Server Administration...
- 将新建DHCP服务器(DHCP1)进行验证入域
# Authorize new DHCP Server in Active Directory
Add-DhcpServerInDC -DnsName Dhcp1.buffallos.com
-
在网关或路由器上关闭自带的DHCP服务,并将DHCP请求指往新DHCP1
image.png - 创建DHCP scope 192.168.2.0/24, 19
Scop 192.168.2.0/24 的配置参数
- 可用地址范围 192.168.2.21 - 192.168.2.250
- 租用期限为默认的8天
- DHCP客户端获取到的默认网关为192.168.2.1
- DHCP 客户端获取到的DNS Server地址为192.168.1.11
- 获取TFTP Server 地址为192.168.1.10,用于提供VoIP IP电话机的配置文件
# Create an IPv4 DHCP Server Scope
$HashArgs = @{
'Name' = '002_WiredClients';
'Description' = 'Wired Clients';
'StartRange' = '192.168.2.21';
'EndRange' = '192.168.2.250';
'SubnetMask' = '255.255.255.0';
'State' = 'Active';
}
Add-DhcpServerv4Scope @HashArgs
- 配置Scope 192.168.2.0/24的选项设置
一般情况下,只有有IP电话需求的场景下才需要配置 DHCP Option 150 TFTP Server, 默认情况下这个选项在windows DHCP Server中是不可用的。
# Create option definition for TFTP Server
Add-DhcpServerv4OptionDefinition -OptionId 150 -Type IPv4Address -Name "TFTP Server"
image.png
# Set DHCP scope options
$HashArgs = @{
'ScopeId' = '192.168.2.0';
'DnsServer' = '192.168.1.11';
'DnsDomain' = 'buffallos.com';
'Router' = '192.168.2.1';
}
Set-DhcpServerv4OptionValue @HashArgs
# Set TFTP option
Set-DhcpServerv4OptionValue -ScopeId 192.168.2.0 -OptionId 150 -Value 192.168.1.10
image.png
- 为无线网络创建Scope,一般情况下,无线网络用户的租约无需太长,本例中将租约设置为1天,设置格式为
day.hrs:mins:secs
# Create an IPv4 DHCP Server Scope
$HashArgs = @{
'Name' = '003_WirelessClients';
'Description' = 'Wireless Clients';
'StartRange' = '192.168.3.21';
'EndRange' = '192.168.3.250';
'SubnetMask' = '255.255.255.0';
'LeaseDuration' = '1.00:00:00' # day.hrs:mins:secs
'State' = 'Active';
}
Add-DhcpServerv4Scope @HashArgs
# Set DHCP scope options
$HashArgs = @{
'ScopeId' = '192.168.3.0';
'DnsServer' = '192.168.1.11';
'DnsDomain' = 'buffallos.com';
'Router' = '192.168.3.1';
}
Set-DhcpServerv4OptionValue @HashArgs
image.png
- 从已有DHCP Server中迁移Scope到新DHCP
# Copy DHCP scopes from one DHCP server to another
Get-DhcpServerv4Scope -ComputerName OldDhcpServer | Add-DhcpServerv4Scope -ComputerName NewDhcpServer
- 配置DHCP 预留
有些场景下,DHCP客户端要求每次都能获得同样的IP地址,比如网络打印机的地址,而DHCP的预留功能就为此而生。
下面的命令将为MAC地址为30055c077312的打印机预留IP192.168.2.15
# Create DHCP reservation
$HashArgs = @{
'ComputerName' = 'Dhcp1';
'ScopeId' = '192.168.2.0';
'ClientId' = '30055c077312';
'Name' = 'Brother Printer';
'IPAddress' = '192.168.2.15';
}
Add-DhcpServerv4Reservation @HashArgs
查看新建预留条目
PS C:\Windows\system32> Get-DhcpServerv4Reservation -ComputerName Dhcp1 -ScopeId 192.168.2.0
IPAddress ScopeId ClientId Name Type Description
--------- ------- -------- ---- ---- -----------
192.168.2.15 192.168.2.0 30-05-5c-07-73-12 Brother Printer Both
image.png
- 迁移DHCP 预留设置到新的DHCP Server上
# Copy DHCP reservations from one DHCP server to another
Get-DhcpServerv4Scope -ComputerName OldDhcpServer |
Get-DhcpServerv4Reservation |
Add-DhcpServerv4Reservation -ComputerName NewDhcpServer -Whatif
