Centos
為什麼我的交換機沒有從指定的池中獲取地址
我正在通過Zero Touch Provisioning配置 Juniper Networks 交換機。在 CentOS 7 上,journal/log/(systemd 不管它是什麼) 包含以下內容:
Nov 28 10:08:46 server dhcpd[8800]: Checking if packet is permitted. Nov 28 10:08:46 server dhcpd[8800]: Permit list: unknown clients Nov 28 10:08:46 server dhcpd[8800]: OK Nov 28 10:08:46 server dhcpd[8800]: Checking if packet is permitted. Nov 28 10:08:46 server dhcpd[8800]: Permit list: unknown clients Nov 28 10:08:46 server dhcpd[8800]: OK Nov 28 10:08:46 server dhcpd[8800]: matched a Juniper Networks QFX-5100 Nov 28 10:08:46 server dhcpd[8800]: DHCPDISCOVER from 08:b2:58:ab:dc:00 via eth2 Nov 28 10:08:47 server dhcpd[8800]: DHCPOFFER on 192.168.0.100 to 08:b2:58:ab:dc:00 (TR0217010017) via eth2 Nov 28 10:08:47 server dhcpd[8800]: Checking if packet is permitted. Nov 28 10:08:47 server dhcpd[8800]: Permit list: unknown clients Nov 28 10:08:47 server dhcpd[8800]: OK Nov 28 10:08:47 server dhcpd[8800]: Checking if packet is permitted. Nov 28 10:08:47 server dhcpd[8800]: Permit list: unknown clients Nov 28 10:08:47 server dhcpd[8800]: OK Nov 28 10:08:47 server dhcpd[8800]: matched a Juniper Networks QFX-5100 Nov 28 10:08:47 server dhcpd[8800]: DHCPREQUEST for 192.168.0.100 (192.168.0.250) from 08:b2:58:ab:dc:00 (TR0217010017) via eth2 Nov 28 10:08:47 server dhcpd[8800]: DHCPACK on 192.168.0.100 to 08:b2:58:ab:dc:00 (TR0217010017) via eth2伺服器是從“未知”池中提供的。以下是配置的相關部分:
# Global options max-lease-time 1800; default-lease-time 1800; dynamic-bootp-lease-length 120; ddns-update-style none; # TFTP Server IP and file next-server 192.168.0.250; # Assumed to be the DHCP server filename "pxelinux.0"; # Define the pxe grub filename option option zone-pxegrub-filename code 150 = text; option zone-pxegrub-filename "/opt/tftp_files/boot/pxelinux.0"; # Options for Juniper switch to download FW and configuration from this server # as described here: https://www.juniper.net/documentation/en_US/junos/topics/task/configuration/software-image-and-configuration-automatic-provisioning-confguring.html option space NEW_OP; option NEW_OP.config-file-name code 1 = text; option NEW_OP.image-file-name code 0 = text; option NEW_OP.image-file-type code 2 = text; option NEW_OP.transfer-mode code 3 = text; option NEW_OP.alt-image-file-name code 4 = text; option NEW_OP-encapsulation code 43 = encapsulate NEW_OP; option option-150 code 150 = ip-address; # bringing in the vendor specific options vendor-option-space NEW_OP; option NEW_OP.image-file-name "/juniper/fw/jinstall-host-qfx-5-17.2R1.13-signed.tgz"; option NEW_OP.config-file-name "/juniper/cfg/qfx-5100.cfg"; option NEW_OP.alt-image-file-name "/juniper/fw/jinstall-host-qfx-5-17.2R1.13-signed.tgz"; option NEW_OP.image-file-type "filename"; option NEW_OP.transfer-mode "tftp"; option option-150 192.168.0.250; class "workers" { match if substring(hardware, 1, 3) = 00:20:0c or substring(hardware, 1, 3) = 00:18:7D; log(info, "matched a worker bee"); } class "monitor" { match if substring(hardware, 1, 3) = 00:d0:24; log(info, "matched to a monitor"); } class "JuniperSwitch" { match if option vendor-class-identifier ~~ "^juniper-qfx5100.+$"; log(info, "matched a Juniper Networks QFX-5100"); } subnet 192.168.0.0 netmask 255.255.255.0 { #authoritative; option routers 192.168.0.250; pool { allow members of "workers"; range 192.168.0.1 192.168.0.99; log(info, concat("Issuing DHCP address to worker bootp requestor: ", binary-to-ascii(16, 8, ":", substring(hardware, 1, 6)))); } pool { allow members of "monitor"; range 192.168.0.245; log(info, concat("Issuing DHCP address to monitor bootp requestor: ", binary-to-ascii(16, 8, ":", substring(hardware, 1, 6)))); } pool { allow members of "JuniperSwitch"; allow dynamic bootp clients; range 192.168.0.201; } pool { allow unknown-clients; range 192.168.0.100 192.168.0.150; } }請幫助我理解為什麼這沒有給出我期望的地址。
假設它是唯一一個通過 DHCP 請求 IP 地址的交換機,我懷疑這是一個舊的/已知的 ISC DHCP 錯誤/“功能”:
已經給出的動態租約優先於其他一些新配置,尤其是當它們在同一個網路中時。
可以這麼說,在您配置特定情況之前,交換機從通用/“未知”池中獲得了一個地址,並且 DHCP 守護程序優先考慮該地址。
要麼刪除 DHCP 租約文件 var/lib/dhcp/dhcpd.leases ,要麼停止 DHCP 服務並從租約文件中編輯出所有分配給相關交換機 MAC 的 IP 地址租約。這樣,它將獲得預期的新地址。