Posts

Configure DHCP Failover on CentOS 7

Configuring DHCP (Dynamic Host Configuration Protocol) failover on CentOS 7 typically involves using the ISC DHCP server, which is a widely used DHCP server on Linux systems. DHCP failover ensures high availability and redundancy for DHCP services. Here’s a basic guide on how to set up DHCP failover on CentOS 7 using ISC DHCP:

Prerequisites:

  1. Install ISC DHCP Server: If you haven’t already installed the DHCP server, you can do so with the following command: sudo yum install dhcp

Configuration:

  1. Edit the DHCP Configuration File: Open the DHCP configuration file in a text editor. The default configuration file is usually located at /etc/dhcp/dhcpd.conf.
  2. sudo vi /etc/dhcp/dhcpd.conf
  3. Configure DHCP Server: Add or modify the following lines in the dhcpd.conf file for the primary DHCP server. Replace the placeholders with your network-specific values.plaintextCopy codeauthoritative; subnet <your_subnet> netmask <your_netmask> { range <start_ip_address> <end_ip_address>; option routers <gateway_ip_address>; option domain-name-servers <dns_server_ip>; }
  4. Configure Failover: Add the following lines to enable DHCP failover. Replace the placeholders with appropriate values.plaintextCopy codefailover peer "dhcp-failover" { primary; address <primary_ip>; port 647; peer address <secondary_ip>; peer port 647; max-response-delay 60; max-unacked-updates 10; load balance max seconds 3; }
    • primary_ip: IP address of the primary DHCP server.
    • secondary_ip: IP address of the secondary DHCP server.
  5. Restart DHCP Server: After making the changes, restart the DHCP server for the configuration to take effect.bashCopy codesudo systemctl restart dhcpd

Secondary DHCP Server Configuration:

  1. Follow the same steps as above for configuring the DHCP server on the secondary server.
  2. Make sure to change the primary keyword to secondary in the failover configuration.

Verification:

  1. Check the DHCP server logs for any errors or warnings.bashCopy codesudo journalctl -u dhcpd
  2. Verify that the failover status is as expected.bashCopy codesudo dhcpd -t This command tests the configuration and reports any syntax errors.

Notes:

  • Ensure that both primary and secondary DHCP servers have synchronized configuration files.
  • Adjust the failover settings and subnet parameters according to your network requirements.
  • Regularly monitor DHCP server logs to catch any potential issues early on.

This guide provides a basic configuration for DHCP failover. Depending on your network architecture and requirements, you may need to adjust the configuration accordingly. Always test the failover setup in a controlled environment before deploying it in a production network.

How to Install and Configure dnsmasq in Linux

Introduction

Dnsmasq is a lightweight DNS forwarder and resource constrained routers and firewalls. It is widely used for tethering on smartphones and portable hotspots, and to support virtual networking in virtualisation frameworks. Dnsmasq is included in most Linux distributions like FreeBSD, OpenBSD and NetBSD.

Step 1: Install dnsmasq

First install dnsmasq package using yum command.

# yum -y install dnsmasq

Step 2: Configuration

Configure dnsmasq service as per following settings.

# vi /etc/dnsmasq.conf
# line 19: uncomment (never forward plain names)
domain-needed
# line 21: uncomment (never forward addresses in the non-routed address spaces)
bogus-priv
# line 41: uncomment (query with each server strictly in the order in resolv.conf)
strict-order
# line 55: add if you need
# query the specific domain name to the specific DNS server
# the example follows means query [server.education] domain to the [10.0.0.10] server
server=/server.education/10.0.0.10
# line 123: uncomment (add domain name automatically)
expand-hosts
# line 133: add (define domain name)
domain=tecdistro

Step 3: Start Service

Run the DHCP service by using below command and start service.

# systemctl start dnsmasq
# systemctl enable dnsmasq

Step 4: Entry in hosts file

# vi /etc/hosts
127.0.0.1   localhost localhost.localdomain localhost4 localhost4.localdomain4
::1         localhost localhost.localdomain localhost6 localhost6.localdomain6
# add records
10.0.0.30   dlp.tecdistro dlp 

Restart the dnsmasq service.

# systemctl restart dnsmasq

Step 5: Add service in firewall

# firewall-cmd --add-service=dns --permanent 
success
# firewall-cmd --reload 
success