Difference between revisions of "OPS235 Lab 8 - CentOS7"

From CDOT Wiki
Jump to: navigation, search
Line 243: Line 243:
 
= LAB 8 SIGN-OFF (SHOW INSTRUCTOR) =
 
= LAB 8 SIGN-OFF (SHOW INSTRUCTOR) =
 
{{Admon/important|Time for a new backup!|If you have successfully completed this lab, make a new backup of your virtual machines. Remember to also make a backup of the new second virtual disk drive on ''centos3'' -- you now have two virtual disks on ''centos3'', and therefore two image files, and therefore will need two backup files.}}
 
{{Admon/important|Time for a new backup!|If you have successfully completed this lab, make a new backup of your virtual machines. Remember to also make a backup of the new second virtual disk drive on ''centos3'' -- you now have two virtual disks on ''centos3'', and therefore two image files, and therefore will need two backup files.}}
Arrange proof of the following on the screen:
+
 
 +
'''Arrange proof of the following on the screen:'''
 +
 
 +
<ol><li><span style="color:green;font-size:1.5em;">&#x2713;</span> '''centos2''' VM:<ul><li>have tunneled Xwindows application from '''centos1''' via ssh</li><li>have tunneled http through firewall using ssh (on web-browser</li><li>have secured ssh against root access</li></ul><li><span style="color:green;font-size:1.5em;">&#x2713;</span> '''centos3''' VM:<ul><li>have configured sshd to '''allow connection to centos3 VM'''</li><li>have logged in centos3 VM using '''public key authentication'''</li><li>have scp'd and sftp'd files to centos3 VM</li></ul></li><li><span style="color:green;font-size:1.5em;">&#x2713;</span> '''c7host''' Machine:<ul><li>Confirmation that sshd is running on host machine</li></ul></ol>
 +
 
 +
 
 +
 
 
* DHCP server log file showing a lease occuring
 
* DHCP server log file showing a lease occuring
 
* DHCP server configuration file showing subnet and host declaration
 
* DHCP server configuration file showing subnet and host declaration

Revision as of 08:03, 6 May 2015

LAB PREPARATION

Overview

In this lab, you will learn how to setup, and run a DHCP server on your centos3 machine, and then test-out the DHCP server by setting up your other VMs to receive an IP addresses from the DHCP server.

Main Objectives

  • To install, configure, and test ISC's DHCP Server.
  • To obtain log information from DHCP server including lease address information.
  • To lease the same IP address every-time from VM boot-up (instead of having DHCP server randomly assign IP address).


Minimum Required Materials

Removable Hard Disk Pack (SATA)
USB key
(for backups)
Lab8 Log Book

My Toolkit (CLI Reference)

Each Link below displays online manpages for each command (via http://linuxmanpages.com):

Networking Utilities: Additional Utilities: Configuration Files:

INVESTIGATION 1: INSTALL AND CONFIGURE A DHCP SERVER

The term DORA best describes how DHCP works.

This lab will demonstrate setting up a DHCP server. The term DHCP stands for Dynamic Host Configuration Protocol. DHCP allows computers (eg. workstations, notebooks, smart-phones) to be automatically configured so that they can communicate over a network. This automatic configuration has gained popularity over the years, especially as the need for detecting and configuring portable computer devices increases. DHCP configuration allows for various setups including: Dynamic, Automatic, and Static allocation.

The term DORA best describes how DHCP Works:

Discovery: The client broadcasts a message (IP lease request) on a sub-network to discover available DHCP servers
Offer: The DHCP server receives the request from the client, reserves an IP ADDRESS for the client and sends a DHCPOFFER
Request: The DHCP server broadcasts a message request for acceptance, but also notifies other DHCP server
Acknowledgement: The client sends a message of acceptance to the server. In turn, the client receives from the server a packet of information containing the lease duration and other configuration information



Part 1: Installation of a DHCP

  1. Perform this section in your centos3 VM.
  2. It is advisable to perform a yum update on your host and all three of your VM's.
  3. It is also advisable that you properly backed up your VMs from lab7.

    The version of DHCP server that comes with CentOS is maintained and distributed by the Internet Software Consortium (http://www.isc.org). The source package that you can download from ISC includes not only the DHCP server, but also a DHCP client and a DHCP relay agent. CentOS separates it into two RPM packages: the DHCP client package and the DHCP server package. The DHCP client package is installed by default by the workstation installation.

  4. To check that you have dhclient installed, enter the command:
    rpm -q dhclient
  5. If the package is not installed, you will get the message "package dhclient is not installed", otherwise, you will get the version information of the rpm package. Install the dhclient package if it was not installed.
  6. Check to see if the dhcp server package is installed. If not - install it.
  7. Enter the command to list all the files installed from the DHCP server package.
  8. What file appears to be a sample configuration file?
  9. Copy the sample dhcpd.conf file to the /etc/dhcp directory making sure it is named: /etc/dhcp/dhcpd.conf

Answer Part 1 observations / questions in your lab log book.


Part 2: Configuring the DHCP Server

  1. Remain in your centos3 VM for this section.
  2. Study the man pages of dhcpd, dhcpd.conf, dhcp-options, and dhcpd.leases and make notes in your log book. In particular, look up the meaning and possible value(s), if any, for the following configuration options:
  • broadcast-address
  • default-lease-time
  • max-lease-time (How is this different from "default-lease-time"?)
  • domain-name
  • domain-name-servers
  • fixed-address
  • group
  • hardware
  • host
  • host-name
  • range
  • routers
  • subnet
  • subnet-mask
  1. Study the sample dhcpd.conf file to see examples of how these options are used.
  2. Edit /etc/dhcp/dhcpd.conf and examine the top section of the file.
  3. Make the following changes to the global settings:
Note.png
Global Settings Affecting All Subnets
As global settings, these settings will affect all subnets unless they are separately declared for individual subnets.
domain-name should be set to ops235.org
domain-name-servers should be set to 192.168.235.1
default-lease-time should be set to 20 minutes
max-lease-time should be set to 1 hour
  1. Save and exit your editing session.

Answer Part 2 observations / questions in your lab log book.


Part 3: Configuring DHCP Server for Static IP Addresses

Important.png
Recall Secure SSH Connection Method from Lab7
Do not forget that you made ssh more secure in the previous lab. Therefore, you will need to use the same command in lab7 to securely connect to your VM.


  1. Remain in your centos3 VM for this section.
  2. Edit /etc/dhcp/dhcpd.conf for a second time, and add a new subnet delcaration for your virtual network
  3. The network address is 192.168.235.0/255.255.255.0 and the range of host addresses should be from 51 to 60
  4. Also add a default gateway for the virtual network of 192.168.235.1
  5. Save your editing session, and exit the text editor.


  1. Open another terminal window (ssh into centos3 from the centos host as user root) and issue the following command:
    tail -f /var/log/messages
  2. This will show you the last 10 lines of /var/log/messages continue to display new lines as they are added to the log.
  3. In your original terminal prompt attempt to start the dhcpd service.
  4. You should see new lines being added to the messages file.
Idea.png
Troubleshooting Tip:
Troubleshooting produces the best results when you are methodical in your approach. Try to fix the first error mentioned before fixing subsequent errors. Often the first error may cause multiple error messages as the configuration file is parsed. When you think you have fixed the first error try to start your service and if it fails check the log again. Fix one error at a time.
  1. If the dhcpd service fails to start any error messages will be logged in the messages file. Read the errors and attempt to fix your configuration file.
  2. If the dhcpd service starts successfully you should see success messages in the log.
  3. If your dhcpd service starts successfully, try to generate errors by editing the configuration file and introduce an error by removing a semicolon or closing curly bracket.
  4. Restart your dhcpd service and observe the error messages generated. This is good practice to learn how to trouble-shoot and solve dhcpd errors.
  5. Make certain that you have corrected those errors, and that your dhcpd service works properly.


Answer Part 3 observations / questions in your lab log book.


Part 4: How do I test my dhcpd service on my virtual network?

Note.png
Identifying DHCP Lease Transaction Information
These messages record the DHCP lease transaction that consists of 4 broadcast packets, DISCOVER, OFFER, REQUEST and ACKNOWLEDGE. Try researching on the internet how this transaction differs from a DHCP lease renewal.
  1. Use your centos2 and centos3 VMs for this section.
  2. On your centos3 terminal window make sure that the command tail -f /var/log/messages is running.
  3. On your centos2 VM, change the configuration of eth0 (or your interface name) to receive dynamic address configuration.
  4. Save your changes and restart the NetworkManager service.
  5. Observe the messages that get logged. You should see output similar to the following:

Mar 24 13:28:24 centos3 dhcpd: DHCPDISCOVER from 52:54:00:61:00:e7 via eth2
Mar 24 13:28:25 centos3 dhcpd: DHCPOFFER on 192.168.235.51 to 52:54:00:61:00:e7 via eth2
Mar 24 13:28:25 centos3 dhcpd: DHCPREQUEST for 192.168.235.51 (192.168.235.13) from 52:54:00:61:00:e7 via eth2
Mar 24 13:28:25 centos3 dhcpd: DHCPACK on 192.168.235.51 to 52:54:00:61:00:e7 via eth2

  1. On centos2, confirm the IP address assignment using ifconfig

Answer Part 4 observations / questions in your lab log book.


INVESTIGATION 2: OBTAINING LEASE & LEASE PERMANENT IP ADDRESS INFORMATION

Part 1: Obtaining Leased Address Infomation

Note.png
Purpose of dhcpd.leases File
dhcpd records address leases in this file. If the service is restarted it reads in the file to know which addresses are currently leased and for how long.
  1. Remain in your centos2 and centos3 VMs for this section.
  2. If your centos3 DHCP server successfully issued the proper IP address configuration values to centos2, check the file called /var/lib/dhcpd/dhcpd.leases
  3. You should see contents similar to:

lease 192.168.235.51 {
  starts 3 2010/03/24 17:28:25;
  ends 3 2010/03/24 17:48:25;
  cltt 3 2010/03/24 17:28:25;
  binding state active;
  next binding state free;
  hardware ethernet 52:54:00:61:00:e7;
}

  1. On the client centos2 check the contents of the /var/lib/dhclient directory. The files in this directory is where the dhclient stores its record of leases.

Answer Part 1 observations / questions in your lab log book.

Part 2: Configuring DHCP server to Continually Lease Same IP Address

Note.png
Reserving IP Addresses with DHCP
Even though DHCP gives out IP address dynamically, it also has the ability to reserve an IP address for a certain computer. In this sense it's almost as if the client computer has a static IP even though it uses DHCP to get it. This is useful if you want to be able to put entries in your /etc/hosts file and not have to worry about the entry becoming invalid over time. In Linux we refer to this as supplying a fixed address to a host. Microsoft calls it a reservation.
  1. Remain in your centos2 and cento3 VMs for this section.
  2. Make certain that you are located in your centos3 virtual machine.
  3. Create a host declaration for centos2. Make sure you record the correct hardware ethernet setting that corresponds to the MAC address of the interface in centos2.
  4. Give it the fixed-address 192.168.235.12

    Note: When supplying fixed-address it is important that the address assigned is exclusive of any ranges that have been declared. Otherwise it may be possible for 2 different hosts to receive the same address.

  1. Start your service and test the address assignment by releasing your current address on centos2 and then requesting a new address. Use the following commands on centos2:
ifdown eth1
ifup eth1
  1. Confirm that you received the fixed address you were supposed to.

Answer Part 2 observations / questions in your lab log book.

LAB 8 SIGN-OFF (SHOW INSTRUCTOR)

Important.png
Time for a new backup!
If you have successfully completed this lab, make a new backup of your virtual machines. Remember to also make a backup of the new second virtual disk drive on centos3 -- you now have two virtual disks on centos3, and therefore two image files, and therefore will need two backup files.

Arrange proof of the following on the screen:

  1. centos2 VM:
    • have tunneled Xwindows application from centos1 via ssh
    • have tunneled http through firewall using ssh (on web-browser
    • have secured ssh against root access
  2. centos3 VM:
    • have configured sshd to allow connection to centos3 VM
    • have logged in centos3 VM using public key authentication
    • have scp'd and sftp'd files to centos3 VM
  3. c7host Machine:
    • Confirmation that sshd is running on host machine


  • DHCP server log file showing a lease occuring
  • DHCP server configuration file showing subnet and host declaration
  • DHCP server lease file
  • DHCP client lease file

Preparing for Quizzes

  1. What protocol and port does dhcp use?
  2. What file is used to configure dhcpd?
  3. Can a dhcp server also be a dhcp client?
  4. What is the difference between max-lease-time and default-lease-time?
  5. What unit of measurement does default-lease-time require?
  6. What dhcp option is used for configuring a default gateway?
  7. What is the parameter range in the DHCP server configuration file used for?
  8. What is the purpose of a dhcp relay agent?
  9. Why might a dhcp relay agent be required?