CentOS7宿主机设置DHCP服务器分配IPv6给虚拟机

前言

懒....反正就是云筏KVM分配公网IPv6给KVM的实现方式，zkeys不支持IPv6所以我们只能自己来了...

宿主机配置

网卡配置

共网网桥 2a01:4f8:212:1c60::1/128 网关为公网网关
内网网桥 2a01:4f8:212:1c60::1/64 网关留空

路由配置

简单来说2a01:4f8:212:1c60::1/64全部走内网网桥，其余流量走公网网桥
ip -6 route自己看看del还是add

安装和配置DHCP服务

yum install dhcp -y
cp /usr/share/doc/dhcp-4.2.5/dhcpd6.conf.example /etc/dhcp/dhcpd6.conf
#覆盖掉

然后就是配置DHCPv6的网段了，先看看官方给的例子：

[root@HPC-FSN1-M103 ~]# cat /etc/dhcp/dhcpd6.conf
# Server configuration file example for DHCPv6
# From the file used for TAHI tests.

# IPv6 address valid lifetime
#  (at the end the address is no longer usable by the client)
#  (set to 30 days, the usual IPv6 default)
default-lease-time 2592000;

# IPv6 address preferred lifetime
#  (at the end the address is deprecated, i.e., the client should use
#   other addresses for new connections)
#  (set to 7 days, the  usual IPv6 default)
preferred-lifetime 604800;

# T1, the delay before Renew
#  (default is 1/2 preferred lifetime)
#  (set to 1 hour)
option dhcp-renewal-time 3600;

# T2, the delay before Rebind (if Renews failed)
#  (default is 3/4 preferred lifetime)
#  (set to 2 hours)
option dhcp-rebinding-time 7200;

# Enable RFC 5007 support (same than for DHCPv4)
allow leasequery;

# Global definitions for name server address(es) and domain search list
option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:3f3e;
option dhcp6.domain-search "test.example.com","example.com";

# Set preference to 255 (maximum) in order to avoid waiting for
# additional servers when there is only one
##option dhcp6.preference 255;

# Server side command to enable rapid-commit (2 packet exchange)
##option dhcp6.rapid-commit;

# The delay before information-request refresh
#  (minimum is 10 minutes, maximum one day, default is to not refresh)
#  (set to 6 hours)
option dhcp6.info-refresh-time 21600;

# The path of the lease file
dhcpv6-lease-file-name "/var/lib/dhcpd/dhcpd6.leases";

# Static definition (must be global)
host myclient {
        # The entry is looked up by this
        host-identifier option
                dhcp6.client-id 00:01:00:01:00:04:93:e0:00:00:00:00:a2:a2;

        # A fixed address
        fixed-address6 3ffe:501:ffff:100::1234;

        # A fixed prefix
        fixed-prefix6 3ffe:501:ffff:101::/64;

        # Override of the global definitions,
        # works only when a resource (address or prefix) is assigned
        option dhcp6.name-servers 3ffe:501:ffff:100:200:ff:fe00:4f4e;

        # For debug (to see when the entry statements are executed)
        #  (log "sol" when a matching Solicitation is received)
        ##if packet(0,1) = 1 { log(debug,"sol"); }
}

host otherclient {
        # This host entry is hopefully matched if the client supplies a DUID-LL
        # or DUID-LLT containing this MAC address.
        hardware ethernet 01:00:80:a2:55:67;

        fixed-address6 3ffe:501:ffff:100::4321;
}

# The subnet where the server is attached
#  (i.e., the server has an address in this subnet)
subnet6 3ffe:501:ffff:100::/64 {
        # Two addresses available to clients
        #  (the third client should get NoAddrsAvail)
        range6 3ffe:501:ffff:100::10 3ffe:501:ffff:100::11;

        # Use the whole /64 prefix for temporary addresses
        #  (i.e., direct application of RFC 4941)
        range6 3ffe:501:ffff:100:: temporary;

        # Some /64 prefixes available for Prefix Delegation (RFC 3633)
        prefix6 3ffe:501:ffff:100:: 3ffe:501:ffff:111:: /64;
}

# A second subnet behind a relay agent
subnet6 3ffe:501:ffff:101::/64 {
        range6 3ffe:501:ffff:101::10 3ffe:501:ffff:101::11;

        # Override of the global definitions,
        # works only when a resource (address or prefix) is assigned
        option dhcp6.name-servers 3ffe:501:ffff:101:200:ff:fe00:3f3e;

}

# A third subnet behind a relay agent chain
subnet6 3ffe:501:ffff:102::/64 {
        range6 3ffe:501:ffff:102::10 3ffe:501:ffff:102::11;
}

其实并用不到这么多参数，自己改改就好了

default-lease-time 2592000;
preferred-lifetime 604800;
option dhcp-renewal-time 3600;
option dhcp-rebinding-time 7200;
allow leasequery;
option dhcp6.info-refresh-time 21600;
dhcpv6-lease-file-name “/var/lib/dhcpd/dhcpd6.leases”;

 

subnet6 2a01:4f8:212:1c60::/64 {
range6 2a01:4f8:212:1c60::1000 2a01:4f8:212:1c60::2000;
option dhcp6.name-servers 2001:4860:4860::8888;
option dhcp6.domain-search “kvm.cloudraft”;
}

测试配置

宿主机

[root@HPC-FSN1-M103 ~]# service dhcpd6 status
Redirecting to /bin/systemctl status dhcpd6.service
● dhcpd6.service - DHCPv6 Server Daemon
   Loaded: loaded (/usr/lib/systemd/system/dhcpd6.service; disabled; vendor preset: disabled)
   Active: active (running) since Mon 2020-07-20 09:56:49 CEST; 9s ago
     Docs: man:dhcpd(8)
           man:dhcpd.conf(5)
 Main PID: 9653 (dhcpd)
   Status: "Dispatching packets..."
    Tasks: 1
   CGroup: /system.slice/dhcpd6.service
           └─9653 /usr/sbin/dhcpd -f -6 -cf /etc/dhcp/dhcpd6.conf -user dhcpd -group dhcpd --no-...

Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: 
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: 
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: No subnet6 declaration for ens5 (no IPv6 addresses).
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: ** Ignoring requests on ens5.  If this is not what
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]:    you want, please write a subnet6 declaration
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]:    in your dhcpd.conf file for the network segment
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]:    to which interface ens5 is attached. **
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: 
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: Listening on Socket/5/enp5s0/2a01:4f8:212:1c60::/64
Jul 20 09:56:49 HPC-FSN1-M103 dhcpd[9653]: Sending on   Socket/5/enp5s0/2a01:4f8:212:1c60::/64

虚拟机

首先参考这里配置：

Linux下通过DHCP服务器获取IPv6地址

文章目录[隐藏] 前言 CentOS7 Debian / Ubuntu 前言 本教程适用于云筏的NAT服务器，地址：https://my.cloudraft.cn/server/buy.html?lineid=1012 CentOS7 开启IPv6功能 有些镜像是禁用了IPv6功能的，因此需要开启。首先查看一下是否被禁用了： [root@hSxavP1000044 network-scripts]# sysctl -a | grep ipv6.*disable sysctl: reading key "net.ipv6.conf.all.stable_secret" net.ipv6.conf.all.disable_ipv6 = 1 sysctl: net.ipv6.conf.default.disable_ipv6 = 1 reading key "net.ipv6.conf.default.stable_secret" sysctl: reading key "net.ipv6.conf.eth0.stable_secret" net.ipv6.conf.eth0.disable_ipv6 = 1 sysctl: reading key "net.ipv6.conf.lo.stable_secret" net.ipv6.conf.lo.disable_ipv6 = 1 disable=1说明被禁用了，因此需要去修改，配置文件为/etc/sysctl.conf vi /etc/sysctl.conf #把ipv6 disable的参数都改为0，然后保存，重载服务后生效 [root@hSxavP1000044 ~]# sysctl -p […]