Copyright ©2000-2018 T.Hiraga <hiraga@next-hop.net> All Rights Reserved.
Last modified: $Date: 2014/12/05 00:50:47 $
各設定ファイルのパスを変更します。
% vi include/site.h #define _PATH_DHCPD_PID "/var/run/dhcpd.pid" #define _PATH_DHCPD_DB "/var/dhcp/dhcpd.leases" #define _PATH_DHCPD_CONF "/etc/inet/dhcpd.conf"
同梱のBINDのライブラリ構築を64/32bit対応にするためにMakefileを修 正します。
bind/Makefile.32
--- Makefile.orig Thu Aug 7 07:48:50 2014
+++ Makefile.32 Fri Nov 14 16:25:22 2014
@@ -52,7 +52,7 @@
else \
echo Configuring BIND Export libraries for DHCP. ; \
rm -rf ./lib ./include ./configure.log ./build.log ./install.log ; \
- (cd ${bindsrcdir} && ./configure --disable-kqueue --disable-epoll --disable-devpoll --without-openssl --without-libxml2 --enable-exportlib --enable-threads=no --with-export-includedir=${binddir}/include --with-export-libdir=${binddir}/lib --with-gssapi=no > ${binddir}/configure.log); \
+ (cd ${bindsrcdir} && env CC=gcc CFLAGS="-O2" ./configure --disable-kqueue --disable-epoll --disable-devpoll --without-openssl --without-libxml2 --enable-exportlib --enable-threads=no --with-export-includedir=${binddir}/include --with-export-libdir=${binddir}/lib --with-gssapi=no > ${binddir}/configure.log); \
fi
# Build and install the export libraries
bind/Makefile.64
--- Makefile.orig Thu Aug 7 07:48:50 2014
+++ Makefile.64 Fri Nov 14 16:25:40 2014
@@ -52,7 +52,7 @@
else \
echo Configuring BIND Export libraries for DHCP. ; \
rm -rf ./lib ./include ./configure.log ./build.log ./install.log ; \
- (cd ${bindsrcdir} && ./configure --disable-kqueue --disable-epoll --disable-devpoll --without-openssl --without-libxml2 --enable-exportlib --enable-threads=no --with-export-includedir=${binddir}/include --with-export-libdir=${binddir}/lib --with-gssapi=no > ${binddir}/configure.log); \
+ (cd ${bindsrcdir} && env CC=gcc CFLAGS="-O2 -m64" ./configure --disable-kqueue --disable-epoll --disable-devpoll --without-openssl --without-libxml2 --enable-exportlib --enable-threads=no --with-export-includedir=${binddir}/include --with-export-libdir=${binddir}/lib --with-gssapi=no > ${binddir}/configure.log); \
fi
# Build and install the export libraries
以下のスクリプトを実行します。
#!/bin/sh
if [ $# -eq 1 ]; then
. ../setup-pre.sh $1
else
. ../setup-pre.sh
fi
CC=$GCCBIN; export CC
CFLAGS=$GCCCFLAGS; export CFLAGS
LIBS=-lmd5; export LIBS
./configure $CONFDIRS \
--localstatedir=/var \
--sysconfdir=/etc/inet \
--libexecdir=/usr/local/libexec/$ISA \
--with-srv-lease-file=/var/dhcp/dhcpd.leases \
--with-srv6-lease-file=/var/dhcp/dhcpd6.leases \
--with-cli-lease-file=/var/dhcp/dhclient.leases \
--with-cli6-lease-file=/var/dhcp/dhclient6.leases
if [ "$1" = "sparcv9" -o "$1" = "amd64" ]; then
cp bind/Makefile.64 bind/Makefile
else
cp bind/Makefile.32 bind/Makefile
fi
makeしてインストールします。
% gmake # gmake install
ISA自動起動リンクを作るために、以下のスクリプトを実行します。
#!/bin/sh
#
SBINPROG="dhcpd dhcrelay dhclient"
BINPROG="omshell"
if [ "${SBINPROG}" != "" ]; then
cd /usr/local/sbin
for prog in ${SBINPROG}
do
rm -f $prog
ln /usr/lib/isaexec $prog
echo $prog
done
fi
if [ "${BINPROG}" != "" ]; then
cd /usr/local/bin
for prog in ${BINPROG}
do
rm -f $prog
ln /usr/lib/isaexec $prog
echo $prog
done
fi
ISC DHCPDは現時点では一つのプロセスではDHCPv4とDHCPv6を同時には サービスできないため、別々に起動するように分けて設定します。
manifest: isc-dhcp-server.xml
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM
"/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
Copyright 2004 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
ident "@(#)isc-dhcp-server.xml"
Service manifest for the ISC DHCP service.
-->
<service_bundle type='manifest' name='isc-dhcp-server'>
<service
name='network/isc-dhcp-server'
type='service'
version='1'>
<create_default_instance enabled='false' />
<single_instance/>
<!--
We historically ran only in run-level 3, so depend on the
equivalent milestone to level 2. We restart on refresh in
order to handle any changes to nameservice or filesystem
or other service configuration which may affect DHCP
service.
-->
<dependency
name='multi-user'
grouping='require_all'
restart_on='refresh'
type='service'>
<service_fmri value='svc:/milestone/multi-user' />
</dependency>
<dependency
name='config_data'
grouping='require_all'
restart_on='restart'
type='path'>
<service_fmri value='file:///etc/inet/dhcpd.conf' />
</dependency>
<dependent
name='isc_dhcp_multi-user-server'
grouping='optional_all'
restart_on='none'>
<service_fmri value='svc:/milestone/multi-user-server'
/>
</dependent>
<exec_method
type='method'
name='start'
exec='/lib/svc/method/isc-dhcp-server %m'
timeout_seconds='60' >
<method_context>
<method_credential
user='root'
group='root'
privileges='all'
/>
</method_context>
</exec_method>
<exec_method
type='method'
name='stop'
exec=':kill'
timeout_seconds='60' />
<exec_method
type='method'
name='refresh'
exec=':kill -HUP'
timeout_seconds='60' />
<property_group name='config' type='application'>
<propval name='server' type='astring' value='' />
<propval name='interface' type='astring' value='' />
</property_group>
<stability value='Unstable' />
<template>
<common_name>
<loctext xml:lang='C'>
ISC DHCP server
</loctext>
</common_name>
<description>
<loctext xml:lang='C'>
The ISC DHCP server, which provides DHCP
protocol services to DHCP clients.
</loctext>
</description>
<documentation>
<manpage title='dhcpd' section='1M'
manpath='/usr/local/share/man' />
<doc_link name='isc.org'
uri='http://www.isc.org/' />
</documentation>
</template>
</service>
</service_bundle>
method: isc-dhcp-server
#!/sbin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#pragma ident "@(#)isc-dhcp-server.sh"
# smf_method(5) start/stop script required for server DHCP
. /lib/svc/share/smf_include.sh
result=${SMF_EXIT_OK}
# Read command line arguments
method="$1" # %m
SMF_FMRI="svc:/network/isc-dhcp-server"
server="/usr/local/sbin/dhcpd"
I=`/usr/bin/basename $0`
case "$method" in
'start')
mkdir -p /var/dhcp
touch /var/dhcp/dhcpd.leases
cmdopts="-4 -cf /etc/inet/dhcpd.conf"
properties="server interface"
for prop in $properties
do
value=`/usr/bin/svcprop -p config/${prop} ${SMF_FMRI}`
if [ -z "${value}" -o "${value}" = '""' ]; then
continue;
fi
case ${prop} in
'server')
set -- `echo ${value} | /usr/bin/sed -e 's/\\\\//g'`
server=$@
;;
'interface')
cmdopts="${cmdopts} ${value}"
;;
esac
done
if [ ${result} = ${SMF_EXIT_OK} ]; then
echo "$I: Executing: ${server} ${cmdopts}"
# Execute dhcpd(1M) with relevant command line options.
${server} ${cmdopts}
result=$?
fi
;;
'stop')
smf_kill_contract ${contract} TERM 1
[ $? -ne 0 ] && exit 1
;;
*)
echo "Usage: $I [stop|start]" >&2
exit 1
;;
esac
exit ${result}
manifestとmethodを登録します。
# cp isc-dhcp-server /lib/svc/method # chown root:bin /lib/svc/method/isc-dhcp-server # chmod 555 /lib/svc/method/isc-dhcp-server # cp isc-dhcp-server.xml /var/svc/manifest/network # chown root:sys /var/svc/manifest/network/isc-dhcp-server.xml # chmod 444 /var/svc/manifest/network/isc-dhcp-server.xml # /usr/sbin/svccfg validate /var/svc/manifest/network/isc-dhcp-server.xml # /usr/sbin/svccfg -v import /var/svc/manifest/network/isc-dhcp-server.xml
サービスするインターフェースを設定します。
# svccfg -s svc:/network/isc-dhcp-server setprop config/interface=e1000g0
サービスするインターフェースが複数ある場合は追加します(オプション)。
# svccfg -s svc:/network/isc-dhcp-server addpropvalue config/interface e1000g1
設定ファイルを用意します。
/etc/inet/dhcpd.conf
authoritative;
default-lease-time 1800;
max-lease-time 7200;
option domain-name "next-hop.net";
option domain-name-servers 192.168.10.1, 192.168.10.2;
option netbios-name-servers 192.168.10.1, 192.168.10.2;
option netbios-node-type 8;
option server.ddns-hostname = ddns.next-hop.net;
option server.ddns-domainname = next-hop.net;
ddns-update-style interim;
include "/var/namedb/etc/ddns.key";
zone next-hop.net. {
primary 127.0.0.1;
key ddns;
}
zone 10.168.192.in-addr.arpa. {
primary 127.0.0.1;
key ddns;
}
subnet 192.168.10.0 netmask 255.255.255.0 {
option routers 192.168.10.1;
pool {
range 192.168.10.10 192.168.10.20;
allow known clients;
}
}
mkdnsseckey.sh
#!/bin/sh
#
# mkdnsseckey.sh
#
if [ $# -lt 1 ]; then
echo "Usage:"
echo " $0 key-name"
echo "Example:"
echo " $0 key-name > key-name.key"
exit 1
fi
keyname=$1
dnssec-keygen -a HMAC-MD5 -b 512 -n USER ${keyname} > /dev/null
cat K${keyname}.*.private | awk -v keyname=${keyname} 'BEGIN{
printf("key %s {\n", keyname);
printf("\talgorithm HMAC-MD5;\n");
}
{
if (match(substr($1, 1, 4), "Key:"))
printf("\tsecret \"%s\";\n", $2);
}
END {
printf("};\n");
}'
rm -f K${keyname}.*.*
/var/namedb/etc/ddns.key
# ./mkdnsseckey.sh ddns > ddns.key
サービスを有効化します。
# svcadm enable svc:/network/isc-dhcp-server
manifest: isc-dhcp6-server.xml
<?xml version='1.0'?>
<!DOCTYPE service_bundle SYSTEM
"/usr/share/lib/xml/dtd/service_bundle.dtd.1">
<!--
Copyright 2004 Sun Microsystems, Inc. All rights reserved.
Use is subject to license terms.
ident "@(#)isc-dhcp6-server.xml"
Service manifest for the ISC DHCPv6 service.
-->
<service_bundle type='manifest' name='isc-dhcp6-server'>
<service
name='network/isc-dhcp6-server'
type='service'
version='1'>
<create_default_instance enabled='false' />
<single_instance/>
<!--
We historically ran only in run-level 3, so depend on the
equivalent milestone to level 2. We restart on refresh in
order to handle any changes to nameservice or filesystem
or other service configuration which may affect DHCP
service.
-->
<dependency
name='multi-user'
grouping='require_all'
restart_on='refresh'
type='service'>
<service_fmri value='svc:/milestone/multi-user' />
</dependency>
<dependency
name='config_data'
grouping='require_all'
restart_on='restart'
type='path'>
<service_fmri value='file:///etc/inet/dhcpd6.conf' />
</dependency>
<dependent
name='isc_dhcp6_multi-user-server'
grouping='optional_all'
restart_on='none'>
<service_fmri value='svc:/milestone/multi-user-server'
/>
</dependent>
<exec_method
type='method'
name='start'
exec='/lib/svc/method/isc-dhcp6-server %m'
timeout_seconds='60' >
<method_context>
<method_credential
user='root'
group='root'
privileges='all'
/>
</method_context>
</exec_method>
<exec_method
type='method'
name='stop'
exec=':kill'
timeout_seconds='60' />
<exec_method
type='method'
name='refresh'
exec=':kill -HUP'
timeout_seconds='60' />
<property_group name='config' type='application'>
<propval name='server' type='astring' value='' />
<propval name='interface' type='astring' value='' />
</property_group>
<stability value='Unstable' />
<template>
<common_name>
<loctext xml:lang='C'>
ISC DHCPv6 server
</loctext>
</common_name>
<description>
<loctext xml:lang='C'>
The ISC DHCPv6 server, which provides DHCPv6
protocol services to DHCPv6 clients.
</loctext>
</description>
<documentation>
<manpage title='dhcpd' section='1M'
manpath='/usr/local/share/man' />
<doc_link name='isc.org'
uri='http://www.isc.org/' />
</documentation>
</template>
</service>
</service_bundle>
method: isc-dhcp6-server
#!/sbin/sh
#
# CDDL HEADER START
#
# The contents of this file are subject to the terms of the
# Common Development and Distribution License (the "License").
# You may not use this file except in compliance with the License.
#
# You can obtain a copy of the license at usr/src/OPENSOLARIS.LICENSE
# or http://www.opensolaris.org/os/licensing.
# See the License for the specific language governing permissions
# and limitations under the License.
#
# When distributing Covered Code, include this CDDL HEADER in each
# file and include the License file at usr/src/OPENSOLARIS.LICENSE.
# If applicable, add the following below this CDDL HEADER, with the
# fields enclosed by brackets "[]" replaced with your own identifying
# information: Portions Copyright [yyyy] [name of copyright owner]
#
# CDDL HEADER END
#
# Copyright 2007 Sun Microsystems, Inc. All rights reserved.
# Use is subject to license terms.
#
#pragma ident "@(#)isc-dhcp6-server.sh"
# smf_method(5) start/stop script required for server DHCPv6
. /lib/svc/share/smf_include.sh
result=${SMF_EXIT_OK}
# Read command line arguments
method="$1" # %m
SMF_FMRI="svc:/network/isc-dhcp6-server"
server="/usr/local/sbin/dhcpd"
I=`/usr/bin/basename $0`
case "$method" in
'start')
mkdir -p /var/dhcp
touch /var/dhcp/dhcpd6.leases
cmdopts="-6 -cf /etc/inet/dhcpd6.conf"
properties="server interface"
for prop in $properties
do
value=`/usr/bin/svcprop -p config/${prop} ${SMF_FMRI}`
if [ -z "${value}" -o "${value}" = '""' ]; then
continue;
fi
case ${prop} in
'server')
set -- `echo ${value} | /usr/bin/sed -e 's/\\\\//g'`
server=$@
;;
'interface')
cmdopts="${cmdopts} ${value}"
;;
esac
done
if [ ${result} = ${SMF_EXIT_OK} ]; then
echo "$I: Executing: ${server} ${cmdopts}"
# Execute dhcpd(1M) with relevant command line options.
${server} ${cmdopts}
result=$?
fi
;;
'stop')
smf_kill_contract ${contract} TERM 1
[ $? -ne 0 ] && exit 1
;;
*)
echo "Usage: $I [stop|start]" >&2
exit 1
;;
esac
exit ${result}
manifestとmethodを登録します。
# cp isc-dhcp6-server /lib/svc/method # chown root:bin /lib/svc/method/isc-dhcp6-server # chmod 555 /lib/svc/method/isc-dhcp6-server # cp isc-dhcp6-server.xml /var/svc/manifest/network # chown root:sys /var/svc/manifest/network/isc-dhcp6-server.xml # chmod 444 /var/svc/manifest/network/isc-dhcp6-server.xml # /usr/sbin/svccfg validate /var/svc/manifest/network/isc-dhcp6-server.xml # /usr/sbin/svccfg -v import /var/svc/manifest/network/isc-dhcp6-server.xml
サービスするインターフェースを設定します。
# svccfg -s svc:/network/isc-dhcp6-server setprop config/interface=e1000g0
サービスするインターフェースが複数ある場合は追加します(オプション)。
# svccfg -s svc:/network/isc-dhcp6-server addpropvalue config/interface e1000g1
設定ファイルを用意します。
# vi /etc/inet/dhcpd6.conf
サービスを有効化します。
# svcadm enable svc:/network/isc-dhcp6-server
|
Copyright ©2000-2018 T.Hiraga <hiraga@next-hop.net> All Rights Reserved. Last modified: $Date: 2014/12/05 00:50:47 $ |
|