Article Directory
Preface
In the production environment, both routers and servers can be used as DHCP servers to perform network DHCP services.
FTP is an application layer protocol that can be used to communicate with each other in the internal network.
1. DHCP service
DHCP definition
The principle of the DHCP of the server and the principle of the router are actually the same, but the carrier is different. The DHCP full dynamic host configuration protocol is used to automatically assign the tcp/ip protocol to the computer using the tcp/ip protocol network.
Advantages of DHCP
Reduce the workload of the administrator.
Avoid the possibility of input errors.
Avoid IP address conflicts.
When changing the IP address range, there is no need to reconfigure the IP address
of each user. Increase the usage rate of the IP address.
Facilitate the configuration of the client.
DHCP distribution method
Automatic allocation: permanent use after assigned to an IP address
Manual allocation: IP address specially designated by the DHCP server administrator
Dynamic allocation: release the ip after use, for other clients to use
DHCP lease
The process by which the client obtains an IP address from the DHCP server is called the DHCP lease process. There
are 4 specific steps.
Request IP address process
Renew lease
When the IP address leased by the DHCP server to the client reaches 50% of the lease, the lease must be renewed. The
client directly sends a DHCP Request packet to the server that provides the lease to request the renewal of the existing address lease.
The main information of DHCP
IP address
of the network card, subnet mask, corresponding network address, broadcast address,
default gateway address,
DNS1 server
DHCP server installation steps
First install the DHCP server software dhcp-4.2.5-47 The main configuration file is /etc/dhcpd.conf The main execution program /usr/sbin/dhcpd /usr/sbin/dhcrelay
Here I choose the yum installer. The
configuration file needs to be edited. You can use the template under the file to copy it and edit it on the basis.
Copy the template to edit the
first line to specify the domain name. The
second line to specify the dns server. The
third line is the default lease and the
fourth line. Maximum lease period The
fifth line disables dns updates
The following network segment statement will use ensp to simulate the use of DHCP
The ensp topology is as follows
sw1 configuration
Cloud configuration
Layer 3 switching configuration
Test connectivity
At this time, the network has been connected, and the subnet configuration file must be configured.
If there is a problem, the error will be displayed in the log file
If there is no error, it means that the startup can be confirmed by listening to port 67 of udp. The udp client is port 68 and the server is port 67.
The two hosts have obtained IPs.
Two, FTP
1. Definition and use
FTP is an application layer protocol used to transfer files between networks. FTP uses ports 20 and 21 of the tcp protocol to communicate with the client. Port 20 is used to establish data connections and transfer file data. Port 21 is used to establish a control connection and transmit FTP control commands.
FTP data connection is divided into active mode and passive mode.
Active mode: the server actively initiates the data connection.
Passive mode: the server passively waits for the data connection.
2. FTP actual configuration
FTP and DHCP both need to install the software. The FTP software is vsftpd. The installation method is still using yum.
The FTP configuration file must be backed up to prevent operation errors.
There are two types of FTP file acquisition: anonymous and verified access. First, anonymous access. Anonymous access is simple to configure, but it is not safe in a production environment, so use it with caution.
In fact, there are configuration files, just change the comment.
Set the maximum permissions for the pub subdirectory under the root directory of FTP for anonymous access, so that anonymous users can upload data.
Open the ftp service.
At this time, open the windows side to connect to the ftp service because it is anonymous login. No password is required.
Viewing the directory and downloading the file on the Windows side pub file gives all permissions, so the files under this file can be downloaded and uploaded at will.
get file name can be downloaded
put file name can be uploaded.
The anonymity mentioned above is not safe in the production environment, so you must verify your identity when you want to use it. Only need to modify the anonymous login. The configuration file
can still be modified here for vsftpd.conf
. Create a user in the server to log
in. The directory on the login during anonymous login is /var/ftp, while the local user logs in to their home directory when they log in. Of course, the login directory It can be modified.
When you log in to windows, you need a password to log in.
You can also add commands in the conf configuration file to restrict users from switching directories and uploading and downloading files
in the server at will . Add these two items in the conf command.
Whitelist and blacklist
In order to prevent security accidents, blacklists and whitelists are generally configured in the server.
Use the user_list list to add users.
These two commands are black and white lists, but they need to be written to the configuration file to take effect. The list file can add users who can log
in. Add users to the list file.
The second field is to enable the use list
. The second field is to enable the whitelist to allow users in the list file to log in. The default is yes, which is the blacklist.