83[CentOS7] DHCP 라우터 만들기Admin
참고 출처: https://www.server-world.info/en/note?os=CentOS_7&p=dhcp

1. Enable IPv4 packet forwarding.
Add the following to /etc/sysctl.conf: net.ipv4.ip_forward = 1
Apply the sysctl settings: sysctl -p

2. Add direct rules to firewalld. Add the --permanent option to keep these rules across restarts.
firewall-cmd --direct --add-rule ipv4 nat POSTROUTING 0 -o eth_ext -j MASQUERADE
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_int -o eth_ext -j ACCEPT
firewall-cmd --direct --add-rule ipv4 filter FORWARD 0 -i eth_ext -o eth_int -m state --state RELATED,ESTABLISHED -j ACCEPT

3. DHCP서버 설정하기
# yum -y install dhcp
# vi /etc/dhcp/dhcpd.conf
#************************ dhcpd.conf내용 시작
#************************ internal존의 이더넷 IP(gateway IP)가 192.168.1.1일 경우의 샘플

# default lease time
default-lease-time 600;
# max lease time
max-lease-time 7200;
# this DHCP server to be declared valid
authoritative;
# specify network address and subnet mask
subnet 192.168.1.0 netmask 255.255.255.0 {
    # specify the range of lease IP address
    range dynamic-bootp 192.168.1.2 192.168.1.254;
    # specify broadcast address
    option broadcast-address 192.168.1.255;
    # specify default gateway
    option routers 192.168.1.1;
}

#************************ dhcpd.conf내용 끝 

4. DHCP서버 데몬시작하고 자동실행 가능하게 하기
# systemctl start dhcpd
#systemctl enable dhcpd

5. 방화벽 dhcp서비스 추가하고 적용하기
#firewall-cmd --add-service=dhcp --zone=internal --permanent
#firewall-cmd --reload