Advertisment
How-Tos

Configuring the DHCP Server

author-image
PCQ Bureau
New Update

DHCP (Dynamic Host Configuration Protocol) allows network administrators to dynamically assign network settings to clients that connect to the network. Running a DHCP server on your network can greatly reduce the overheads of a network administrator as it eliminates the need to configure network settings like DNS, gateway, and IP address on the clients. All changes can be made on the DHCP server which will then propagate to the clients as and when the clients ‘renew’ their leases.

Advertisment
  • We will use the DHCP server to provide the following network information to the clients, as discussed in the plan of action:
  • Dynamic IP Addresses from the pool 192.168.1.51 through 192.168.1.254
  • The IP of the DNS servers (192.168.1.1)
  • The IP of the gateway machine for 192.168.1.0/24 network (192.168.1.1)
  • The IP of the WINS server (192.168.1.1)

How DHCP works

The protocol works something like this.

Advertisment
  • The client broadcasts (255.255.255.255) a DHCPDISCOVER message on its local physical subnet
  • The DHCP server responds with a broadcast DHCPOFFER message with the available network address and other configuration parameters as defined in the DHCP server options
DHCP

3
The next major release of DHCP is in the

works and should be released any time now. Some of the new featuresit

promises are:
  • DHCP Failover Protocol support
  • Dynamic DNS updates
  • Address pools with access control



    See the ISC DHCP homepage

(www.isc.org/products/DHCP) for more details

  • The client receives the message from the server
  • The client broadcasts a DHCPREQUEST message that includes the server identifier option set to the local DHCP server
  • The server receives the DHCPREQUEST broadcast from the client and responds with a DHCPACK message containing the configuration parameters for the requesting client



    Those who are inquisitive should read RFC1541.
Advertisment

Server setup

Install the DHCP RPMs from the PCQ Linux CD 2 if you don’t have it installed.



~# mount /mnt/cdrom


~# cd /mnt/cdrom/RedHat/RPMS/


~# rpm -ivh dhcp-*.rpm

The working of the DHCP server is controlled by /etc/dhcpd.conf. Create the file /etc/dhcpd.conf using an editor and stick the following lines in it.

Advertisment

A sample of dhcpd.conf:



server-identifier pcqlinux.com;


subnet 192.168.1.0 netmask 255.255.255.0 {


range 192.168.1.51 192.168.1.254;


default-lease-time 72000;


max-lease-time 144000;


option subnet-mask 255.255.255.0;


option broadcast-address 192.168.1.255;


option routers 192.168.1.1;


option domain-name-servers 192.168.1.1;


# option domain-name-servers 192.168.1.1, 192.168.1.2;


option domain-name “pcqlinux.com”;


option time-offset 39600;


option ip-forwarding off;


option netbios-name-servers 192.168.1.1;


# option netbios-name-servers 192.168.1.1, 192.168.1.2;


option netbios-dd-server 192.168.1.1;


option netbios-node-type 8;


option netbios-scope “”;


}


See /usr/share/doc/dhcp-{version}/ for a sample dhcpd.conf.


If you have multiple DNS and WINS servers for your LAN, use a comma (,) to separate them like this:


option domain-name-servers 192.168.1.1, 192.168.1.2;


option netbios-name-servers 192.168.1.1, 192.168.1.2;





















The above dhcpd.conf example will provide the following additional information to clients apart from a dynamic IP address.



Broadcast Address: 192.168.1.255


Netmask: 255.255.255.0


Default Gateway: 192.168.1.1


DNS Server: 192.168.1.1


WINS Server: 192.168.1.1


Default Lease Time: 72000 seconds (20 Hours)


Max Lease Time: 140000 seconds (40 Hours)





Replace all values as applicable for your network. The default lease time values should be fine for most networks. Addresses from 192.168.1.1—50 are being reserved for use by clients as fixed addresses. So, allocate IP addresses to all machines that require fixed addresses from the range of 192.168.1.1 through 192.168.1.50.

Advertisment

It is recommended that you don’t use DHCP to provide IP addresses for server machines. If the DHCP server is down, the servers will not get an IP address and fail to function.

The client will renew its ‘lease’ once every 20 hours. If for some reason the client is unable to renew its lease after the minimum lease period has expired, it will wait for another 20 hours after which it will discard its

lease

To start DHCP by default on system start-up, use the following command.



~# chkconfig –level 35 dhcpd onn


Create a null dhcpd.leases file in /var/lib/dhcp. This is needed because dhcpd checks for its existence, and if you don’t create this zero-byte file, it will fail to start.


~# touch /var/lib/dhcp/dhcpd.leases

Advertisment

Starting the DHCP server for this session

Points to

Remember
  • Thje PCQ Linux team has received several quries about starting the DHCP srever and

    making the server itself a client.However the



    DHCP server cannot be made a client to itself.
  • You should not run more than one DHCP server at a time.
  • The DHCP server has to be restarted if

    changes are made to the config file
  • If you don't mention the interface to listebn

    to in/etc/init.d/dhcpd ,you will get this error

NO subject declaration for eth0

(192.168.0.2)Please write a subnet declaration in your dhcpd.conf

file for the network segment to which interface eth0 is attached.



exiting.

We need to make a minor addition to the DHCP startup scripts so that it will listen only on eth1 and not both the interfaces. This is important, otherwise dhcpd will complain about 192.168.0.0 being an invalid subnet and die.



Edit /etc/init.d/dhcpd and change


daemon /usr/sbin/dhcpd


to


daemon /usr/sbin/dhcpd eth1


We recommend that you run tail -f /var/log/messages on another console or Xterm window so that you can check the system logs in real time as you start the DHCP service (any service for that matter). It can easily help debug most errors.


~# service dhcpd restart


Shutting down dhcpd: < FAILED >


Starting dhcpd: < OK >


If all goes well, you should get a similar output.


Check the tail -f output on the other console or terminal.


~# tail -f /var/log/messages


May 14 12:52:37 server dhcpd: Internet Software Consortium DHCP Server 2.0pl5


May 14 12:52:37 server dhcpd: Copyright 1995, 1996, 1997, 1998, 1999 The Internet Software Consortium.


<...>


May 14 12:52:37 server dhcpd: Listening on Socket/eth1/192.168.1.0


May 14 12:52:37 server dhcpd: Sending on Socket/eth1/192.168.1.0


May 14 12:52:37 server dhcpd: dhcpd startup succeeded


This shows that dhcpd has been successfully started. If there are syntax errors in dhcpd.conf, dhcpd will fail to start and will usually exit dumping a brief description of the error to standard output.


The DHCP server keeps a persistent database of leases assigned in /var/lib/dhcp/ dhcpd. leases. Every time a lease is acquired, renewed or released, its new value is recorded at the end of the lease file.

















Advertisment

Client setup



To configure PCQ Linux workstations for DHCP, run the network configuration tool netconfig as root from the command line.


~# netconfig


Say ‘Yes’ to ‘Would you like to set up networking?’ and then select ‘Use dynamic IP configuration (BOOTP/DHCP)’ in the ‘Configure TCP/IP’ section.


Restart the network interface.


~# service network restart


Now let’s check on the network settings picked up by the DHCP client workstation by using various network tools.


Check for IP Address, Broadcast address and the Netmask using the ifconfig command.


~# ifconfig eth0


eth0 Link encap:Ethernet HWaddr 00:50:BA:D7:28:02


inet addr:192.168.1.51 Bcast:192.168.1.255 Mask:255.255.255.0 Check for the default gateway using route.


~# route -n


The default gateway (for destination 0.0.0.0) should be set to 192.168.1.1.


Finally check on /etc/resolv.conf for the name server (DNS) settings. This should be set to 192.168.1.1.


#~ cat /etc/resolv.conf


search pcqlinux.com


domain pcqlinux.com


nameserver 192.168.1.1


The Linux client has picked up and set all the network information as provided by the DHCP server. You will notice that the Linux client has ignored the WINS information provided by the server. This information is of no use to Linux (or Unix) clients as they don’t use WINS resolution at all. Only Windows clients will make use of it.


If you check the tail -f /var/log/messages output on the server running DHCP, you should see something like this when a client picks up a dynamic IP address from the server.


May 14 13:02:41 server dhcpd: DHCPREQUEST for 192.168.1.51 from 00:80:c8:3e:c7:e7 via eth1


May 14 13:02:41 server dhcpd: DHCPACK on 192.168.1.51 to 00:80:c8:3e:c7:e7 via eth1


We see that the client has made a DHCPREQUEST and the server has made a DHCPACK to the client with the dynamic IP of 192.168.1.11.


Check /var/lib/dhcp/dhcpd.leases for the lease details.


~# tailf /var/lib/dhcp/dhcpd.leases


<..>


lease 192.168.1.51 {


starts 3 2001/05/16 11:10:15;


ends 3 2001/05/16 11:47:40;


hardware ethernet 00:80:c8:3e:c7:e7;


client-hostname “ws51.pcqlinux.com”;


}


For setting up Windows 9x clients, see Configuring Windows Clients, page 135 in this issue.






























Resourses

Allocate fixed IPs to clients using DNS lookups



The DHCP server can also give ‘fixed’ IP addresses to select clients based on their MAC addresses. This will ensure that these clients will always receive the same IP. Once you have moved all clients to DHCP and the lease file is fully populated, the final step will be to convert all the dynamic leases to static ones using dhcpd.leases as a base. IP addresses are provided on the basis of hostname resolution. So make sure that DNS has been configured correctly.

In this example, we assume that DNS entry for ws51.pcqlinux.com resolves to 192.168.1.51.



The directive looks like this.


host ws51 {


hardware ethernet 00:60:67:70:44:57;


fixed-address “ws51.pcqlinux.com;


option host-name “ws51”;


}


Here, The DHCP server receives a request from a client with a MAC address of ‘00:60:67:70:44:57’. The server associates ‘00:60:67:70:44:57’ with the hostname ‘ws51.pcqlinux.com’ and looks up the IP address for this hostname using DNS. The DNS server resolves ‘ws51.pcqlinux.com’ and returns the IP address of ‘192.168.1.51’ to the DHCP server. The latter then assigns ‘192.168.1.51’ to the client with a MAC address of ‘00:60:67:70:44:57’. Now the client that has this MAC address will always receive the IP address for the hostname ‘ws51.pcqlinux.com’ by looking up DNS.





Do the same for all entries in dhcpd.leases. Doing this allows better control over IP allocation via DHCP. You can find out the MAC addresses of a NIC by running ifconfig in Linux or winipcfg in Windows.

Denying unknown clients

Once all clients are put on fixed IP using DHCP, we deny dynamic allocation to unknown clients via the option ‘deny unknown-clients’. Clients whose MAC addresses are not explicitly listed in the ‘host’ declaration will not receive an IP address. Not serving unknown clients is very important from the security point of view. This option has to be put right on top of dhcpd.conf before any subnet declaration.



server-identifier pcqlinux.com;


deny unknown-clients;


subnet 192.168.1.0 netmask 255.255.255.0 {


<...>


}


host {


<..<


}


DHCP requests are thus limited to specific MAC addresses. Whenever a new machine (or new NIC) is added to the network, the administrator will have to make sure that the MAC address has been entered into the DHCP server with a corresponding DNS entry. This increases the load on the network administrator slightly but increases security.


Don’t forget to restart DHCP if you make changes to dhcpd.conf.








In conclusion, if you manage a lot of computers on your network, running a DHCP server is recommended. It is simple to set up, easy to maintain and can serve machines running a wide variety of

OSs.

Shanker Balan is a technology research consultant with Exocore Consulting

Advertisment