Guide – Building a DHCP Server

0
1320

A DHCP server is incredibly easy to set up in Linux. Here are my typical stats for setting one up:

  • Time to install and configure the DHCP daemon on an existing Linux box: 12 minutes
  • Number of buttons clicked: 0
  • Number of reboots required: 0
  • Number of MCSEs harmed in the process: 0

Step 1:
Make sure the dhcp daemon is installed. You should be able to discover this with any of the following commands:

rpm -q dhcp

ls /etc/rc.d/init.d

which dhcpd (only if run as root)

To install dhcpd on an rpm-compatable system, dust off your Linux disk and do the following (as root, of course):

  • mount /mnt/cdrom
  • rpm -Uvh /mnt/cdrom/RedHat/RPMS/dhcp-*.rpm
  • umount /mnt/cdrom

 

Modify the above path appropriately if you are running an rpm-compatable distro other than RedHat. If you can’t use RPMs, root around on your distro disk for the daemon and install it in whichever way makes your distribution happy.

Step 2:
Now that the daemon is installed, we need to ensure that the kernel has multicast support (it probably does.) Use the following command and look for the word MULTICAST in the info displayed for your network card (i.e. eth0).

ifconfig -a

If you don’t have MULTICAST support built into the kernel, then you will have to add it (this will add another 15 minutes and a reboot to the installation.) Recompile the kernel and select the multicast support option under networking. If you have to recompile, this would be a good time to update to the latest stable kernel.

Step 3:
You will have to create two files for the daemon to run properly.

  • touch /etc/dhcpd.conf
  • mkdir /var/state/dhcp
  • touch /var/state/dhcp/dhcpd.leases

or

  • touch /etc/dhcpd.conf
  • mkdir /var/lib/dchp
  • touch /var/lib/dhcp/dhcpd.leases

 

The dhcpd.conf file will contain all of the configuration data. The dhcpd.leases file will be used by the daemon to keep track of which machines it has leased IP addresses to.

 

Note: If you are replacing an old DHCP server, you should copy over the old server’s dhcpd.leases file. Either way, once the dhcpd.leases file exists, you can leave it alone; the DHCP daemon will take care of it after that.

 

Edit dhcpd.conf and customize it for your network. This is a typical dhcpd.conf file:

 

#############################################################
#
ddns-update-style none;
ddns-updates off;
default-lease-time 3600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.10, 192.168.1.11;
option domain-name “yourdomain.com”;

subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.50 192.168.1.100;
range 192.168.1.150 192.168.1.200;
}
#
#############################################################

Lease times are given in seconds. The subnet setting above is configured to lease addresses from 192.168.1.50-100 and 192.168.1.150-200 (normally, I wouldn’t split address assignments this way; I just wanted to show you how it could be done.)

 

There are many other options you can use to provide clients data. For instance, to assign a WINS server, you could use the following entry:

option netbios-name-servers 192.168.1.20;

 

If you are setting up a DHCP server supporting more than one subnet, you must create a subnet entry for each of your subnets. So, if you want to lease addresses to the subnets 192.168.1.0,192.168.2.0 and 192.168.3.0, your conf file might look like this:

 

#############################################################
#
ddns-update-style none;
ddns-updates off;
default-lease-time 3600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.10, 192.168.1.11;
option domain-name “yourdomain.com”;
option netbios-name-servers 192.168.1.20;

subnet 192.168.1.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.1.50 192.168.1.200;
}

subnet 192.168.2.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.2.50 192.168.2.200;
}

subnet 192.168.3.0 netmask 255.255.255.0 {
range dynamic-bootp 192.168.3.50 192.168.3.200;
}
#
#############################################################

The DHCP daemon is smart enough to figure out which clients are on which subnet.
Note: There are many more options for the DHCP server. As the Three Amigos might say, “There are a plethora of options”. Many are for those using bootp. At the time of this writing, I’ve yet to use bootp so I don’t feel qualified to address it here. For a complete reference of all configuration options and syntax, please refer to the man pages:

 

man dhcpd.conf
man dhcpd

Step 4:
If you are going to be serving IP addresses to Windows clients, you will need to adjust your routing tables. Don’t worry, it only takes a second. Use the following command:

 

route add -host 255.255.255.255 dev eth0

 

Add the above command to the end of /etc/rc.d/rc.local so the route will get added back automatically should you ever have to reboot the server.

 

If you are servicing multiple subnets, you will need to add the same routing table entry for each of your ethernet cards. For example:

 

route add -host 255.255.255.255 dev eth0
route add -host 255.255.255.255 dev eth1

Step 5:
We want dhcpd to start automatically when the system comes up. The easiest way to do this is with the chkconfig utility. chkconfig will add the appropriate startup scripts to your various runlevels. (I believe Debian has a similar utility called update-rc.d. I’ve only used RedHat, so I may be mistaken.)

 

chkconfig –add dhcpd
chkconfig dhcpd on

 

If you don’t have the chkconfig utility installed, you can either install it or manually add a startup entry for dhcpd to /etc/rc.d/rc3.d. Don’t forget to add kill scripts to rc0.d, rc1.d, and rc6.d. Note: If you don’t have any idea of what the hell I am referring to here, you should read up on runlevels and the SystemV initialization process (this is a guide for Admins after all 😉

Step 6:
Start the dhcp daemon.

/etc/rc.d/init.d/dhcpd start

If you change your configuration file, you can make the changes take effect with:

/etc/rc.d/init.d/dhcpd restart

You can stop the service with this command:

/etc/rc.d/init.d/dhcpd stop

Step 7:
You are done; Crack open a tasty adult beverage.

Tricks with dhcpd:

One of the things I like doing is using DHCP to assign static IP addresses. This can really save you time should you have to change some basic network setting like the address of one of your network’s DNS servers. There’s no reason to run around changing the settings on a dozen servers when you can get away with changing one setting on one server.

All you need to know is the hardware (MAC address) of the network card of the server you want to give a static address to.

 

For example, if I wanted to assign a static IP address to a server named “buffy”, I would place the following entry in /etc/dhcpd.conf:

 

host buffy {
hardware ethernet 00:E0:4F:09:59:FE;
fixed-address 192.168.1.50;
}

Thus, my dhcpd.conf file with static entries for several servers might look like this:

# #############################################################
#
#Linux as a DCHP SERVER
# Sample configuration file for ISC dhcpd
# option definitions common to all supported networks…

option domain-name “linuxsc.net”;
option domain-name-servers 10.21.1.10
#option netbios-name-servers 192.168.1.20;

# Time To Live in seconds (TTL)
#600 – 10 minutos
#7200 – 2 horas
#86400 – 1 día
#604800 – 1 semana
#2592000 – 1 mes
#31104000 – 1 año
#62208000 – 2 años

default-lease-time 600;
max-lease-time 7200;

# if you do not use dynamical DNS updates:
#
# this statement is needed by dhcpd-3 needs at least this statement.
# you have to delete it for dhcpd-2, because it does not know it.
#
# if you want to use dynamical DNS updates, you should first read
# read /usr/share/doc/packages/dhcp-server/DDNS-howto.txt
#dns-update-style ad-hoc;
#dns-update-style interim; (default)
#ignore client-updates;
ddns-update-style none;
ddns-updates off;

# If this DHCP server is the official DHCP server for the local
# network, the authoritative directive should be uncommented.
#authoritative;
#no authoritative;

# Use this to send dhcp log messages to a different log file (you also
# have to hack syslog.conf to complete the redirection).
log-facility local7;

option subnet-mask 255.255.255.0;
option broadcast-address 10.21.1.255;
option routers 10.21.1.2;

#host buffy {
# option host-name “buffy.somedomain.com”
# hardware ethernet 00:C0:4F:09:59:DE;
# fixed-address 10.21.1.50;
#}

#host willow {
# option host-name “willow.somedomain.com”
# hardware ethernet 00:E1:04:71:EF:01;
# fixed-address 10.21.1..51;
#}

#host spike {
# hardware ethernet 00:C1:76:43:ED:62;
# fixed-address 10.21.1.53;
#}

#host hacker {
# hardware ethernet 00:C1:76:43:EF:60;
# deny booting;
#}

subnet 10.21.1.0 netmask 255.255.255.0 {
range dynamic-boot 10.21.1.50 10.21.1.200;
}

#
#############################################################

# #############################################################
#
#Linux as a DCHP SERVER for more networks
# Sample configuration file for ISC dhcpd
# option definitions common to all supported networks…

ddns-update-style none;
ddns-updates off;
default-lease-time 3600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.10, 192.168.1.11;
option domain-name “yourdomain.com”;
option netbios-name-servers 192.168.1.20;

subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.50 192.168.1.200;
}

subnet 192.168.2.0 netmask 255.255.255.0 {
range 192.168.2.50 192.168.2.200;
}

subnet 192.168.3.0 netmask 255.255.255.0 {
range 192.168.3.50 192.168.3.200;
}

subnet 192.168.4.0 netmask 255.255.255.0 {
range 192.168.4.50 192.168.4.200;
}

#
###############################################################

# #############################################################
#
#Linux as a DCHP SERVER for more networks with more routers
# Sample configuration file for ISC dhcpd
# option definitions common to all supported networks…

ddns-update-style none;
ddns-updates off;
default-lease-time 3600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.1;
option domain-name-servers 192.168.1.10, 192.168.1.11;
option domain-name “yourdomain.com”;
#option netbios-name-servers 192.168.1.20;

subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.50 192.168.1.200;
}

subnet 192.168.2.0 netmask 255.255.255.0 {
default-lease-time 3600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.2.255;
option routers 192.168.2.1;
option domain-name-servers 192.168.1.10, 192.168.1.11;
option domain-name “yourdomain.com”;
#option netbios-name-servers 192.168.1.20;
range dynamic-bootp 192.168.2.50 192.168.2.200;
}

subnet 192.168.3.0 netmask 255.255.255.0 {
default-lease-time 3600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.3.255;
option routers 192.168.3.1;
option domain-name-servers 192.168.1.10, 192.168.1.11;
option domain-name “yourdomain.com”;
#option netbios-name-servers 192.168.1.20;
range dynamic-bootp 192.168.3.50 192.168.3.200;
}

#
####################################

LEAVE A REPLY

Please enter your comment!
Please enter your name here