Saturday, February 5, 2011

DHCP Server Configuration for Linux

DHCP Server Configuration for Linux

This guide will help you setup a dhcp server to provide network configuration information to clients on the network. These instructions were written with Red Hat 7.x systems in mind but the basic concepts provided here can be applied to other distributions as well.


   1. Download dhcp rpm package from Red Hat and install:

      # rpm -ivh dhcp-2.0pl5-8.i386.rpm

   2. Open file /etc/sysconfig/dhcpd and edit the first line as follows:

      DHCPDARGS=eth1

      Replace 'eth1' above with the network interface that you want to use for dhcp; this should be an internal network interface; denial of service attacks are possible if dhcp is running on an external interface.

   3. Copy /usr/share/doc/dhcp-2.0pl5/dhcpd.conf.sample to /etc

      # cp /usr/share/doc/dhcp-2.0pl5/dhcpd.conf.sample /etc/dhcpd.conf

      This sample file is a good starting point for our /etc/dhcpd.conf file, which by default is not installed. Alternatively, copy the file from a working server.

   4. Edit /etc/dhcpd.conf to suit your needs. An example file is included below for reference:

      #################file begin######################
      subnet 10.0.0.0 netmask 255.255.255.0 {
      # --- default gateway
              option routers                  10.0.0.1;
              option subnet-mask              255.255.255.0;

      #       option nis-domain               "mydomain.com";
              option domain-name              "mydomain.com";
              option domain-name-servers      216.227.56.120, 64.34.4.36;

              option time-offset              -28800; # Pacific Standard Time
      #       option ntp-servers              192.168.1.1;
      #       option netbios-name-servers     192.168.1.1;
      # --- Selects point-to-point node (default is hybrid). Don't change this unless
      # -- you understand Netbios very well
      #       option netbios-node-type 2;

              range 10.0.0.50 10.0.0.254;
              default-lease-time 604800;
              max-lease-time 604800;

              host test {
      #               option dhcp-client-identifier   "test";
                      hardware ethernet 00:e0:18:90:28:b2;
                      fixed-address   10.0.0.10;
              }
              # we want the nameserver to appear at a fixed address
      #       host ns {
      #               next-server marvin.redhat.com;
      #               hardware ethernet 12:34:56:78:AB:CD;
      #               fixed-address 207.175.42.254;
      #       }
      }
      ########################file end##########################

      Notes: specific settings always override global settings; in the above, the range 10.0.0.50 to 10.0.0.254 have been set side for dynamic hosts; this allows anything between 10.0.0.1 and 10.0.0.49 to be set aside as static ips. In the example, host 'test' is given a static ip using its mac address. The option 'dhcp-client-identifier' may work as an alternative to mac address, but may require some additional configuration on the client. The max lease time of 604800 translates to 7 days. Lease times are automatically renewed by clients once 50% of the expiration date is reached. Because of this, very long lease times should be unnecessary. If a very long one is required, provide the client a static ip using the host declaration. Also, the option time-offset setting is in seconds according to the manual page; Red Hat's configuration document erroneously lists this setting in hours. Use option host-name "apex.example.com" in a host declaration to provide hostnames to clients.

   5. Check that the lease database has been created; the rpm should create this file automatically; if not, create the file:

      # touch /var/lib/dhcp/dhcpd.leases

      The lease database is recreated from time to time so that it is not too large. First, all known leases are saved in a temporary lease database. The dhcpd.leases file is renamed dhcpd.leases~, and the temporary lease database is written to dhcpd.leases.

      The DHCP daemon could be killed or the system could crash after the lease database has been renamed to the backup file but before the new file has been written. If this happens, there is no dhcpd.leases file that is required to start the service. Do not create a new lease file if this occurs. If you do, all the old leases will be lost and cause many problems. The correct solution is to rename the dhcpd.leases~ backup file to dhcpd.leases and then start the daemon.

   6. Run 'setup' and check dhcpd to have it load at system boot

   7. Start/restart the server

      # service dhcpd start (restart)

      Changes to the file /etc/dhcpd.conf require the dhcp server to be restarted

   8. Test to make sure it works.