Network Nirvana

Configuring your network requires a ton of tedious work, unless you take advantage of the Dynamic Host Configuration Protocol.

opener graphicTired of running around typing in all those IP and Ethernet addresses each time you add a user to your network? You need to use DHCP — the Dynamic Host Configuration Protocol. We show you how to set up, troubleshoot, and secure a DHCP server.

You know the drill. You’ve got a brand new machine to put on your network, so you go to the cube, poke around a bit, and then sit in front of the new machine and type. It’s one of the most tedious jobs for any system administrator to have to perform: shuffling from machine to machine and keying in IP addresses, host names, and hardware addresses so that the new computer can talk to the network. You can speed things up with a configuration program like linuxconf or yast, but it is still a hassle to do this on every machine on your network. And when you change something on the network, you have to go through the process all over again.

There are others out there who feel your pain. And the more industrious of them have figured out a way to lessen it. The pain-killer is called the Dynamic Host Configuration Protocol (DHCP) and thanks to the folks at the Internet Software Consortium, you can use it to plug-n-play client machines into your network and as-sign them IP addresses with basically no additional configuration effort on your part.

The version of DHCP that comes with most Linux distributions is maintained by the aforementioned Internet Software Consortium (ISC — http://www.isc.org/products/DHCP/). The package the ISC provides includes not only the DHCP server, but also the DHCP client, as well as a DHCP relay, which allows you to have a central DHCP server managing more than one network.

DHCP works well if you have to manage a lot of mobile users: people with laptops working in and out of the office, visiting branch offices, scenarios like that. Once you configure a laptop to use DHCP, it can be automatically configured on any network with a DHCP server.

When the DHCP server (dhcpd) starts, it reads the global configuration parameters from the configuration file (/etc/dhcp.conf), such as the name of the server, the domain for which it is responsible, and so forth. That is, it reads the parameters that will be valid for all the clients (unless they are explicitly changed). DHCP stores the list of addresses in memory for each of the subnets it is serving. When a DHCP client starts, it requests an address from the server. The server looks up an available address and assigns it to the client. Though DHCP is best-known for assigning dynamic IP addresses, it can also assign static addresses to clients if that’s what you require.

In DHCP terminology, clients “lease” IP addresses. DHCP leases only last a certain amount of time. The default period is one day, but you can change that if you like. Clients can request leases of a specific duration, but to prevent any machine from holding onto the lease forever, you can configure a maximum allowable lease time on your server.

Depending on your network setup, it may be necessary to limit DHCP to just a single network segment. This could be a problem if the DHCP server is sitting on both segments. However, DHCP can be configured to listen for requests just on specific network interfaces.

Obviously, the DHCP server needs to keep track of the leases across reboots of either the server or the clients. This is accomplished with the dhcpd.leases file, which is typically stored in the /var/state/dhcp directory. After reading the dhcpd.conf file at system startup, the server reads the dhcpd.leases file and marks whichever systems have active leases.

Unlike other system services, dhcpd does not reread its configuration file while it is running. So if you make a change to the configuration, you need to restart the server by hand for it to take effect. You can do this by running /etc/rc.d/dhcp restart. Also, the dhcpd.leases file does not get rewritten each time the server is started. So if you reboot the server, the state of all the leases on your network is preserved.

Configuring the DHCP Server

The dhcpd.conf file is very straightforward. It starts with a header, which contains the global configuration parameters for the server itself. This header, unless specifically overridden, is applicable to each of the supported subnets. Following that are the configuration declarations for all subnets accessible from the server, whether they get DHCP services or not.

In its simplest form, a DHCP configuration entry consists of a subnet address, the netmask, and the range of IP addresses. For example, you might have something that looks like this:

subnet 10.2.0.0 netmask     255.255.0.0  range 10.2.3.0 10.2.3.200;

This entry applies to the Class A network 10.2.0.0. However, only addresses in a much smaller network (10.2.3.0) are made available. In fact, not all of the addresses in that range are available, since the highest address is 10.2.3.200. Note that each entry is followed by a semicolon. Hosts can also be configured individually using the host keyword, which is followed by the name of the host.

Options in the dhcpd.conf file have the general syntax:

option option-nameoption-data

Some options are IP addresses or hostnames; others can be text strings or numbers, while others are simply Boolean values (true/false or on/off). Note that you actually need to include the word option to tell the DHCP server that what follows is an option and not a subnet declaration or something else.

Table One gives you a list of the more common dhcpd options. There are several dozen more, many of which apply only to specific protocols or services such as NNTP, finger, IRC, and so forth. For a complete list of options with even more details, check out the dhcp-options man page.

TABLE ONE: COMMON DHCPD.CONF CONFIGURATION OPTIONS AND DECLARATIONS

Parameter Description Datatype
default-lease-time Default length in seconds that the lease is valid Numeric
domain-name The name of the domain for the specified subnet Text
domain-name-servers A list of name servers for the specified subnet. List of IP addresses
fixed-address Static address to assign to a host (supports multiple networks) List of IP addresses
group Starts a group declaration N/A
hardware The type of hardware the network interface has Hardware-type: text; Hardware
(currently only Ethernet and token ring are supported) address: octets, colon separated
Host Starts a host declaration N/A
host-name Name to assign to the requesting host Text
max-lease-time Maximum time in seconds the server will grant a lease Numeric
should the client request a specific lease time
netbios-name-servers Name of the WINS server List of IP addresses
range Range of IP addresses to assign on the specified network Low and high IP address
routers A list of routers to use List of IP addresses
shared-network Starts a shared-network declaration N/A
subnet Starts a subnet declaration N/A
subnet-mask The subnet-mask of this network, group or host IP address

Comments are closed.