Dynamic Host Configuration Protocol (DHCP) is used to automatically send basic configuration data to computers and network devices. This centralizes network configuration control so that a change in the network layout—such as adding a nameserver or a gateway, or renumbering the network—does not require a visit to every computer in the network. DHCP also provides a convenient method of supplying network configuration information to visiting computers, such as the laptop of a visiting colleague.
When a DHCP client system boots, it effectively shouts a broadcast message to the network: “Does anyone know who I am?” The DHCP server replies, “I know you, you’re...” and then proceeds to tell the client its IP address and some combination of other network configuration information, possibly including a hostname, nameserver, timeserver, gateway, and default domain. The information sent by the DHCP server is called a lease and is only valid for a set length of time. The client can renew the lease when it expires, in which case it can keep its identity, or, if it disappears from the network and fails to renew the lease, the IP address can be recycled by the DHCP server and assigned to another host.
Most home and small networks are connected to the Internet by a router or gateway device that includes DHCP service capability. However, you may prefer to use the Fedora DHCP server instead because it gives you more configuration options and control over the network configuration.
Before you set up a DHCP server for your network, you must design the network layout that you wish to use.
Private networks—ones that will not be connected to the Internet, or that will be connected through a router or gateway that performs network address translation (NAT), or masquerading—will use one of the private network ranges defined in RFC 1918, shown in Table 7-1.
Table 7-1. RFC 1918 private network addresses
Range | Number of addresses available | Class-based address breakdown |
---|---|---|
10.0.0.0–10.255.255.255 | 16,777,216 | 1 class A network of 16,777,216 addresses |
172.16.0.0–172.31.255.255 | 1,048,576 | 16 class B networks of 65,536 addresses each |
192.168.0.0–192.168.255.255 | 65,536 | 256 class C networks of 256 addresses each |
Most small networks use one of the class C networks that start with the 192.168 prefix, yielding 256 addresses. Because two addresses are reserved for broadcast and network messages, that leaves 254 addresses for computers and network devices (such as printers), which is plenty for most homes and small businesses.
DHCP can assign any combination of two address types:
Addresses that are always assigned to a specific computer or network device and never change. Even though these do not change, they are still communicated to the device using the DHCP protocol. Static addresses should be used for any host that other users will need to connect to, such as a web server or printer.
Addresses assigned from a pool on a first-come, first-serve basis. Dynamic addresses are appropriate for computers, such as desktop systems, which will be connecting to remote hosts but will never (or rarely) be a destination for network connections.
Table 7-2 shows a possible network configuration for a home or small office network that will use the network prefix 192.168.1. In this example, available addresses have been divided into four ranges, one each for servers, network devices, desktop and laptop systems, and network infrastructure.
Table 7-2. Example of a small-office network configuration
Address range and purpose | Host address | Name and description | Notes |
---|---|---|---|
0 | Network | Reserved address | |
1–63Servers | 1 | prime (nameserver, web server) | Traditional nameserver address |
2 | cabinet (Samba fileserver) | ||
3 | chatterbox (Asterisk phone system) | ||
3–63 | Future use | ||
64-127Network devices(non-computers) | 64 | laser1 | Main laser printer |
65 | multifunction1 | Printer-scanner-copier | |
66 | webcam1 | Monitors front door | |
67–127 | Future use | ||
128–191Desktop and laptop systems | — | — | Dynamically assigned |
192–254Network infrastructure | 192–253 | Future use | |
254 | gateway (router; path to the Internet) | Traditional address for a gateway | |
255 | Broadcast | Reserved address |
DHCP is configured through the text file /etc/dhcpd.conf, which contains configuration statements and comments. Configuration statements are case-insensitive and are separated by
semicolons (;
)—whitespace doesn’t matter. Some statements create blocks, delimited with
curly braces ({}
), that contain other statements. Comments start with
#
and continue to the end of the line.
The dhcpd.conf file starts out with global statements; only one is required:
ddns-update-style none;
This prevents the DHCP server from attempting to update records on the DNS server (which is prohibited by Fedora’s default SELinux configuration).
The rest of the configuration statements are placed in a block as part of a subnet
statement:
subnet192.168.1.0
netmask255.255.255.0
{ # Statements that apply only to this subnet... }
These are the most commonly used configuration statements:
option routers
192.168.1.254
The default gateway. Packets destined for a host that is not in your local network are sent to this gateway for forwarding.
option subnet-mask
255.255.255.0
The subnet mask, which is used to determine whether an IP address is on the local network (which determines routing).
option domain-name-servers
192.168.1.1
Nameservers for this subnet (they may be in the subnet, or they may be external). If there is more than one, list them all, separating the IP addresses or hostnames with commas.
option domain-name
"
fedorabook.com
"
The domain name for machines on this subnet. This is used as the default domain for hostname lookup, so that if a user types a command such as telnet
, the hostname will be looked up (using a nameserver) as server42.fedorabook.com.server42
option time-offset
-21600
The difference (in seconds) between the local time zone and
Coordinated Universal Time (UTC). -21600
indicates a time zone that is six hours behind Greenwich, England (Eastern Standard Time in North America).
option ntp-servers
pool.ntp.org
The hostnames or addresses of any available network time protocol servers. The hostname pool.ntp.org
accesses a server randomly drawn from a pool of publicly accessible timeservers. You can prepend your ISO country code to select only timeservers in your country; for example, ca.pool.ntp.org
would randomly select a Canadian timeserver.
range
192.168.1.128 192.168.1.191
The range of address from which dynamic IP addresses will be assigned.
default-lease-time
86400
The normal lease time in seconds. 86,400 seconds corresponds to one day.
max-lease-time
172800
The maximum lease time, in case the client requests a lease that is longer than the default.
To configure static hosts, statements are placed in the block of a host
statement:
host hostname
{
# Statements that apply only to this host...
}
These are the statements that are most commonly used in a host
block:
hardware
ethernet
aa:bb:cc:dd:ee:ff
Determines which Ethernet hardware MAC address will match this host block. This block will be selected if the hostname sent by the DHCP client matches the hostname in the host
statement, or if the client’s Ethernet card has the same MAC address as the hardware
statement.
fixed-address
192.168.1.1
To configure a network that uses the layout shown in Table 7-2, where the devices have the MAC addresses shown in Table 7-3, you would write this /etc/dhcpd.conf file:
# Sample /etc/dhcpd.conf file
# Don't update DNS
ddns-update-style none;
# The local network is 192.168.1.X
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.254; # Default gateway
option subnet-mask 255.255.255.0; # Client netmask
option domain-name "fedorabook.com"; # Domain
option domain-name-servers 172.16.97.1; # Nameserver is .1
option time-offset -21600; # Eastern Standard Time
option ntp-servers pool.ntp.org; # Timeservers
default-lease-time 86400; # 1 day
max-lease-time 172800; # 2 days
# Dynamic configuration
range 192.168.1.128 192.168.1.191
# Static configuration for various hosts
host prime {
hardware ethernet 00:0c:0d:99:99:99 ;
fixed-address 192.168.1.1 ;
}
host cabinet {
hardware ethernet 00:0c:0d:aa:aa:aa ;
fixed-address 192.168.1.2 ;
}
host chatterbox {
hardware ethernet 00:0c:0d:bb:bb:bb ;
fixed-address 192.168.1.3 ;
}
host laser1 {
hardware ethernet 00:0c:0d:cc:cc:cc ;
fixed-address 192.168.1.64 ;
}
host multifunction1 {
hardware ethernet 00:0c:0d:dd:dd:dd ;
fixed-address 192.168.1.65 ;
}
host webcam1 {
hardware ethernet 00:0c:0d:ee:ee:ee ;
fixed-address 192.168.1.66 ;
}
host gateway1 {
hardware ethernet 00:0c:0d:ff:ff:ff ;
fixed-address 192.168.1.254 ;
}
}
Once your configuration has been saved in /etc/dhcpd.conf, restart dhcpd to activate it using the Services graphical tool or this command:
# service dhcpd restart
If there are errors in your configuration file, dhcpd may not start. Check the end of the file /var/log/messages to see if there are any error messages:
# tail -50 /var/log/messages|less
If there are no error messages, clients can begin using the dhcpd server to obtain their IP addresses.
You will need to open port 68 UDP in your firewall configuration in order to permit clients to reach dhcpd. You should also verify that no other DHCP servers are running on your network (check router and gateway appliances in addition to computers).
If configured to obtain IP information through DHCP, the client systems will contact the DHCP server when they are booted. You can also force them to contact the DHCP server at any time:
On a Fedora Core 4 or later system, use dhclient to configure an Ethernet port using DHCP:
#dhclient
eth0
In this case, the port being configured is eth0
, the first Ethernet connection. On other Linux systems, you may need to use
dhcpcd or
pump in place of dhclient.
On a Windows system, you can use ipconfig to obtain or renew a DHCP lease:
C:> ipconfig /renew
Windows IP Configuration
Ethernet adapter 1:
Connection-specific DNS Suffix . : fedorabook.com
IP Address. . . . . . . . . . . . : 192.168.1.207
Subnet Mark . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
Table 7-4 shows the sequence of messages that flow between a DHCP client and a DHCP server during initial negotiation and during lease renewal.
Table 7-4. DHCP messages.
Context | Message type | Origin | Description | |
---|---|---|---|---|
Initial negotiation | Lease renewal | |||
* | DHCPDISCOVER | Client | Client tries to discover the DHCP server. | |
* | DHCPOFFER | Server | The DHCP server offers its location and possible lease details. | |
* | * | DHCPREQUEST | Client | The client requests a lease. |
* | * | DHCPACK/DHCPNACK | Server | The server acknowledges (approves) or negatively acknowledges (rejects) the lease request. |
Early DHCP messages are sent using UDP to the broadcast address 255.255.255.255. This is necessary because the client does not have an IP address at the start of the negotiation.
dhcpd stores lease information in the file /var/lib/dhcpd/dhcpd.leases so that if it is stopped and restarted, it still has an idea of what leases are outstanding. In a similar way, dhclient stores its lease information in /var/lib/dhcp/dhclient-<eth0>.leases (where <eth0> is the interface name).
The DHCP server, dhcpd, can also manage clients that use the Bootstrap Protocol (BOOTP). However, BOOTP does not use leases, so once an IP address is assigned, it stays assigned even if the computer using that address is removed from the network. IP assignments from an address pool are therefore called automatic assignments instead of dynamic assignments.
To enable dhcpd to assign BOOTP addresses, add the dynamic-bootp
option to the
range
statement in /etc/dhcpd.conf:
range dynamic-bootp
192.168.1.128 192.168.1.191
The manpages for dhcpd, dhcpd.conf, dhclient, and dhclient.conf
The standard that defines DHCP: RFC 2131, http://www.ietf.org/rfc/rfc2131.txt
18.191.243.83