DHCP is an automatic IP addressing tool much like BOOTP is. With DHCP, IP addresses don't have to be statically addressed and possibly manually changed on EACH computer in the future. DHCP can simply give out IP addresses but also configure many other options as well (see below). It's really a powerful mechanism. For more DHCP info including other URLs,etc., check out the DHCP section in Section 5.
Critical Note:
DHCP or Dynamic Host Control Protocol is the direct cousin of BOOTP.
- Host name and FQDN
- IP address, mask and default gateway
- DNS servers
- WINS servers (optional)
- NTP time servers
- etc.
The Internet peoples at be realized the BOOTP protocol was fairly inflexible
and wouldn't grow with new features. So DHCP was created to be a flexible
protocol that, much like PPP, has negotiated parameters. It can send out
everything from IP addresses to NTP servers. DHCP is a great system to be
able to just plug a DHCP-compatible computer and DHCP will configure its
whole network system ON THE FLY.
DHCP is very flexible. You can give it pools of dynamic IPs to give out,
statically give certain machines STATIC IPs (like below), etc.
For more information, please see the DHCP RFCs in
Section 5.
Though TrinityOS primarily supports Redhat, I'm contantly adding support for other Linux distributions. If you have additions or comments, please let me know.
- Make sure that the /etc/rc.d/rc3.d/S65dhcpd exists If not, enable it as defined in Section 8
- [ OPTIONAL ] - Edit the file /etc/rc.d/init.d/dhcpd and change the following.
NOTE: The following configuration is a requirement for 2.0 and 2.2.x kernels. It shouldn't be required for 2.4 and 2.6 kernels.
NOTE2: This configuration assumes you want to serve DHCP leases ONLY on the "eth1" interface
Start section line from:
-- daemon dhcpd -- to -- route add -host 255.255.255.255 eth1 daemon dhcpd eth1 --
NOTE: You need to change the "interface" name to whatever INTERNAL LAN interface you want DHCP to run on. i.e. You DON'T want DHCP to run on your Internet connection!!
- [ OPTIONAL ] - Edit the file /etc/rc.d/init.d/dhcpd and change the following.
NOTE: The following configuration is a requirement for 2.0 and 2.2.x kernels. It shouldn't be required for 2.4 and 2.6 kernels.
Add the following line to the /etc/rc.d/rc.inet1 file:
route add -host 255.255.255.255 eth1
Add a line to execute dhcpd in the /etc/rc.d/rc.local file like:
/usr/sbin/dhcpd eth1
TurboLinux uses ISC's /sbin/dhclient instead of the traditionaly used Linux clients.
The configuration file for dhclient is found in /etc/dhclient.conf and control shell script of /etc/dhclient-script. This script has provisions to source a user-defined /etc/dhclient-exit-hooks file which it executes if found. Putting it simply, you can simply add the line "/etc/rc.d/init.d/firewall restart" to the /etc/dhclient-script file to properly load the firewall upon various DHCP events.
NOTE: This config defines a STATIC IP address per core machine. All other machines get dynamic DHCP IP addresses. I do this for security reasons.
To find out the MAC address of a machine's Ethernet card, do the following:
Win95: run "winipcfg" WinNT: run "ipconfig /all" Linux: run "arp"
- For ALL distributions using the DHCPcd client, create and modify the file /etc/dhcpd.conf
--<begin>--
server-identifier roadrunner-int.acme123.com;
#Default ISC lease file path is /var/state/dhcp but Redhat is /var/dhcpd/
lease-file-name "/var/dhcpd/dhcpd.leases";
default-lease-time 86400;
#Disable all Dynamic DNS functionality
ddns-update-style none;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.0.255;
option routers 192.168.0.1;
option domain-name-servers 192.168.0.1, 24.1.64.33, 24.1.64.34;
option domain-name "acme123.com";
subnet 192.168.0.0 netmask 255.255.255.0 {
range 192.168.0.9 192.168.0.10;
}
host coyote.acme123.com {
hardware ethernet 00:60:08:B1:36:4A;
fixed-address 192.168.0.4;
}
--<end>--
Next, you need to create the dhcp.leases file:
"touch /var/dhcpd/dhcpd.leases"
As mentioned above, you will need to replace the hardware Ethernet MAC addresses with the MAC addresses of your specific NIC cards.
* Ok, now you need to put in all of your DHCP IP addresses into DNS as described in Section 24 and then restart Bind.
Now, you need to make sure you have the following lines in your /etc/services file:
--
bootps 67/udp # bootp server
bootpc 68/udp # bootp client
--
Finally, lets start DHCP up:
Slackware: Run "/usr/sbin/dhcpd eth1"
Redhat: Run "/etc/rc.d/init.d/dhcpd start"
* Additional security: DHCPd runs as root in a non-chroot'ed way. If you are paranoid about security, check out the LASG doc. The URL is in Section 5
If that works well, you should enable DHCP full time:
Redhat:
chkconfig --level 2345 dhcpd on
Ok, so say that you have a network that you'd like to enable DHCP on but it is seperated by a router. Without any specical configuration, the DHCP client would send DHCP requests to the BROADCAST network address (255.255.255.255). The problem is that routers, by definition, surpress network broadcasts (all ones or 255.255.255.255). How do you solve this? Most modern routers support a feature called "DHCP Relay" (Juniper calls it "dhcp-relay" and Cisco calls it it "ip-helper address") which is a form of a DHCP proxy server. To read up on this, check out RFC 1542 in Section 5.
What a DHCP Relay agent does is record the originating network address of the requesting DHCP client and re-sends it out on the segment where the DHCP server is. In addition to this, the router with embed the IP address of the router's local IP address in GIADDR field of the DHCP packet.
When the DHCP server figures out what IP address to give to the remote DHCP client, it sends it back to the IP as created in the above GIADDR field. The router will receive this DHCP reply packet where the router will then re-transmit the DHCP reply on the original requesting DHCP network. Voila!
So how do you configure the Linux DHCP server to work with DHCP Relay enabled network(s)? You basically configure NOTHING! Huh? How does that work? When the DHCP server receives a DHCP request, it looks at the SRC IP address and the GIADDR field within the packet. If that SRC IP network MATCHES a configured "subnet" DHCP scope as configured in the dhcpd.conf file, it simply gives an IP address from that particular scope vs . a different one found elsewhere in the dhcpd.conf file. The one thing to note is that if the DHCP server is on the same network that it will be also serving DHCPed IP addresses to, just make sure that local "subnet' confuration stanza comes FIRST in /etc/dhcpd.conf file.