Shannon Adams
asked on
Setting up DHCP on CentOS 5.2 server
I just installed a server running CentOS 5.2. I need to enable dhcp so that it provides addresses as follows:
Set the network to something like 10.10.90.x and the mask to 255.255..0.0. Then set DHCP to supply addresses to 10.10.90.x - 10.10.99.x. This should allow for over 2500 users, if necessary.
I have dhcp installed, but not turned on. Will someone please lead me through the steps to make this happen?
Set the network to something like 10.10.90.x and the mask to 255.255..0.0. Then set DHCP to supply addresses to 10.10.90.x - 10.10.99.x. This should allow for over 2500 users, if necessary.
I have dhcp installed, but not turned on. Will someone please lead me through the steps to make this happen?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Hi
The entire DHCP server configuration consists of three stages.
If you are running a firewall (iptables), allow the DHCP
You must configure the /etc/dhcpd.conf
A running dhcpd daemon (which can be started at boot time)
As the DHCP server runs, it broadcasts its presence/availability as DHCP server to the LAN. A client box will simply boot up ( with its ethernet interface turned on and DHCP identified as the network address learning method ) and it will learn all the information it needs to get up and running on the LAN from the DHCP server.
Open the Iptables for DHCP
Type the following and save the iptables rules so that it can get the rule at the next startup:
# iptables -I INPUT -i eth0 -p udp --sport 67:68 --dport -j ACCEPT
Here I have assumed that requests will be allowed to and from 67 and 68 ports on the eth0 interface ( your first ethernet card ). Save the firewall rules by
# iptables-save > /etc/sysconfig/iptables
This document is not meant to be in-depth but rather just a general overview of some of the common features for the dhcpd server. If you need to do more esoteric configurations please man dhcpd.conf and man dhcp-options for detailed information.
The following is a common dhcpd.conf file. Below I will dissect this file and explain what each line does. Keeping with the convention of my other Linux dejunkifires.
ddns-update-style none;
subnet 192.168.1.0 netmask 255.255.255.0
{
range 192.168.1.100 192.168.1.200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name-servers 123.123.123.10, 123.123.123.20;
option routers 192.168.1.1;
host box1
{
hardware ethernet 00:50:AB:AB:AB:AB;
fixed-address 192.168.1.7;
}
host winbox1
{
hardware ethernet 00:06:CD:CD:CD:CD;
fixed-address 192.168.1.8;
}
}
The first thing we need to do is set a Dynamic DNS update style. Since DynDNS is beyond the scope of this document, I am going to set the style to none but if this is something you want to do, then the man pages have more info on it.
ddns-update-style none;
Next we must specify what subnet and netmask we will be working on. Note that you can have many subnet configurations within the single dhcpd.conf file. Each subnet group is bound together by curly braces { }
subnet 192.168.1.0 netmask 255.255.255.0;
Note that every command from here on will only pertain to the subnet specified above. This will be true until we reach the closing curly brace } as noted above.
Now we will specify what range of IP addresses we want to be made available for clients using DHCP. This option is very handy when used in conjunction with a firewall because you know exactly what IP addresses came from a client using DHCP and you can exercise restrictions upon them as necessary.
range 192.168.1.100 192.168.1.200;
This next line is going to look a bit redundant because we are setting the netmask again even though we set it in the subnet declaration above, but it's recommended in the man pages so we are going to do it.
option subnet-mask 255.255.255.0;
Next we specify the broadcast address for our subnet. This address always ends in 255
option broadcast-address 192.168.1.255;
We will definitely want to tell our clients what servers to use for DNS in order to resolve hostnames to IP addresses
option domain-name-servers 123.123.123.10, 123.123.123.20;
The next option tells our clients what IP address to use for their gateway. This IP address generally ends in .1 but does not have to. The box with this IP should be configured as a router and be able to forward packets accordingly.
option routers 192.168.1.1;
If you wanted you could stop here but I thought I would show you a cool little feature that I like to use. Even though DHCP gives out IP address dynamically, it also has the ability to reserve an IP address for a certain computer. In this sense it's almost as if the client computer has a static IP even though it uses DHCP to get it. This is useful if you want to be able to put entries in your /etc/hosts file and not have to worry about the entry becoming invalid over time.
The first thing we must do is to specify a name for the computer as a helpful identifier
host box1
Note that similarly to the subnet grouping, we are now starting a sub-group as seen by the addition of the curly braces. This allows us to have multiple host definitions within one subnet group.
This next line is what allows us to uniquely identify one computer from another. The hardware ethernet address is the same as the MAC address. This information can be found by running the command ifconfig <interface> | grep HWaddr on a client computer for linux and ipconfig /all for a client computer running windows.
hardware ethernet 00:50:AB:AB:AB:AB;
And finally this next line tells the dhcpd server what IP address you always want to be assigned to this computer. Note that I intentionally make all IP's assigned this way outside of the DHCP range we specified earlier. This is not a must as the dhcp server is smart enough to not give out two IP's simultaneously but it helps in being able to quickly recognize which clients used this feature.
fixed-address 192.168.1.7;
If you have multiple ranges of IP addresses on the same subnet, you can add multiple range options to a subnet declaration.
subnet 198.168.1.0 netmask 255.255.255.0
{
range 10.0.1.10 10.0.1.100;
range 10.0.1.300 10.0.1.500;
}
Many options are there to let you define location of various server types. These options can be set globally or within a particular host or within a particular subnet definition so that all hosts can get those information.
option netbios-name-servers 10.0.1.1;
options time-servers 10.0.1.9;
Here the netbios-name-servers option defines the location of the WINS server ( if you are using Windows file and print server sharing using Samba). The time-server option defines the location of the network time server that synchronizes all the clocks to have same time in the network.
The DHCP server can be used to provide information to X Terminal or diskless workstations so that they can boot up and keep running.
host diskless
{
filename "/dwboot/diskless.nb";
hardware ethernet 00:04:5A:4F:8E:47;
fixed-address 10.0.10.2;
}
Here the boot file used by the diskless workstations from the DHCP server is located at /dwboot/diskless.nb.
There are more options that will be able to provide more information to the clients when they boot up.
Configuring Multiple Subnets
If your are configuring two or more different IP sub-networks,
192.168.0.0/24
and
10.10.1.0/8
then it can be serviced by only one DHCP server.
Put the following configuration on /etc/dhcpd.conf and the two different sub-network boxes will get there own IPs and other informations, provided you have done other configurations right.
ddns-update-style none;
# configuration starts for 192.168.1.0/24 network
subnet 192.168.1.0 netmask 255.255.255.0
{
range 192.168.1.100 192.168.1.200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name "example.com";
option domain-name-servers 123.123.123.10, 123.123.123.20;
option routers 192.168.1.1;
#Binding IP to individual hosts so that they get fixed IP
host box01
{
option host-name "box1.example.com";
hardware ethernet 00:50:AB:AB:AB:AB;
fixed-address 192.168.1.7;
}
host box02
{
hardware ethernet 00:06:CD:CD:CD:CD;
fixed-address 192.168.1.8;
}
}
# configuration ends for 192.168.1.0/24 network
# Even we can put a different class of IP network
# In this case 10.10.1.0/8
subnet 10.10.1.0 netmask 255.0.0.0
{
range 10.10.1.10 10.10.1.20;
option subnet-mask 255.0.0.0;
option broadcast-address 10.10.1.255;
option domain-name "example.com";
option domain-name-servers 123.123.123.10, 123.123.123.20;
option routers 10.10.1.1;
}
If you are already running the DHCPD server, delete the existing leases from /var/lib/dhcpd/dhcpd.lease
# /etc/rc.d/init.d/dhcpd restart
# chkconfig dhcpd on
All the boxes in the two different networks will get there IP and other information when they boot.
Cheers
The entire DHCP server configuration consists of three stages.
If you are running a firewall (iptables), allow the DHCP
You must configure the /etc/dhcpd.conf
A running dhcpd daemon (which can be started at boot time)
As the DHCP server runs, it broadcasts its presence/availability as DHCP server to the LAN. A client box will simply boot up ( with its ethernet interface turned on and DHCP identified as the network address learning method ) and it will learn all the information it needs to get up and running on the LAN from the DHCP server.
Open the Iptables for DHCP
Type the following and save the iptables rules so that it can get the rule at the next startup:
# iptables -I INPUT -i eth0 -p udp --sport 67:68 --dport -j ACCEPT
Here I have assumed that requests will be allowed to and from 67 and 68 ports on the eth0 interface ( your first ethernet card ). Save the firewall rules by
# iptables-save > /etc/sysconfig/iptables
This document is not meant to be in-depth but rather just a general overview of some of the common features for the dhcpd server. If you need to do more esoteric configurations please man dhcpd.conf and man dhcp-options for detailed information.
The following is a common dhcpd.conf file. Below I will dissect this file and explain what each line does. Keeping with the convention of my other Linux dejunkifires.
ddns-update-style none;
subnet 192.168.1.0 netmask 255.255.255.0
{
range 192.168.1.100 192.168.1.200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name-servers 123.123.123.10, 123.123.123.20;
option routers 192.168.1.1;
host box1
{
hardware ethernet 00:50:AB:AB:AB:AB;
fixed-address 192.168.1.7;
}
host winbox1
{
hardware ethernet 00:06:CD:CD:CD:CD;
fixed-address 192.168.1.8;
}
}
The first thing we need to do is set a Dynamic DNS update style. Since DynDNS is beyond the scope of this document, I am going to set the style to none but if this is something you want to do, then the man pages have more info on it.
ddns-update-style none;
Next we must specify what subnet and netmask we will be working on. Note that you can have many subnet configurations within the single dhcpd.conf file. Each subnet group is bound together by curly braces { }
subnet 192.168.1.0 netmask 255.255.255.0;
Note that every command from here on will only pertain to the subnet specified above. This will be true until we reach the closing curly brace } as noted above.
Now we will specify what range of IP addresses we want to be made available for clients using DHCP. This option is very handy when used in conjunction with a firewall because you know exactly what IP addresses came from a client using DHCP and you can exercise restrictions upon them as necessary.
range 192.168.1.100 192.168.1.200;
This next line is going to look a bit redundant because we are setting the netmask again even though we set it in the subnet declaration above, but it's recommended in the man pages so we are going to do it.
option subnet-mask 255.255.255.0;
Next we specify the broadcast address for our subnet. This address always ends in 255
option broadcast-address 192.168.1.255;
We will definitely want to tell our clients what servers to use for DNS in order to resolve hostnames to IP addresses
option domain-name-servers 123.123.123.10, 123.123.123.20;
The next option tells our clients what IP address to use for their gateway. This IP address generally ends in .1 but does not have to. The box with this IP should be configured as a router and be able to forward packets accordingly.
option routers 192.168.1.1;
If you wanted you could stop here but I thought I would show you a cool little feature that I like to use. Even though DHCP gives out IP address dynamically, it also has the ability to reserve an IP address for a certain computer. In this sense it's almost as if the client computer has a static IP even though it uses DHCP to get it. This is useful if you want to be able to put entries in your /etc/hosts file and not have to worry about the entry becoming invalid over time.
The first thing we must do is to specify a name for the computer as a helpful identifier
host box1
Note that similarly to the subnet grouping, we are now starting a sub-group as seen by the addition of the curly braces. This allows us to have multiple host definitions within one subnet group.
This next line is what allows us to uniquely identify one computer from another. The hardware ethernet address is the same as the MAC address. This information can be found by running the command ifconfig <interface> | grep HWaddr on a client computer for linux and ipconfig /all for a client computer running windows.
hardware ethernet 00:50:AB:AB:AB:AB;
And finally this next line tells the dhcpd server what IP address you always want to be assigned to this computer. Note that I intentionally make all IP's assigned this way outside of the DHCP range we specified earlier. This is not a must as the dhcp server is smart enough to not give out two IP's simultaneously but it helps in being able to quickly recognize which clients used this feature.
fixed-address 192.168.1.7;
If you have multiple ranges of IP addresses on the same subnet, you can add multiple range options to a subnet declaration.
subnet 198.168.1.0 netmask 255.255.255.0
{
range 10.0.1.10 10.0.1.100;
range 10.0.1.300 10.0.1.500;
}
Many options are there to let you define location of various server types. These options can be set globally or within a particular host or within a particular subnet definition so that all hosts can get those information.
option netbios-name-servers 10.0.1.1;
options time-servers 10.0.1.9;
Here the netbios-name-servers option defines the location of the WINS server ( if you are using Windows file and print server sharing using Samba). The time-server option defines the location of the network time server that synchronizes all the clocks to have same time in the network.
The DHCP server can be used to provide information to X Terminal or diskless workstations so that they can boot up and keep running.
host diskless
{
filename "/dwboot/diskless.nb";
hardware ethernet 00:04:5A:4F:8E:47;
fixed-address 10.0.10.2;
}
Here the boot file used by the diskless workstations from the DHCP server is located at /dwboot/diskless.nb.
There are more options that will be able to provide more information to the clients when they boot up.
Configuring Multiple Subnets
If your are configuring two or more different IP sub-networks,
192.168.0.0/24
and
10.10.1.0/8
then it can be serviced by only one DHCP server.
Put the following configuration on /etc/dhcpd.conf and the two different sub-network boxes will get there own IPs and other informations, provided you have done other configurations right.
ddns-update-style none;
# configuration starts for 192.168.1.0/24 network
subnet 192.168.1.0 netmask 255.255.255.0
{
range 192.168.1.100 192.168.1.200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option domain-name "example.com";
option domain-name-servers 123.123.123.10, 123.123.123.20;
option routers 192.168.1.1;
#Binding IP to individual hosts so that they get fixed IP
host box01
{
option host-name "box1.example.com";
hardware ethernet 00:50:AB:AB:AB:AB;
fixed-address 192.168.1.7;
}
host box02
{
hardware ethernet 00:06:CD:CD:CD:CD;
fixed-address 192.168.1.8;
}
}
# configuration ends for 192.168.1.0/24 network
# Even we can put a different class of IP network
# In this case 10.10.1.0/8
subnet 10.10.1.0 netmask 255.0.0.0
{
range 10.10.1.10 10.10.1.20;
option subnet-mask 255.0.0.0;
option broadcast-address 10.10.1.255;
option domain-name "example.com";
option domain-name-servers 123.123.123.10, 123.123.123.20;
option routers 10.10.1.1;
}
If you are already running the DHCPD server, delete the existing leases from /var/lib/dhcpd/dhcpd.lease
# /etc/rc.d/init.d/dhcpd restart
# chkconfig dhcpd on
All the boxes in the two different networks will get there IP and other information when they boot.
Cheers
these tool would help you configure most of linux services, using wizards and is very simple web application, try and let me know