Solved

What does authoritative param on a dhcp server?

Posted on 2015-02-24
4
2,629 Views
Last Modified: 2015-02-24
I have a debian linux server with 3 ethernets which I'm using as a router. Ethernet 1 is connected to a client computer, ethernet 2 is connected to a server computer (which has some server functions like web-server, e-mail server, ...) and the third is connected to internet.

Client and Server computers are getting its IP addresses by DHCP, so I'm running isc-dhcp-server on my router computer.

I have uncommented the authoritative parameter on dhcpd.conf, and all works fine. However I don't understand this parameter. Where should this parameter should be disabled (commented) ?

Thank you.
0
Comment
Question by:gplana
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:JAN PAKULA
ID: 40629532
on your own network you should use authoritative


"
The DHCP server will normally assume that the configuration information about a given network segment is not known to be correct and is not authoritative. This is so that if you install a DHCP server while not fully understanding how to configure it, the server does not send spurious DHCPNAK messages to clients that have obtained addresses from a legitimate DHCP server on the network.
When setting up authoritative DHCP servers for your networks, always write:

authoritative;
at the top of your configuration file to indicate that the DHCP server should send DHCPNAK messages to misconfigured clients. If you don't do this, clients who change subnets will be unable to get a correct IP address until their old lease has expired, which could take quite a long time.

If you want to set up a DHCP server so that it is aware of some networks for which it is authoritative and some networks for which it is not, you could declare authority on a per-network-segment basis.

Note:      Note that the most specific scope for which the concept of authority makes any sense is the physical network segment: either a shared-network statement or a subnet statement that is not contained within a shared-network statement. It is not meaningful to specify that the server is authoritative for some subnets within a shared network, but not authoritative for others, nor is it meaningful to specify that the server is authoritative for some host declarations and not others.


from

http://www.qnx.org.uk/developers/docs/6.3.2/neutrino/utilities/d/dhcpd.conf.html
0
 
LVL 15

Author Comment

by:gplana
ID: 40629593
I'm sorry but I don't really understand. Can you put me an example of when would we use a non-authoritative DHCP server?
0
 
LVL 14

Accepted Solution

by:
JAN PAKULA earned 500 total points
ID: 40629621
ok lets start with dhcp

when client send dhcp it is sends on 0.0.0.0 broadcast address - so depends which server dhcp is faster this one will give ip and specify subnet of the given client
now

let say your network is 10.10.0.0
but on same network infrastructure (switches/routers) there is a second network(subnet) running
172.16.0.0

so if you dont want to to have misconfigured clients on your network you would use authoritative; on your subnet and  not authoritative; on 172.16.0.0

this is all to do with Dynamic address allocation

Address allocation is actually only done when a client is in the INIT state and has sent a DHCPDISCOVER message (to 0.0.0.0). If the client thinks it has a valid lease and sends a DHCPREQUEST to initiate or renew that lease, the server has only three choices: it can ignore the DHCPREQUEST, send a DHCPNAK to tell the client it should stop using the address, or send a DHCPACK, telling the client to go ahead and use the address for a while.

If the server finds the address the client is requesting, and that address is available to the client, the server will send a DHCPACK. If the address is no longer available, or the client isn't permitted to have it, the server will send a DHCPNAK. If the server knows nothing about the address, it will remain silent, unless the address is incorrect for the network segment to which the client has been attached and the server is authoritative for that network segment, in which case the server will send a DHCPNAK even though it doesn't know about the address
0
 
LVL 15

Author Closing Comment

by:gplana
ID: 40629669
Great explanation. Thank you very much.
0

Featured Post

Visualize your virtual and backup environments

Create well-organized and polished visualizations of your virtual and backup environments when planning VMware vSphere, Microsoft Hyper-V or Veeam deployments. It helps you to gain better visibility and valuable business insights.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

A Cisco router can be configured as a DHCP Server. There are advantages and disadvantages in making your Cisco router work as DHCP Server. Almost all the features for windows DHCP can be configured on Cisco-based DHCP server. Some of the features me…
Learn how to PXE Boot both BIOS & UEFI machines with DHCP Policies and Custom Vendor Classes
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Sometimes it takes a new vantage point, apart from our everyday security practices, to truly see our Active Directory (AD) vulnerabilities. We get used to implementing the same techniques and checking the same areas for a breach. This pattern can re…

632 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question