Solved

What does authoritative param on a dhcp server?

Posted on 2015-02-24
4
494 Views
Last Modified: 2015-02-24
I have a debian linux server with 3 ethernets which I'm using as a router. Ethernet 1 is connected to a client computer, ethernet 2 is connected to a server computer (which has some server functions like web-server, e-mail server, ...) and the third is connected to internet.

Client and Server computers are getting its IP addresses by DHCP, so I'm running isc-dhcp-server on my router computer.

I have uncommented the authoritative parameter on dhcpd.conf, and all works fine. However I don't understand this parameter. Where should this parameter should be disabled (commented) ?

Thank you.
0
Comment
Question by:gplana
  • 2
  • 2
4 Comments
 
LVL 14

Expert Comment

by:JAN PAKULA
Comment Utility
on your own network you should use authoritative


"
The DHCP server will normally assume that the configuration information about a given network segment is not known to be correct and is not authoritative. This is so that if you install a DHCP server while not fully understanding how to configure it, the server does not send spurious DHCPNAK messages to clients that have obtained addresses from a legitimate DHCP server on the network.
When setting up authoritative DHCP servers for your networks, always write:

authoritative;
at the top of your configuration file to indicate that the DHCP server should send DHCPNAK messages to misconfigured clients. If you don't do this, clients who change subnets will be unable to get a correct IP address until their old lease has expired, which could take quite a long time.

If you want to set up a DHCP server so that it is aware of some networks for which it is authoritative and some networks for which it is not, you could declare authority on a per-network-segment basis.

Note:      Note that the most specific scope for which the concept of authority makes any sense is the physical network segment: either a shared-network statement or a subnet statement that is not contained within a shared-network statement. It is not meaningful to specify that the server is authoritative for some subnets within a shared network, but not authoritative for others, nor is it meaningful to specify that the server is authoritative for some host declarations and not others.


from

http://www.qnx.org.uk/developers/docs/6.3.2/neutrino/utilities/d/dhcpd.conf.html
0
 
LVL 15

Author Comment

by:gplana
Comment Utility
I'm sorry but I don't really understand. Can you put me an example of when would we use a non-authoritative DHCP server?
0
 
LVL 14

Accepted Solution

by:
JAN PAKULA earned 500 total points
Comment Utility
ok lets start with dhcp

when client send dhcp it is sends on 0.0.0.0 broadcast address - so depends which server dhcp is faster this one will give ip and specify subnet of the given client
now

let say your network is 10.10.0.0
but on same network infrastructure (switches/routers) there is a second network(subnet) running
172.16.0.0

so if you dont want to to have misconfigured clients on your network you would use authoritative; on your subnet and  not authoritative; on 172.16.0.0

this is all to do with Dynamic address allocation

Address allocation is actually only done when a client is in the INIT state and has sent a DHCPDISCOVER message (to 0.0.0.0). If the client thinks it has a valid lease and sends a DHCPREQUEST to initiate or renew that lease, the server has only three choices: it can ignore the DHCPREQUEST, send a DHCPNAK to tell the client it should stop using the address, or send a DHCPACK, telling the client to go ahead and use the address for a while.

If the server finds the address the client is requesting, and that address is available to the client, the server will send a DHCPACK. If the address is no longer available, or the client isn't permitted to have it, the server will send a DHCPNAK. If the server knows nothing about the address, it will remain silent, unless the address is incorrect for the network segment to which the client has been attached and the server is authoritative for that network segment, in which case the server will send a DHCPNAK even though it doesn't know about the address
0
 
LVL 15

Author Closing Comment

by:gplana
Comment Utility
Great explanation. Thank you very much.
0

Featured Post

How to run any project with ease

Manage projects of all sizes how you want. Great for personal to-do lists, project milestones, team priorities and launch plans.
- Combine task lists, docs, spreadsheets, and chat in one
- View and edit from mobile/offline
- Cut down on emails

Join & Write a Comment

Ever wondered why you had to use DHCP options (dhcp opt 60, 66 or 67) in order to use PXE? Well, you don't!
I have seen several blogs and forum entries elsewhere state that because NTFS volumes do not support linux ownership or permissions, they cannot be used for anonymous ftp upload through the vsftpd program.   IT can be done and here's how to get i…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

8 Experts available now in Live!

Get 1:1 Help Now