20.2.1. Configuration File
The first step in configuring a DHCP server is to create
the configuration file that stores the network
information for the clients.Use this file to declare
options and global options for client systems.
The configuration file can contain extra tabs or blank
lines for easier formatting. Keywords are
case-insensitive and lines beginning with a hash mark
(#) are considered comments.
Two DNS update schemes are currently implemented —
the ad-hoc DNS update mode and the interim DHCP-DNS
interaction draft update mode. If and when these two are
accepted as part of the Internet Engineering Task Force
(IETF) standards process, there will be a third mode
— the standard DNS update method. You must
configure the DNS server for compatibility with these
schemes. Version 3.0b2pl11 and previous versions used
the ad-hoc mode; however, it has been deprecated. To
keep the same behavior, add the following line to the
top of the configuration file:
ddns-update-style ad-hoc;
To use the recommended mode, add the following line to
the top of the configuration file:
ddns-update-style interim;
Refer to the dhcpd.conf man page for
details about the different modes.
There are two types of statements in the configuration file:
-
Parameters — State how to perform a task,
whether to perform a task, or what network
configuration options to send to the client.
-
Declarations — Describe the topology of the
network, describe the clients, provide addresses for
the clients, or apply a group of parameters to a
group of declarations.
The parameters that start with the keyword option are
reffered to as options. These
options control DHCP options; whereas, parameters
configure values that are not optional or control how
the DHCP server behaves.
Parameters (including options) declared before a section
enclosed in curly brackets ({ }) are considered global
parameters. Global parameters apply to all the sections
below it.
Important
If the configuration file is changed, the changes do
not take effect until the DHCP daemon is restarted
with the command service
dhcpd restart.
Tip
Instead of changing a DHCP configuration file and
restarting the service each time, using the omshell command provides an
interactive way to connect to, query, and change the
configuration of a DHCP server. By using omshell, all changes can be
made while the server is running. For more information
on omshell, refer to
the omshell man page.
In Example 20.1, “Subnet Declaration”, the routers, subnet-mask, domain-name, domain-name-servers, and
time-offset options
are used for any host statements declared
below it.
Additionally, a subnet can be declared, a
subnet declaration
must be included for every subnet in the network. If it
is not, the DHCP server fails to start.
In this example, there are global options for every DHCP
client in the subnet and a range declared. Clients are
assigned an IP address within the range.
subnet 192.168.1.0 netmask 255.255.255.0 {
option routers 192.168.1.254;
option subnet-mask 255.255.255.0;
option domain-name "example.com";
option domain-name-servers 192.168.1.1;
option time-offset -18000; # Eastern Standard Time
range 192.168.1.10 192.168.1.100;
}
Example 20.1. Subnet Declaration
All subnets that share the same physical network should
be declared within a shared-network declaration as
shown in Example 20.2, “Shared-network Declaration”. Parameters
within the shared-network, but outside
the enclosed subnet
declarations, are considered to be global
parameters. The name of the shared-network must be a
descriptive title for the network, such as using the
title 'test-lab' to describe all the subnets in a test
lab environment.
shared-network name {
option domain-name "test.redhat.com";
option domain-name-servers ns1.redhat.com, ns2.redhat.com;
option routers 192.168.0.254;
more parameters for EXAMPLE shared-network
subnet 192.168.1.0 netmask 255.255.252.0 {
parameters for subnet
range 192.168.1.1 192.168.1.254;
}
subnet 192.168.2.0 netmask 255.255.252.0 {
parameters for subnet
range 192.168.2.1 192.168.2.254;
}
}
Example 20.2. Shared-network Declaration
As demonstrated in Example 20.3, “Group Declaration”, the
group declaration
is used to apply global parameters to a group of
declarations. For example, shared networks, subnets, and
hosts can be grouped.
group {
option routers 192.168.1.254;
option subnet-mask 255.255.255.0;
option domain-name "example.com";
option domain-name-servers 192.168.1.1;
option time-offset -18000; # Eastern Standard Time
host apex {
option host-name "apex.example.com";
hardware ethernet 00:A0:78:8E:9E:AA;
fixed-address 192.168.1.4;
}
host raleigh {
option host-name "raleigh.example.com";
hardware ethernet 00:A1:DD:74:C3:F2;
fixed-address 192.168.1.6;
}
}
Example 20.3. Group Declaration
To configure a DHCP server that leases a dynamic IP
address to a system within a subnet, modify Example 20.4, “Range Parameter” with your values. It declares a
default lease time, maximum lease time, and network
configuration values for the clients. This example
assigns IP addresses in the range 192.168.1.10 and
192.168.1.100 to client systems.
default-lease-time 600;
max-lease-time 7200;
option subnet-mask 255.255.255.0;
option broadcast-address 192.168.1.255;
option routers 192.168.1.254;
option domain-name-servers 192.168.1.1, 192.168.1.2;
option domain-name "example.com";
subnet 192.168.1.0 netmask 255.255.255.0 {
range 192.168.1.10 192.168.1.100;
}
Example 20.4. Range Parameter
To assign an IP address to a client based on the MAC
address of the network interface card, use the hardware ethernet parameter
within a host
declaration. As demonstrated in Example 20.5, “Static IP Address using DHCP”, the host apex declaration
specifies that the network interface card with the MAC
address 00:A0:78:8E:9E:AA always receives the IP address
192.168.1.4.
Note that the optional parameter host-name can also be used to
assign a host name to the client.
host apex {
option host-name "apex.example.com";
hardware ethernet 00:A0:78:8E:9E:AA;
fixed-address 192.168.1.4;
}
Example 20.5. Static IP Address using DHCP
Tip
The sample configuration file provided can be used as
a starting point and custom configuration options can
be added to it. To copy it to the proper location, use
the following command:
cp /usr/share/doc/dhcp-<version-number>/dhcpd.conf.sample /etc/dhcpd.conf
(where <version-number> is the DHCP
version number).
For a complete list of option statements and what they
do, refer to the dhcp-options man page.
On the DHCP server, the file /var/lib/dhcpd/dhcpd.leases
stores the DHCP client lease database. Do not change
this file. DHCP lease information for each recently
assigned IP address is automatically stored in the lease
database. The information includes the length of the
lease, to whom the IP address has been assigned, the
start and end dates for the lease, and the MAC address
of the network interface card that was used to retrieve
the lease.
All times in the lease database are in Coordinated
Universal Time (UTC), not local time.
The lease database is recreated from time to time so
that it is not too large. First, all known leases are
saved in a temporary lease database. The dhcpd.leases file is renamed
dhcpd.leases~ and
the temporary lease database is written to dhcpd.leases.
The DHCP daemon could be killed or the system could
crash after the lease database has been renamed to the
backup file but before the new file has been written. If
this happens, the dhcpd.leases file does not
exist, but it is required to start the service. Do not
create a new lease file. If you do, all old leases are
lost which causes many problems. The correct solution is
to rename the dhcpd.leases~ backup file to
dhcpd.leases and
then start the daemon.
20.2.3. Starting and Stopping the Server
Important
When the DHCP server is started for the first time, it
fails unless the dhcpd.leases file
exists. Use the command touch
/var/lib/dhcpd/dhcpd.leases to create the
file if it does not exist.
If the same server is also running BIND as a DNS
server, this step is not necessary, as starting the
named service
automatically checks for a dhcpd.leases file.
To start the DHCP service, use the command /sbin/service dhcpd start. To
stop the DHCP server, use the command /sbin/service dhcpd stop.
By default, the DHCP service does not start at boot
time. To configure the daemon to start automatically at
boot time, refer to Chapter 15, Controlling Access to Services.
If more than one network interface is attached to the
system, but the DHCP server should only be started on
one of the interfaces, configure the DHCP server to
start only on that device. In /etc/sysconfig/dhcpd, add the
name of the interface to the list of DHCPDARGS:
# Command line options here
DHCPDARGS=eth0
This is useful for a firewall machine with two network
cards. One network card can be configured as a DHCP
client to retrieve an IP address to the Internet. The
other network card can be used as a DHCP server for the
internal network behind the firewall. Specifying only
the network card connected to the internal network makes
the system more secure because users can not connect to
the daemon via the Internet.
Other command line options that can be specified in
/etc/sysconfig/dhcpd include:
-
-p
<portnum>
— Specifies the UDP port number on which
dhcpd should
listen. The default is port 67. The DHCP server
transmits responses to the DHCP clients at a port
number one greater than the UDP port specified. For
example, if the default port 67 is used, the server
listens on port 67 for requests and responses to the
client on port 68. If a port is specified here and
the DHCP relay agent is used, the same port on which
the DHCP relay agent should listen must be
specified. Refer to Section 20.2.4, “DHCP Relay Agent” for details.
-
-f — Runs
the daemon as a foreground process. This is mostly
used for debugging.
-
-d — Logs
the DHCP server daemon to the standard error
descriptor. This is mostly used for debugging. If
this is not specified, the log is written to
/var/log/messages.
-
-cf
<filename>
— Specifies the location of the configuration
file. The default location is /etc/dhcpd.conf.
-
-lf
<filename>
— Specifies the location of the lease database
file. If a lease database file already exists, it is
very important that the same file be used every time
the DHCP server is started. It is strongly
recommended that this option only be used for
debugging purposes on non-production machines. The
default location is /var/lib/dhcpd/dhcpd.leases.
-
-q — Do not
print the entire copyright message when starting the
daemon.