Rate this page del.icio.us  Digg slashdot StumbleUpon

Linux DHCP server: Static IPs are gone in 60 seconds

by

Are you sick of your ISP’s DHCP and want more control? Maybe you have a crusty Windows DHCP server that is about to blow up from the latest virus of the month or a series of “magic” GUI clicks gone horribly wrong.

Do a little spring cleaning, and solve your network problems with open source software. Setting up a DHCP server with Red Hat Enterprise Linux 5 or Fedora is a piece of cake. In this article we’ll go over the basics of setting up DHCP, doing basic troubleshooting, and finally setting up static mapping DHCP.

1. Install DHCP.

yum install dhcp

2. Turn on the service at boot.

chkconfig dhcpd on

3. Start the the service.

service dhcp start

Whoops–you’ll get a message like this:

[root@mothership etc]# service dhcpd start
Starting dhcpd:                                            [FAILED]

That’s because the dhcpd.conf file in the /etc directory is empty. If you take a look at it, you’ll see a hint:

#
# DHCP Server Configuration file.
#   see /usr/share/doc/dhcp*/dhcpd.conf.sample
#

On Red Hat Enterprise Linux 5.2 you should see something like the following in /usr/share/doc/dhcp-3.0.5/dhcpd.conf.sample:

ddns-update-style interim;
ignore client-updates;

subnet 192.168.0.0 netmask 255.255.255.0 {

# --- default gateway
        option routers                  192.168.0.1;
        option subnet-mask              255.255.255.0;

        option nis-domain               "domain.org";
        option domain-name              "domain.org";
        option domain-name-servers      192.168.1.1;

        option time-offset              -18000; # Eastern Standard Time
#       option ntp-servers              192.168.1.1;
#       option netbios-name-servers     192.168.1.1;
# --- Selects point-to-point node (default is hybrid). Don't change this unless
# -- you understand Netbios very well
#       option netbios-node-type 2;

        range dynamic-bootp 192.168.0.128 192.168.0.254;
        default-lease-time 21600;
        max-lease-time 43200;

        # we want the nameserver to appear at a fixed address
        host ns {
                next-server marvin.redhat.com;
                hardware ethernet 12:34:56:78:AB:CD;
                fixed-address 207.175.42.254;
        }
}

This is a lot to digest, but we can break it down. I’m a big fan of doing the absolute minimum to get something started. For most users, you probably want to have a few static mapped IP addresses based on a MAC address, and then everyone else will get IP addresses from a range. To do this, copy from this file, and then paste the sample into /etc/dhcpd.conf.

Minimal DHCP config

authoritative;
ddns-update-style interim;
default-lease-time 21600;
max-lease-time 43200;

        option routers                  192.168.1.254;
        option broadcast-address        192.168.1.255;
        option subnet-mask              255.255.255.0;
        option domain-name-servers      192.168.1.10;

        subnet 192.168.1.0 netmask 255.255.255.0 {
                range 192.168.1.100 192.168.1.120;
}

If you are a vim user, you should do this to paste it in:

:set paste

Then insert using “i”, and paste it in. This ensures a cut and paste that preserves formatting–a nice trick to know about in vim.

Minimal DHCP config explained line by line

You can man dhcpd.conf for a more thorough explanation, but here are some simple
explanations of the minimal DHCP configuration:

  • authoritative;

    Makes the DHCP server authoritative for requests. This is not set by default, but it needs to be configured to distribute IP addresses. This is to ensure that “rogue” DHCP servers are not set up willy-nilly by people who don’t understand how they work.

  • ddns-update-style interim;

    This line must be in the config for dhcpd to run. For more information, read the man page for dhcpd.conf.

  • default-lease-time 21600;
    max-lease-time 43200;

    These two lines set maximum and minimum times for a client to hold onto an IP address lease obtained from the dhcp server.

  • option routers 192.168.1.254;
    option broadcast-address 192.168.1.255;
    option subnet-mask 255.255.255.0;
    option domain-name-servers 192.168.1.10;

  • These four lines are basic network configuration parameters that you would normally set if you had to manually configure an IP address. This is, in fact, one of the main points of DHCP. Note that the line that says domain-name-servers–this is where you tell the clients to grab information from DNS servers. If you set up your own caching DNS server to speed up name server lookups, then this would be the place to tell the DHCP clients about it.

  • subnet 192.168.1.0 netmask 255.255.255.0 {
    range 192.168.1.100 192.168.1.120;
    }

    This final section is where subnet declarations go. In this declaration, we are saying that any client on the subnet 192.168.1.0 will get an IP address with the information we defined above, but they will only get an IP address in the .100 to .120 range. So you can’t get 192.168.1.121 or 192.168.1.99, but you can get any IP address in between.

Now you’re ready to alter your configuration to match your network, and then restart or start for the first time dhcp:

service dhcp start

Simple troubleshooting steps and tips For DHCP

If things didn’t go as you excepted–for example, the dhcp server didn’t start–you should do a bit of troubleshooting. DHCP can be very frustrating to fix. Here are a few things to check:

1. Configure DHCP to only listen on a specific interface. Being explicit is always a safe bet, so you can edit /etc/sysconfig/dhcpd and define the interface to listen on. For eth0, this would look like:

# Command line options here
DHCPDARGS=eth0

2. Start the dhcp server in foreground mode:

dhcpd -f

This is handy because it will show you more verbose errors than you would normally get from /var/log/messages.

3. Watch the semi-colons. One of the most common mistakes in a DHCP config is to forget a semi-colon. You can usually see the line number with the problem if you start dhcpd in foreground mode.

4. Restart the server, or reload the config file to see changes.

It’s very common to make changes and then wonder why they aren’t working. You need to either reload or restart the dhcpd service. Just remember that if you do restart and you have a semi-colon missing, then you will stop the dhcpd service. Doing a reload is safer, as it will not reload a broken config.

5. Use version control to keep track of every change to /etc/dhcpd.conf

Using version control to manage your /etc/dhcpd.conf file is a huge win. As long as you keep the file updated with changes, you can revert in milliseconds back to a known good configuration.

Getting fancy with static mapping

One of the cooler things that DHCP does is mix dynamically distributed addresses from a pool, and assign static addresses based on a hardware address, or MAC address. This last feature is called static mapping DHCP, and it’s the best thing since sliced bread.

Why is static mapping DHCP so cool? It allows you to automatically configure a machine’s network configuration, even if the operating system is rebuilt from scratch, as DHCP assigns it a specific address based on the ethernet hardware. This means if you set it up in the DNS, you will always know the hostname and IP address of the machine.

For a network administrator, that’s great news. To make things even better, you can mix and match part of your subnet with static mapping and part of it with regular DHCP. This is what that would look like based on our previous configuration.

authoritative;
ddns-update-style interim;
default-lease-time 21600;
max-lease-time 43200;

        option routers                  192.168.1.254;
        option broadcast-address        192.168.1.255;
        option subnet-mask              255.255.255.0;
        option domain-name-servers      192.168.1.10;

        subnet 192.168.1.0 netmask 255.255.255.0 {
                range 192.168.1.100 192.168.1.120;

        host noah {
        hardware ethernet 00:11:00:11:00:11;
        fixed-address 192.168.1.121;
        }
}

If you look at this “mapping” configuration, you’ll see tell it’s really simple. The normal pool of addresses is set to give out addresses between 100-120, and we gave our “static” address to 121, but only if it matches a specific MAC address. You can create hundreds of these stanzas and control a whole network this way.

Summary

In this article, we went over how simple it is to set up sophisticated DHCP configurations in Fedora and Red Hat. There are other items that we did not cover in this article that you may want to research on your own. The first is ddns-update, which allows DHCP to update DNS on the fly. It’s a great tool to have in the DHCP toolkit. Second, we didn’t cover DHCP relay agents, which allow a DHCP server to relay requests to DHCP servers on other subnets.

Linux DHCP is a low-cost alternative to proprietary network servers that depend on the user doing a series of GUI clicks. On the surface it may seem convenient to have a “wizard” setup your network for you. But it’s often better to tap into the power of an explicit operating system like Linux. It doesn’t get any more explicit than a few lines in a dhcpd.conf config file. DHCP on Linux is elegant, simple, and powerful. Sure, the lure of the “dark side GUI click” is strong, but true mastery of networking lies with another path.

About the author

Noah Gift is the co-author of Python For Unix and Linux by O’Reilly and the upcoming Google App Engine in Action by Manning. He is an author, speaker, consultant, and community leader, writing for publications such as IBM developerWorks, Red Hat Magazine, O’Reilly, and MacTech. His consulting company’s website is www.giftcs.com, and his personal website is www.noahgift.com. Noah is also the current organizer for www.pyatl.org, which is the Python User Group for Atlanta, GA. He has a master’s degree in CIS from Cal State Los Angeles, a B.S. in nutritional science from Cal Poly San Luis Obispo, is an Apple and LPI certified SysAdmin, and has worked at companies such as Caltech, Disney Feature Animation, Sony Imageworks, and Turner Studios. In his free time he enjoys spending time with his wife Leah and their son Liam, playing the piano, and exercising religiously.

9 responses to “Linux DHCP server: Static IPs are gone in 60 seconds”

  1. Stephen Smoogen says:

    Some other quick tips:

    1. Syntax checking for dhcpd files:

    /usr/sbin/dhcpd -t -cf /etc/dhcpd.conf

    This will do a basic syntax check to find those missing ; or other odd things.

    2. host {} are global. You will see this warning if you place the host in a subnet zone. This is because when ISC will parse the file and make hostnames work globally (you can also make it do neat if then things but that makes my head hurt.) For the most part it is useful to put hosts in a group setting. This keeps them out of subnets, and also allows you to put common items with them (say for PXE booting with cobbler).

    group {
    next-server rhn.example.com;
    filename “pxelinux.0″;

    host noah {
    hardware ethernet 00:11:00:11:00:11;
    fixed-address 192.168.1.121;
    }
    }

  2. Noah Gift says:

    Stephen,

    Great points, thanks!

  3. Tim Hughes says:

    Would be great if you could follow up this article with a dns one and then a how to get them both working together using ddns

  4. Noah Gift says:

    Tim/I think those are great ideas for articles.

  5. Daniel C. Harrison says:

    Hello, it would be great if you could place photo’s of screen shots for each step that you are doing. For example:
    State that you are using a certain version of Fedora but also state that this article will work for all favors of the Fedora Core line. And in each photo that you place to each of the steps presents, it would be nice to add a code where the photo itself when clicked on can enlarge so people may see the photo more clearly. Thanks – I hope to hear from you soon.
    ###I Love Linux
    ### I Love Red Hat

  6. Noah Gift says:

    Daniel/This is a reasonable idea. I might try this on a future article.

  7. Harshad Joshi says:

    Hello,

    Instead of eth0, I want to have a wireless card wifi0 to act as a DHCP server. Any idea how do I do that? The wifi card is a PCI based card.

  8. Feldman says:

    It would be great to see an example of a minimal configuration to support public addresses on a wifi card and dynamic private addresses on a LAN. What must the dhcpd.conf have to be if we ran “dhclient wlan0″ and “dhcpd eth0″? Is bridging required? This seems like it should be simple, but on Linux (Fedora 7) it seems anything but.

  9. Abhishek gupta says:

    excellent