Chapter 21
DHCP - Dynamic Host Configuration Protocol
|
|
|
| |
|
 |
| In this chapter: |
| |
|
| |
 |
An introduction to DHCP
|
|
Gearing up to make the preparations needed to run DHCP
|
|
Understanding the basic DHCP configuration
|
|
| |
|
|
| |
The Dynamic Host Configuration Protocol (DHCP) is used to control
vital networking parameters of hosts (running clients) with the help
of a DHCP-server. The purpose is to enable individual computers on an
IP network to extract their configurations from the DHCP server. The
server doesn't have to have exact information about the individual
computers until they request the information. The idea is to reduce
the work necessary to administer a large IP network. The most
significant piece of information distributed in this manner is the IP
address.
Windows 95 and Windows 98 contain defaults that ask a DHCP server for
its network configuration if no IP address etc. has been specified in
its network setup. The DHCP protocol allows a host which is unknown to
the network administrator to be automatically assigned a new IP
address out of a pool of IP addresses for its network. In order for
this to work, the network administrator allocates address pools in
each subnet and enters them into the DHCP configuration file. This
protocol is not limited to Windows machines. SuSE Linux includes a
DHCP client, which can be used to receive the network parameters at
boot time from a DHCP server. You can read more about this part of
DHCP in chapter 32
, where we talk about diskless
clients. This section will discuss setting up a DHCP server.
In addition to DHCP, there are two other protocols for dynamic host
configuration, BOOTP and RARP. DHCP is based on BOOTP and maintains
some backward compatibility. The main difference is that BOOTP was
designed for manual pre-configuration of the host information in a
server database, while DHCP allows for dynamic allocation of network
addresses and configurations to newly attached hosts. Additionally,
DHCP allows for recovery and reallocation of network addresses through
a leasing mechanism. RARP is a protocol used by Sun and other vendors
that allows a computer to find out its own IP number, which is one of
the protocol parameters typically passed to the client system by DHCP
or BOOTP. RARP doesn't support other parameters and using it, a server
can only serve a single LAN. DHCP and BOOTP are designed so they can
be routed.
|
 |
The DHCP server shipping with SuSE Linux is the first beta
release of Version 2 of the ISC (Internet Software Consortium) DHCP
server. It is believed to be fairly stable. However, a DHCP server
running in a production environment should probably still use version
1.0, which is more stable, which has been in a feature freeze since
November of 1996.
|
| |
|
| 21.1 | Preparations for configuring dhcpd |
| |
In order for dhcpd to work correctly with picky DHCP clients (e.g.,
Windows 95), it must be able to send packets with an IP destination
address of 255.255.255.255. Unfortunately, Linux insists on
changing 255.255.255.255 into the local subnet broadcast address.
This results in a DHCP protocol violation, and while many DHCP clients
don't notice the problem, some (specifically, all Microsoft DHCP clients) do.
Clients that have this problem will appear not to see DHCPOFFER
messages from the server.
|
 |
It is possible to work around this problem on SuSE Linux
by creating a host route from your network interface address to
255.255.255.255. The easiest way to do this in SuSE Linux is to add a
host route for this address to the network device the DHCP server is
connected to. To set this up manually, you have to issue the command:
|
| | # route add -host 255.255.255.255 dev eth0
|
| |
This of course assumes that you run the server on device
eth0. Change the value if you use another device. To make this
setting permanent, add the line
|
| | 255.255.255.255 0.0.0.0 255.255.255.255 eth0
|
| |
to the routing table in /etc/route.conf. The DHCP server
is started by the script /sbin/init.d/dhcp, if the
variable START_DHCPD in /etc/rc.config has
the value yes.
|
| |
|
| 21.2 | Configuring the DHCP server |
| |
The DHCP server configuration file is
/etc/dhcpd.conf. The file essentially consists of a list
of statements. The statements fall into two broad categories -
parameters and declarations. Parameter statements either say how to do
something (e.g., how long a lease to offer), whether to do something
(e.g., should dhcpd provide addresses to unknown
clients), or what parameters to provide to the client (e.g., use
gateway 192.168.0.1).
Declarations are used to describe the topology of the network, to
describe clients on the network, to provide addresses that can be
assigned to clients, or to apply a group of parameters to a group of
declarations. In any group of parameters and declarations, all
parameters must be specified before any declarations which depend on
those parameters may be specified.
Declarations about network topology include the shared-network and the
subnet declarations. If clients on a subnet are to be assigned
addresses dynamically, a range declaration must appear within the
subnet declaration. For clients with statically assigned addresses, or
for installations where only known clients will be served, each such
client must have a host declaration. If parameters are to be applied
to a group of declarations which are not related strictly on a
per-subnet basis, the group declaration can be used.
For every subnet which will be served, and for every subnet to which
the dhcp server is connected, there must be one subnet
declaration, which tells dhcpd how to recognize that an
address is on that subnet. A subnet declaration is required for each
subnet even if no addresses will be dynamically allocated on that
subnet.
Some installations have physical networks on which more than one IP
subnet operates. For example, if there is a site-wide requirement that
8-bit subnet masks be used, but a department with a single physical
ethernet network expands to the point where it has more than 254
nodes, it may be necessary to run two 8-bit subnets on the same
ethernet until such time as a new physical network can be added. In
this case, the subnet declarations for these two networks may be
enclosed in a shared-network declaration.
Some sites may have departments which have clients on more than one
subnet, but it may be desirable to offer those clients a uniform set
of parameters which are different than what would be offered to
clients from other departments on the same subnet. For clients which
will be declared explicitly with host declarations, these declarations
can be enclosed in a group declaration along with the parameters which
are common to that department. For clients whose addresses will be
dynamically assigned, there is currently no way to group parameter
assignments other than by network topology.
When a client is to be booted, its boot parameters are determined by
first consulting that client's host declaration (if any), then
consulting the group declaration (if any) which enclosed that host
declaration, then consulting the subnet declaration for the subnet on
which the client is booting, then consulting the shared-network
declaration (if any) containing that subnet, and finally consulting
the top-level parameters which may be specified outside of any
declaration.
When dhcpd tries to find a host declaration for a client,
it first looks for a host declaration which has a fixed address
parameter which matches the subnet or shared network on which the
client is booting. If it doesn't find any such entry, it then tries to
find an entry which has no fixed-address parameter. If no such entry
is found, then dhcpd acts as if there is no entry in the
/etc/dhcpd.conf file for that client, even if there is an
entry for that client on a different subnet or shared network.
|
| 21.3 | A generic example |
| |
Let's see some examples. A typical /etc/dhcpd.conf file will
look something like this:
|
| | global parameters...
shared-network SIMPSONS {
shared-network-specific parameters...
subnet 192.168.0.0 netmask 255.255.255.224 {
subnet-specific parameters...
range 192.168.0.10 192.168.0.30;
}
subnet 192.168.0.32 netmask 255.255.255.224 {
subnet-specific parameters...
range 192.168.0.42 192.168.0.62;
}
}
subnet 192.168.0.64 netmask 255.255.255.224 {
subnet-specific parameters...
range 192.168.0.74 192.168.0.94;
}
group {
group-specific parameters...
host bart.children.simpson.com {
host-specific parameters...
}
host lisa.chilren.simpson.com {
host-specific parameters...
}
host maggie.children.simpson.com {
host-specific parameters...
}
}
|
| |
Notice that at the beginning of the file, there's a place for global
parameters. These might be things like the organization's domain name,
the addresses of the name servers (if they are common to the entire
organization), and so on. So, for example:
|
| | option domain-name "simpsons.com";
option domain-name-servers ns1.simpsons.com, ns2.simpsons.com;
|
| |
As you can see, it's legal to specify host addresses in parameters as
names rather than as numeric IP addresses. If a given hostname
resolves to more than one IP address (for example, if that host has
two ethernet interfaces), both addresses are supplied to the client.
In the example above, you can see that both the shared-network
statement and the subnet statements can have parameters. Let us say
that the shared network SIMPSONS supports an entire department -
perhaps the accounting department. If accounting has its own domain,
then a shared-network-specific parameter might be:
|
| | option domain-name "accounting.simpsons.com";
|
| |
All subnet declarations that appear in the shared-network declaration
would then have the domain-name option set to accounting.simpsons.com
instead of just simpsons.com.
The most obvious reason for having subnet-specific parameters is that
each subnet, of necessity, has its own router. So for the first subnet,
for example, there should be something like:
|
| | option routers 192.168.0.1;
|
| |
Note that the address here is specified numerically. This is not
required - if you have a different domain name for each interface on
your router, it's perfectly legitimate to use the domain name for that
interface instead of the numeric address. In many cases there
may be only one domain name for all of a router's IP addresses, and it
would not be appropriate to use that name here.
In the example shown there is also a group statement, which provides
common parameters for a set of three hosts - bart, lisa
and maggie. As you can see, these hosts are all in the
children.simpsons.com domain, so it might make sense for a
group-specific parameter to override the domain name supplied to these
hosts:
|
| | option domain-name "children.simpsons.com";
|
| |
Also, given the domain they're in, these machines may be booted often,
so we might set the lease timeout somewhat shorter than the default:
|
| | max-lease-time 120;
default-lease-time 120;
|
| |
|
|
You may have noticed that while some parameters start
with the option keyword, some do not. Parameters that start
with the option keyword correspond to actual DHCP options,
while parameters that do not start with the option keyword
either control the behavior of the DHCP server (e.g., the length of
time before dhcpd expires), or specify client parameters that
are not optional in the DHCP protocol (for example,
server-name and filename).
|
| |
In the example, each host had host-specific parameters. These could
include such things as the hostname option, the name of a file to
upload (the filename parameter) and the address of the server from
which to upload the file (the next-server parameter). In general, any
parameter can appear anywhere that parameters are allowed, and will be
applied according to the scope in which the parameter appears.
Chapter 32
will show in a short example how to use DHCP
to provide diskless clients with IP addresses and information about
their NFS root directory.
|
| 21.4 | More info on DHCP configuration |
| |
We basically talked about the structure of the configuration file
here, while missing an explanation of the actual
options.
Please refer to the man page dhcpd.conf(5)
for a list of all possible options and their meanings. The example
/etc/dhcpd.conf installed with the dhcp package is also
a good reference. It shows a reasonable setup and is extensively
commented. There is also a mini-howto on DHCP. You can find in the
directory /usr/doc/howto/en/mini, the filename is DHCP.gz. Use the
command less DHCP.gz to open it.
A list of frequently asked questions (FAQ) on DHCP is available online at the
URL http://web.syr.edu/~jmwobus/comfaqs/dhcp.faq.html.
|
|
| Summary: |
| |
The Dynamic Host Configuration Protocol can be used to
centralize the network setup of a range of hosts in a local area
network. SuSE Linux can be used as a DHCP server for different kinds of
client operating systems. The setup is fairly complex, but SuSE
provides a good documented example for configuration.
|
|
