Setting up DHCP
You now have a router that provides Internet access to all systems behind it, but the systems behind it need to be manually configured with IP addresses while avoiding conflicts. You also need to configure them with DNS servers for resolving host information. To solve this, we're going to configure a DHCP server on your router to be responsible for handing out addresses.
Dynamic Host Configuration Protocol (DHCP) allows you to centralize your IP address management. Machines which are added to a network will issue a DHCP request asking any available DHCP server to provide it with configuration information including IP address, subnet mask, gateway, DNS server, and so on.
How to do it…
Let's set up DHCP in Debian/Ubuntu:
- Install a DHCP server:
# sudo apt-get install isc-dhcp-server
- Modify
/etc/default/isc-dhcp-server
to add the interface which you should serve requests on:# sudo sed –i "s/^INTERFACES.*/INTERFACES="eth0"\ /etc/default/isc-dhcp-server
- Modify
/etc/dhcp3/dhcpd.conf
to configure the network information you want to serve:ddns-update-style none; option domain-name "example.org"; option domain-name-servers 8.8.8.8, 8.8.4.4; default-lease-time 600; max-lease-time 7200; authoritative; subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.10 10.0.0.100; option routers 10.0.0.1; }
Let's set up DHCP in Red Hat/CentOS
- Install a DHCP server:
# sudo yum install dhcp
- Modify
/etc/dhcp/dhcpd.conf
to configure the network information you want to serve:ddns-update-style none; option domain-name "example.org"; option domain-name-servers 8.8.8.8, 8.8.4.4; default-lease-time 600; max-lease-time 7200; authoritative; subnet 10.0.0.0 netmask 255.255.255.0 { range 10.0.0.10 10.0.0.100; option routers 10.0.0.1; }
How it works…
The first thing you might notice about the difference between Debian-and Red Hat-based systems is that in Debian-based systems, you need to explicitly define the interfaces to listen on, while this is not needed on Red Hat systems. This is because Red Hat has chosen to trust ISC DHCP's built-in restriction to only listen on interfaces that have an IP address in the same subnet as DHCP leases were set up for.
Let's look at the configuration for the DHCP server itself.
The first section defines the global configuration parameters:
ddns-update-style
: This defines optional functionality to update a DNS server with hostnames for the machines in your network. We'll look at this option in detail later in the book.option domain-name
: This defines the domain name for your network. On Linux DHCP clients, this populates the search field that specifies the domain to search in for non-fully qualified domain names.option domain-name-servers
: This specifies the default DNS servers, which your clients should use for domain resolution. In this example, we've used Google's public nameserver, but you may instead want to use your ISP's nameservers or a different public service.Max-lease-time and default-lease-time
: This defines how many seconds the IP address can dedicate to the requesting machine. Clients can also request for a specific lease length. Max-lease-time puts a cap on how long they can request it for, while default-lease-time comes into play if they don't request a specific lease length. Longer leases cut down on the number of IP address changes you may experience, while shorter leases make sure that you don't run out of IP addresses if you have a lot of short-term users on the network.authoritative directive
: This tells the DHCP server that it is the authority for this particular network. Sometimes, clients that have recently had a lease on another network may attempt to re-request the same IP address. An authoritative server may send them a DHCPNAK (negative acknowledgement) to tell them that they must request a new IP address. If your DHCP server is not the only one on the network, you may set it as not authoritative in order to avoid this behavior.
The second section is the subnet declaration. Your DHCP server must know about all the subnets configured on the interface that it has been told to serve DHCP addresses on. For the subnets on which it should serve addresses, you should define the range of IPs to hand out and you most likely want to define your network gateway as well. If your machine has multiple IP addresses on the interface and you only want to serve IPs to one of them, you should still define the subnet, but leave out the range and gateway information from within the brackets. For example:
subnet 10.0.0.0 netmask 255.255.255.0 { }
Now that your DHCP server is configured, it will automatically hand out the IP addresses to all machines that connect to the network which are configured to request addresses via the DHCP protocol, which is often the default. It will keep track of these leases in a human-readable format in /var/lib/dhcpd/dhcpd.leases
, in order to avoid having multiple machines receive the same address.